refactor: migrate to rmcp-based architecture (#95)

* docs: add STPA analysis, migration plan, and implementation spec

Rivet project initialized with STPA schema for rmcp migration safety
analysis. 58 artifacts covering losses, hazards, constraints, UCAs,
and loss scenarios for migrating from full MCP stack to rmcp extensions.

Phase 0+1 design spec and implementation plan ready for execution.

* feat: add poc workspace for rmcp migration validation

* feat(poc): validate Tower auth middleware with rmcp

Working PoC proving Tower middleware can intercept rmcp HTTP
requests, enforce Bearer auth, and propagate AuthContext into
MCP tool handlers via http::request::Parts extensions.

* feat(poc): validate MCP Apps UI resources with rmcp

Implements PoC 3 proving rmcp 1.3 supports the MCP Apps extension
pattern (SEP-1865) for serving interactive HTML via resources and tools.

* feat(poc): validate resource router with rmcp ServerHandler

Implements a matchit-based ResourceRouter that maps MCP URI templates
(file:///, config://) to handler functions, overriding list_resource_templates
and read_resource on ServerHandler alongside #[tool_handler] tools.

* docs(poc): record rmcp migration PoC results — all 3 pass

* refactor: rename mcp-logging to pulseengine-logging

Generic structured logging crate — not MCP-specific.
Provides credential scrubbing, metrics, alerting, correlation IDs.

* refactor: rename mcp-security-middleware to pulseengine-security

Generic Axum/Tower security middleware — not MCP-specific.
Remove unused mcp-protocol dependency.

* feat: add pulseengine-mcp-resources crate — resource router for rmcp

URI-template-based resource router built on matchit for rmcp MCP
servers. Provides ResourceRouter<S> with scheme-aware URI matching,
handler dispatch, and template listing for ServerHandler integration.

* feat: add pulseengine-mcp-apps crate — MCP Apps extension for rmcp

* docs: add migration guide for rmcp-based crate structure

* refactor: rename mcp-auth to pulseengine-auth

Generic auth/RBAC/session crate — not MCP-specific.
Remove mcp-protocol dependency, rename MCP-prefixed types
(McpPermission → Permission, McpPermissionChecker → PermissionChecker).
Middleware now operates on generic (method, params) instead of MCP Request.

* refactor: rename directories to match package names, remove poc/

mcp-logging/ → pulseengine-logging/
mcp-auth/ → pulseengine-auth/
mcp-security-middleware/ → pulseengine-security/

Remove poc/ directory — validation complete, results in poc/RESULTS.md
preserved in git history.

* refactor(examples): rewrite hello-world and ultra-simple to use rmcp

* refactor(examples): rewrite auth example for rmcp, remove conformance-server

* refactor(examples): rewrite resources-demo and ui-enabled-server for rmcp

* fix: rustfmt and Dockerfile directory paths after renames

* fix: cargo fmt --all

* fix: clippy warnings (dead_code, Default impl, format strings)

Author: avrabe

.claude/settings.local.json

@@ -61,7 +61,57 @@
       "Bash(npx -y @modelcontextprotocol/conformance list)",
       "Bash(target/debug/hello-world:*)",
       "Bash(./target/debug/resources-demo:*)",
-      "Bash(ls:*)"
+      "Bash(ls:*)",
+      "Bash(python3 -c \":*)",
+      "Bash(wc -l /Volumes/Home/git/pulseengine/mcp/mcp-protocol/src/*.rs /Volumes/Home/git/pulseengine/mcp/mcp-server/src/*.rs /Volumes/Home/git/pulseengine/mcp/mcp-transport/src/*.rs)",
+      "Bash(python3 -m json.tool)",
+      "Bash(wc -l /Volumes/Home/git/pulseengine/mcp/mcp-*/src/lib.rs)",
+      "Bash(for crate:*)",
+      "Bash(do echo:*)",
+      "Bash(command -v rivet)",
+      "Bash(rivet --help)",
+      "Bash(rivet init:*)",
+      "Bash(rivet stpa:*)",
+      "Bash(rivet docs:*)",
+      "Bash(rivet schema:*)",
+      "Bash(rivet validate:*)",
+      "Bash(rivet stats:*)",
+      "Bash(rivet coverage:*)",
+      "Bash(rivet matrix:*)",
+      "Bash(rivet list:*)",
+      "Bash(python3 -c \"import json,sys; [print\\(f[''''name'''']\\) for f in json.loads\\(sys.stdin.read\\(\\)\\)]\")",
+      "Bash(git commit:*)",
+      "Bash(rustup toolchain:*)",
+      "Bash(rustc --version)",
+      "Bash(pkill -f \"poc-tower-auth\")",
+      "Bash(echo \"EXIT: $?\")",
+      "Bash(TRYBUILD=overwrite cargo test -p pulseengine-mcp-macros test_ui_compilation_failures)",
+      "Bash(TRYBUILD=overwrite cargo test -p pulseengine-mcp-macros --test ui_tests)",
+      "Bash(TRYBUILD=overwrite cargo test -p pulseengine-mcp-macros --test compilation_and_ui)",
+      "Bash(git diff:*)",
+      "Bash(wc -l /Volumes/Home/git/pulseengine/mcp/mcp-auth/src/*.rs /Volumes/Home/git/pulseengine/mcp/mcp-auth/src/**/*.rs)",
+      "WebFetch(domain:doc.crates.io)",
+      "WebFetch(domain:blog.rust-lang.org)",
+      "WebFetch(domain:internals.rust-lang.org)",
+      "Bash(wc:*)",
+      "WebFetch(domain:users.rust-lang.org)",
+      "WebFetch(domain:rustsec.org)",
+      "Bash(git -C /Volumes/Home/git/pulseengine/mcp/.claude/worktrees/agent-a3118796 log --oneline -5)",
+      "Bash(git cherry-pick:*)",
+      "Bash(git checkout:*)",
+      "Bash(git clean:*)",
+      "Bash(git branch:*)",
+      "Bash(for f:*)",
+      "Read(//Volumes/Home/git/pulseengine/mcp/**)",
+      "Bash(done)",
+      "Bash(do sed:*)",
+      "Bash(git worktree:*)",
+      "Bash(git mv:*)",
+      "Bash(git rm:*)",
+      "Bash(python3 -c \"import sys,json; d=json.load\\(sys.stdin\\); [print\\(p[''''name''''], p[''''version'''']\\) for p in d[''''packages''''] if p[''''name'''']==''''rmcp'''']\")",
+      "Bash(python3 -c \"import json,sys; d=json.load\\(sys.stdin\\); [print\\(p[''''name''''], p[''''version'''']\\) for p in d[''''packages''''] if p[''''name'''']==''''rmcp'''']\")",
+      "Bash(git push:*)",
+      "Bash(gh pr:*)"
     ],
     "deny": []
   }

AGENTS.md

@@ -0,0 +1,92 @@
+<!-- Auto-generated by `rivet init --agents`. Re-run to update after artifact changes. -->
+# AGENTS.md — Rivet Project Instructions
+
+> This file was generated by `rivet init --agents`. Re-run the command
+> any time artifacts change to keep this file current.
+
+## Project Overview
+
+This project uses **Rivet** for SDLC artifact traceability.
+- Config: `rivet.yaml`
+- Schemas: common, dev, stpa
+- Artifacts: 58 across 12 types
+- Validation: `rivet validate` (current status: pass)
+
+## Available Commands
+
+| Command | Purpose | Example |
+|---------|---------|---------|
+| `rivet validate` | Check link integrity, coverage, required fields | `rivet validate --format json` |
+| `rivet list` | List artifacts with filters | `rivet list --type requirement --format json` |
+| `rivet stats` | Show artifact counts by type | `rivet stats --format json` |
+| `rivet add` | Create a new artifact | `rivet add -t requirement --title "..." --link "satisfies:SC-1"` |
+| `rivet link` | Add a link between artifacts | `rivet link SOURCE -t satisfies --target TARGET` |
+| `rivet serve` | Start the dashboard | `rivet serve --port 3000` |
+| `rivet export` | Generate HTML reports | `rivet export --format html --output ./dist` |
+| `rivet impact` | Show change impact | `rivet impact --since HEAD~1` |
+| `rivet coverage` | Show traceability coverage | `rivet coverage --format json` |
+| `rivet diff` | Compare artifact versions | `rivet diff --base path/old --head path/new` |
+
+## Artifact Types
+
+| Type | Count | Description |
+|------|------:|-------------|
+| `control-action` | 4 | An action issued by a controller to a controlled process or another controller. |
+| `controlled-process` | 2 | A process being controlled — the physical or data transformation acted upon by controllers. |
+| `controller` | 3 | A system component (human or automated) responsible for issuing control actions. Each controller has a process model — its internal beliefs about the state of the controlled process. |
+| `controller-constraint` | 7 | A constraint on a controller's behavior derived by inverting a UCA. Specifies what the controller must or must not do. |
+| `design-decision` | 3 | An architectural or design decision with rationale |
+| `feature` | 6 | A user-visible capability or feature |
+| `hazard` | 6 | A system state or set of conditions that, together with worst-case environmental conditions, will lead to a loss. |
+| `loss` | 5 | An undesired or unplanned event involving something of value to stakeholders. Losses define what the analysis aims to prevent. |
+| `loss-scenario` | 5 | A causal pathway describing how a UCA could occur or how the control action could be improperly executed, leading to a hazard. |
+| `requirement` | 6 | A functional or non-functional requirement |
+| `system-constraint` | 5 | A condition or behavior that must be satisfied to prevent a hazard. Each constraint is the inversion of a hazard. |
+| `uca` | 6 | An Unsafe Control Action — a control action that, in a particular context and worst-case environment, leads to a hazard. Four types (provably complete): 1. Not providing the control action leads to a hazard 2. Providing the control action leads to a hazard 3. Providing too early, too late, or in the wrong order 4. Control action stopped too soon or applied too long |
+| `sub-hazard` | 0 | A refinement of a hazard into a more specific unsafe condition. |
+
+## Working with Artifacts
+
+### File Structure
+- Artifacts are stored as YAML files in: `artifacts`
+- Schema definitions: `schemas/` directory
+- Documents: (none configured)
+
+### Creating Artifacts
+```bash
+rivet add -t requirement --title "New requirement" --status draft --link "satisfies:SC-1"
+```
+
+### Validating Changes
+Always run `rivet validate` after modifying artifact YAML files.
+Use `rivet validate --format json` for machine-readable output.
+
+### Link Types
+
+| Link Type | Description | Inverse |
+|-----------|-------------|--------|
+| `acts-on` | Control action acts on a process or controller | `acted-on-by` |
+| `allocated-to` | Source is allocated to the target (e.g. requirement to architecture component) | `allocated-from` |
+| `caused-by-uca` | Loss scenario is caused by an unsafe control action | `causes-scenario` |
+| `constrained-by` | Source is constrained by the target | `constrains` |
+| `constrains-controller` | Constraint applies to a specific controller | `controller-constrained-by` |
+| `depends-on` | Source depends on target being completed first | `depended-on-by` |
+| `derives-from` | Source is derived from the target | `derived-into` |
+| `implements` | Source implements the target | `implemented-by` |
+| `inverts-uca` | Controller constraint inverts (is derived from) an UCA | `inverted-by` |
+| `issued-by` | Control action or UCA is issued by a controller | `issues` |
+| `leads-to-hazard` | UCA or loss scenario leads to a hazard | `hazard-caused-by` |
+| `leads-to-loss` | Hazard leads to a specific loss | `loss-caused-by` |
+| `mitigates` | Source mitigates or prevents the target | `mitigated-by` |
+| `prevents` | Constraint prevents a hazard | `prevented-by` |
+| `refines` | Source is a refinement or decomposition of the target | `refined-by` |
+| `satisfies` | Source satisfies or fulfils the target | `satisfied-by` |
+| `traces-to` | General traceability link between any two artifacts | `traced-from` |
+| `verifies` | Source verifies or validates the target | `verified-by` |
+
+## Conventions
+
+- Artifact IDs follow the pattern: PREFIX-NNN (e.g., REQ-001, FEAT-042)
+- Use `rivet add` to create artifacts (auto-generates next ID)
+- Always include traceability links when creating artifacts
+- Run `rivet validate` before committing

CLAUDE.md

@@ -0,0 +1,7 @@
+# CLAUDE.md
+
+See [AGENTS.md](AGENTS.md) for project instructions.
+
+Additional Claude Code settings:
+- Use `rivet validate` to verify changes to artifact YAML files
+- Use `rivet list --format json` for machine-readable artifact queries