feat: migrate to use MCP tools instead of helper scripts

2026-02-12 17:22:50 +00:00 · 2025-10-23 11:56:47 -07:00
parent d6e5db2397
commit 55716963da
46 changed files with 1444 additions and 381 deletions
--- a/login_resources/login_instructions.txt
+++ b/login_resources/login_instructions.txt
@@ -15,8 +15,8 @@ Execute the login flow based on the login_type specified in the configuration:
 1. Navigate to the specified login_url using Playwright
 2. Execute each step in the login_flow array sequentially:
   - Replace $username with the provided username credential
-   - Replace $password with the provided password credential  
+   - Replace $password with the provided password credential
-   - Replace $totp with generated code using the TOTP script in the repo root: `node generate-totp.mjs --secret "{{totp_secret}}"`
+   - Replace $totp with generated code using the `generate_totp` MCP tool with the TOTP secret: {{totp_secret}}
   - Perform the specified actions (type text, click buttons, etc.)
 3. Wait for page navigation/loading to complete after each critical step
 4. Handle any consent dialogs or "Continue as [user]" prompts by clicking appropriate buttons
@@ -30,7 +30,7 @@ Execute the login flow based on the login_type specified in the configuration:
   - Handle account selection if prompted
   - Replace $username with the provided username credential in provider login
   - Replace $password with the provided password credential in provider login
-   - Replace $totp with generated code using the TOTP script in the repo root: `node generate-totp.mjs --secret "{{totp_secret}}"`
+   - Replace $totp with generated code using the `generate_totp` MCP tool with the TOTP secret: {{totp_secret}}
   - Handle OAuth consent screens by clicking "Allow", "Accept", or "Continue", and hitting check boxes as needed.
   - Handle "Continue as [username]" dialogs by clicking "Continue"
 3. Wait for OAuth callback and final redirect to complete
--- a/mcp-server/package-lock.json
+++ b/mcp-server/package-lock.json
@@ -0,0 +1,254 @@
 {
  "name": "@shannon/mcp-server",
  "version": "1.0.0",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "@shannon/mcp-server",
      "version": "1.0.0",
      "dependencies": {
        "@anthropic-ai/claude-code": "^1.0.96",
        "zod": "^3.22.4"
      }
    },
    "node_modules/@anthropic-ai/claude-code": {
      "version": "1.0.128",
      "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-1.0.128.tgz",
      "integrity": "sha512-uUg5cFMJfeQetQzFw76Vpbro6DAXst2Lpu8aoZWRFSoQVYu5ZSAnbBoxaWmW/IgnHSqIIvtMwzCoqmcA9j9rNQ==",
      "license": "SEE LICENSE IN README.md",
      "bin": {
        "claude": "cli.js"
      },
      "engines": {
        "node": ">=18.0.0"
      },
      "optionalDependencies": {
        "@img/sharp-darwin-arm64": "^0.33.5",
        "@img/sharp-darwin-x64": "^0.33.5",
        "@img/sharp-linux-arm": "^0.33.5",
        "@img/sharp-linux-arm64": "^0.33.5",
        "@img/sharp-linux-x64": "^0.33.5",
        "@img/sharp-win32-x64": "^0.33.5"
      }
    },
    "node_modules/@img/sharp-darwin-arm64": {
      "version": "0.33.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-darwin-arm64/-/sharp-darwin-arm64-0.33.5.tgz",
      "integrity": "sha512-UT4p+iz/2H4twwAoLCqfA9UH5pI6DggwKEGuaPy7nCVQ8ZsiY5PIcrRvD1DzuY3qYL07NtIQcWnBSY/heikIFQ==",
      "cpu": [
        "arm64"
      ],
      "license": "Apache-2.0",
      "optional": true,
      "os": [
        "darwin"
      ],
      "engines": {
        "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
      },
      "funding": {
        "url": "https://opencollective.com/libvips"
      },
      "optionalDependencies": {
        "@img/sharp-libvips-darwin-arm64": "1.0.4"
      }
    },
    "node_modules/@img/sharp-darwin-x64": {
      "version": "0.33.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-darwin-x64/-/sharp-darwin-x64-0.33.5.tgz",
      "integrity": "sha512-fyHac4jIc1ANYGRDxtiqelIbdWkIuQaI84Mv45KvGRRxSAa7o7d1ZKAOBaYbnepLC1WqxfpimdeWfvqqSGwR2Q==",
      "cpu": [
        "x64"
      ],
      "license": "Apache-2.0",
      "optional": true,
      "os": [
        "darwin"
      ],
      "engines": {
        "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
      },
      "funding": {
        "url": "https://opencollective.com/libvips"
      },
      "optionalDependencies": {
        "@img/sharp-libvips-darwin-x64": "1.0.4"
      }
    },
    "node_modules/@img/sharp-libvips-darwin-arm64": {
      "version": "1.0.4",
      "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-arm64/-/sharp-libvips-darwin-arm64-1.0.4.tgz",
      "integrity": "sha512-XblONe153h0O2zuFfTAbQYAX2JhYmDHeWikp1LM9Hul9gVPjFY427k6dFEcOL72O01QxQsWi761svJ/ev9xEDg==",
      "cpu": [
        "arm64"
      ],
      "license": "LGPL-3.0-or-later",
      "optional": true,
      "os": [
        "darwin"
      ],
      "funding": {
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/@img/sharp-libvips-darwin-x64": {
      "version": "1.0.4",
      "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-x64/-/sharp-libvips-darwin-x64-1.0.4.tgz",
      "integrity": "sha512-xnGR8YuZYfJGmWPvmlunFaWJsb9T/AO2ykoP3Fz/0X5XV2aoYBPkX6xqCQvUTKKiLddarLaxpzNe+b1hjeWHAQ==",
      "cpu": [
        "x64"
      ],
      "license": "LGPL-3.0-or-later",
      "optional": true,
      "os": [
        "darwin"
      ],
      "funding": {
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/@img/sharp-libvips-linux-arm": {
      "version": "1.0.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm/-/sharp-libvips-linux-arm-1.0.5.tgz",
      "integrity": "sha512-gvcC4ACAOPRNATg/ov8/MnbxFDJqf/pDePbBnuBDcjsI8PssmjoKMAz4LtLaVi+OnSb5FK/yIOamqDwGmXW32g==",
      "cpu": [
        "arm"
      ],
      "license": "LGPL-3.0-or-later",
      "optional": true,
      "os": [
        "linux"
      ],
      "funding": {
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/@img/sharp-libvips-linux-arm64": {
      "version": "1.0.4",
      "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm64/-/sharp-libvips-linux-arm64-1.0.4.tgz",
      "integrity": "sha512-9B+taZ8DlyyqzZQnoeIvDVR/2F4EbMepXMc/NdVbkzsJbzkUjhXv/70GQJ7tdLA4YJgNP25zukcxpX2/SueNrA==",
      "cpu": [
        "arm64"
      ],
      "license": "LGPL-3.0-or-later",
      "optional": true,
      "os": [
        "linux"
      ],
      "funding": {
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/@img/sharp-libvips-linux-x64": {
      "version": "1.0.4",
      "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-x64/-/sharp-libvips-linux-x64-1.0.4.tgz",
      "integrity": "sha512-MmWmQ3iPFZr0Iev+BAgVMb3ZyC4KeFc3jFxnNbEPas60e1cIfevbtuyf9nDGIzOaW9PdnDciJm+wFFaTlj5xYw==",
      "cpu": [
        "x64"
      ],
      "license": "LGPL-3.0-or-later",
      "optional": true,
      "os": [
        "linux"
      ],
      "funding": {
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/@img/sharp-linux-arm": {
      "version": "0.33.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm/-/sharp-linux-arm-0.33.5.tgz",
      "integrity": "sha512-JTS1eldqZbJxjvKaAkxhZmBqPRGmxgu+qFKSInv8moZ2AmT5Yib3EQ1c6gp493HvrvV8QgdOXdyaIBrhvFhBMQ==",
      "cpu": [
        "arm"
      ],
      "license": "Apache-2.0",
      "optional": true,
      "os": [
        "linux"
      ],
      "engines": {
        "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
      },
      "funding": {
        "url": "https://opencollective.com/libvips"
      },
      "optionalDependencies": {
        "@img/sharp-libvips-linux-arm": "1.0.5"
      }
    },
    "node_modules/@img/sharp-linux-arm64": {
      "version": "0.33.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm64/-/sharp-linux-arm64-0.33.5.tgz",
      "integrity": "sha512-JMVv+AMRyGOHtO1RFBiJy/MBsgz0x4AWrT6QoEVVTyh1E39TrCUpTRI7mx9VksGX4awWASxqCYLCV4wBZHAYxA==",
      "cpu": [
        "arm64"
      ],
      "license": "Apache-2.0",
      "optional": true,
      "os": [
        "linux"
      ],
      "engines": {
        "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
      },
      "funding": {
        "url": "https://opencollective.com/libvips"
      },
      "optionalDependencies": {
        "@img/sharp-libvips-linux-arm64": "1.0.4"
      }
    },
    "node_modules/@img/sharp-linux-x64": {
      "version": "0.33.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-linux-x64/-/sharp-linux-x64-0.33.5.tgz",
      "integrity": "sha512-opC+Ok5pRNAzuvq1AG0ar+1owsu842/Ab+4qvU879ippJBHvyY5n2mxF1izXqkPYlGuP/M556uh53jRLJmzTWA==",
      "cpu": [
        "x64"
      ],
      "license": "Apache-2.0",
      "optional": true,
      "os": [
        "linux"
      ],
      "engines": {
        "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
      },
      "funding": {
        "url": "https://opencollective.com/libvips"
      },
      "optionalDependencies": {
        "@img/sharp-libvips-linux-x64": "1.0.4"
      }
    },
    "node_modules/@img/sharp-win32-x64": {
      "version": "0.33.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-win32-x64/-/sharp-win32-x64-0.33.5.tgz",
      "integrity": "sha512-MpY/o8/8kj+EcnxwvrP4aTJSWw/aZ7JIGR4aBeZkZw5B7/Jn+tY9/VNwtcoGmdT7GfggGIU4kygOMSbYnOrAbg==",
      "cpu": [
        "x64"
      ],
      "license": "Apache-2.0 AND LGPL-3.0-or-later",
      "optional": true,
      "os": [
        "win32"
      ],
      "engines": {
        "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
      },
      "funding": {
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/zod": {
      "version": "3.25.76",
      "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz",
      "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==",
      "license": "MIT",
      "funding": {
        "url": "https://github.com/sponsors/colinhacks"
      }
    }
  }
 }
--- a/mcp-server/package.json
+++ b/mcp-server/package.json
@@ -0,0 +1,13 @@
 {
  "name": "@shannon/mcp-server",
  "version": "1.0.0",
  "type": "module",
  "main": "./src/index.js",
  "scripts": {
    "clean": "rm -rf dist"
  },
  "dependencies": {
    "@anthropic-ai/claude-agent-sdk": "^0.1.0",
    "zod": "^3.22.4"
  }
 }
--- a/mcp-server/src/index.js
+++ b/mcp-server/src/index.js
@@ -0,0 +1,45 @@
 /**
 * Shannon Helper MCP Server
 *
 * In-process MCP server providing save_deliverable and generate_totp tools
 * for Shannon penetration testing agents.
 *
 * Replaces bash script invocations with native tool access.
 */
 import { createSdkMcpServer } from '@anthropic-ai/claude-agent-sdk';
 import { saveDeliverableTool } from './tools/save-deliverable.js';
 import { generateTotpTool } from './tools/generate-totp.js';
 /**
 * Create Shannon Helper MCP Server with target directory context
 *
 * @param {string} targetDir - The target repository directory where deliverables should be saved
 * @returns {Object} MCP server instance
 */
 export function createShannonHelperServer(targetDir) {
  // Store target directory for tool access
  global.__SHANNON_TARGET_DIR = targetDir;
  return createSdkMcpServer({
    name: 'shannon-helper',
    version: '1.0.0',
    tools: [saveDeliverableTool, generateTotpTool],
  });
 }
 /**
 * Legacy export for backward compatibility
 * @deprecated Use createShannonHelperServer(targetDir) instead
 */
 export const shannonHelperServer = createSdkMcpServer({
  name: 'shannon-helper',
  version: '1.0.0',
  tools: [saveDeliverableTool, generateTotpTool],
 });
 // Export tools for direct usage if needed
 export { saveDeliverableTool, generateTotpTool };
 // Export types for external use
 export * from './types/index.js';
--- a/mcp-server/src/tools/generate-totp.js
+++ b/mcp-server/src/tools/generate-totp.js
@@ -0,0 +1,137 @@
 /**
 * generate_totp MCP Tool
 *
 * Generates 6-digit TOTP codes for authentication.
 * Replaces tools/generate-totp-standalone.mjs bash script.
 * Based on RFC 6238 (TOTP) and RFC 4226 (HOTP).
 */
 import { tool } from '@anthropic-ai/claude-agent-sdk';
 import { createHmac } from 'crypto';
 import { z } from 'zod';
 import { createToolResult } from '../types/tool-responses.js';
 import { base32Decode, validateTotpSecret } from '../validation/totp-validator.js';
 import { createCryptoError, createGenericError } from '../utils/error-formatter.js';
 /**
 * Input schema for generate_totp tool
 */
 export const GenerateTotpInputSchema = z.object({
  secret: z
    .string()
    .min(1)
    .regex(/^[A-Z2-7]+$/i, 'Must be base32-encoded')
    .describe('Base32-encoded TOTP secret'),
 });
 /**
 * Generate HOTP code (RFC 4226)
 * Ported from generate-totp-standalone.mjs (lines 74-99)
 *
 * @param {string} secret - Base32-encoded secret
 * @param {number} counter - Counter value
 * @param {number} [digits=6] - Number of digits in OTP
 * @returns {string} OTP code
 */
 function generateHOTP(secret, counter, digits = 6) {
  const key = base32Decode(secret);
  // Convert counter to 8-byte buffer (big-endian)
  const counterBuffer = Buffer.alloc(8);
  counterBuffer.writeBigUInt64BE(BigInt(counter));
  // Generate HMAC-SHA1
  const hmac = createHmac('sha1', key);
  hmac.update(counterBuffer);
  const hash = hmac.digest();
  // Dynamic truncation
  const offset = hash[hash.length - 1] & 0x0f;
  const code =
    ((hash[offset] & 0x7f) << 24) |
    ((hash[offset + 1] & 0xff) << 16) |
    ((hash[offset + 2] & 0xff) << 8) |
    (hash[offset + 3] & 0xff);
  // Generate digits
  const otp = (code % Math.pow(10, digits)).toString().padStart(digits, '0');
  return otp;
 }
 /**
 * Generate TOTP code (RFC 6238)
 * Ported from generate-totp-standalone.mjs (lines 101-106)
 *
 * @param {string} secret - Base32-encoded secret
 * @param {number} [timeStep=30] - Time step in seconds
 * @param {number} [digits=6] - Number of digits in OTP
 * @returns {string} OTP code
 */
 function generateTOTP(secret, timeStep = 30, digits = 6) {
  const currentTime = Math.floor(Date.now() / 1000);
  const counter = Math.floor(currentTime / timeStep);
  return generateHOTP(secret, counter, digits);
 }
 /**
 * Get seconds until TOTP code expires
 *
 * @param {number} [timeStep=30] - Time step in seconds
 * @returns {number} Seconds until expiration
 */
 function getSecondsUntilExpiration(timeStep = 30) {
  const currentTime = Math.floor(Date.now() / 1000);
  return timeStep - (currentTime % timeStep);
 }
 /**
 * generate_totp tool implementation
 *
 * @param {Object} args
 * @param {string} args.secret - Base32-encoded TOTP secret
 * @returns {Promise<Object>} Tool result
 */
 export async function generateTotp(args) {
  try {
    const { secret } = args;
    // Validate secret (throws on error)
    validateTotpSecret(secret);
    // Generate TOTP code
    const totpCode = generateTOTP(secret);
    const expiresIn = getSecondsUntilExpiration();
    const timestamp = new Date().toISOString();
    // Success response
    const successResponse = {
      status: 'success',
      message: 'TOTP code generated successfully',
      totpCode,
      timestamp,
      expiresIn,
    };
    return createToolResult(successResponse);
  } catch (error) {
    // Check if it's a validation/crypto error
    if (error instanceof Error && (error.message.includes('base32') || error.message.includes('TOTP'))) {
      const errorResponse = createCryptoError(error.message, false);
      return createToolResult(errorResponse);
    }
    // Generic error
    const errorResponse = createGenericError(error, false);
    return createToolResult(errorResponse);
  }
 }
 /**
 * Tool definition for MCP server - created using SDK's tool() function
 */
 export const generateTotpTool = tool(
  'generate_totp',
  'Generates 6-digit TOTP code for authentication. Secret must be base32-encoded.',
  GenerateTotpInputSchema.shape,
  generateTotp
 );
--- a/mcp-server/src/tools/index.js
+++ b/mcp-server/src/tools/index.js
@@ -0,0 +1,6 @@
 /**
 * MCP Tools barrel export
 */
 export * from './save-deliverable.js';
 export * from './generate-totp.js';
--- a/mcp-server/src/tools/save-deliverable.js
+++ b/mcp-server/src/tools/save-deliverable.js
@@ -0,0 +1,85 @@
 /**
 * save_deliverable MCP Tool
 *
 * Saves deliverable files with automatic validation.
 * Replaces tools/save_deliverable.js bash script.
 */
 import { tool } from '@anthropic-ai/claude-agent-sdk';
 import { z } from 'zod';
 import { DeliverableType, DELIVERABLE_FILENAMES, isQueueType } from '../types/deliverables.js';
 import { createToolResult } from '../types/tool-responses.js';
 import { validateQueueJson } from '../validation/queue-validator.js';
 import { saveDeliverableFile } from '../utils/file-operations.js';
 import { createValidationError, createGenericError } from '../utils/error-formatter.js';
 /**
 * Input schema for save_deliverable tool
 */
 export const SaveDeliverableInputSchema = z.object({
  deliverable_type: z.nativeEnum(DeliverableType).describe('Type of deliverable to save'),
  content: z.string().min(1).describe('File content (markdown for analysis/evidence, JSON for queues)'),
 });
 /**
 * save_deliverable tool implementation
 *
 * @param {Object} args
 * @param {string} args.deliverable_type - Type of deliverable to save
 * @param {string} args.content - File content
 * @returns {Promise<Object>} Tool result
 */
 export async function saveDeliverable(args) {
  try {
    const { deliverable_type, content } = args;
    // Validate queue JSON if applicable
    if (isQueueType(deliverable_type)) {
      const queueValidation = validateQueueJson(content);
      if (!queueValidation.valid) {
        const errorResponse = createValidationError(
          queueValidation.message,
          true,
          {
            deliverableType: deliverable_type,
            expectedFormat: '{"vulnerabilities": [...]}',
          }
        );
        return createToolResult(errorResponse);
      }
    }
    // Get filename and save file
    const filename = DELIVERABLE_FILENAMES[deliverable_type];
    const filepath = saveDeliverableFile(filename, content);
    // Success response
    const successResponse = {
      status: 'success',
      message: `Deliverable saved successfully: ${filename}`,
      filepath,
      deliverableType: deliverable_type,
      validated: isQueueType(deliverable_type),
    };
    return createToolResult(successResponse);
  } catch (error) {
    const errorResponse = createGenericError(
      error,
      false,
      { deliverableType: args.deliverable_type }
    );
    return createToolResult(errorResponse);
  }
 }
 /**
 * Tool definition for MCP server - created using SDK's tool() function
 */
 export const saveDeliverableTool = tool(
  'save_deliverable',
  'Saves deliverable files with automatic validation. Queue files must have {"vulnerabilities": [...]} structure.',
  SaveDeliverableInputSchema.shape,
  saveDeliverable
 );
--- a/mcp-server/src/types/deliverables.js
+++ b/mcp-server/src/types/deliverables.js
@@ -0,0 +1,107 @@
 /**
 * Deliverable Type Definitions
 *
 * Maps deliverable types to their filenames and defines validation requirements.
 * Must match the exact mappings from tools/save_deliverable.js.
 */
 /**
 * @typedef {Object} DeliverableType
 * @property {string} CODE_ANALYSIS
 * @property {string} RECON
 * @property {string} INJECTION_ANALYSIS
 * @property {string} INJECTION_QUEUE
 * @property {string} XSS_ANALYSIS
 * @property {string} XSS_QUEUE
 * @property {string} AUTH_ANALYSIS
 * @property {string} AUTH_QUEUE
 * @property {string} AUTHZ_ANALYSIS
 * @property {string} AUTHZ_QUEUE
 * @property {string} SSRF_ANALYSIS
 * @property {string} SSRF_QUEUE
 * @property {string} INJECTION_EVIDENCE
 * @property {string} XSS_EVIDENCE
 * @property {string} AUTH_EVIDENCE
 * @property {string} AUTHZ_EVIDENCE
 * @property {string} SSRF_EVIDENCE
 */
 export const DeliverableType = {
  // Pre-recon agent
  CODE_ANALYSIS: 'CODE_ANALYSIS',
  // Recon agent
  RECON: 'RECON',
  // Vulnerability analysis agents
  INJECTION_ANALYSIS: 'INJECTION_ANALYSIS',
  INJECTION_QUEUE: 'INJECTION_QUEUE',
  XSS_ANALYSIS: 'XSS_ANALYSIS',
  XSS_QUEUE: 'XSS_QUEUE',
  AUTH_ANALYSIS: 'AUTH_ANALYSIS',
  AUTH_QUEUE: 'AUTH_QUEUE',
  AUTHZ_ANALYSIS: 'AUTHZ_ANALYSIS',
  AUTHZ_QUEUE: 'AUTHZ_QUEUE',
  SSRF_ANALYSIS: 'SSRF_ANALYSIS',
  SSRF_QUEUE: 'SSRF_QUEUE',
  // Exploitation agents
  INJECTION_EVIDENCE: 'INJECTION_EVIDENCE',
  XSS_EVIDENCE: 'XSS_EVIDENCE',
  AUTH_EVIDENCE: 'AUTH_EVIDENCE',
  AUTHZ_EVIDENCE: 'AUTHZ_EVIDENCE',
  SSRF_EVIDENCE: 'SSRF_EVIDENCE',
 };
 /**
 * Hard-coded filename mappings from agent prompts
 * Must match tools/save_deliverable.js exactly
 */
 export const DELIVERABLE_FILENAMES = {
  [DeliverableType.CODE_ANALYSIS]: 'code_analysis_deliverable.md',
  [DeliverableType.RECON]: 'recon_deliverable.md',
  [DeliverableType.INJECTION_ANALYSIS]: 'injection_analysis_deliverable.md',
  [DeliverableType.INJECTION_QUEUE]: 'injection_exploitation_queue.json',
  [DeliverableType.XSS_ANALYSIS]: 'xss_analysis_deliverable.md',
  [DeliverableType.XSS_QUEUE]: 'xss_exploitation_queue.json',
  [DeliverableType.AUTH_ANALYSIS]: 'auth_analysis_deliverable.md',
  [DeliverableType.AUTH_QUEUE]: 'auth_exploitation_queue.json',
  [DeliverableType.AUTHZ_ANALYSIS]: 'authz_analysis_deliverable.md',
  [DeliverableType.AUTHZ_QUEUE]: 'authz_exploitation_queue.json',
  [DeliverableType.SSRF_ANALYSIS]: 'ssrf_analysis_deliverable.md',
  [DeliverableType.SSRF_QUEUE]: 'ssrf_exploitation_queue.json',
  [DeliverableType.INJECTION_EVIDENCE]: 'injection_exploitation_evidence.md',
  [DeliverableType.XSS_EVIDENCE]: 'xss_exploitation_evidence.md',
  [DeliverableType.AUTH_EVIDENCE]: 'auth_exploitation_evidence.md',
  [DeliverableType.AUTHZ_EVIDENCE]: 'authz_exploitation_evidence.md',
  [DeliverableType.SSRF_EVIDENCE]: 'ssrf_exploitation_evidence.md',
 };
 /**
 * Queue types that require JSON validation
 */
 export const QUEUE_TYPES = [
  DeliverableType.INJECTION_QUEUE,
  DeliverableType.XSS_QUEUE,
  DeliverableType.AUTH_QUEUE,
  DeliverableType.AUTHZ_QUEUE,
  DeliverableType.SSRF_QUEUE,
 ];
 /**
 * Type guard to check if a deliverable type is a queue
 * @param {string} type - Deliverable type to check
 * @returns {boolean} True if the type is a queue type
 */
 export function isQueueType(type) {
  return QUEUE_TYPES.includes(type);
 }
 /**
 * @typedef {Object} VulnerabilityQueue
 * @property {Array<Object>} vulnerabilities - Array of vulnerability objects
 */
--- a/mcp-server/src/types/index.js
+++ b/mcp-server/src/types/index.js
@@ -0,0 +1,6 @@
 /**
 * Type definitions barrel export
 */
 export * from './deliverables.js';
 export * from './tool-responses.js';
--- a/mcp-server/src/types/tool-responses.js
+++ b/mcp-server/src/types/tool-responses.js
@@ -0,0 +1,58 @@
 /**
 * Tool Response Type Definitions
 *
 * Defines structured response formats for MCP tools to ensure
 * consistent error handling and success reporting.
 */
 /**
 * @typedef {Object} ErrorResponse
 * @property {'error'} status
 * @property {string} message
 * @property {string} errorType - ValidationError, FileSystemError, CryptoError, etc.
 * @property {boolean} retryable
 * @property {Record<string, unknown>} [context]
 */
 /**
 * @typedef {Object} SuccessResponse
 * @property {'success'} status
 * @property {string} message
 */
 /**
 * @typedef {Object} SaveDeliverableResponse
 * @property {'success'} status
 * @property {string} message
 * @property {string} filepath
 * @property {string} deliverableType
 * @property {boolean} validated - true if queue JSON was validated
 */
 /**
 * @typedef {Object} GenerateTotpResponse
 * @property {'success'} status
 * @property {string} message
 * @property {string} totpCode
 * @property {string} timestamp
 * @property {number} expiresIn - seconds until expiration
 */
 /**
 * Helper to create tool result from response
 * MCP tools should return this format
 *
 * @param {ErrorResponse | SaveDeliverableResponse | GenerateTotpResponse} response
 * @returns {{ content: Array<{ type: string; text: string }>; isError: boolean }}
 */
 export function createToolResult(response) {
  return {
    content: [
      {
        type: 'text',
        text: JSON.stringify(response, null, 2),
      },
    ],
    isError: response.status === 'error',
  };
 }
--- a/mcp-server/src/utils/error-formatter.js
+++ b/mcp-server/src/utils/error-formatter.js
@@ -0,0 +1,89 @@
 /**
 * Error Formatting Utilities
 *
 * Helper functions for creating structured error responses.
 */
 /**
 * @typedef {Object} ErrorResponse
 * @property {'error'} status
 * @property {string} message
 * @property {string} errorType
 * @property {boolean} retryable
 * @property {Record<string, unknown>} [context]
 */
 /**
 * Create a validation error response
 *
 * @param {string} message
 * @param {boolean} [retryable=true]
 * @param {Record<string, unknown>} [context]
 * @returns {ErrorResponse}
 */
 export function createValidationError(message, retryable = true, context) {
  return {
    status: 'error',
    message,
    errorType: 'ValidationError',
    retryable,
    context,
  };
 }
 /**
 * Create a file system error response
 *
 * @param {string} message
 * @param {boolean} [retryable=false]
 * @param {Record<string, unknown>} [context]
 * @returns {ErrorResponse}
 */
 export function createFileSystemError(message, retryable = false, context) {
  return {
    status: 'error',
    message,
    errorType: 'FileSystemError',
    retryable,
    context,
  };
 }
 /**
 * Create a crypto error response
 *
 * @param {string} message
 * @param {boolean} [retryable=false]
 * @param {Record<string, unknown>} [context]
 * @returns {ErrorResponse}
 */
 export function createCryptoError(message, retryable = false, context) {
  return {
    status: 'error',
    message,
    errorType: 'CryptoError',
    retryable,
    context,
  };
 }
 /**
 * Create a generic error response
 *
 * @param {unknown} error
 * @param {boolean} [retryable=false]
 * @param {Record<string, unknown>} [context]
 * @returns {ErrorResponse}
 */
 export function createGenericError(error, retryable = false, context) {
  const message = error instanceof Error ? error.message : String(error);
  const errorType = error instanceof Error ? error.constructor.name : 'UnknownError';
  return {
    status: 'error',
    message,
    errorType,
    retryable,
    context,
  };
 }
--- a/mcp-server/src/utils/file-operations.js
+++ b/mcp-server/src/utils/file-operations.js
@@ -0,0 +1,35 @@
 /**
 * File Operations Utilities
 *
 * Handles file system operations for deliverable saving.
 * Ported from tools/save_deliverable.js (lines 117-130).
 */
 import { writeFileSync, mkdirSync } from 'fs';
 import { join } from 'path';
 /**
 * Save deliverable file to deliverables/ directory
 *
 * @param {string} filename - Name of the file to save
 * @param {string} content - Content to write to the file
 * @returns {string} Full path to the saved file
 */
 export function saveDeliverableFile(filename, content) {
  // Use target directory from global context (set by createShannonHelperServer)
  const targetDir = global.__SHANNON_TARGET_DIR || process.cwd();
  const deliverablesDir = join(targetDir, 'deliverables');
  const filepath = join(deliverablesDir, filename);
  // Ensure deliverables directory exists
  try {
    mkdirSync(deliverablesDir, { recursive: true });
  } catch (error) {
    // Directory might already exist, ignore
  }
  // Write file (atomic write - single operation)
  writeFileSync(filepath, content, 'utf8');
  return filepath;
 }
--- a/mcp-server/src/utils/index.js
+++ b/mcp-server/src/utils/index.js
@@ -0,0 +1,6 @@
 /**
 * Utilities barrel export
 */
 export * from './file-operations.js';
 export * from './error-formatter.js';
--- a/mcp-server/src/validation/index.js
+++ b/mcp-server/src/validation/index.js
@@ -0,0 +1,6 @@
 /**
 * Validation layer barrel export
 */
 export * from './queue-validator.js';
 export * from './totp-validator.js';
--- a/mcp-server/src/validation/queue-validator.js
+++ b/mcp-server/src/validation/queue-validator.js
@@ -0,0 +1,51 @@
 /**
 * Queue Validator
 *
 * Validates JSON structure for vulnerability queue files.
 * Ported from tools/save_deliverable.js (lines 56-75).
 */
 /**
 * @typedef {Object} ValidationResult
 * @property {boolean} valid
 * @property {string} [message]
 * @property {Object} [data]
 */
 /**
 * Validate JSON structure for queue files
 * Queue files must have a 'vulnerabilities' array
 *
 * @param {string} content - JSON string to validate
 * @returns {ValidationResult} ValidationResult with valid flag, optional error message, and parsed data
 */
 export function validateQueueJson(content) {
  try {
    const parsed = JSON.parse(content);
    // Queue files must have a 'vulnerabilities' array
    if (!parsed.vulnerabilities) {
      return {
        valid: false,
        message: `Invalid queue structure: Missing 'vulnerabilities' property. Expected: {"vulnerabilities": [...]}`,
      };
    }
    if (!Array.isArray(parsed.vulnerabilities)) {
      return {
        valid: false,
        message: `Invalid queue structure: 'vulnerabilities' must be an array. Expected: {"vulnerabilities": [...]}`,
      };
    }
    return {
      valid: true,
      data: parsed,
    };
  } catch (error) {
    return {
      valid: false,
      message: `Invalid JSON: ${error instanceof Error ? error.message : String(error)}`,
    };
  }
 }
--- a/mcp-server/src/validation/totp-validator.js
+++ b/mcp-server/src/validation/totp-validator.js
@@ -0,0 +1,71 @@
 /**
 * TOTP Validator
 *
 * Validates TOTP secrets and provides base32 decoding.
 * Ported from tools/generate-totp-standalone.mjs (lines 43-72).
 */
 /**
 * Base32 decode function
 * Ported from generate-totp-standalone.mjs
 *
 * @param {string} encoded - Base32 encoded string
 * @returns {Buffer} Buffer containing decoded bytes
 */
 export function base32Decode(encoded) {
  const alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
  const cleanInput = encoded.toUpperCase().replace(/[^A-Z2-7]/g, '');
  if (cleanInput.length === 0) {
    return Buffer.alloc(0);
  }
  const output = [];
  let bits = 0;
  let value = 0;
  for (const char of cleanInput) {
    const index = alphabet.indexOf(char);
    if (index === -1) {
      throw new Error(`Invalid base32 character: ${char}`);
    }
    value = (value << 5) | index;
    bits += 5;
    if (bits >= 8) {
      output.push((value >>> (bits - 8)) & 255);
      bits -= 8;
    }
  }
  return Buffer.from(output);
 }
 /**
 * Validate TOTP secret
 * Must be base32-encoded string
 *
 * @param {string} secret - Secret to validate
 * @returns {boolean} true if valid, throws Error if invalid
 */
 export function validateTotpSecret(secret) {
  if (!secret || secret.length === 0) {
    throw new Error('TOTP secret cannot be empty');
  }
  // Check if it's valid base32 (only A-Z and 2-7, case-insensitive)
  const base32Regex = /^[A-Z2-7]+$/i;
  if (!base32Regex.test(secret.replace(/[^A-Z2-7]/gi, ''))) {
    throw new Error('TOTP secret must be base32-encoded (characters A-Z and 2-7)');
  }
  // Try to decode to ensure it's valid
  try {
    base32Decode(secret);
  } catch (error) {
    throw new Error(`Invalid TOTP secret: ${error instanceof Error ? error.message : String(error)}`);
  }
  return true;
 }
--- a/package-lock.json
+++ b/package-lock.json
@@ -8,6 +8,7 @@
      "name": "shannon",
      "version": "1.0.0",
      "dependencies": {
        "@anthropic-ai/claude-agent-sdk": "^0.1.0",
        "@anthropic-ai/claude-code": "^1.0.96",
        "ajv": "^8.12.0",
        "ajv-formats": "^2.1.1",
@@ -16,12 +17,33 @@
        "figlet": "^1.9.3",
        "gradient-string": "^3.0.0",
        "js-yaml": "^4.1.0",
        "zod": "^3.22.4",
        "zx": "^8.0.0"
      },
      "bin": {
        "shannon": "shannon.mjs"
      }
    },
    "node_modules/@anthropic-ai/claude-agent-sdk": {
      "version": "0.1.25",
      "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk/-/claude-agent-sdk-0.1.25.tgz",
      "integrity": "sha512-qwuydYaA3uamz4ivDzYXfL2PBjGwc0+beeIyo3nvtZQOtFLjH7xPdBK2w3+9KnB3L6V7VooAMdTXPpQyxCwcOg==",
      "license": "SEE LICENSE IN README.md",
      "engines": {
        "node": ">=18.0.0"
      },
      "optionalDependencies": {
        "@img/sharp-darwin-arm64": "^0.33.5",
        "@img/sharp-darwin-x64": "^0.33.5",
        "@img/sharp-linux-arm": "^0.33.5",
        "@img/sharp-linux-arm64": "^0.33.5",
        "@img/sharp-linux-x64": "^0.33.5",
        "@img/sharp-win32-x64": "^0.33.5"
      },
      "peerDependencies": {
        "zod": "^3.24.1"
      }
    },
    "node_modules/@anthropic-ai/claude-code": {
      "version": "1.0.96",
      "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-1.0.96.tgz",
@@ -64,6 +86,28 @@
        "@img/sharp-libvips-darwin-arm64": "1.0.4"
      }
    },
    "node_modules/@img/sharp-darwin-x64": {
      "version": "0.33.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-darwin-x64/-/sharp-darwin-x64-0.33.5.tgz",
      "integrity": "sha512-fyHac4jIc1ANYGRDxtiqelIbdWkIuQaI84Mv45KvGRRxSAa7o7d1ZKAOBaYbnepLC1WqxfpimdeWfvqqSGwR2Q==",
      "cpu": [
        "x64"
      ],
      "license": "Apache-2.0",
      "optional": true,
      "os": [
        "darwin"
      ],
      "engines": {
        "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
      },
      "funding": {
        "url": "https://opencollective.com/libvips"
      },
      "optionalDependencies": {
        "@img/sharp-libvips-darwin-x64": "1.0.4"
      }
    },
    "node_modules/@img/sharp-libvips-darwin-arm64": {
      "version": "1.0.4",
      "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-arm64/-/sharp-libvips-darwin-arm64-1.0.4.tgz",
@@ -80,6 +124,155 @@
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/@img/sharp-libvips-darwin-x64": {
      "version": "1.0.4",
      "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-x64/-/sharp-libvips-darwin-x64-1.0.4.tgz",
      "integrity": "sha512-xnGR8YuZYfJGmWPvmlunFaWJsb9T/AO2ykoP3Fz/0X5XV2aoYBPkX6xqCQvUTKKiLddarLaxpzNe+b1hjeWHAQ==",
      "cpu": [
        "x64"
      ],
      "license": "LGPL-3.0-or-later",
      "optional": true,
      "os": [
        "darwin"
      ],
      "funding": {
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/@img/sharp-libvips-linux-arm": {
      "version": "1.0.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm/-/sharp-libvips-linux-arm-1.0.5.tgz",
      "integrity": "sha512-gvcC4ACAOPRNATg/ov8/MnbxFDJqf/pDePbBnuBDcjsI8PssmjoKMAz4LtLaVi+OnSb5FK/yIOamqDwGmXW32g==",
      "cpu": [
        "arm"
      ],
      "license": "LGPL-3.0-or-later",
      "optional": true,
      "os": [
        "linux"
      ],
      "funding": {
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/@img/sharp-libvips-linux-arm64": {
      "version": "1.0.4",
      "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm64/-/sharp-libvips-linux-arm64-1.0.4.tgz",
      "integrity": "sha512-9B+taZ8DlyyqzZQnoeIvDVR/2F4EbMepXMc/NdVbkzsJbzkUjhXv/70GQJ7tdLA4YJgNP25zukcxpX2/SueNrA==",
      "cpu": [
        "arm64"
      ],
      "license": "LGPL-3.0-or-later",
      "optional": true,
      "os": [
        "linux"
      ],
      "funding": {
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/@img/sharp-libvips-linux-x64": {
      "version": "1.0.4",
      "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-x64/-/sharp-libvips-linux-x64-1.0.4.tgz",
      "integrity": "sha512-MmWmQ3iPFZr0Iev+BAgVMb3ZyC4KeFc3jFxnNbEPas60e1cIfevbtuyf9nDGIzOaW9PdnDciJm+wFFaTlj5xYw==",
      "cpu": [
        "x64"
      ],
      "license": "LGPL-3.0-or-later",
      "optional": true,
      "os": [
        "linux"
      ],
      "funding": {
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/@img/sharp-linux-arm": {
      "version": "0.33.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm/-/sharp-linux-arm-0.33.5.tgz",
      "integrity": "sha512-JTS1eldqZbJxjvKaAkxhZmBqPRGmxgu+qFKSInv8moZ2AmT5Yib3EQ1c6gp493HvrvV8QgdOXdyaIBrhvFhBMQ==",
      "cpu": [
        "arm"
      ],
      "license": "Apache-2.0",
      "optional": true,
      "os": [
        "linux"
      ],
      "engines": {
        "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
      },
      "funding": {
        "url": "https://opencollective.com/libvips"
      },
      "optionalDependencies": {
        "@img/sharp-libvips-linux-arm": "1.0.5"
      }
    },
    "node_modules/@img/sharp-linux-arm64": {
      "version": "0.33.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm64/-/sharp-linux-arm64-0.33.5.tgz",
      "integrity": "sha512-JMVv+AMRyGOHtO1RFBiJy/MBsgz0x4AWrT6QoEVVTyh1E39TrCUpTRI7mx9VksGX4awWASxqCYLCV4wBZHAYxA==",
      "cpu": [
        "arm64"
      ],
      "license": "Apache-2.0",
      "optional": true,
      "os": [
        "linux"
      ],
      "engines": {
        "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
      },
      "funding": {
        "url": "https://opencollective.com/libvips"
      },
      "optionalDependencies": {
        "@img/sharp-libvips-linux-arm64": "1.0.4"
      }
    },
    "node_modules/@img/sharp-linux-x64": {
      "version": "0.33.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-linux-x64/-/sharp-linux-x64-0.33.5.tgz",
      "integrity": "sha512-opC+Ok5pRNAzuvq1AG0ar+1owsu842/Ab+4qvU879ippJBHvyY5n2mxF1izXqkPYlGuP/M556uh53jRLJmzTWA==",
      "cpu": [
        "x64"
      ],
      "license": "Apache-2.0",
      "optional": true,
      "os": [
        "linux"
      ],
      "engines": {
        "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
      },
      "funding": {
        "url": "https://opencollective.com/libvips"
      },
      "optionalDependencies": {
        "@img/sharp-libvips-linux-x64": "1.0.4"
      }
    },
    "node_modules/@img/sharp-win32-x64": {
      "version": "0.33.5",
      "resolved": "https://registry.npmjs.org/@img/sharp-win32-x64/-/sharp-win32-x64-0.33.5.tgz",
      "integrity": "sha512-MpY/o8/8kj+EcnxwvrP4aTJSWw/aZ7JIGR4aBeZkZw5B7/Jn+tY9/VNwtcoGmdT7GfggGIU4kygOMSbYnOrAbg==",
      "cpu": [
        "x64"
      ],
      "license": "Apache-2.0 AND LGPL-3.0-or-later",
      "optional": true,
      "os": [
        "win32"
      ],
      "engines": {
        "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
      },
      "funding": {
        "url": "https://opencollective.com/libvips"
      }
    },
    "node_modules/@types/tinycolor2": {
      "version": "1.4.6",
      "resolved": "https://registry.npmjs.org/@types/tinycolor2/-/tinycolor2-1.4.6.tgz",
@@ -462,6 +655,15 @@
        "url": "https://github.com/chalk/wrap-ansi?sponsor=1"
      }
    },
    "node_modules/zod": {
      "version": "3.25.76",
      "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz",
      "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==",
      "license": "MIT",
      "funding": {
        "url": "https://github.com/sponsors/colinhacks"
      }
    },
    "node_modules/zx": {
      "version": "8.8.1",
      "resolved": "https://registry.npmjs.org/zx/-/zx-8.8.1.tgz",
--- a/package.json
+++ b/package.json
@@ -8,6 +8,7 @@
  },
  "dependencies": {
    "@anthropic-ai/claude-code": "^1.0.96",
    "@anthropic-ai/claude-agent-sdk": "^0.1.0",
    "ajv": "^8.12.0",
    "ajv-formats": "^2.1.1",
    "boxen": "^8.0.1",
@@ -15,6 +16,7 @@
    "figlet": "^1.9.3",
    "gradient-string": "^3.0.0",
    "js-yaml": "^4.1.0",
    "zod": "^3.22.4",
    "zx": "^8.0.0"
  },
  "bin": {
--- a/prompts/exploit-auth.txt
+++ b/prompts/exploit-auth.txt
@@ -158,9 +158,12 @@ You are the **Identity Compromise Specialist** - proving tangible impact of brok
 <available_tools>
 - **{{MCP_SERVER}} (Playwright):** Essential for interacting with multi-step authentication flows, injecting stolen session cookies, and verifying account takeover in a real browser context.
- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual API requests with `curl` to replay tokens and, most importantly, for **saving your final evidence** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves exploitation evidence files.
-  - **Saving Evidence:** To save your work, you MUST use the following command. The script handles correct naming. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your evidence report:** `node save_deliverable.js AUTH_EVIDENCE 'your complete evidence report'`
+    - `deliverable_type`: "AUTH_EVIDENCE" (required)
    - `content`: Your complete evidence report (markdown) (required)
  - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 - **Task Agent:** Mandatory coder-executor for brute force batches, credential stuffing, token replay automation, and any scripted workflow.
 - **TodoWrite tool:** Essential for managing your exploitation task list. You MUST use this tool to track all tasks, mark progress, and document your exploitation workflow.
 - **Read tool:** To read false positives from your tracking file at `workspace/auth_false_positives.md`.
@@ -418,7 +421,7 @@ If [blocker] were bypassed/removed:
 COMPLETION REQUIREMENTS (ALL must be satisfied):
 	1. Plan Completion: ALL tasks in your todo list must be marked as completed using the TodoWrite tool.
 	2. Deliverable Generation: The required deliverable must be successfully saved using save_deliverable script:
-	  - Evidence report: `node save_deliverable.js AUTH_EVIDENCE 'your evidence report'`
+	  - Evidence report: Use `save_deliverable` MCP tool with `deliverable_type: "AUTH_EVIDENCE"` and your evidence report as `content`
 CRITICAL WARNING: Announcing completion before every item in deliverables/auth_exploitation_queue.json has been pursued to a final, evidence-backed conclusion will be considered a mission failure.
--- a/prompts/exploit-authz.txt
+++ b/prompts/exploit-authz.txt
@@ -145,9 +145,12 @@ You are the **Privilege Escalation Specialist** - proving tangible impact of bro
 <available_tools>
 - **{{MCP_SERVER}} (Playwright):** Essential for interacting with complex authorization flows, testing role-based access controls in browser contexts, and verifying privilege escalation through UI elements.
- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual API requests with `curl` to test IDOR vulnerabilities and, most importantly, for **saving your final evidence** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves exploitation evidence files.
-  - **Saving Evidence:** To save your work, you MUST use the following command. The script handles correct naming. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your evidence report:** `node save_deliverable.js AUTHZ_EVIDENCE 'your complete evidence report'`
+    - `deliverable_type`: "AUTHZ_EVIDENCE" (required)
    - `content`: Your complete evidence report (markdown) (required)
  - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 - **Task Agent:** Mandatory coder-executor for IDOR sweeps, role escalation loops, and workflow bypass automation.
 - **TodoWrite tool:** Essential for managing your exploitation task list. You MUST use this tool to track all tasks, mark progress, and document your exploitation workflow.
 - **Read tool:** To read false positives from your tracking file at `workspace/authz_false_positives.md`.
@@ -420,7 +423,7 @@ If [blocker] were bypassed/removed:
 COMPLETION REQUIREMENTS (ALL must be satisfied):
 	1. Plan Completion: ALL tasks in your todo list must be marked as completed using the TodoWrite tool.
 	2. Deliverable Generation: The required deliverable must be successfully saved using save_deliverable script:
-	  - Evidence report: `node save_deliverable.js AUTHZ_EVIDENCE 'your evidence report'`
+	  - Evidence report: Use `save_deliverable` MCP tool with `deliverable_type: "AUTHZ_EVIDENCE"` and your evidence report as `content`
 CRITICAL WARNING: Announcing completion before every item in deliverables/authz_exploitation_queue.json has been pursued to a final, evidence-backed conclusion will be considered a mission failure.
--- a/prompts/exploit-injection.txt
+++ b/prompts/exploit-injection.txt
@@ -126,9 +126,12 @@ You are the **Proof-of-Impact Generator** - converting theoretical injection fla
 <available_tools>
 - **{{MCP_SERVER}} (Playwright):** For testing injection vulnerabilities through browser interactions when needed.
- **Bash tool:** Your primary tool for executing shell commands. Use it for attacks with `curl` and automated tools like `sqlmap` and, most importantly, for **saving your final evidence** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves exploitation evidence files.
-  - **Saving Evidence:** To save your work, you MUST use the following command. The script handles correct naming. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your evidence report:** `node save_deliverable.js INJECTION_EVIDENCE 'your complete evidence report'`
+    - `deliverable_type`: "INJECTION_EVIDENCE" (required)
    - `content`: Your complete evidence report (markdown) (required)
  - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 - **Task Agent:** Mandatory coder-executor for any custom scripting beyond single ad-hoc commands.
 - **TodoWrite tool:** Essential for managing your exploitation task list. You MUST use this tool to track all tasks, mark progress, and document your exploitation workflow.
 - **Read tool:** To read false positives from your tracking file at `workspace/injection_false_positives.md`.
@@ -445,8 +448,8 @@ If [blocker] were bypassed/removed:
 COMPLETION REQUIREMENTS (ALL must be satisfied):
 1.  **Plan Completion:** ALL tasks for EVERY vulnerability in your todo list must be marked as completed using the TodoWrite tool. **No vulnerability or task can be left unaddressed.**
-2.  **Deliverable Generation:** The required deliverable must be successfully saved using save_deliverable script:
+2.  **Deliverable Generation:** The required deliverable must be successfully saved using save_deliverable MCP tool:
-    - Evidence report: `node save_deliverable.js INJECTION_EVIDENCE 'your evidence report'`
+    - Evidence report: Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_EVIDENCE"` and your evidence report as `content`
 **CRITICAL WARNING:** Announcing completion before every item in `deliverables/injection_exploitation_queue.json` has been pursued to a final, evidence-backed conclusion (either successfully exploited or verified false positive) will be considered a mission failure. Superficial testing is not acceptable.
--- a/prompts/exploit-ssrf.txt
+++ b/prompts/exploit-ssrf.txt
@@ -144,9 +144,12 @@ You are the **Network Boundary Breaker** - proving tangible impact of SSRF vulne
 </system_architecture>
 <available_tools>
- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting HTTP requests with `curl` to exploit SSRF vulnerabilities and, most importantly, for **saving your final evidence** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves exploitation evidence files.
-  - **Saving Evidence:** To save your work, you MUST use the following command. The script handles correct naming. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your evidence report:** `node save_deliverable.js SSRF_EVIDENCE 'your complete evidence report'`
+    - `deliverable_type`: "SSRF_EVIDENCE" (required)
    - `content`: Your complete evidence report (markdown) (required)
  - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 - **{{MCP_SERVER}} (Playwright):** Useful for complex multi-step SSRF exploitation that requires browser context or JavaScript execution.
 - **Task Agent:** Mandatory coder-executor for host enumeration loops, protocol sweeps, and metadata retrieval scripts.
 - **TodoWrite tool:** Essential for managing your exploitation task list. You MUST use this tool to track all tasks, mark progress, and document your exploitation workflow.
@@ -497,7 +500,7 @@ If [blocker] were bypassed/removed:
 COMPLETION REQUIREMENTS (ALL must be satisfied):
 	1. Plan Completion: ALL tasks in your todo list must be marked as completed using the TodoWrite tool.
 	2. Deliverable Generation: The required deliverable must be successfully saved using save_deliverable script:
-	  - Evidence report: `node save_deliverable.js SSRF_EVIDENCE 'your evidence report'`
+	  - Evidence report: Use `save_deliverable` MCP tool with `deliverable_type: "SSRF_EVIDENCE"` and your evidence report as `content`
 CRITICAL WARNING: Announcing completion before every item in deliverables/ssrf_exploitation_queue.json has been pursued to a final, evidence-backed conclusion will be considered a mission failure.
--- a/prompts/exploit-xss.txt
+++ b/prompts/exploit-xss.txt
@@ -147,9 +147,12 @@ You are the **Client-Side Impact Demonstrator** - converting theoretical XSS fla
 <available_tools>
 - **{{MCP_SERVER}} (Playwright):** Your primary tool for testing DOM-based and Stored XSS, confirming script execution in a real browser context, and interacting with the application post-exploitation.
- **Bash tool:** Your primary tool for executing shell commands. Use it for testing Reflected XSS with `curl` and, most importantly, for **saving your final evidence** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves exploitation evidence files.
-  - **Saving Evidence:** To save your work, you MUST use the following command. The script handles correct naming. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your evidence report:** `node save_deliverable.js XSS_EVIDENCE 'your complete evidence report'`
+    - `deliverable_type`: "XSS_EVIDENCE" (required)
    - `content`: Your complete evidence report (markdown) (required)
  - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 - **Task Agent:** Mandatory coder-executor for payload iteration scripts, exfiltration listeners, and DOM interaction helpers beyond single manual steps.
 - **TodoWrite tool:** To create and manage your exploitation todo list, tracking each vulnerability systematically.
 - **Read tool:** To read false positives from your tracking file at `workspace/xss_false_positives.md`.
@@ -436,8 +439,8 @@ If [blocker] were bypassed/removed:
 COMPLETION REQUIREMENTS (ALL must be satisfied):
 - Todo List Completion: ALL vulnerabilities from the exploitation queue must have been processed and marked as completed in your todo list.
- Deliverable Generation: The required deliverable must be successfully saved using save_deliverable script:
+- Deliverable Generation: The required deliverable must be successfully saved using save_deliverable MCP tool:
-  - Evidence report: `node save_deliverable.js XSS_EVIDENCE 'your evidence report'`
+  - Evidence report: Use `save_deliverable` MCP tool with `deliverable_type: "XSS_EVIDENCE"` and your evidence report as `content`
 **CRITICAL WARNING:** Announcing completion before every item in `deliverables/xss_exploitation_queue.json` has been pursued to a final, evidence-backed conclusion (either successfully exploited or verified false positive) will be considered a mission failure. Superficial testing is not acceptable.
--- a/prompts/pipeline-testing/exploit-auth.txt
+++ b/prompts/pipeline-testing/exploit-auth.txt
@@ -19,30 +19,11 @@
   ```
 ### Step 2: Create Required Deliverable
-Use the save_deliverable script to create your evidence:
+Use the save_deliverable MCP tool to create your evidence:
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js AUTH_EVIDENCE '# Authentication Exploitation Evidence (Pipeline Test)
+- `deliverable_type: "AUTH_EVIDENCE"`
-
+- `content: "# Authentication Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** auth-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test authentication vulnerability\n- **Method:** Authentication bypass via parameter manipulation\n- **Evidence:** Successfully bypassed login using admin=true parameter\n- **Impact:** Demonstrated unauthorized access to protected resources\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** AUTH-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** Parameter-based authentication bypass\n- **Bypass Method:** URL parameter manipulation"`
 **MCP Server Used:** {{MCP_SERVER}}
 **Test Site:** https://example.com
 **Screenshot:** auth-exploit-test.png
 **Status:** Browser isolation test successful
 ## Exploitation Results
 - **Target:** Test authentication vulnerability
 - **Method:** Authentication bypass via parameter manipulation
 - **Evidence:** Successfully bypassed login using admin=true parameter
 - **Impact:** Demonstrated unauthorized access to protected resources
 - **Proof:** Pipeline testing mode - simulated successful exploitation
 ## Technical Details
 - **Vulnerability ID:** AUTH-VULN-01
 - **Exploitation Status:** Simulated Success (Pipeline Test)
 - **MCP Instance:** {{MCP_SERVER}}
 - **Attack Vector:** Parameter-based authentication bypass
 - **Bypass Method:** URL parameter manipulation'
 ```
 This will automatically create `deliverables/auth_exploitation_evidence.md`.
--- a/prompts/pipeline-testing/exploit-authz.txt
+++ b/prompts/pipeline-testing/exploit-authz.txt
@@ -19,30 +19,11 @@
   ```
 ### Step 2: Create Required Deliverable
-Use the save_deliverable script to create your evidence:
+Use the save_deliverable MCP tool to create your evidence:
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js AUTHZ_EVIDENCE '# Authorization Exploitation Evidence (Pipeline Test)
+- `deliverable_type: "AUTHZ_EVIDENCE"`
-
+- `content: "# Authorization Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** authz-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test authorization vulnerability\n- **Method:** Privilege escalation via direct object reference\n- **Evidence:** Successfully accessed admin panel with user-level privileges\n- **Impact:** Demonstrated unauthorized access to privileged functionality\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** AUTHZ-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** Insecure Direct Object Reference (IDOR)\n- **Escalation Method:** User ID manipulation in API calls"`
 **MCP Server Used:** {{MCP_SERVER}}
 **Test Site:** https://example.com
 **Screenshot:** authz-exploit-test.png
 **Status:** Browser isolation test successful
 ## Exploitation Results
 - **Target:** Test authorization vulnerability
 - **Method:** Privilege escalation via direct object reference
 - **Evidence:** Successfully accessed admin panel with user-level privileges
 - **Impact:** Demonstrated unauthorized access to privileged functionality
 - **Proof:** Pipeline testing mode - simulated successful exploitation
 ## Technical Details
 - **Vulnerability ID:** AUTHZ-VULN-01
 - **Exploitation Status:** Simulated Success (Pipeline Test)
 - **MCP Instance:** {{MCP_SERVER}}
 - **Attack Vector:** Insecure Direct Object Reference (IDOR)
 - **Escalation Method:** User ID manipulation in API calls'
 ```
 This will automatically create `deliverables/authz_exploitation_evidence.md`.
--- a/prompts/pipeline-testing/exploit-injection.txt
+++ b/prompts/pipeline-testing/exploit-injection.txt
@@ -19,28 +19,11 @@
   ```
 ### Step 2: Create Required Deliverable
-Use the save_deliverable script to create your evidence:
+Use the save_deliverable MCP tool to create your evidence:
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js INJECTION_EVIDENCE '# Injection Exploitation Evidence (Pipeline Test)
+- `deliverable_type: "INJECTION_EVIDENCE"`
-
+- `content: "# Injection Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** injection-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test injection vulnerability\n- **Method:** SQL injection via query parameter\n- **Evidence:** Successfully executed test payload `'; DROP TABLE users; --`\n- **Impact:** Demonstrated ability to manipulate database queries\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** INJ-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}"`
 **MCP Server Used:** {{MCP_SERVER}}
 **Test Site:** https://example.com
 **Screenshot:** injection-exploit-test.png
 **Status:** Browser isolation test successful
 ## Exploitation Results
 - **Target:** Test injection vulnerability
 - **Method:** SQL injection via query parameter
 - **Evidence:** Successfully executed test payload `'"'"'; DROP TABLE users; --`
 - **Impact:** Demonstrated ability to manipulate database queries
 - **Proof:** Pipeline testing mode - simulated successful exploitation
 ## Technical Details
 - **Vulnerability ID:** INJ-VULN-01
 - **Exploitation Status:** Simulated Success (Pipeline Test)
 - **MCP Instance:** {{MCP_SERVER}}'
 ```
 This will automatically create `deliverables/injection_exploitation_evidence.md`.
--- a/prompts/pipeline-testing/exploit-ssrf.txt
+++ b/prompts/pipeline-testing/exploit-ssrf.txt
@@ -19,30 +19,11 @@
   ```
 ### Step 2: Create Required Deliverable
-Use the save_deliverable script to create your evidence:
+Use the save_deliverable MCP tool to create your evidence:
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js SSRF_EVIDENCE '# SSRF Exploitation Evidence (Pipeline Test)
+- `deliverable_type: "SSRF_EVIDENCE"`
-
+- `content: "# SSRF Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** ssrf-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test SSRF vulnerability\n- **Method:** Server-Side Request Forgery via URL parameter\n- **Evidence:** Successfully forced server to make request to internal network\n- **Impact:** Demonstrated access to internal services and potential data exfiltration\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** SSRF-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** URL parameter manipulation\n- **Target:** Internal network services (localhost:8080)"`
 **MCP Server Used:** {{MCP_SERVER}}
 **Test Site:** https://example.com
 **Screenshot:** ssrf-exploit-test.png
 **Status:** Browser isolation test successful
 ## Exploitation Results
 - **Target:** Test SSRF vulnerability
 - **Method:** Server-Side Request Forgery via URL parameter
 - **Evidence:** Successfully forced server to make request to internal network
 - **Impact:** Demonstrated access to internal services and potential data exfiltration
 - **Proof:** Pipeline testing mode - simulated successful exploitation
 ## Technical Details
 - **Vulnerability ID:** SSRF-VULN-01
 - **Exploitation Status:** Simulated Success (Pipeline Test)
 - **MCP Instance:** {{MCP_SERVER}}
 - **Attack Vector:** URL parameter manipulation
 - **Target:** Internal network services (localhost:8080)'
 ```
 This will automatically create `deliverables/ssrf_exploitation_evidence.md`.
--- a/prompts/pipeline-testing/exploit-xss.txt
+++ b/prompts/pipeline-testing/exploit-xss.txt
@@ -19,29 +19,11 @@
   ```
 ### Step 2: Create Required Deliverable
-Use the save_deliverable script to create your evidence:
+Use the save_deliverable MCP tool to create your evidence:
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js XSS_EVIDENCE '# XSS Exploitation Evidence (Pipeline Test)
+- `deliverable_type: "XSS_EVIDENCE"`
-
+- `content: "# XSS Exploitation Evidence (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** xss-exploit-test.png\n**Status:** Browser isolation test successful\n\n## Exploitation Results\n- **Target:** Test XSS vulnerability\n- **Method:** Reflected XSS via search parameter\n- **Evidence:** Successfully executed payload `<script>alert('XSS')</script>`\n- **Impact:** Demonstrated JavaScript code execution in user context\n- **Proof:** Pipeline testing mode - simulated successful exploitation\n\n## Technical Details\n- **Vulnerability ID:** XSS-VULN-01\n- **Exploitation Status:** Simulated Success (Pipeline Test)\n- **MCP Instance:** {{MCP_SERVER}}\n- **Attack Vector:** Reflected XSS in search functionality"`
 **MCP Server Used:** {{MCP_SERVER}}
 **Test Site:** https://example.com
 **Screenshot:** xss-exploit-test.png
 **Status:** Browser isolation test successful
 ## Exploitation Results
 - **Target:** Test XSS vulnerability
 - **Method:** Reflected XSS via search parameter
 - **Evidence:** Successfully executed payload `<script>alert('"'"'XSS'"'"')</script>`
 - **Impact:** Demonstrated JavaScript code execution in user context
 - **Proof:** Pipeline testing mode - simulated successful exploitation
 ## Technical Details
 - **Vulnerability ID:** XSS-VULN-01
 - **Exploitation Status:** Simulated Success (Pipeline Test)
 - **MCP Instance:** {{MCP_SERVER}}
 - **Attack Vector:** Reflected XSS in search functionality'
 ```
 This will automatically create `deliverables/xss_exploitation_evidence.md`.
--- a/prompts/pipeline-testing/pre-recon-code.txt
+++ b/prompts/pipeline-testing/pre-recon-code.txt
@@ -1,6 +1 @@
-Run this command and do nothing else:
+Use the save_deliverable MCP tool with `deliverable_type: "CODE_ANALYSIS"` and `content: "Pre-recon analysis complete"`. Then say "Done".
 ```bash
 node save_deliverable.js CODE_ANALYSIS 'Pre-recon analysis complete'
 ```
 Then say "Done".
--- a/prompts/pipeline-testing/recon.txt
+++ b/prompts/pipeline-testing/recon.txt
@@ -1,6 +1 @@
-Run this command and do nothing else:
+Use the save_deliverable MCP tool with `deliverable_type: "RECON"` and `content: "Reconnaissance analysis complete"`. Then say "Done".
 ```bash
 node save_deliverable.js RECON 'Reconnaissance analysis complete'
 ```
 Then say "Done".
--- a/prompts/pipeline-testing/vuln-auth.txt
+++ b/prompts/pipeline-testing/vuln-auth.txt
@@ -19,38 +19,19 @@
   ```
 ### Step 2: Create Required Deliverables
-Use the save_deliverable script to create both deliverables:
+Use the save_deliverable MCP tool to create both deliverables:
 **1. Analysis Report:**
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js AUTH_ANALYSIS '# Auth Analysis Complete (Pipeline Test)
+- `deliverable_type: "AUTH_ANALYSIS"`
-
+- `content: "# Auth Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.net\n**Screenshot:** auth-agent-test.png\n**Status:** Browser isolation test successful"`
 **MCP Server Used:** {{MCP_SERVER}}
 **Test Site:** https://example.net
 **Screenshot:** auth-agent-test.png
 **Status:** Browser isolation test successful'
 ```
 **2. Exploitation Queue:**
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js AUTH_QUEUE '{
+- `deliverable_type: "AUTH_QUEUE"`
-  "vulnerabilities": [
+- `content: {"vulnerabilities": [{"ID": "AUTH-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test auth vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "Authentication_Bypass", "endpoint": "/api/login", "flaw_type": "Missing token validation", "exploit_hypothesis": "Empty or invalid token allows access to protected resources", "witness_payload": "Authorization: Bearer invalid_token"}]}`
    {
      "ID": "AUTH-VULN-01",
      "verdict": "vulnerable",
      "confidence": "high",
      "notes": "Test auth vulnerability for pipeline validation (MCP: {{MCP_SERVER}})",
      "vulnerability_type": "Authentication_Bypass",
      "endpoint": "/api/login",
      "flaw_type": "Missing token validation",
      "exploit_hypothesis": "Empty or invalid token allows access to protected resources",
      "witness_payload": "Authorization: Bearer invalid_token"
    }
  ]
 }'
 ```
-These commands will automatically create the correct files in `deliverables/`.
+These tools will automatically create the correct files in `deliverables/`.
 ### Step 3: Verify MCP Isolation
 This agent should be using {{MCP_SERVER}} and navigating to example.net independently of other parallel agents.
--- a/prompts/pipeline-testing/vuln-authz.txt
+++ b/prompts/pipeline-testing/vuln-authz.txt
@@ -19,37 +19,19 @@
   ```
 ### Step 2: Create Required Deliverables
-Use the save_deliverable script to create both deliverables:
+Use the save_deliverable MCP tool to create both deliverables:
 **1. Analysis Report:**
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js AUTHZ_ANALYSIS '# Authorization Analysis Complete (Pipeline Test)
+- `deliverable_type: "AUTHZ_ANALYSIS"`
-
+- `content: "# Authorization Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://jsonplaceholder.typicode.com\n**Screenshot:** authz-agent-test.png\n**Status:** Browser isolation test successful"`
 **MCP Server Used:** {{MCP_SERVER}}
 **Test Site:** https://jsonplaceholder.typicode.com
 **Screenshot:** authz-agent-test.png
 **Status:** Browser isolation test successful'
 ```
 **2. Exploitation Queue:**
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js AUTHZ_QUEUE '{
+- `deliverable_type: "AUTHZ_QUEUE"`
-  "vulnerabilities": [
+- `content: {"vulnerabilities": [{"ID": "AUTHZ-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test authz vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "Vertical", "endpoint": "/admin/users", "actual_access": "Regular users can access admin functions", "witness_payload": "GET /admin/users with regular user token"}]}`
    {
      "ID": "AUTHZ-VULN-01",
      "verdict": "vulnerable",
      "confidence": "high",
      "notes": "Test authz vulnerability for pipeline validation (MCP: {{MCP_SERVER}})",
      "vulnerability_type": "Vertical",
      "endpoint": "/admin/users",
      "actual_access": "Regular users can access admin functions",
      "witness_payload": "GET /admin/users with regular user token"
    }
  ]
 }'
 ```
-These commands will automatically create the correct files in `deliverables/`.
+These tools will automatically create the correct files in `deliverables/`.
 ### Step 3: Verify MCP Isolation
 This agent should be using {{MCP_SERVER}} and navigating to jsonplaceholder.typicode.com independently of other parallel agents.
--- a/prompts/pipeline-testing/vuln-injection.txt
+++ b/prompts/pipeline-testing/vuln-injection.txt
@@ -19,40 +19,19 @@
   ```
 ### Step 2: Create Required Deliverables
-Use the save_deliverable script to create both deliverables:
+Use the save_deliverable MCP tool to create both deliverables:
 **1. Analysis Report:**
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js INJECTION_ANALYSIS '# Injection Analysis Complete (Pipeline Test)
+- `deliverable_type: "INJECTION_ANALYSIS"`
-
+- `content: "# Injection Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.com\n**Screenshot:** injection-agent-test.png\n**Status:** Browser isolation test successful"`
 **MCP Server Used:** {{MCP_SERVER}}
 **Test Site:** https://example.com
 **Screenshot:** injection-agent-test.png
 **Status:** Browser isolation test successful'
 ```
 **2. Exploitation Queue:**
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js INJECTION_QUEUE '{
+- `deliverable_type: "INJECTION_QUEUE"`
-  "vulnerabilities": [
+- `content: {"vulnerabilities": [{"ID": "INJ-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "SQLi", "source": "query parameter at app.js:15", "path": "controller → db.query", "sink_call": "db.query at app.js:20", "slot_type": "SQL-val", "mismatch_reason": "User input directly concatenated into SQL query", "witness_payload": "'; DROP TABLE users; --"}]}`
    {
      "ID": "INJ-VULN-01",
      "verdict": "vulnerable",
      "confidence": "high",
      "notes": "Test vulnerability for pipeline validation (MCP: {{MCP_SERVER}})",
      "vulnerability_type": "SQLi",
      "source": "query parameter at app.js:15",
      "path": "controller → db.query",
      "sink_call": "db.query at app.js:20",
      "slot_type": "SQL-val",
      "mismatch_reason": "User input directly concatenated into SQL query",
      "witness_payload": "'"'"'; DROP TABLE users; --"
    }
  ]
 }'
 ```
-These commands will automatically create the correct files in `deliverables/`.
+These tools will automatically create the correct files in `deliverables/`.
 ### Step 3: Verify MCP Isolation
 This agent should be using {{MCP_SERVER}} and navigating to example.com independently of other parallel agents.
--- a/prompts/pipeline-testing/vuln-ssrf.txt
+++ b/prompts/pipeline-testing/vuln-ssrf.txt
@@ -19,37 +19,19 @@
   ```
 ### Step 2: Create Required Deliverables
-Use the save_deliverable script to create both deliverables:
+Use the save_deliverable MCP tool to create both deliverables:
 **1. Analysis Report:**
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js SSRF_ANALYSIS '# SSRF Analysis Complete (Pipeline Test)
+- `deliverable_type: "SSRF_ANALYSIS"`
-
+- `content: "# SSRF Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://httpbin.org\n**Screenshot:** ssrf-agent-test.png\n**Status:** Browser isolation test successful"`
 **MCP Server Used:** {{MCP_SERVER}}
 **Test Site:** https://httpbin.org
 **Screenshot:** ssrf-agent-test.png
 **Status:** Browser isolation test successful'
 ```
 **2. Exploitation Queue:**
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js SSRF_QUEUE '{
+- `deliverable_type: "SSRF_QUEUE"`
-  "vulnerabilities": [
+- `content: {"vulnerabilities": [{"ID": "SSRF-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test SSRF vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "URL_Manipulation", "source": "url parameter in /api/fetch", "outbound_call": "fetch() at api.js:45", "witness_payload": "http://internal.localhost/admin"}]}`
    {
      "ID": "SSRF-VULN-01",
      "verdict": "vulnerable",
      "confidence": "high",
      "notes": "Test SSRF vulnerability for pipeline validation (MCP: {{MCP_SERVER}})",
      "vulnerability_type": "URL_Manipulation",
      "source": "url parameter in /api/fetch",
      "outbound_call": "fetch() at api.js:45",
      "witness_payload": "http://internal.localhost/admin"
    }
  ]
 }'
 ```
-These commands will automatically create the correct files in `deliverables/`.
+These tools will automatically create the correct files in `deliverables/`.
 ### Step 3: Verify MCP Isolation
 This agent should be using {{MCP_SERVER}} and navigating to httpbin.org independently of other parallel agents.
--- a/prompts/pipeline-testing/vuln-xss.txt
+++ b/prompts/pipeline-testing/vuln-xss.txt
@@ -19,39 +19,19 @@
   ```
 ### Step 2: Create Required Deliverables
-Use the save_deliverable script to create both deliverables:
+Use the save_deliverable MCP tool to create both deliverables:
 **1. Analysis Report:**
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js XSS_ANALYSIS '# XSS Analysis Complete (Pipeline Test)
+- `deliverable_type: "XSS_ANALYSIS"`
-
+- `content: "# XSS Analysis Complete (Pipeline Test)\n\n**MCP Server Used:** {{MCP_SERVER}}\n**Test Site:** https://example.org\n**Screenshot:** xss-agent-test.png\n**Status:** Browser isolation test successful"`
 **MCP Server Used:** {{MCP_SERVER}}
 **Test Site:** https://example.org
 **Screenshot:** xss-agent-test.png
 **Status:** Browser isolation test successful'
 ```
 **2. Exploitation Queue:**
-```bash
+Use `save_deliverable` MCP tool with:
-node save_deliverable.js XSS_QUEUE '{
+- `deliverable_type: "XSS_QUEUE"`
-  "vulnerabilities": [
+- `content: {"vulnerabilities": [{"ID": "XSS-VULN-01", "verdict": "vulnerable", "confidence": "high", "notes": "Test XSS vulnerability for pipeline validation (MCP: {{MCP_SERVER}})", "vulnerability_type": "Reflected", "source": "search parameter", "sink_function": "template.render at search.js:25", "render_context": "HTML_BODY", "mismatch_reason": "User input rendered without HTML encoding", "witness_payload": "<script>alert(1)</script>"}]}`
    {
      "ID": "XSS-VULN-01",
      "verdict": "vulnerable",
      "confidence": "high",
      "notes": "Test XSS vulnerability for pipeline validation (MCP: {{MCP_SERVER}})",
      "vulnerability_type": "Reflected",
      "source": "search parameter",
      "sink_function": "template.render at search.js:25",
      "render_context": "HTML_BODY",
      "mismatch_reason": "User input rendered without HTML encoding",
      "witness_payload": "<script>alert(1)</script>"
    }
  ]
 }'
 ```
-These commands will automatically create the correct files in `deliverables/`.
+These tools will automatically create the correct files in `deliverables/`.
 ### Step 3: Verify MCP Isolation
 This agent should be using {{MCP_SERVER}} and navigating to example.org independently of other parallel agents.
--- a/prompts/pre-recon-code.txt
+++ b/prompts/pre-recon-code.txt
@@ -78,9 +78,13 @@ You are the **Code Intelligence Gatherer** and **Architectural Foundation Builde
 **Available Tools:**
 - **Task Agent (Code Analysis):** Your primary tool. Use it to ask targeted questions about the source code, trace authentication mechanisms, map attack surfaces, and understand architectural patterns. MANDATORY for all source code analysis.
 - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create todo items for each phase and agent that needs execution. Mark items as "in_progress" when working on them and "completed" when done.
- **Bash tool:** Your primary tool for executing shell commands. Use it for creating directories, copying files, and, most importantly, for **saving your final deliverable** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves your final deliverable file with automatic validation.
-  - **Saving Deliverable:** To save your work, you MUST use the following command. The script handles correct naming and validates output. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your analysis report:** `node save_deliverable.js CODE_ANALYSIS 'your complete markdown report'`
+    - `deliverable_type`: "CODE_ANALYSIS" (required)
    - `content`: Your complete markdown report (required)
  - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure
  - **Usage:** Call the tool with your complete markdown report. The tool handles correct naming and file validation automatically.
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 </available_tools>
 <task_agent_strategy>
@@ -123,7 +127,7 @@ After Phase 1 completes, launch all three vulnerability-focused agents in parall
  - Create the `outputs/schemas/` directory using mkdir -p
  - Copy all discovered schema files to `outputs/schemas/` with descriptive names
  - Include schema locations in your attack surface analysis
- Save complete analysis using: `node save_deliverable.js CODE_ANALYSIS 'your complete markdown report'`
+- Save complete analysis using the `save_deliverable` MCP tool with `deliverable_type: "CODE_ANALYSIS"` and your complete markdown report as the `content`
 **EXECUTION PATTERN:**
 1. **Use TodoWrite to create task list** tracking: Phase 1 agents, Phase 2 agents, and report synthesis
@@ -381,7 +385,7 @@ A component is **out-of-scope** if it **cannot** be invoked through the running
   - Phase 3: Synthesis and report generation completed
 2. **Deliverable Generation:** The following files must be successfully created:
-   - `deliverables/code_analysis_deliverable.md` (Created using save_deliverable script with CODE_ANALYSIS type)
+   - `deliverables/code_analysis_deliverable.md` (Created using save_deliverable MCP tool with CODE_ANALYSIS type)
   - `outputs/schemas/` directory with all discovered schema files copied (if any schemas found)
 3. **TodoWrite Completion:** All tasks in your todo list must be marked as completed
--- a/prompts/recon.txt
+++ b/prompts/recon.txt
@@ -60,9 +60,12 @@ Please use these tools for the following use cases:
 - Task tool: **MANDATORY for ALL source code analysis.** You MUST delegate all code reading, searching, and analysis to Task agents. DO NOT use Read, Glob, or Grep tools for source code.
 - {{MCP_SERVER}} (Playwright): To interact with the live web application at the target.
  - **CRITICAL RULE:** For all browser interactions, you MUST use the {{MCP_SERVER}} (Playwright).
- Bash tool: Your primary tool for executing shell commands. Use it for simple, non-intrusive commands and, most importantly, for **saving your final deliverable** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves your reconnaissance deliverable file.
-  - **Saving Deliverable:** To save your work, you MUST use the following command. The script handles correct naming and validates output. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your reconnaissance report:** `node save_deliverable.js RECON 'your complete markdown report'`
+    - `deliverable_type`: "RECON" (required)
    - `content`: Your complete markdown report (required)
  - **Returns:** `{ status: "success", filepath: "..." }` on success or `{ status: "error", message: "..." }` on failure
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 **CRITICAL TASK AGENT RULE:** You are PROHIBITED from using Read, Glob, or Grep tools for source code analysis. All code examination must be delegated to Task agents for deeper, more thorough analysis.
 </available_tools>
@@ -388,5 +391,5 @@ Vulnerability Sources by Type
 </deliverable_instructions>
 <conclusion_trigger>
-Once you have saved the complete deliverable using the save_deliverable script (`node save_deliverable.js RECON 'your report'`), your phase is complete. Announce "RECONNAISSANCE COMPLETE" and await further instructions.
+Once you have saved the complete deliverable using the save_deliverable MCP tool with `deliverable_type: "RECON"` and your complete report as the `content`, your phase is complete. Announce "RECONNAISSANCE COMPLETE" and await further instructions.
 </conclusion_trigger>
--- a/prompts/vuln-auth.txt
+++ b/prompts/vuln-auth.txt
@@ -78,10 +78,13 @@ An **exploitable vulnerability** is a logical flaw in the code that represents a
 **Available Tools:**
 - **Task Agent (Code Analysis):** Your primary tool. Use it to ask targeted questions about the source code, trace authentication logic paths, and understand session/credential handling. MANDATORY for all source code analysis.
- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual API requests with `curl` to probe endpoint behavior and, most importantly, for **saving your final deliverables** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves deliverable files with automatic validation.
-  - **Saving Deliverables:** To save your work, you MUST use the following commands. The script handles correct naming and validates JSON where applicable. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your analysis report:** `node save_deliverable.js AUTH_ANALYSIS 'your complete markdown report'`
+    - `deliverable_type`: "AUTH_ANALYSIS" or "AUTH_QUEUE" (required)
-    - **For your exploitation queue:** `node save_deliverable.js AUTH_QUEUE '{"vulnerabilities": [...]}'`
+    - `content`: Your markdown report or JSON queue (required)
  - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure
  - **Usage:** Call the tool with your deliverable type and content. Queue files must have `{"vulnerabilities": [...]}` structure and will be validated automatically.
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 - **{{MCP_SERVER}} (Playwright):** To interact with the live web application to understand multi-step flows like password reset or registration.
 - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create a todo item for each endpoint/flow that needs analysis. Mark items as "in_progress" when working on them and "completed" when done.
 </available_tools>
@@ -238,9 +241,9 @@ These components were analyzed and found to have robust defenses. They are low-p
 <exploitation_queue_requirements>
 **Exploitation Queue (MANDATORY)**
-Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable script:
+Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable MCP tool:
- **If vulnerabilities found:** Use `node save_deliverable.js AUTH_QUEUE '{"vulnerabilities": [...]}'` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access.
+- **If vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "AUTH_QUEUE"` and `content: {"vulnerabilities": [...]}` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access.
- **If no vulnerabilities found:** Use `node save_deliverable.js AUTH_QUEUE '{"vulnerabilities": []}'`.
+- **If no vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "AUTH_QUEUE"` and `content: {"vulnerabilities": []}`.
 - **QUEUE INCLUSION CRITERIA:** ONLY include vulnerabilities where `externally_exploitable = true`. Exclude any vulnerability requiring internal network access, VPN, or direct server access.
 This file serves as the handoff mechanism and must always be created to signal completion.
 </exploitation_queue_requirements>
@@ -249,9 +252,9 @@ This file serves as the handoff mechanism and must always be created to signal c
 **COMPLETION REQUIREMENTS (ALL must be satisfied):**
 1.  **Systematic Analysis:** ALL relevant API endpoints and user-facing features identified in the reconnaissance deliverable must be analyzed for AuthN/AuthZ flaws.
-2.  **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable script:
+2.  **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable MCP tool:
-    - Analysis report: `node save_deliverable.js AUTH_ANALYSIS 'your report'`
+    - Analysis report: Use `save_deliverable` MCP tool with `deliverable_type: "AUTH_ANALYSIS"` and your report as `content`
-    - Exploitation queue: `node save_deliverable.js AUTH_QUEUE '{"vulnerabilities": [...]}'`
+    - Exploitation queue: Use `save_deliverable` MCP tool with `deliverable_type: "AUTH_QUEUE"` and `content: {"vulnerabilities": [...]}`
 **ONLY AFTER** both systematic analysis AND successful deliverable generation, announce "**AUTH ANALYSIS COMPLETE**" and stop.
 </conclusion_trigger>
--- a/prompts/vuln-authz.txt
+++ b/prompts/vuln-authz.txt
@@ -82,10 +82,13 @@ An **exploitable vulnerability** is a logical flaw in the code that represents a
 **Available Tools:**
 - **Task Agent (Code Analysis):** Your primary tool. Use it to ask targeted questions about the source code, trace authorization logic paths, and understand permission models. MANDATORY for all source code analysis.
- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual API requests with `curl` to probe endpoint behavior and, most importantly, for **saving your final deliverables** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves deliverable files with automatic validation.
-  - **Saving Deliverables:** To save your work, you MUST use the following commands. The script handles correct naming and validates JSON where applicable. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your analysis report:** `node save_deliverable.js AUTHZ_ANALYSIS 'your complete markdown report'`
+    - `deliverable_type`: "AUTHZ_ANALYSIS" or "AUTHZ_QUEUE" (required)
-    - **For your exploitation queue:** `node save_deliverable.js AUTHZ_QUEUE '{"vulnerabilities": [...]}'`
+    - `content`: Your markdown report or JSON queue (required)
  - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure
  - **Usage:** Call the tool with your deliverable type and content. Queue files must have `{"vulnerabilities": [...]}` structure and will be validated automatically.
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 - **{{MCP_SERVER}} (Playwright):** To interact with the live web application to understand multi-step flows and role-based access controls.
 - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create a todo item for each endpoint that needs authorization analysis. Mark items as "in_progress" when working on them and "completed" when done.
 </available_tools>
@@ -342,9 +345,9 @@ examples:
 <exploitation_queue_requirements>
 **Exploitation Queue (MANDATORY)**
-Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable script:
+Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable MCP tool:
- **If vulnerabilities found:** Use `node save_deliverable.js AUTHZ_QUEUE '{"vulnerabilities": [...]}'` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access.
+- **If vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "AUTHZ_QUEUE"` and `content: {"vulnerabilities": [...]}` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access.
- **If no vulnerabilities found:** Use `node save_deliverable.js AUTHZ_QUEUE '{"vulnerabilities": []}'`.
+- **If no vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "AUTHZ_QUEUE"` and `content: {"vulnerabilities": []}`.
 - **QUEUE INCLUSION CRITERIA:** ONLY include vulnerabilities where `externally_exploitable = true`. Exclude any vulnerability requiring internal network access, VPN, or direct server access.
 This file serves as the handoff mechanism and must always be created to signal completion.
 </exploitation_queue_requirements>
@@ -353,9 +356,9 @@ This file serves as the handoff mechanism and must always be created to signal c
 **COMPLETION REQUIREMENTS (ALL must be satisfied):**
 1. **Todo Completion:** ALL tasks in your TodoWrite list must be marked as "completed"
-2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable script:
+2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable MCP tool:
-   - Analysis report: `node save_deliverable.js AUTHZ_ANALYSIS 'your report'`
+   - Analysis report: Use `save_deliverable` MCP tool with `deliverable_type: "AUTHZ_ANALYSIS"` and your report as `content`
-   - Exploitation queue: `node save_deliverable.js AUTHZ_QUEUE '{"vulnerabilities": [...]}'`
+   - Exploitation queue: Use `save_deliverable` MCP tool with `deliverable_type: "AUTHZ_QUEUE"` and `content: {"vulnerabilities": [...]}`
 **ONLY AFTER** both todo completion AND successful deliverable generation, announce "**AUTHORIZATION ANALYSIS COMPLETE**" and stop.
--- a/prompts/vuln-injection.txt
+++ b/prompts/vuln-injection.txt
@@ -84,10 +84,13 @@ An **exploitable vulnerability** is a confirmed source-to-sink path where the en
 **Available Tools:**
 - **Task Agent (Code Analysis):** Your primary tool. Use it to ask targeted questions about the source code, map query/command construction paths, and verify sanitization coverage. MANDATORY for all source code analysis.
- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual API requests with `curl` to probe injection surfaces and, most importantly, for **saving your final deliverables** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves deliverable files with automatic validation.
-  - **Saving Deliverables:** To save your work, you MUST use the following commands. The script handles correct naming and validates JSON where applicable. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your analysis report:** `node save_deliverable.js INJECTION_ANALYSIS 'your complete markdown report'`
+    - `deliverable_type`: "INJECTION_ANALYSIS" or "INJECTION_QUEUE" (required)
-    - **For your exploitation queue:** `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": [...]}'`
+    - `content`: Your markdown report or JSON queue (required)
  - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure
  - **Usage:** Call the tool with your deliverable type and content. Queue files must have `{"vulnerabilities": [...]}` structure and will be validated automatically.
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 - **{{MCP_SERVER}} (Playwright):** To interact with the live web application to understand multi-step flows like password reset or registration.
 - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create a todo item for each injection source that needs analysis. Mark items as "in_progress" when working on them and "completed" when done.
 </available_tools>
@@ -361,10 +364,10 @@ These input vectors were traced and confirmed to have robust, context-appropriat
 <exploitation_queue_requirements>
 **Exploitation Queue (MANDATORY)**
-Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable script:
+Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable MCP tool:
- **If vulnerabilities found:** Use `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": [...]}'` with each exploitable injection vulnerability (verdict: "vulnerable") following the exploitation_queue_format
+- **If vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_QUEUE"` and `content: {"vulnerabilities": [...]}` with each exploitable injection vulnerability (verdict: "vulnerable") following the exploitation_queue_format
- **If no vulnerabilities found:** Use `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": []}'`
+- **If no vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_QUEUE"` and `content: {"vulnerabilities": []}`
 This file serves as the handoff mechanism to the Exploitation phase and must always be created to signal completion of your analysis.
 </exploitation_queue_requirements>
@@ -373,9 +376,9 @@ This file serves as the handoff mechanism to the Exploitation phase and must alw
 **COMPLETION REQUIREMENTS (ALL must be satisfied):**
 1. **Todo Completion:** ALL tasks in your TodoWrite list must be marked as "completed"
-2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable script:
+2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable MCP tool:
-   - Analysis report: `node save_deliverable.js INJECTION_ANALYSIS 'your report'`
+   - Analysis report: Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_ANALYSIS"` and your report as `content`
-   - Exploitation queue: `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": [...]}'`
+   - Exploitation queue: Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_QUEUE"` and `content: {"vulnerabilities": [...]}`
 **ONLY AFTER** both todo completion AND successful deliverable generation, announce "**INJECTION ANALYSIS COMPLETE**" and stop.
--- a/prompts/vuln-ssrf.txt
+++ b/prompts/vuln-ssrf.txt
@@ -77,10 +77,13 @@ An **exploitable vulnerability** is a data flow where user-controlled input infl
 **Available Tools:**
 - **Task Agent (Code Analysis):** Your primary tool. Use it to ask targeted questions about the source code, trace data flows, and understand HTTP client usage. MANDATORY for all source code analysis.
- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual HTTP requests with `curl` to test endpoint behavior and, most importantly, for **saving your final deliverables** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves deliverable files with automatic validation.
-  - **Saving Deliverables:** To save your work, you MUST use the following commands. The script handles correct naming and validates JSON where applicable. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your analysis report:** `node save_deliverable.js SSRF_ANALYSIS 'your complete markdown report'`
+    - `deliverable_type`: "SSRF_ANALYSIS" or "SSRF_QUEUE" (required)
-    - **For your exploitation queue:** `node save_deliverable.js SSRF_QUEUE '{"vulnerabilities": [...]}'`
+    - `content`: Your markdown report or JSON queue (required)
  - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure
  - **Usage:** Call the tool with your deliverable type and content. Queue files must have `{"vulnerabilities": [...]}` structure and will be validated automatically.
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 - **{{MCP_SERVER}} (Playwright):** To interact with the live web application to understand multi-step flows that might involve URL redirection or proxy functionality.
 - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create a todo item for each SSRF sink that needs analysis. Mark items as "in_progress" when working on them and "completed" when done.
 </available_tools>
@@ -285,9 +288,9 @@ These components were analyzed and found to have robust defenses. They are low-p
 <exploitation_queue_requirements>
 **Exploitation Queue (MANDATORY)**
-Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable script:
+Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable MCP tool:
- **If vulnerabilities found:** Use `node save_deliverable.js SSRF_QUEUE '{"vulnerabilities": [...]}'` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access.
+- **If vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "SSRF_QUEUE"` and `content: {"vulnerabilities": [...]}` with each confirmed hypothesis following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access.
- **If no vulnerabilities found:** Use `node save_deliverable.js SSRF_QUEUE '{"vulnerabilities": []}'`.
+- **If no vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "SSRF_QUEUE"` and `content: {"vulnerabilities": []}`.
 - **QUEUE INCLUSION CRITERIA:** ONLY include vulnerabilities where `externally_exploitable = true`. Exclude any vulnerability requiring internal network access, VPN, or direct server access.
 This file serves as the handoff mechanism and must always be created to signal completion.
 </exploitation_queue_requirements>
@@ -296,9 +299,9 @@ This file serves as the handoff mechanism and must always be created to signal c
 **COMPLETION REQUIREMENTS (ALL must be satisfied):**
 1.  **Systematic Analysis:** ALL relevant API endpoints and request-making features identified in the reconnaissance deliverable must be analyzed for SSRF vulnerabilities.
-2.  **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable script:
+2.  **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable MCP tool:
-    - Analysis report: `node save_deliverable.js SSRF_ANALYSIS 'your report'`
+    - Analysis report: Use `save_deliverable` MCP tool with `deliverable_type: "SSRF_ANALYSIS"` and your report as `content`
-    - Exploitation queue: `node save_deliverable.js SSRF_QUEUE '{"vulnerabilities": [...]}'`
+    - Exploitation queue: Use `save_deliverable` MCP tool with `deliverable_type: "SSRF_QUEUE"` and `content: {"vulnerabilities": [...]}`
 **ONLY AFTER** both systematic analysis AND successful deliverable generation, announce "**SSRF ANALYSIS COMPLETE**" and stop.
 </conclusion_trigger>
--- a/prompts/vuln-xss.txt
+++ b/prompts/vuln-xss.txt
@@ -82,10 +82,13 @@ An **exploitable vulnerability** is a confirmed source-to-sink path where the en
 - **Terminal (curl):** MANDATORY for testing HTTP-based XSS vectors and observing raw HTML responses. Use for reflected XSS testing and JSONP injection testing.
 - **{{MCP_SERVER}} (Playwright):** MANDATORY for testing DOM-based XSS and form submission vectors. Use for stored XSS testing and client-side payload execution verification.
 - **TodoWrite Tool:** Use this to create and manage your analysis task list. Create a todo item for each sink you need to analyze.
- **Bash tool:** Your primary tool for executing shell commands. Use it for testing XSS vectors with `curl` and, most importantly, for **saving your final deliverables** by executing the `save_deliverable.js` script.
+- **save_deliverable (MCP Tool):** Saves deliverable files with automatic validation.
-  - **Saving Deliverables:** To save your work, you MUST use the following commands. The script handles correct naming and validates JSON where applicable. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
+  - **Parameters:**
-    - **For your analysis report:** `node save_deliverable.js XSS_ANALYSIS 'your complete markdown report'`
+    - `deliverable_type`: "XSS_ANALYSIS" or "XSS_QUEUE" (required)
-    - **For your exploitation queue:** `node save_deliverable.js XSS_QUEUE '{"vulnerabilities": [...]}'`
+    - `content`: Your markdown report or JSON queue (required)
  - **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure
  - **Usage:** Call the tool with your deliverable type and content. Queue files must have `{"vulnerabilities": [...]}` structure and will be validated automatically.
 - **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
 </available_tools>
 <data_format_specifications>
@@ -268,13 +271,13 @@ These input vectors were traced and confirmed to have robust, context-appropriat
 ## Exploitation Queue (MANDATORY)
-Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable script.
+Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable MCP tool.
 - **If exploitable vulnerabilities found:**
-  Use `node save_deliverable.js XSS_QUEUE '{"vulnerabilities": [...]}'` with each exploitable XSS vulnerability (verdict: "vulnerable") following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access.
+  Use `save_deliverable` MCP tool with `deliverable_type: "XSS_QUEUE"` and `content: {"vulnerabilities": [...]}` with each exploitable XSS vulnerability (verdict: "vulnerable") following the `exploitation_queue_format`. Set `externally_exploitable` to `true` ONLY if exploitable via public internet without internal access.
 - **If no exploitable vulnerabilities found:**
-  Use `node save_deliverable.js XSS_QUEUE '{"vulnerabilities": []}'`
+  Use `save_deliverable` MCP tool with `deliverable_type: "XSS_QUEUE"` and `content: {"vulnerabilities": []}`
 - **QUEUE INCLUSION CRITERIA:** ONLY include vulnerabilities where `externally_exploitable = true`. Exclude any vulnerability requiring internal network access, VPN, or direct server access.
@@ -285,9 +288,9 @@ This file is the mandatory handoff to the Exploitation phase.
 COMPLETION REQUIREMENTS (ALL must be satisfied):
 1. Systematic Analysis: ALL input vectors identified from the reconnaissance deliverable must be analyzed.
-2. Deliverable Generation: Both required deliverables must be successfully saved using save_deliverable script:
+2. Deliverable Generation: Both required deliverables must be successfully saved using save_deliverable MCP tool:
-   - Analysis report: `node save_deliverable.js XSS_ANALYSIS 'your report'`
+   - Analysis report: Use `save_deliverable` MCP tool with `deliverable_type: "XSS_ANALYSIS"` and your report as `content`
-   - Exploitation queue: `node save_deliverable.js XSS_QUEUE '{"vulnerabilities": [...]}'`
+   - Exploitation queue: Use `save_deliverable` MCP tool with `deliverable_type: "XSS_QUEUE"` and `content: {"vulnerabilities": [...]}`
 ONLY AFTER both systematic analysis AND successful deliverable generation, announce "XSS ANALYSIS COMPLETE" and stop.
 </conclusion_trigger>
--- a/src/ai/claude-executor.js
+++ b/src/ai/claude-executor.js
@@ -1,15 +1,49 @@
 import { $, fs, path } from 'zx';
 import chalk from 'chalk';
-import { query } from '@anthropic-ai/claude-code';
+import { query } from '@anthropic-ai/claude-agent-sdk';
 import { fileURLToPath } from 'url';
 import { dirname } from 'path';
 import { isRetryableError, getRetryDelay, PentestError } from '../error-handling.js';
 import { ProgressIndicator } from '../progress-indicator.js';
 import { timingResults, costResults, Timer, formatDuration } from '../utils/metrics.js';
 import { createGitCheckpoint, commitGitSuccess, rollbackGitWorkspace } from '../utils/git-manager.js';
-import { AGENT_VALIDATORS } from '../constants.js';
+import { AGENT_VALIDATORS, MCP_AGENT_MAPPING } from '../constants.js';
 import { filterJsonToolCalls, getAgentPrefix } from '../utils/output-formatter.js';
 import { generateSessionLogPath } from '../session-manager.js';
 import { AuditSession } from '../audit/index.js';
 import { createShannonHelperServer } from '../../mcp-server/src/index.js';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = dirname(__filename);
 /**
 * Convert agent name to prompt name for MCP_AGENT_MAPPING lookup
 *
 * @param {string} agentName - Agent name (e.g., 'xss-vuln', 'injection-exploit')
 * @returns {string} Prompt name (e.g., 'vuln-xss', 'exploit-injection')
 */
 function agentNameToPromptName(agentName) {
  // Special cases
  if (agentName === 'pre-recon') return 'pre-recon-code';
  if (agentName === 'report') return 'report-executive';
  if (agentName === 'recon') return 'recon';
  // Pattern: {type}-vuln → vuln-{type}
  const vulnMatch = agentName.match(/^(.+)-vuln$/);
  if (vulnMatch) {
    return `vuln-${vulnMatch[1]}`;
  }
  // Pattern: {type}-exploit → exploit-{type}
  const exploitMatch = agentName.match(/^(.+)-exploit$/);
  if (exploitMatch) {
    return `exploit-${exploitMatch[1]}`;
  }
  // Default: return as-is
  return agentName;
 }
 // Simplified validation using direct agent name mapping
 async function validateAgentOutput(result, agentName, sourceDir) {
@@ -57,7 +91,7 @@ async function validateAgentOutput(result, agentName, sourceDir) {
 // - Output validation
 // - Prompt snapshotting for debugging
 // - Git checkpoint/rollback safety
-async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context = '', description = 'Claude analysis', colorFn = chalk.cyan, sessionMetadata = null, auditSession = null, attemptNumber = 1) {
+async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context = '', description = 'Claude analysis', agentName = null, colorFn = chalk.cyan, sessionMetadata = null, auditSession = null, attemptNumber = 1) {
  const timer = new Timer(`agent-${description.toLowerCase().replace(/\s+/g, '-')}`);
  const fullPrompt = context ? `${context}\n\n${prompt}` : prompt;
  let totalCost = 0;
@@ -95,12 +129,50 @@ async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context
    console.log(chalk.blue(`  🤖 Running Claude Code: ${description}...`));
  }
  // Declare variables that need to be accessible in both try and catch blocks
  let turnCount = 0;
  try {
    // Create MCP server with target directory context
    const shannonHelperServer = createShannonHelperServer(sourceDir);
    // Look up agent's assigned Playwright MCP server
    // Convert agent name (e.g., 'xss-vuln') to prompt name (e.g., 'vuln-xss')
    let playwrightMcpName = null;
    if (agentName) {
      const promptName = agentNameToPromptName(agentName);
      playwrightMcpName = MCP_AGENT_MAPPING[promptName];
      if (playwrightMcpName) {
        console.log(chalk.gray(`    🎭 Assigned ${agentName} → ${playwrightMcpName}`));
      }
    }
    // Configure MCP servers: shannon-helper (SDK) + playwright-agentN (stdio)
    const mcpServers = {
      'shannon-helper': shannonHelperServer,
    };
    // Add Playwright MCP server if this agent needs browser automation
    if (playwrightMcpName) {
      const userDataDir = `/tmp/${playwrightMcpName}`;
      mcpServers[playwrightMcpName] = {
        type: 'stdio',
        command: 'npx',
        args: ['@playwright/mcp@latest', '--isolated', '--user-data-dir', userDataDir],
        env: {
          ...process.env,
          PLAYWRIGHT_HEADLESS: 'true', // Ensure headless mode for security and CI compatibility
        },
      };
    }
    const options = {
      model: 'claude-sonnet-4-5-20250929', // Use latest Claude 4.5 Sonnet
      maxTurns: 10_000, // Maximum turns for autonomous work
      cwd: sourceDir, // Set working directory using SDK option
      permissionMode: 'bypassPermissions', // Bypass all permission checks for pentesting
      mcpServers,
    };
    // SDK Options only shown for verbose agents (not clean output)
@@ -110,7 +182,6 @@ async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context
    let result = null;
    let messages = [];
    let turnCount = 0;
    let apiErrorDetected = false;
    // Start progress indicator for clean output agents
@@ -118,9 +189,15 @@ async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context
      progressIndicator.start();
    }
-    for await (const message of query({ prompt: fullPrompt, options })) {
+
    let messageCount = 0;
    try {
      for await (const message of query({ prompt: fullPrompt, options })) {
        messageCount++;
      if (message.type === "assistant") {
        turnCount++;
        const content = Array.isArray(message.message.content)
          ? message.message.content.map(c => c.text || JSON.stringify(c)).join('\n')
          : message.message.content;
@@ -290,6 +367,9 @@ async function runClaudePrompt(prompt, sourceDir, allowedTools = 'Read', context
        // Log any other message types we might not be handling
        console.log(chalk.gray(`    💬 ${message.type}: ${JSON.stringify(message, null, 2)}`));
      }
      }
    } catch (queryError) {
      throw queryError; // Re-throw to outer catch
    }
    const duration = timer.stop();
@@ -467,7 +547,7 @@ export async function runClaudePromptWithRetry(prompt, sourceDir, allowedTools =
    }
    try {
-      const result = await runClaudePrompt(prompt, sourceDir, allowedTools, retryContext, description, colorFn, sessionMetadata, auditSession, attempt);
+      const result = await runClaudePrompt(prompt, sourceDir, allowedTools, retryContext, description, agentName, colorFn, sessionMetadata, auditSession, attempt);
      // Validate output after successful run
      if (result.success) {
--- a/src/setup/environment.js
+++ b/src/setup/environment.js
@@ -109,37 +109,8 @@ export async function setupLocalRepo(repoPath) {
      // Non-fatal - continue without Git setup
    }
-    // Copy tools to local repository for agent accessibility
+    // MCP tools (save_deliverable, generate_totp) are now available natively via shannon-helper MCP server
-    try {
+    // No need to copy bash scripts to target repository
      const toolsDir = path.join(import.meta.dirname, '..', '..', 'tools');
      // Copy TOTP generation script
      const totpScriptSource = path.join(toolsDir, 'generate-totp-standalone.mjs');
      const totpScriptDest = path.join(sourceDir, 'generate-totp.mjs');
      if (await fs.pathExists(totpScriptSource)) {
        await fs.copy(totpScriptSource, totpScriptDest);
        await fs.chmod(totpScriptDest, '755'); // Make executable
        console.log(chalk.green('✅ TOTP generation script copied to target repository'));
      } else {
        console.log(chalk.yellow('⚠️ TOTP script not found, authentication may fail if TOTP is required'));
      }
      // Copy save_deliverable tool
      const saveDeliverableSource = path.join(toolsDir, 'save_deliverable.js');
      const saveDeliverableDest = path.join(sourceDir, 'save_deliverable.js');
      if (await fs.pathExists(saveDeliverableSource)) {
        await fs.copy(saveDeliverableSource, saveDeliverableDest);
        await fs.chmod(saveDeliverableDest, '755'); // Make executable
        console.log(chalk.green('✅ save_deliverable tool copied to target repository'));
      } else {
        console.log(chalk.yellow('⚠️ save_deliverable tool not found, deliverable creation may fail'));
      }
    } catch (toolError) {
      console.log(chalk.yellow(`⚠️ Failed to copy tools: ${toolError.message}`));
      // Non-fatal - continue without tools
    }
    return sourceDir;
  } catch (error) {
--- a/tools/deprecated/generate-totp-standalone.mjs
+++ b/tools/deprecated/generate-totp-standalone.mjs
--- a/tools/deprecated/save_deliverable.js
+++ b/tools/deprecated/save_deliverable.js