diff --git a/apps/catalog/src/components/ResultList.astro b/apps/catalog/src/components/ResultList.astro index c987c0c1..ce787ead 100644 --- a/apps/catalog/src/components/ResultList.astro +++ b/apps/catalog/src/components/ResultList.astro @@ -55,6 +55,17 @@ const initialRows = rows.slice(0, 24); )}
{row.description}
diff --git a/apps/catalog/src/data/official-catalog.json b/apps/catalog/src/data/official-catalog.json index 6a9c2dd5..5c528a2b 100644 --- a/apps/catalog/src/data/official-catalog.json +++ b/apps/catalog/src/data/official-catalog.json @@ -1273,10 +1273,10 @@ }, "sourcePath": "neon/CAPLET.md", "trustLevel": "official", - "contentMarkdown": "---\n# yaml-language-server: $schema=https://caplets.dev/caplet.schema.json\nname: Neon\ndescription: Inspect and manage Neon Postgres organizations, projects, branches, databases, roles, queries, and docs through Neon's hosted MCP server.\ntags:\n - neon\n - postgres\n - database\n - branches\n - sql\ncatalog:\n icon: https://neon.com/favicon.ico\nmcpServer:\n url: https://mcp.neon.tech/mcp\n auth:\n type: oauth2\n---\n\n# Neon\n\nUse this Caplet when an agent needs live Neon Postgres context for projects, branches, databases, roles, SQL queries, connection details, or Neon documentation.\n\n## First Workflow\n\n1. Start by confirming the Neon organization, project, branch, database, and role before querying state.\n2. Inspect branch, schema, migration, and query context before suggesting SQL or project changes.\n3. Scope the MCP URL after install with `projectId`, `readonly=true`, or `category` query parameters when the task has a narrow target.\n4. Use read-only analysis for query tuning, schema review, and branch discovery before executing SQL.\n5. Summarize the target branch, database, role, SQL, and expected data effect before mutating anything.\n\n## Operate Carefully\n\n- Neon recommends MCP usage for development and testing. Do not connect production databases or PII-bearing projects unless the operator has explicitly accepted that risk.\n- SQL and branch operations can alter data, credentials, costs, or application behavior. Confirm exact targets before writes.\n- Keep connection strings and role credentials out of summaries.\n- Avoid this Caplet when the task only needs local migration files, ORMs, or application code.\n", + "contentMarkdown": "---\n# yaml-language-server: $schema=https://caplets.dev/caplet.schema.json\nname: Neon\ndescription: Inspect and manage Neon Postgres organizations, projects, branches, databases, roles, queries, and docs through Neon's hosted MCP server.\ntags:\n - neon\n - postgres\n - database\n - branches\n - sql\ncatalog:\n icon: https://neon.com/apple-touch-icon.png\nmcpServer:\n url: https://mcp.neon.tech/mcp\n auth:\n type: oauth2\n---\n\n# Neon\n\nUse this Caplet when an agent needs live Neon Postgres context for projects, branches, databases, roles, SQL queries, connection details, or Neon documentation.\n\n## First Workflow\n\n1. Start by confirming the Neon organization, project, branch, database, and role before querying state.\n2. Inspect branch, schema, migration, and query context before suggesting SQL or project changes.\n3. Scope the MCP URL after install with `projectId`, `readonly=true`, or `category` query parameters when the task has a narrow target.\n4. Use read-only analysis for query tuning, schema review, and branch discovery before executing SQL.\n5. Summarize the target branch, database, role, SQL, and expected data effect before mutating anything.\n\n## Operate Carefully\n\n- Neon recommends MCP usage for development and testing. Do not connect production databases or PII-bearing projects unless the operator has explicitly accepted that risk.\n- SQL and branch operations can alter data, credentials, costs, or application behavior. Confirm exact targets before writes.\n- Keep connection strings and role credentials out of summaries.\n- Avoid this Caplet when the task only needs local migration files, ORMs, or application code.\n", "icon": { "type": "url", - "url": "https://neon.com/favicon.ico" + "url": "https://neon.com/apple-touch-icon.png" }, "tags": [ "branches", @@ -1321,10 +1321,10 @@ }, "sourcePath": "notion/CAPLET.md", "trustLevel": "official", - "contentMarkdown": "---\n# yaml-language-server: $schema=https://caplets.dev/caplet.schema.json\nname: Notion\ndescription: Search, fetch, create, update, move, duplicate, and query Notion workspace pages, databases, views, and connected content through Notion's hosted MCP server.\ntags:\n - notion\n - docs\n - knowledge\n - tasks\n - workspace\ncatalog:\n icon: https://www.notion.com/images/notion-logo-block-main.svg\nmcpServer:\n url: https://mcp.notion.com/mcp\n auth:\n type: oauth2\n---\n\n# Notion\n\nUse this Caplet when an agent needs live Notion workspace context for pages, databases, data sources, views, tasks, docs, search, or workspace knowledge.\n\n## First Workflow\n\n1. Start with exact page URLs, database IDs, data source IDs, teamspace names, or search terms instead of broad workspace scans.\n2. Fetch the target page, database, view, or `self` context before creating or updating content.\n3. Inspect database properties, templates, and view filters before changing page properties, views, or data sources.\n4. Confirm the parent page, database, move target, duplicate target, and visible workspace effect before writes.\n\n## Operate Carefully\n\n- Notion MCP can read and write with the connected user's workspace access. Enable human confirmation for workflows that create, update, move, or duplicate content.\n- Treat search results and connected workspace content as potentially sensitive and vulnerable to prompt injection.\n- Keep private page content, customer data, and internal planning details out of unnecessary summaries.\n- Avoid this Caplet when the task only needs local Markdown files or static Notion API documentation.\n", + "contentMarkdown": "---\n# yaml-language-server: $schema=https://caplets.dev/caplet.schema.json\nname: Notion\ndescription: Search, fetch, create, update, move, duplicate, and query Notion workspace pages, databases, views, and connected content through Notion's hosted MCP server.\ntags:\n - notion\n - docs\n - knowledge\n - tasks\n - workspace\ncatalog:\n icon: https://www.notion.so/images/favicon.ico\nmcpServer:\n url: https://mcp.notion.com/mcp\n auth:\n type: oauth2\n---\n\n# Notion\n\nUse this Caplet when an agent needs live Notion workspace context for pages, databases, data sources, views, tasks, docs, search, or workspace knowledge.\n\n## First Workflow\n\n1. Start with exact page URLs, database IDs, data source IDs, teamspace names, or search terms instead of broad workspace scans.\n2. Fetch the target page, database, view, or `self` context before creating or updating content.\n3. Inspect database properties, templates, and view filters before changing page properties, views, or data sources.\n4. Confirm the parent page, database, move target, duplicate target, and visible workspace effect before writes.\n\n## Operate Carefully\n\n- Notion MCP can read and write with the connected user's workspace access. Enable human confirmation for workflows that create, update, move, or duplicate content.\n- Treat search results and connected workspace content as potentially sensitive and vulnerable to prompt injection.\n- Keep private page content, customer data, and internal planning details out of unnecessary summaries.\n- Avoid this Caplet when the task only needs local Markdown files or static Notion API documentation.\n", "icon": { "type": "url", - "url": "https://www.notion.com/images/notion-logo-block-main.svg" + "url": "https://www.notion.so/images/favicon.ico" }, "tags": [ "docs", @@ -1769,10 +1769,10 @@ }, "sourcePath": "sourcegraph/CAPLET.md", "trustLevel": "official", - "contentMarkdown": "---\n# yaml-language-server: $schema=https://caplets.dev/caplet.schema.json\nname: Sourcegraph\ndescription: Search and inspect code across Sourcegraph using its MCP endpoint for repository-aware coding workflows.\ntags:\n - sourcegraph\n - code-search\n - mcp\ncatalog:\n icon: https://sourcegraph.com/favicon.ico\nmcpServer:\n url: https://sourcegraph.com/.api/mcp\n auth:\n type: oauth2\n---\n\n# Sourcegraph\n\nUse this Caplet when the agent needs broad code search, repository navigation, or cross-repository context from Sourcegraph.\n\n## First Workflow\n\n1. Start with a precise symbol, file path, package name, migration pattern, or repository filter.\n2. Inspect representative matches before generalizing across repositories.\n3. Use references and examples to guide local implementation, then verify against the target repo.\n4. Bring back code-search evidence with enough source context for review or planning.\n\n## Operate Carefully\n\n- Sourcegraph answers are only as current as the indexed repositories.\n- Do not use broad search as a substitute for reading the local repository when it is available.\n- For self-managed Sourcegraph, make sure the runtime is pointed at the intended host before using private code search.\n", + "contentMarkdown": "---\n# yaml-language-server: $schema=https://caplets.dev/caplet.schema.json\nname: Sourcegraph\ndescription: Search and inspect code across Sourcegraph using its MCP endpoint for repository-aware coding workflows.\ntags:\n - sourcegraph\n - code-search\n - mcp\ncatalog:\n icon: https://sourcegraph.com/.assets/img/sourcegraph-mark.svg\nmcpServer:\n url: https://sourcegraph.com/.api/mcp\n auth:\n type: oauth2\n---\n\n# Sourcegraph\n\nUse this Caplet when the agent needs broad code search, repository navigation, or cross-repository context from Sourcegraph.\n\n## First Workflow\n\n1. Start with a precise symbol, file path, package name, migration pattern, or repository filter.\n2. Inspect representative matches before generalizing across repositories.\n3. Use references and examples to guide local implementation, then verify against the target repo.\n4. Bring back code-search evidence with enough source context for review or planning.\n\n## Operate Carefully\n\n- Sourcegraph answers are only as current as the indexed repositories.\n- Do not use broad search as a substitute for reading the local repository when it is available.\n- For self-managed Sourcegraph, make sure the runtime is pointed at the intended host before using private code search.\n", "icon": { "type": "url", - "url": "https://sourcegraph.com/favicon.ico" + "url": "https://sourcegraph.com/.assets/img/sourcegraph-mark.svg" }, "tags": [ "code-search", @@ -1863,10 +1863,10 @@ }, "sourcePath": "supabase/CAPLET.md", "trustLevel": "official", - "contentMarkdown": "---\n# yaml-language-server: $schema=https://caplets.dev/caplet.schema.json\nname: Supabase\ndescription: Inspect and manage Supabase projects, databases, schemas, branches, storage, edge functions, and docs through Supabase's hosted MCP server.\ntags:\n - supabase\n - postgres\n - database\n - backend\n - storage\ncatalog:\n icon: https://supabase.com/favicon.ico\nmcpServer:\n url: https://mcp.supabase.com/mcp\n auth:\n type: oauth2\n---\n\n# Supabase\n\nUse this Caplet when an agent needs Supabase project, database, schema, branch, storage, edge function, auth, or documentation context.\n\n## First Workflow\n\n1. Start by confirming the Supabase organization, project reference, branch, and environment before querying project state.\n2. Prefer read-only discovery of schemas, tables, policies, migrations, functions, and storage buckets before making changes.\n3. Scope high-risk work to a specific project with the `project_ref` query parameter after install when possible.\n4. Use `read_only=true` or feature-group filtering on the MCP URL for investigation-only workflows.\n5. Summarize intended SQL, policy, migration, storage, or function changes before executing them.\n\n## Operate Carefully\n\n- Supabase's own guidance treats MCP access as best suited for development and testing. Do not connect production projects unless the operator has explicitly accepted the risk.\n- Database and auth policy changes can expose data or break applications. Review SQL, RLS policy effects, generated migrations, and branch targets carefully.\n- Avoid handling PII or secrets through agent-visible prompts and logs.\n- Avoid this Caplet when the task only needs local migration files or application code without live Supabase state.\n", + "contentMarkdown": "---\n# yaml-language-server: $schema=https://caplets.dev/caplet.schema.json\nname: Supabase\ndescription: Inspect and manage Supabase projects, databases, schemas, branches, storage, edge functions, and docs through Supabase's hosted MCP server.\ntags:\n - supabase\n - postgres\n - database\n - backend\n - storage\ncatalog:\n icon: https://supabase.com/favicon/favicon-32x32.png\nmcpServer:\n url: https://mcp.supabase.com/mcp\n auth:\n type: oauth2\n---\n\n# Supabase\n\nUse this Caplet when an agent needs Supabase project, database, schema, branch, storage, edge function, auth, or documentation context.\n\n## First Workflow\n\n1. Start by confirming the Supabase organization, project reference, branch, and environment before querying project state.\n2. Prefer read-only discovery of schemas, tables, policies, migrations, functions, and storage buckets before making changes.\n3. Scope high-risk work to a specific project with the `project_ref` query parameter after install when possible.\n4. Use `read_only=true` or feature-group filtering on the MCP URL for investigation-only workflows.\n5. Summarize intended SQL, policy, migration, storage, or function changes before executing them.\n\n## Operate Carefully\n\n- Supabase's own guidance treats MCP access as best suited for development and testing. Do not connect production projects unless the operator has explicitly accepted the risk.\n- Database and auth policy changes can expose data or break applications. Review SQL, RLS policy effects, generated migrations, and branch targets carefully.\n- Avoid handling PII or secrets through agent-visible prompts and logs.\n- Avoid this Caplet when the task only needs local migration files or application code without live Supabase state.\n", "icon": { "type": "url", - "url": "https://supabase.com/favicon.ico" + "url": "https://supabase.com/favicon/favicon-32x32.png" }, "tags": [ "backend", @@ -1911,10 +1911,10 @@ }, "sourcePath": "terraform/CAPLET.md", "trustLevel": "official", - "contentMarkdown": "---\n# yaml-language-server: $schema=https://caplets.dev/caplet.schema.json\nname: Terraform\ndescription: Inspect Terraform Registry providers, modules, policies, and optional HCP Terraform or Terraform Enterprise workspaces through HashiCorp's MCP server.\ntags:\n - terraform\n - infrastructure\n - iac\n - registry\n - hcp\ncatalog:\n icon: https://www.terraform.io/favicon.ico\nsetup:\n verify:\n - label: Check Docker is available\n command: docker\n args:\n - --version\nmcpServer:\n command: docker\n args:\n - run\n - -i\n - --rm\n - hashicorp/terraform-mcp-server:1.0.0\n runtime:\n features:\n - docker\n startupTimeoutMs: 100000\n callTimeoutMs: 300000\n---\n\n# Terraform\n\nUse this Caplet when an agent needs Terraform Registry context for providers, modules, policies, or HCP Terraform and Terraform Enterprise workspace context exposed to the server.\n\n## First Workflow\n\n1. Start with read-only Registry lookups for provider, module, resource, data source, and policy documentation.\n2. Confirm Terraform version, provider source, module source, workspace, organization, and backend assumptions before proposing changes.\n3. Use HCP Terraform or Terraform Enterprise operations only when the server runtime has been configured with the intended token and address.\n4. Review generated Terraform recommendations against project policy, security, cost, and compliance requirements before implementation.\n\n## Operate Carefully\n\n- Terraform recommendations can affect infrastructure, cost, data access, and compliance once applied. Treat generated plans as suggestions until reviewed against the project.\n- HCP Terraform and Terraform Enterprise tokens should be least-privilege and scoped to the intended organization or workspace.\n- The default catalog entry starts the public Registry-capable Docker server without checked-in HCP credentials.\n- Avoid this Caplet when the task only needs to edit local Terraform files without external provider, module, or workspace context.\n", + "contentMarkdown": "---\n# yaml-language-server: $schema=https://caplets.dev/caplet.schema.json\nname: Terraform\ndescription: Inspect Terraform Registry providers, modules, policies, and optional HCP Terraform or Terraform Enterprise workspaces through HashiCorp's MCP server.\ntags:\n - terraform\n - infrastructure\n - iac\n - registry\n - hcp\ncatalog:\n icon: https://developer.hashicorp.com/favicon.ico\nsetup:\n verify:\n - label: Check Docker is available\n command: docker\n args:\n - --version\nmcpServer:\n command: docker\n args:\n - run\n - -i\n - --rm\n - hashicorp/terraform-mcp-server:1.0.0\n runtime:\n features:\n - docker\n startupTimeoutMs: 100000\n callTimeoutMs: 300000\n---\n\n# Terraform\n\nUse this Caplet when an agent needs Terraform Registry context for providers, modules, policies, or HCP Terraform and Terraform Enterprise workspace context exposed to the server.\n\n## First Workflow\n\n1. Start with read-only Registry lookups for provider, module, resource, data source, and policy documentation.\n2. Confirm Terraform version, provider source, module source, workspace, organization, and backend assumptions before proposing changes.\n3. Use HCP Terraform or Terraform Enterprise operations only when the server runtime has been configured with the intended token and address.\n4. Review generated Terraform recommendations against project policy, security, cost, and compliance requirements before implementation.\n\n## Operate Carefully\n\n- Terraform recommendations can affect infrastructure, cost, data access, and compliance once applied. Treat generated plans as suggestions until reviewed against the project.\n- HCP Terraform and Terraform Enterprise tokens should be least-privilege and scoped to the intended organization or workspace.\n- The default catalog entry starts the public Registry-capable Docker server without checked-in HCP credentials.\n- Avoid this Caplet when the task only needs to edit local Terraform files without external provider, module, or workspace context.\n", "icon": { "type": "url", - "url": "https://www.terraform.io/favicon.ico" + "url": "https://developer.hashicorp.com/favicon.ico" }, "tags": [ "hcp", diff --git a/apps/catalog/src/scripts/virtual-results.ts b/apps/catalog/src/scripts/virtual-results.ts index 9505ea93..de59a37c 100644 --- a/apps/catalog/src/scripts/virtual-results.ts +++ b/apps/catalog/src/scripts/virtual-results.ts @@ -353,6 +353,7 @@ function renderRow(item: VirtualItem, row: CatalogSearchRow | undefined): HTMLEl ${renderCapletIcon(row)}${escapeHtml(row.description)}
@@ -395,6 +396,11 @@ function renderCapletIcon(row: CatalogSearchRow): string { return `
caplets setup wires the agent integrations you choose. Add OSV first because it needs no auth; bring in GitHub or Sourcegraph after the discovery path feels right.