# Current Status Card Date: 2026-07-10 Branch: `main` Loop base: `e993ce1 docs: trim safety constraints from mcp roadmap` Remote base before local roadmap commits: `b2d839e Merge branch 'codex/n15-report-hardening'` ## Business direction 项目核心不是继续做 UIA selector/report,而是通过 MCP 暴露 iSphere 的联系人、群组、消息、文件能力。 后续研发主线切换为 MCP 核心通信能力:搜索联系人、搜索群组、收发消息、收发文件。现有 UIA/selector/report 只作为底层辅助和证据,不再作为主线继续扩展。 ## Current completed state - Go MCP foundation exists: `cmd/isphere-mcp`, `internal/mcpserver`, `internal/helperclient`, and `internal/tools` build a stdio MCP server. - The current MCP surface exposes seven read-oriented tools: - `win_helper_version` - `win_helper_self_check` - `win_helper_scan_windows` - `win_helper_dump_uia` - `isphere_receive_messages` - `isphere_search_contacts` - `isphere_search_groups` - C# `ISphereWinHelper` exists under `native/ISphereWinHelper` and uses the `isphere.helper.v1` stdin/stdout JSON contract. - `scripts/verify-win-helper.ps1` and `scripts/verify-go-mcp.ps1` provide repeatable local checks for the helper, seven-tool MCP surface, default empty-source receive/contact/group calls, and synthetic configured-source receive/contact/group smoke. - N12-pre and N12R documents define safe offline evidence intake and internal-sandbox live UIA capture procedures. - N13/N14/N15 produced selector catalog/report validation infrastructure, but those are supporting validation assets only. ## What cannot be claimed externally - The project has not yet implemented business MCP tools for message sending, file receiving/download, or file sending; `isphere_receive_messages`, `isphere_search_contacts`, and `isphere_search_groups` have operator-local encrypted log-file support but not a production ingestion path. - The project has not completed production iSphere integration. - The project has not proven a stable real message source for the full business workflow beyond decrypted PacketReader log evidence and synthetic/redacted tests. - The project has not implemented real message sending or real file upload. - N12-pre offline evidence is not N12 pass. - N13/N14/N15 selector/report work is pre-business evidence, not finished contact/message/file capability. ## What can be claimed externally - The repository has a Go MCP + C# WinHelper foundation for controlled Windows-side read-only observation. - The helper protocol boundary is explicit and keeps Windows/UIA work separate from the Go MCP service layer. - The current code can support future MCP business tools by routing low-level Windows/UIA fallback work through a bounded helper layer. - The project has repeatable verification scripts for the helper/MCP foundation and the current seven-tool surface. - The project now has a corrected business contract and plan for core MCP communication tools, plus registered receive/contact/group read tools that can use `ISPHERE_PACKET_LOG_FILE` for operator-local encrypted PacketReader log lines. ## N13/N14/N15 positioning N13/N14/N15 are pre-business validation results. They can help identify UI elements and validate reports if UI automation becomes necessary, but they are not the product route. New work should first validate real business capability sources and core MCP tool contracts. ## Current loop Current loop: `Stage C / Loop C13 - log-backed file metadata extraction`. Plan file: `docs/superpowers/plans/2026-07-09-stage-c-log-backed-receive-messages-loop.md`. Loop rule: 1. Write or update the plan before coding. 2. Implement one loop only. 3. Verify, commit exact paths, then update the next loop based on actual results. 4. Continue automatically while the next step is clear; ask the user only when blocked or when business direction changes. Current loop output so far: 1. C1: `internal/isphere/logcodec.DecryptLine` and `internal/isphere/packetlog.ParseMessageLog` for redacted PacketReader message logs. 2. C2: `internal/isphere.EncryptedPacketLogSource.ReceiveMessages` source abstraction with synthetic/redacted encrypted fixtures. 3. C3: `isphere_receive_messages` MCP tool registration and server tool list update. 4. C4: repeatable operator verification and docs for the five-tool surface. 5. C5: safe `ISPHERE_PACKET_LOG_FILE` loader for operator-local encrypted PacketReader log lines. 6. C6: fixture-backed operator smoke for configured receive source. 7. C7: log-backed contact candidate extraction from sender/receiver JIDs. 8. C8: `isphere_search_contacts` MCP registration and six-tool verification. 9. C9: group source evidence precheck confirmed groupchat/conference/MUC hits in ignored decrypted logs. 10. C10: log-backed group candidate extraction from groupchat/conference JIDs. 11. C11: `isphere_search_groups` MCP registration and seven-tool verification. 12. C12: file evidence precheck confirmed enough PacketReader/Smark evidence for file metadata listing, but not enough for real cache/download mapping. ## Next business mainline 1. Run Stage C Loop C13: implement log-backed file metadata extraction from normalized messages. 2. Register `isphere_receive_files` list mode after C13 source behavior passes; leave actual download/cache mapping as a later connector node. 3. Add `isphere_send_message` and `isphere_send_file` after source discovery and connector selection. 4. Keep UIA selector/report work as fallback support, not as the primary roadmap.