netalertx · jokob-sk · Feb 3, 2026 · Feb 1, 2026 · Feb 2, 2026 · Feb 2, 2026
diff --git a/.devcontainer/scripts/generate-configs.sh b/.devcontainer/scripts/generate-configs.sh
@@ -31,4 +31,17 @@ cat "${DEVCONTAINER_DIR}/resources/devcontainer-Dockerfile"
 
 echo "Generated $OUT_FILE using root dir $ROOT_DIR"
 
+# Passive Gemini MCP config
+TOKEN=$(grep '^API_TOKEN=' /data/config/app.conf 2>/dev/null | cut -d"'" -f2)
+if [ -n "${TOKEN}" ]; then
+    mkdir -p "${ROOT_DIR}/.gemini"
+    [ -f "${ROOT_DIR}/.gemini/settings.json" ] || echo "{}" > "${ROOT_DIR}/.gemini/settings.json"
+    jq --arg t "$TOKEN" '.mcpServers["netalertx-devcontainer"] = {url: "http://127.0.0.1:20212/mcp/sse", headers: {Authorization: ("Bearer " + $t)}}' "${ROOT_DIR}/.gemini/settings.json" > "${ROOT_DIR}/.gemini/settings.json.tmp" && mv "${ROOT_DIR}/.gemini/settings.json.tmp" "${ROOT_DIR}/.gemini/settings.json"
+
+    # VS Code MCP config
+    mkdir -p "${ROOT_DIR}/.vscode"
+    [ -f "${ROOT_DIR}/.vscode/mcp.json" ] || echo "{}" > "${ROOT_DIR}/.vscode/mcp.json"
+    jq --arg t "$TOKEN" '.servers["netalertx-devcontainer"] = {type: "sse", url: "http://127.0.0.1:20212/mcp/sse", headers: {Authorization: ("Bearer " + $t)}}' "${ROOT_DIR}/.vscode/mcp.json" > "${ROOT_DIR}/.vscode/mcp.json.tmp" && mv "${ROOT_DIR}/.vscode/mcp.json.tmp" "${ROOT_DIR}/.vscode/mcp.json"
+fi
+
 echo "Done."
diff --git a/.gemini/skills/testing-workflow/SKILL.md b/.gemini/skills/testing-workflow/SKILL.md
@@ -1,13 +1,26 @@
 ---
 name: testing-workflow
-description: Read before running tests. Detailed instructions for single, astandard unit tests (fast), full suites (slow), and handling authentication. Tests must be run when a job is complete.
+description: Read before running tests. Detailed instructions for single, standard unit tests (fast), full suites (slow), handling authentication, and obtaining the API Token. Tests must be run when a job is complete.
 ---
 
 # Testing Workflow
 After code is developed, tests must be run to ensure the integrity of the final result.
 
 **Crucial:** Tests MUST be run inside the container to access the correct runtime environment (DB, Config, Dependencies).
 
+## 0. Pre-requisites: Environment Check
+
+Before running any tests, verify you are inside the development container:
+
+```bash
+ls -d /workspaces/NetAlertX
+```
+
+**IF** this directory does not exist, you are likely on the host machine. You **MUST** immediately activate the `devcontainer-management` skill to enter the container or run commands inside it.
+
+```text
+activate_skill("devcontainer-management")
+```
 
 ## 1. Full Test Suite (MANDATORY DEFAULT)
 
@@ -38,13 +51,24 @@ cd /workspaces/NetAlertX; pytest test/<path_to_test>
 cd /workspaces/NetAlertX; pytest test/api_endpoints/test_mcp_extended_endpoints.py
 ```
 
-## Authentication in Tests
+## Authentication & Environment Reset
 
-The test environment uses `API_TOKEN`. The most reliable way to retrieve the current token from a running container is:
+Authentication tokens are required to perform certain operations such as manual testing or crafting expressions to work with the web APIs. After making code changes, you MUST reset the environment to ensure the new code is running and verify you have the latest `API_TOKEN`.
 
-```bash
-python3 -c "from helper import get_setting_value; print(get_setting_value('API_TOKEN'))"
-```
+1. **Reset Environment:** Run the setup script inside the container.
+   ```bash
+   bash /workspaces/NetAlertX/.devcontainer/scripts/setup.sh
+   ```
+2. **Wait for Stabilization:** Wait at least 5 seconds for services (nginx, python server, etc.) to start.
+   ```bash
+   sleep 5
+   ```
+3. **Obtain Token:** Retrieve the current token from the container.
+   ```bash
+   python3 -c "from helper import get_setting_value; print(get_setting_value('API_TOKEN'))"
+   ```
+
+The retrieved token MUST be used in all subsequent API or test calls requiring authentication.
 
 ### Troubleshooting
 

diff --git a/.gitignore b/.gitignore
@@ -46,3 +46,5 @@ docker-compose.yml.ffsb42
 .env.omada.ffsb42
 .venv
 test_mounts/
+.gemini/settings.json
+.vscode/mcp.json
diff --git a/docs/API_MCP.md b/docs/API_MCP.md
@@ -49,7 +49,7 @@ sequenceDiagram
     API-->>MCP: 5. Available tools spec
     MCP-->>AI: 6. Tool definitions
     AI->>MCP: 7. tools/call: search_devices
-    MCP->>API: 8. POST /mcp/sse/devices/search
+    MCP->>API: 8. POST /devices/search
     API->>DB: 9. Query devices
     DB-->>API: 10. Device data
     API-->>MCP: 11. JSON response
@@ -72,9 +72,9 @@ graph LR
     end
 
     subgraph "NetAlertX API Server (:20211)"
-        F[Device APIs<br/>/mcp/sse/devices/*]
-        G[Network Tools<br/>/mcp/sse/nettools/*]
-        H[Events API<br/>/mcp/sse/events/*]
+        F[Device APIs<br/>/devices/*]
+        G[Network Tools<br/>/nettools/*]
+        H[Events API<br/>/events/*]
     end
 
     subgraph "Backend"
@@ -182,27 +182,28 @@ eventSource.onmessage = function(event) {
 
 | Tool | Endpoint | Description |
 |------|----------|-------------|
-| `list_devices` | `/mcp/sse/devices/by-status` | List devices by online status |
-| `get_device_info` | `/mcp/sse/device/<mac>` | Get detailed device information |
-| `search_devices` | `/mcp/sse/devices/search` | Search devices by MAC, name, or IP |
-| `get_latest_device` | `/mcp/sse/devices/latest` | Get most recently connected device |
-| `set_device_alias` | `/mcp/sse/device/<mac>/set-alias` | Set device friendly name |
+| `list_devices` | `/devices/by-status` | List devices by online status |
+| `get_device_info` | `/device/{mac}` | Get detailed device information |
+| `search_devices` | `/devices/search` | Search devices by MAC, name, or IP |
+| `get_latest_device` | `/devices/latest` | Get most recently connected device |
+| `set_device_alias` | `/device/{mac}/set-alias` | Set device friendly name |
 
 ### Network Tools
 
 | Tool | Endpoint | Description |
 |------|----------|-------------|
-| `trigger_scan` | `/mcp/sse/nettools/trigger-scan` | Trigger network discovery scan |
-| `get_open_ports` | `/mcp/sse/device/open_ports` | Get stored NMAP open ports for device |
-| `wol_wake_device` | `/mcp/sse/nettools/wakeonlan` | Wake device using Wake-on-LAN |
-| `get_network_topology` | `/mcp/sse/devices/network/topology` | Get network topology map |
+| `trigger_scan` | `/nettools/trigger-scan` | Trigger network discovery scan to find new devices. |
+| `run_nmap_scan` | `/nettools/nmap` | Perform NMAP scan on a target to identify open ports. |
+| `get_open_ports` | `/device/open_ports` | Get stored NMAP open ports. Use `run_nmap_scan` first if empty. |
+| `wol_wake_device` | `/nettools/wakeonlan` | Wake device using Wake-on-LAN |
+| `get_network_topology` | `/devices/network/topology` | Get network topology map |
 
 ### Event & Monitoring Tools
 
 | Tool | Endpoint | Description |
 |------|----------|-------------|
-| `get_recent_alerts` | `/mcp/sse/events/recent` | Get events from last 24 hours |
-| `get_last_events` | `/mcp/sse/events/last` | Get 10 most recent events |
+| `get_recent_alerts` | `/events/recent` | Get events from last 24 hours |
+| `get_last_events` | `/events/last` | Get 10 most recent events |
 
 ---