chore: [PoC] Phase 1 — SQLite event write infrastructure for dev tools usage reporting

[NicolasMassart]

PR Title

chore: [PoC] Phase 1 — SQLite event write infrastructure for dev tools usage reporting

---

Description

Part of MCWP-448 (Dev Tools Usage Reporting PoC). This is Phase 1 — the core write infrastructure that all subsequent phases depend on.

Adds a local SQLite-backed event writer so developer tool and agent skill usage can be voluntarily recorded on the developer's machine. Nothing is sent anywhere — data stays in ~/.tool-usage-collection/events.db until the developer explicitly exports it via yarn tooling:report (Phase 3).

What's included:

• scripts/tooling/tsconfig.json — isolated TypeScript config for tooling scripts (no React Native / JSX settings)
• scripts/tooling/db.ts — opens/creates the SQLite DB, applies WAL mode for safe concurrent writes, and runs CREATE TABLE IF NOT EXISTS schema migration
• scripts/tooling/events.ts — trackEvent() shared write function used by both the CLI wrapper and the future MCP server; detects the current git repo automatically; always writes errors to stderr, never throws
• scripts/tooling/tool-usage-collection.ts — thin CLI wrapper around trackEvent() for use in yarn pre/post hooks and Claude Code bash hooks; validates all args strictly (--success must be "true"|"false", --duration must be a non-negative integer); supports --verbose for agent callers (TOON-style confirmation + hint line) and --help
• package.json — adds better-sqlite3, @types/better-sqlite3, and tsx as devDependencies (with dependenciesMeta.built: true to allow native compilation under enableScripts: false); .cursor/agents/axi-tooling-reviewer.md — project-level subagent that reviews scripts against the 10 AXI (Agent eXperience Interface) principles

Design decisions:

• DB is closed in a finally block to prevent descriptor leaks on insert failure
• @modelcontextprotocol/sdk intentionally deferred to Phase 2 (where it will be used by tooling-mcp-server.ts)
• All scripts run via tsx — no compilation step

Test coverage: 40 unit tests across 3 suites (db.test.ts, events.test.ts, tool-usage-collection.test.ts)

Changelog

CHANGELOG entry: null

Related issues

Fixes: https://consensyssoftware.atlassian.net/browse/MCWP-512
Refs: https://consensyssoftware.atlassian.net/browse/MCWP-448

Manual testing steps

Feature: Dev tools usage event writer

  Scenario: write a start event silently (simulates a yarn hook)
    Given the repo is checked out
    When I run: yarn tsx scripts/tooling/tool-usage-collection.ts --tool yarn:setup:expo --type yarn_script --event start
    Then there is no output and exit code is 0
    And ~/.tool-usage-collection/events.db exists

  Scenario: write an end event with verbose confirmation
    When I run: yarn tsx scripts/tooling/tool-usage-collection.ts --tool yarn:setup:expo --type yarn_script --event end --success true --duration 4200 --verbose
    Then stdout contains "tracked: tool=yarn:setup:expo event=end"
    And stdout contains "hint[]"

  Scenario: invalid args produce a structured error
    When I run: yarn tsx scripts/tooling/tool-usage-collection.ts --type skill --event start
    Then stderr contains "--tool is required"
    And exit code is 1

  Scenario: --help prints usage
    When I run: yarn tsx scripts/tooling/tool-usage-collection.ts --help
    Then stdout contains the full usage line and exit code is 0

Screenshots/Recordings

Before

N/A

After

TODO

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[github-actions]

🔍 Smart E2E Test Selection

⏭️ Smart E2E selection skipped - draft PR

All E2E tests pre-selected.

View GitHub Actions results

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​types/​better-sqlite3@​7.6.13
	npm/​tsx@​4.21.0
	npm/​better-sqlite3@​12.8.0

View full report

[socket-security]

Caution

MetaMask internal reviewing guidelines:

• Do not ignore-all
• Each alert has instructions on how to review if you don't know what it means. If lost, ask your Security Liaison or the supply-chain group
• Copy-paste ignore lines for specific packages or a group of one kind with a note on what research you did to deem it safe.
  @SocketSecurity ignore npm/PACKAGE@VERSION

Action	Severity	Alert  (click "▶" to expand/collapse)
Block		Native binaries present: npm better-sqlite3 Location: Package overview From: package.json → npm/better-sqlite3@12.8.0 ℹ Read more on: This package | This alert | Why is native code a concern? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Verify that the inclusion of native code is expected and necessary for this package's functionality. If it is unnecessary or unexpected, consider using alternative packages without native code to mitigate potential risks. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/better-sqlite3@12.8.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: This fragment appears to be a bundler-generated bootstrap/initialization piece that imports many modules and executes an initialization function (r). No explicit malicious activity is evident within this fragment itself, but the risk stems from side effects of the imported modules on load. A careful review of the implementations of the imported modules (especially those exporting r and those performing initialization, build-time, or network/file operations) is recommended to rule out hidden telemetry, backdoors, or undesired side effects. Confidence: 1.00 Severity: 0.60 From: package.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: This module installs signal handlers and actively hides them from inspection by monkeypatching listener inspection APIs. In the main thread it can forward SIGINT/SIGTERM events to a remote client (via client.connectingToServer) and may exit the process after forwarding. The concealment is a noteworthy red flag: it makes detection and auditing harder and may be used to implement covert telemetry or control. The file alone is not conclusively malicious, but the combination of hiding handlers and forwarding signals to an external component warrants careful review of the client module (client-D6NvIMSC.cjs) and any network destinations it uses before trusting this package in sensitive environments. Confidence: 1.00 Severity: 0.60 From: package.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: The module installs hidden signal handlers for SIGINT and SIGTERM, hides them from other code by monkey-patching process.listenerCount and process.listeners, forwards signals to an external client callback, and may force exit. That stealthy interception of process signals is suspicious from a supply-chain/security perspective because it can be used to intercept or suppress normal shutdown behavior and to forward events to another module which may perform network I/O or exfiltration. There is no direct evidence in this file of data exfiltration, reverse shell, or explicit malicious payload, but the hiding behavior and delegation to an external client warrant caution and further inspection of the imported client and cjs modules. Recommend auditing the client callback and cjs/index.cjs for network operations or data-leaking behavior before trusting this package. Confidence: 1.00 Severity: 0.60 From: package.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Potential code anomaly (AI signal): npm tsx is 100.0% likely to have a medium risk anomaly Notes: No clear indicators of classic malware (no reverse shell, no network connections, no child_process usage, no hard-coded credentials). The primary risk is information leakage: the loader posts module load events and dependency paths to external consumers via p.port and O.send. In contexts where those channels are controlled by an untrusted or remote party, this could leak local file paths or project structure. The module otherwise performs expected loader duties (file reads, tsconfig handling, transforming CJS to ESM, returning data: URLs). Review runtime consumers of O and any provided p.port to ensure they are trusted before using this loader in a sensitive environment. Confidence: 1.00 Severity: 0.60 From: package.json → npm/tsx@4.21.0 ℹ Read more on: This package | This alert | What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tsx@4.21.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report