feat: add enforce_architecture MCP tool — architectural guardrails for AI agents #21
Description
Summary
Add an enforce_architecture MCP tool that validates proposed changes against architectural rules. dependency-cruiser does this for humans — nobody does it for AI agents via MCP.
Motivation
- AI agents generate code in isolation, ignoring inter-file dependency constraints
- 45% of AI-generated code contains vulnerabilities, often from violating architectural boundaries
- dependency-cruiser has 18K+ GitHub stars proving demand for boundary enforcement
- Risk-tiered enforcement is the enterprise consensus for AI code governance
Proposed API
tool: enforce_architecture
input: {
rules?: Array<{
from: string, // glob pattern: "src/controllers/**"
to: string, // glob pattern: "src/models/**"
allowed: boolean // false = this dependency is forbidden
}>,
filePath?: string, // check specific file against rules
autoDetect?: boolean // infer rules from existing module structure
}
output: {
violations: Array<{
from: string,
to: string,
rule: string,
severity: "error" | "warning"
}>,
passed: boolean,
suggestions: string[]
}
Features
- User-defined rules: explicit allow/deny patterns
- Auto-detected rules: infer boundaries from existing module structure + cohesion metrics
- Pre-flight check: agent validates before writing imports
- CI integration: run as part of quality gates
Acceptance Criteria
- Validates file imports against architectural rules
- Auto-detects module boundaries from existing graph
- Returns PASS/FAIL with violation details
- Integrates with module cohesion metrics
- Tests covering rule violations and edge cases
Priority
Short-term — Unique capability no competitor offers via MCP.