import * as resources from '../../../../db/repos/resources.js';

// Attack-surface inventory: every resource's host/url/status across all spaces.
// Backed by resources.listExposure (scalar columns only — no monitoring/metadata
// JSON, no credentials).
export const resourceExposureTool = {
  name: 'resource_exposure',
  description: 'Inventory of all resources (services/hosts) with their host, url and status — the reachable attack surface. Use to spot exposed or unexpected services. Never includes secrets or monitoring config.',
  input_schema: { type: 'object', properties: {} },
  async handler(_args, _ctx) {
    const resourceList = await resources.listExposure();
    return { resources: resourceList };
  }
};