English | 中文
An MCP (Model Context Protocol) server with a runtime-registry-driven catalog of built-in tools for AI-assisted JavaScript analysis and security analysis. It combines browser automation, Chrome DevTools Protocol debugging, network monitoring, intelligent JavaScript hooks, LLM-powered code analysis, process and memory inspection, WASM tooling, source-map reconstruction, AST transforms, and composite workflows in a single server.
- 🤖 AI-Driven Analysis: Leverage LLMs for intelligent JavaScript deobfuscation, cryptographic algorithm detection, and AST-level code comprehension.
- ⚡ Search-First Context Efficiency: BM25-powered
search_tools+ dynamic boosts cut jshook's tool-schema init delta from ~40.0K+ tokens (full) to ~3.0K (search) (Claude server-side count; excludes Claude Code base prompt). - 🎯 Progressive Capability Tiers: Three built-in profiles (
search/workflow/full), withsearchas the default base tier for on-demand capability scaling. - 🌐 Full-Stack Automation: Seamlessly orchestrate Chromium/Camoufox browsers, CDP debugging, and network interception as atomic actions.
- 🛡️ Advanced Anti-Debug: Built-in evasion for debugger statements, timing checks, and strict headless bot fingerprinting techniques.
- 🧩 Dynamic Extensibility: Hot-reload plugins and workflows from local directories without recompiling the core server.
- 🔧 Zero-Wiring Extensibility: Auto-discovered domains via
manifest.ts, lazy handler instantiation, and B-Skeleton contracts for plugins/workflows. - 🛠️ Reverse Engineering Toolchain: Integrated WASM disassembly, binary entropy analysis, in-memory scanning, and bridges for Burp Suite/Ghidra/IDA Pro.
Provides a comprehensive suite of tools for AI-assisted JavaScript analysis, browser automation, CDP debugging, network interception, memory analysis, and more.
- Progressive Tool Discovery:
search_toolsmeta-tool (BM25 ranking) +activate_tools/activate_domain+ profile-based tier upgrades (boost_profile) - Search-tier behavior:
search_toolsonly searches and ranks results; it does not auto-runactivate_tools, and it does not auto-runboost_profile. Preferred chain:search_tools -> activate_tools / activate_domain -> boost_profile only when needed - Do not boost for one tool:
activate_toolscan register exact tools across tiers from the current base tier;boost_profileis better when you expect to reuse a broad family of related tools repeatedly - Lazy Domain Initialization: Handler classes instantiated via Proxy on first invocation, not during startup
- Domain Self-Discovery: Runtime manifest scanning (
domains/*/manifest.ts) replaces hardcoded imports; add new domains by creating a single manifest file - B-Skeleton Contracts: Extensibility contracts for plugins (
PluginContract), workflows (WorkflowContract), and observability (InstrumentationContract) - MCP ToolAnnotations: Every tool carries semantic annotations (
readOnlyHint,destructiveHint,idempotentHint,openWorldHint) enabling AI orchestrators to reason about tool safety and side-effects before invocation - Context Efficiency Benchmark: Built-in tool-schema init delta (Claude server-side count):
search≈ 3K tokens vsfull≈ 40K+ tokens; values change as tools/descriptions evolve
The built-in surface below is generated from the runtime registry and checked in CI.
- Package version:
0.2.6 - Domains:
adb-bridge,antidebug,binary-instrument,boringssl-inspector,browser,canvas,coordination,core,cross-domain,debugger,encoding,evidence,extension-registry,graphql,hooks,instrumentation,macro,maintenance,memory,mojo-ipc,network,platform,process,protocol-analysis,proxy,sandbox,shared-state-board,skia-capture,sourcemap,streaming,syscall-hook,trace,transform,v8-inspector,wasm,workflow - Note: this snapshot is generated from the runtime registry; do not edit the counts by hand.
