@1claw/mcp 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +144 -0
- package/dist/client.d.ts +41 -0
- package/dist/client.d.ts.map +1 -0
- package/dist/client.js +92 -0
- package/dist/client.js.map +1 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +168 -0
- package/dist/index.js.map +1 -0
- package/dist/tools/create_vault.d.ts +21 -0
- package/dist/tools/create_vault.d.ts.map +1 -0
- package/dist/tools/create_vault.js +28 -0
- package/dist/tools/create_vault.js.map +1 -0
- package/dist/tools/delete_secret.d.ts +21 -0
- package/dist/tools/delete_secret.d.ts.map +1 -0
- package/dist/tools/delete_secret.js +29 -0
- package/dist/tools/delete_secret.js.map +1 -0
- package/dist/tools/describe_secret.d.ts +17 -0
- package/dist/tools/describe_secret.d.ts.map +1 -0
- package/dist/tools/describe_secret.js +52 -0
- package/dist/tools/describe_secret.js.map +1 -0
- package/dist/tools/get_secret.d.ts +21 -0
- package/dist/tools/get_secret.d.ts.map +1 -0
- package/dist/tools/get_secret.js +39 -0
- package/dist/tools/get_secret.js.map +1 -0
- package/dist/tools/grant_access.d.ts +33 -0
- package/dist/tools/grant_access.d.ts.map +1 -0
- package/dist/tools/grant_access.js +36 -0
- package/dist/tools/grant_access.js.map +1 -0
- package/dist/tools/list_secrets.d.ts +17 -0
- package/dist/tools/list_secrets.d.ts.map +1 -0
- package/dist/tools/list_secrets.js +26 -0
- package/dist/tools/list_secrets.js.map +1 -0
- package/dist/tools/list_vaults.d.ts +9 -0
- package/dist/tools/list_vaults.d.ts.map +1 -0
- package/dist/tools/list_vaults.js +18 -0
- package/dist/tools/list_vaults.js.map +1 -0
- package/dist/tools/put_secret.d.ts +41 -0
- package/dist/tools/put_secret.d.ts.map +1 -0
- package/dist/tools/put_secret.js +48 -0
- package/dist/tools/put_secret.js.map +1 -0
- package/dist/tools/share_secret.d.ts +33 -0
- package/dist/tools/share_secret.d.ts.map +1 -0
- package/dist/tools/share_secret.js +53 -0
- package/dist/tools/share_secret.js.map +1 -0
- package/dist/types.d.ts +56 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +11 -0
- package/dist/types.js.map +1 -0
- package/package.json +48 -0
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import { UserError } from "fastmcp";
|
|
3
|
+
import { OneClawApiError } from "../client.js";
|
|
4
|
+
export function describeSecretTool(client) {
|
|
5
|
+
return {
|
|
6
|
+
name: "describe_secret",
|
|
7
|
+
description: "Get metadata for a secret (type, version, expiry, access count) without fetching its value. Use this to check if a secret exists or is still valid before fetching it.",
|
|
8
|
+
parameters: z.object({
|
|
9
|
+
path: z
|
|
10
|
+
.string()
|
|
11
|
+
.min(1)
|
|
12
|
+
.describe("Secret path to describe, e.g. 'api-keys/stripe'"),
|
|
13
|
+
}),
|
|
14
|
+
execute: async (args) => {
|
|
15
|
+
const data = await client.listSecrets();
|
|
16
|
+
const match = data.secrets.find((s) => s.path === args.path);
|
|
17
|
+
if (!match) {
|
|
18
|
+
try {
|
|
19
|
+
const secret = await client.getSecret(args.path);
|
|
20
|
+
return JSON.stringify({
|
|
21
|
+
path: secret.path,
|
|
22
|
+
type: secret.type,
|
|
23
|
+
version: secret.version,
|
|
24
|
+
metadata: secret.metadata,
|
|
25
|
+
created_at: secret.created_at,
|
|
26
|
+
expires_at: secret.expires_at,
|
|
27
|
+
}, null, 2);
|
|
28
|
+
}
|
|
29
|
+
catch (err) {
|
|
30
|
+
if (err instanceof OneClawApiError) {
|
|
31
|
+
if (err.status === 404) {
|
|
32
|
+
throw new UserError(`No secret found at path '${args.path}'.`);
|
|
33
|
+
}
|
|
34
|
+
if (err.status === 410) {
|
|
35
|
+
throw new UserError(`Secret at path '${args.path}' is expired or has exceeded its maximum access count.`);
|
|
36
|
+
}
|
|
37
|
+
}
|
|
38
|
+
throw err;
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
return JSON.stringify({
|
|
42
|
+
path: match.path,
|
|
43
|
+
type: match.type,
|
|
44
|
+
version: match.version,
|
|
45
|
+
metadata: match.metadata,
|
|
46
|
+
created_at: match.created_at,
|
|
47
|
+
expires_at: match.expires_at,
|
|
48
|
+
}, null, 2);
|
|
49
|
+
},
|
|
50
|
+
};
|
|
51
|
+
}
|
|
52
|
+
//# sourceMappingURL=describe_secret.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"describe_secret.js","sourceRoot":"","sources":["../../src/tools/describe_secret.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AACpC,OAAO,EAAE,eAAe,EAAsB,MAAM,cAAc,CAAC;AAEnE,MAAM,UAAU,kBAAkB,CAAC,MAAqB;IACtD,OAAO;QACL,IAAI,EAAE,iBAA0B;QAChC,WAAW,EACT,wKAAwK;QAC1K,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC;YACnB,IAAI,EAAE,CAAC;iBACJ,MAAM,EAAE;iBACR,GAAG,CAAC,CAAC,CAAC;iBACN,QAAQ,CAAC,iDAAiD,CAAC;SAC/D,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,IAAsB,EAAE,EAAE;YACxC,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,WAAW,EAAE,CAAC;YACxC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,CAAC,CAAC;YAE7D,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,IAAI,CAAC;oBACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACjD,OAAO,IAAI,CAAC,SAAS,CACnB;wBACE,IAAI,EAAE,MAAM,CAAC,IAAI;wBACjB,IAAI,EAAE,MAAM,CAAC,IAAI;wBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;wBACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;wBACzB,UAAU,EAAE,MAAM,CAAC,UAAU;wBAC7B,UAAU,EAAE,MAAM,CAAC,UAAU;qBAC9B,EACD,IAAI,EACJ,CAAC,CACF,CAAC;gBACJ,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,IAAI,GAAG,YAAY,eAAe,EAAE,CAAC;wBACnC,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;4BACvB,MAAM,IAAI,SAAS,CAAC,4BAA4B,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC;wBACjE,CAAC;wBACD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;4BACvB,MAAM,IAAI,SAAS,CACjB,mBAAmB,IAAI,CAAC,IAAI,wDAAwD,CACrF,CAAC;wBACJ,CAAC;oBACH,CAAC;oBACD,MAAM,GAAG,CAAC;gBACZ,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC,SAAS,CACnB;gBACE,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,UAAU,EAAE,KAAK,CAAC,UAAU;gBAC5B,UAAU,EAAE,KAAK,CAAC,UAAU;aAC7B,EACD,IAAI,EACJ,CAAC,CACF,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import { type OneClawClient } from "../client.js";
|
|
3
|
+
export declare function getSecretTool(client: OneClawClient): {
|
|
4
|
+
name: "get_secret";
|
|
5
|
+
description: string;
|
|
6
|
+
parameters: z.ZodObject<{
|
|
7
|
+
path: z.ZodString;
|
|
8
|
+
}, "strip", z.ZodTypeAny, {
|
|
9
|
+
path: string;
|
|
10
|
+
}, {
|
|
11
|
+
path: string;
|
|
12
|
+
}>;
|
|
13
|
+
execute: (args: {
|
|
14
|
+
path: string;
|
|
15
|
+
}, { log }: {
|
|
16
|
+
log: {
|
|
17
|
+
info: (msg: string) => void;
|
|
18
|
+
};
|
|
19
|
+
}) => Promise<string>;
|
|
20
|
+
};
|
|
21
|
+
//# sourceMappingURL=get_secret.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"get_secret.d.ts","sourceRoot":"","sources":["../../src/tools/get_secret.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAmB,KAAK,aAAa,EAAE,MAAM,cAAc,CAAC;AAEnE,wBAAgB,aAAa,CAAC,MAAM,EAAE,aAAa;;;;;;;;;;oBAWzB;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,WAAW;QAAE,GAAG,EAAE;YAAE,IAAI,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAA;SAAE,CAAA;KAAE;EAyB5F"}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import { UserError } from "fastmcp";
|
|
3
|
+
import { OneClawApiError } from "../client.js";
|
|
4
|
+
export function getSecretTool(client) {
|
|
5
|
+
return {
|
|
6
|
+
name: "get_secret",
|
|
7
|
+
description: "Fetch the decrypted value of a secret from the 1claw vault by its path (e.g. 'api-keys/stripe'). Use this immediately before making an API call that requires the credential. Do not store the value or include it in summaries.",
|
|
8
|
+
parameters: z.object({
|
|
9
|
+
path: z
|
|
10
|
+
.string()
|
|
11
|
+
.min(1)
|
|
12
|
+
.describe("Secret path, e.g. 'api-keys/stripe' or 'passwords/db-prod'"),
|
|
13
|
+
}),
|
|
14
|
+
execute: async (args, { log }) => {
|
|
15
|
+
try {
|
|
16
|
+
const secret = await client.getSecret(args.path);
|
|
17
|
+
log.info(`secret accessed: ${args.path}`);
|
|
18
|
+
return JSON.stringify({
|
|
19
|
+
path: secret.path,
|
|
20
|
+
type: secret.type,
|
|
21
|
+
version: secret.version,
|
|
22
|
+
value: secret.value,
|
|
23
|
+
});
|
|
24
|
+
}
|
|
25
|
+
catch (err) {
|
|
26
|
+
if (err instanceof OneClawApiError) {
|
|
27
|
+
if (err.status === 410) {
|
|
28
|
+
throw new UserError(`Secret at path '${args.path}' is expired or has exceeded its maximum access count.`);
|
|
29
|
+
}
|
|
30
|
+
if (err.status === 404) {
|
|
31
|
+
throw new UserError(`No secret found at path '${args.path}'.`);
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
throw err;
|
|
35
|
+
}
|
|
36
|
+
},
|
|
37
|
+
};
|
|
38
|
+
}
|
|
39
|
+
//# sourceMappingURL=get_secret.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"get_secret.js","sourceRoot":"","sources":["../../src/tools/get_secret.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AACpC,OAAO,EAAE,eAAe,EAAsB,MAAM,cAAc,CAAC;AAEnE,MAAM,UAAU,aAAa,CAAC,MAAqB;IACjD,OAAO;QACL,IAAI,EAAE,YAAqB;QAC3B,WAAW,EACT,kOAAkO;QACpO,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC;YACnB,IAAI,EAAE,CAAC;iBACJ,MAAM,EAAE;iBACR,GAAG,CAAC,CAAC,CAAC;iBACN,QAAQ,CAAC,4DAA4D,CAAC;SAC1E,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,IAAsB,EAAE,EAAE,GAAG,EAA4C,EAAE,EAAE;YAC3F,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjD,GAAG,CAAC,IAAI,CAAC,oBAAoB,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC1C,OAAO,IAAI,CAAC,SAAS,CAAC;oBACpB,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;iBACpB,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,eAAe,EAAE,CAAC;oBACnC,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACvB,MAAM,IAAI,SAAS,CACjB,mBAAmB,IAAI,CAAC,IAAI,wDAAwD,CACrF,CAAC;oBACJ,CAAC;oBACD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACvB,MAAM,IAAI,SAAS,CAAC,4BAA4B,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC;oBACjE,CAAC;gBACH,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import type { OneClawClient } from "../client.js";
|
|
3
|
+
export declare function grantAccessTool(client: OneClawClient): {
|
|
4
|
+
name: "grant_access";
|
|
5
|
+
description: string;
|
|
6
|
+
parameters: z.ZodObject<{
|
|
7
|
+
vault_id: z.ZodString;
|
|
8
|
+
principal_type: z.ZodEnum<["user", "agent"]>;
|
|
9
|
+
principal_id: z.ZodString;
|
|
10
|
+
permissions: z.ZodDefault<z.ZodArray<z.ZodEnum<["read", "write", "delete"]>, "many">>;
|
|
11
|
+
secret_path_pattern: z.ZodDefault<z.ZodString>;
|
|
12
|
+
}, "strip", z.ZodTypeAny, {
|
|
13
|
+
vault_id: string;
|
|
14
|
+
principal_type: "user" | "agent";
|
|
15
|
+
principal_id: string;
|
|
16
|
+
permissions: ("read" | "write" | "delete")[];
|
|
17
|
+
secret_path_pattern: string;
|
|
18
|
+
}, {
|
|
19
|
+
vault_id: string;
|
|
20
|
+
principal_type: "user" | "agent";
|
|
21
|
+
principal_id: string;
|
|
22
|
+
permissions?: ("read" | "write" | "delete")[] | undefined;
|
|
23
|
+
secret_path_pattern?: string | undefined;
|
|
24
|
+
}>;
|
|
25
|
+
execute: (args: {
|
|
26
|
+
vault_id: string;
|
|
27
|
+
principal_type: "user" | "agent";
|
|
28
|
+
principal_id: string;
|
|
29
|
+
permissions: string[];
|
|
30
|
+
secret_path_pattern: string;
|
|
31
|
+
}) => Promise<string>;
|
|
32
|
+
};
|
|
33
|
+
//# sourceMappingURL=grant_access.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"grant_access.d.ts","sourceRoot":"","sources":["../../src/tools/grant_access.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAElD,wBAAgB,eAAe,CAAC,MAAM,EAAE,aAAa;;;;;;;;;;;;;;;;;;;;;;oBAwB3B;QACpB,QAAQ,EAAE,MAAM,CAAC;QACjB,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC;QACjC,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,EAAE,CAAC;QACtB,mBAAmB,EAAE,MAAM,CAAC;KAC7B;EAkBJ"}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
export function grantAccessTool(client) {
|
|
3
|
+
return {
|
|
4
|
+
name: "grant_access",
|
|
5
|
+
description: "Grant a user or agent access to one of your vaults. You can only grant access on vaults you created. " +
|
|
6
|
+
"Use this to share secrets with team members or other agents.",
|
|
7
|
+
parameters: z.object({
|
|
8
|
+
vault_id: z.string().uuid().describe("ID of the vault to share"),
|
|
9
|
+
principal_type: z
|
|
10
|
+
.enum(["user", "agent"])
|
|
11
|
+
.describe("Type of principal to grant access to"),
|
|
12
|
+
principal_id: z
|
|
13
|
+
.string()
|
|
14
|
+
.uuid()
|
|
15
|
+
.describe("UUID of the user or agent to grant access to"),
|
|
16
|
+
permissions: z
|
|
17
|
+
.array(z.enum(["read", "write", "delete"]))
|
|
18
|
+
.default(["read"])
|
|
19
|
+
.describe("Permissions to grant (default: read-only)"),
|
|
20
|
+
secret_path_pattern: z
|
|
21
|
+
.string()
|
|
22
|
+
.default("**")
|
|
23
|
+
.describe("Glob pattern for which secrets the policy covers (default: all)"),
|
|
24
|
+
}),
|
|
25
|
+
execute: async (args) => {
|
|
26
|
+
const policy = await client.createPolicy(args.vault_id, args.principal_type, args.principal_id, args.permissions, args.secret_path_pattern);
|
|
27
|
+
return (`Access granted.\n` +
|
|
28
|
+
` Policy ID: ${policy.id}\n` +
|
|
29
|
+
` Vault: ${policy.vault_id}\n` +
|
|
30
|
+
` Granted to: ${policy.principal_type}:${policy.principal_id}\n` +
|
|
31
|
+
` Permissions: ${policy.permissions.join(", ")}\n` +
|
|
32
|
+
` Path pattern: ${policy.secret_path_pattern}`);
|
|
33
|
+
},
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
//# sourceMappingURL=grant_access.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"grant_access.js","sourceRoot":"","sources":["../../src/tools/grant_access.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,MAAM,UAAU,eAAe,CAAC,MAAqB;IACnD,OAAO;QACL,IAAI,EAAE,cAAuB;QAC7B,WAAW,EACT,uGAAuG;YACvG,8DAA8D;QAChE,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC;YACnB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,0BAA0B,CAAC;YAChE,cAAc,EAAE,CAAC;iBACd,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;iBACvB,QAAQ,CAAC,sCAAsC,CAAC;YACnD,YAAY,EAAE,CAAC;iBACZ,MAAM,EAAE;iBACR,IAAI,EAAE;iBACN,QAAQ,CAAC,8CAA8C,CAAC;YAC3D,WAAW,EAAE,CAAC;iBACX,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;iBAC1C,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC;iBACjB,QAAQ,CAAC,2CAA2C,CAAC;YACxD,mBAAmB,EAAE,CAAC;iBACnB,MAAM,EAAE;iBACR,OAAO,CAAC,IAAI,CAAC;iBACb,QAAQ,CAAC,iEAAiE,CAAC;SAC/E,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,IAMf,EAAE,EAAE;YACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,YAAY,CACtC,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,mBAAmB,CACzB,CAAC;YACF,OAAO,CACL,mBAAmB;gBACnB,gBAAgB,MAAM,CAAC,EAAE,IAAI;gBAC7B,YAAY,MAAM,CAAC,QAAQ,IAAI;gBAC/B,iBAAiB,MAAM,CAAC,cAAc,IAAI,MAAM,CAAC,YAAY,IAAI;gBACjE,kBAAkB,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;gBACnD,mBAAmB,MAAM,CAAC,mBAAmB,EAAE,CAChD,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import type { OneClawClient } from "../client.js";
|
|
3
|
+
export declare function listSecretsTool(client: OneClawClient): {
|
|
4
|
+
name: "list_secrets";
|
|
5
|
+
description: string;
|
|
6
|
+
parameters: z.ZodObject<{
|
|
7
|
+
prefix: z.ZodOptional<z.ZodString>;
|
|
8
|
+
}, "strip", z.ZodTypeAny, {
|
|
9
|
+
prefix?: string | undefined;
|
|
10
|
+
}, {
|
|
11
|
+
prefix?: string | undefined;
|
|
12
|
+
}>;
|
|
13
|
+
execute: (args: {
|
|
14
|
+
prefix?: string;
|
|
15
|
+
}) => Promise<string>;
|
|
16
|
+
};
|
|
17
|
+
//# sourceMappingURL=list_secrets.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"list_secrets.d.ts","sourceRoot":"","sources":["../../src/tools/list_secrets.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAElD,wBAAgB,eAAe,CAAC,MAAM,EAAE,aAAa;;;;;;;;;;oBAW3B;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE;EAoB5C"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
export function listSecretsTool(client) {
|
|
3
|
+
return {
|
|
4
|
+
name: "list_secrets",
|
|
5
|
+
description: "List all secrets stored in the 1claw vault. Returns paths, types, versions, and metadata — never secret values. Use this to discover what credentials are available before fetching one.",
|
|
6
|
+
parameters: z.object({
|
|
7
|
+
prefix: z
|
|
8
|
+
.string()
|
|
9
|
+
.optional()
|
|
10
|
+
.describe("Optional path prefix to filter secrets (e.g. 'api-keys/')"),
|
|
11
|
+
}),
|
|
12
|
+
execute: async (args) => {
|
|
13
|
+
const data = await client.listSecrets();
|
|
14
|
+
let secrets = data.secrets;
|
|
15
|
+
if (args.prefix) {
|
|
16
|
+
secrets = secrets.filter((s) => s.path.startsWith(args.prefix));
|
|
17
|
+
}
|
|
18
|
+
if (secrets.length === 0) {
|
|
19
|
+
return "No secrets found in this vault.";
|
|
20
|
+
}
|
|
21
|
+
const lines = secrets.map((s) => `- ${s.path} (type: ${s.type}, version: ${s.version}, expires: ${s.expires_at ?? "never"})`);
|
|
22
|
+
return `Found ${secrets.length} secret(s):\n${lines.join("\n")}`;
|
|
23
|
+
},
|
|
24
|
+
};
|
|
25
|
+
}
|
|
26
|
+
//# sourceMappingURL=list_secrets.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"list_secrets.js","sourceRoot":"","sources":["../../src/tools/list_secrets.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,MAAM,UAAU,eAAe,CAAC,MAAqB;IACnD,OAAO;QACL,IAAI,EAAE,cAAuB;QAC7B,WAAW,EACT,0LAA0L;QAC5L,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC;YACnB,MAAM,EAAE,CAAC;iBACN,MAAM,EAAE;iBACR,QAAQ,EAAE;iBACV,QAAQ,CAAC,2DAA2D,CAAC;SACzE,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,IAAyB,EAAE,EAAE;YAC3C,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,WAAW,EAAE,CAAC;YACxC,IAAI,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;YAE3B,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAO,CAAC,CAAC,CAAC;YACnE,CAAC;YAED,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACzB,OAAO,iCAAiC,CAAC;YAC3C,CAAC;YAED,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CACvB,CAAC,CAAC,EAAE,EAAE,CACJ,KAAK,CAAC,CAAC,IAAI,YAAY,CAAC,CAAC,IAAI,cAAc,CAAC,CAAC,OAAO,cAAc,CAAC,CAAC,UAAU,IAAI,OAAO,GAAG,CAC/F,CAAC;YAEF,OAAO,SAAS,OAAO,CAAC,MAAM,gBAAgB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACnE,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import type { OneClawClient } from "../client.js";
|
|
3
|
+
export declare function listVaultsTool(client: OneClawClient): {
|
|
4
|
+
name: "list_vaults";
|
|
5
|
+
description: string;
|
|
6
|
+
parameters: z.ZodObject<{}, "strip", z.ZodTypeAny, {}, {}>;
|
|
7
|
+
execute: () => Promise<string>;
|
|
8
|
+
};
|
|
9
|
+
//# sourceMappingURL=list_vaults.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"list_vaults.d.ts","sourceRoot":"","sources":["../../src/tools/list_vaults.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAElD,wBAAgB,cAAc,CAAC,MAAM,EAAE,aAAa;;;;;EAsBnD"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
export function listVaultsTool(client) {
|
|
3
|
+
return {
|
|
4
|
+
name: "list_vaults",
|
|
5
|
+
description: "List all vaults accessible to you (both your own and those shared with you). Returns vault IDs, names, and who created them. Use this to discover available vaults before accessing secrets.",
|
|
6
|
+
parameters: z.object({}),
|
|
7
|
+
execute: async () => {
|
|
8
|
+
const data = await client.listVaults();
|
|
9
|
+
const vaults = data.vaults;
|
|
10
|
+
if (vaults.length === 0) {
|
|
11
|
+
return "No vaults found. Create one with create_vault.";
|
|
12
|
+
}
|
|
13
|
+
const lines = vaults.map((v) => `- ${v.name} (id: ${v.id}, created by: ${v.created_by_type}, ${v.created_at})`);
|
|
14
|
+
return `Found ${vaults.length} vault(s):\n${lines.join("\n")}`;
|
|
15
|
+
},
|
|
16
|
+
};
|
|
17
|
+
}
|
|
18
|
+
//# sourceMappingURL=list_vaults.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"list_vaults.js","sourceRoot":"","sources":["../../src/tools/list_vaults.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,MAAM,UAAU,cAAc,CAAC,MAAqB;IAClD,OAAO;QACL,IAAI,EAAE,aAAsB;QAC5B,WAAW,EACT,8LAA8L;QAChM,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,OAAO,EAAE,KAAK,IAAI,EAAE;YAClB,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,UAAU,EAAE,CAAC;YACvC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;YAE3B,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACxB,OAAO,gDAAgD,CAAC;YAC1D,CAAC;YAED,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CACtB,CAAC,CAAC,EAAE,EAAE,CACJ,KAAK,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,EAAE,iBAAiB,CAAC,CAAC,eAAe,KAAK,CAAC,CAAC,UAAU,GAAG,CAClF,CAAC;YAEF,OAAO,SAAS,MAAM,CAAC,MAAM,eAAe,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACjE,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import type { OneClawClient } from "../client.js";
|
|
3
|
+
export declare function putSecretTool(client: OneClawClient): {
|
|
4
|
+
name: "put_secret";
|
|
5
|
+
description: string;
|
|
6
|
+
parameters: z.ZodObject<{
|
|
7
|
+
path: z.ZodString;
|
|
8
|
+
value: z.ZodString;
|
|
9
|
+
type: z.ZodDefault<z.ZodEnum<["api_key", "password", "private_key", "certificate", "file", "note", "ssh_key", "env_bundle"]>>;
|
|
10
|
+
metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
11
|
+
expires_at: z.ZodOptional<z.ZodString>;
|
|
12
|
+
max_access_count: z.ZodOptional<z.ZodNumber>;
|
|
13
|
+
}, "strip", z.ZodTypeAny, {
|
|
14
|
+
value: string;
|
|
15
|
+
path: string;
|
|
16
|
+
type: "api_key" | "password" | "private_key" | "certificate" | "file" | "note" | "ssh_key" | "env_bundle";
|
|
17
|
+
metadata?: Record<string, unknown> | undefined;
|
|
18
|
+
expires_at?: string | undefined;
|
|
19
|
+
max_access_count?: number | undefined;
|
|
20
|
+
}, {
|
|
21
|
+
value: string;
|
|
22
|
+
path: string;
|
|
23
|
+
type?: "api_key" | "password" | "private_key" | "certificate" | "file" | "note" | "ssh_key" | "env_bundle" | undefined;
|
|
24
|
+
metadata?: Record<string, unknown> | undefined;
|
|
25
|
+
expires_at?: string | undefined;
|
|
26
|
+
max_access_count?: number | undefined;
|
|
27
|
+
}>;
|
|
28
|
+
execute: (args: {
|
|
29
|
+
path: string;
|
|
30
|
+
value: string;
|
|
31
|
+
type: string;
|
|
32
|
+
metadata?: Record<string, unknown>;
|
|
33
|
+
expires_at?: string;
|
|
34
|
+
max_access_count?: number;
|
|
35
|
+
}, { log }: {
|
|
36
|
+
log: {
|
|
37
|
+
info: (msg: string) => void;
|
|
38
|
+
};
|
|
39
|
+
}) => Promise<string>;
|
|
40
|
+
};
|
|
41
|
+
//# sourceMappingURL=put_secret.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"put_secret.d.ts","sourceRoot":"","sources":["../../src/tools/put_secret.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAElD,wBAAgB,aAAa,CAAC,MAAM,EAAE,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;oBAiCzB;QACpB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACnC,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,gBAAgB,CAAC,EAAE,MAAM,CAAC;KAC3B,WAAW;QAAE,GAAG,EAAE;YAAE,IAAI,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAA;SAAE,CAAA;KAAE;EAcvD"}
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import { SECRET_TYPES } from "../types.js";
|
|
3
|
+
export function putSecretTool(client) {
|
|
4
|
+
return {
|
|
5
|
+
name: "put_secret",
|
|
6
|
+
description: "Store a new secret or update an existing one in the 1claw vault. Provide the path, value, and type. Each call creates a new version. Supports optional expiry and max access count.",
|
|
7
|
+
parameters: z.object({
|
|
8
|
+
path: z
|
|
9
|
+
.string()
|
|
10
|
+
.min(1)
|
|
11
|
+
.describe("Secret path, e.g. 'api-keys/stripe'"),
|
|
12
|
+
value: z
|
|
13
|
+
.string()
|
|
14
|
+
.min(1)
|
|
15
|
+
.describe("The secret value to store"),
|
|
16
|
+
type: z
|
|
17
|
+
.enum(SECRET_TYPES)
|
|
18
|
+
.default("api_key")
|
|
19
|
+
.describe("Secret type: api_key, password, private_key, certificate, file, note, ssh_key, or env_bundle"),
|
|
20
|
+
metadata: z
|
|
21
|
+
.record(z.unknown())
|
|
22
|
+
.optional()
|
|
23
|
+
.describe("Optional JSON metadata to attach to the secret"),
|
|
24
|
+
expires_at: z
|
|
25
|
+
.string()
|
|
26
|
+
.optional()
|
|
27
|
+
.describe("Optional ISO 8601 expiry datetime (e.g. '2025-12-31T23:59:59Z')"),
|
|
28
|
+
max_access_count: z
|
|
29
|
+
.number()
|
|
30
|
+
.int()
|
|
31
|
+
.positive()
|
|
32
|
+
.optional()
|
|
33
|
+
.describe("Optional maximum number of times the secret can be read before auto-expiring"),
|
|
34
|
+
}),
|
|
35
|
+
execute: async (args, { log }) => {
|
|
36
|
+
const result = await client.putSecret(args.path, {
|
|
37
|
+
value: args.value,
|
|
38
|
+
type: args.type,
|
|
39
|
+
metadata: args.metadata,
|
|
40
|
+
expires_at: args.expires_at,
|
|
41
|
+
max_access_count: args.max_access_count,
|
|
42
|
+
});
|
|
43
|
+
log.info(`secret stored: ${args.path}`);
|
|
44
|
+
return `Secret stored at '${args.path}' (version ${result.version}, type: ${result.type}).`;
|
|
45
|
+
},
|
|
46
|
+
};
|
|
47
|
+
}
|
|
48
|
+
//# sourceMappingURL=put_secret.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"put_secret.js","sourceRoot":"","sources":["../../src/tools/put_secret.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAG3C,MAAM,UAAU,aAAa,CAAC,MAAqB;IACjD,OAAO;QACL,IAAI,EAAE,YAAqB;QAC3B,WAAW,EACT,qLAAqL;QACvL,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC;YACnB,IAAI,EAAE,CAAC;iBACJ,MAAM,EAAE;iBACR,GAAG,CAAC,CAAC,CAAC;iBACN,QAAQ,CAAC,qCAAqC,CAAC;YAClD,KAAK,EAAE,CAAC;iBACL,MAAM,EAAE;iBACR,GAAG,CAAC,CAAC,CAAC;iBACN,QAAQ,CAAC,2BAA2B,CAAC;YACxC,IAAI,EAAE,CAAC;iBACJ,IAAI,CAAC,YAAY,CAAC;iBAClB,OAAO,CAAC,SAAS,CAAC;iBAClB,QAAQ,CAAC,8FAA8F,CAAC;YAC3G,QAAQ,EAAE,CAAC;iBACR,MAAM,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;iBACnB,QAAQ,EAAE;iBACV,QAAQ,CAAC,gDAAgD,CAAC;YAC7D,UAAU,EAAE,CAAC;iBACV,MAAM,EAAE;iBACR,QAAQ,EAAE;iBACV,QAAQ,CAAC,iEAAiE,CAAC;YAC9E,gBAAgB,EAAE,CAAC;iBAChB,MAAM,EAAE;iBACR,GAAG,EAAE;iBACL,QAAQ,EAAE;iBACV,QAAQ,EAAE;iBACV,QAAQ,CAAC,8EAA8E,CAAC;SAC5F,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,IAOf,EAAE,EAAE,GAAG,EAA4C,EAAE,EAAE;YACtD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,EAAE;gBAC/C,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;aACxC,CAAC,CAAC;YAEH,GAAG,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;YAExC,OAAO,qBAAqB,IAAI,CAAC,IAAI,cAAc,MAAM,CAAC,OAAO,WAAW,MAAM,CAAC,IAAI,IAAI,CAAC;QAC9F,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
import type { OneClawClient } from "../client.js";
|
|
3
|
+
export declare function shareSecretTool(client: OneClawClient): {
|
|
4
|
+
name: "share_secret";
|
|
5
|
+
description: string;
|
|
6
|
+
parameters: z.ZodObject<{
|
|
7
|
+
secret_id: z.ZodString;
|
|
8
|
+
recipient_type: z.ZodEnum<["user", "agent", "anyone_with_link"]>;
|
|
9
|
+
recipient_id: z.ZodOptional<z.ZodString>;
|
|
10
|
+
expires_at: z.ZodString;
|
|
11
|
+
max_access_count: z.ZodDefault<z.ZodNumber>;
|
|
12
|
+
}, "strip", z.ZodTypeAny, {
|
|
13
|
+
expires_at: string;
|
|
14
|
+
max_access_count: number;
|
|
15
|
+
secret_id: string;
|
|
16
|
+
recipient_type: "user" | "agent" | "anyone_with_link";
|
|
17
|
+
recipient_id?: string | undefined;
|
|
18
|
+
}, {
|
|
19
|
+
expires_at: string;
|
|
20
|
+
secret_id: string;
|
|
21
|
+
recipient_type: "user" | "agent" | "anyone_with_link";
|
|
22
|
+
max_access_count?: number | undefined;
|
|
23
|
+
recipient_id?: string | undefined;
|
|
24
|
+
}>;
|
|
25
|
+
execute: (args: {
|
|
26
|
+
secret_id: string;
|
|
27
|
+
recipient_type: "user" | "agent" | "anyone_with_link";
|
|
28
|
+
recipient_id?: string;
|
|
29
|
+
expires_at: string;
|
|
30
|
+
max_access_count: number;
|
|
31
|
+
}) => Promise<string>;
|
|
32
|
+
};
|
|
33
|
+
//# sourceMappingURL=share_secret.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"share_secret.d.ts","sourceRoot":"","sources":["../../src/tools/share_secret.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAElD,wBAAgB,eAAe,CAAC,MAAM,EAAE,aAAa;;;;;;;;;;;;;;;;;;;;;;oBA+B3B;QACpB,SAAS,EAAE,MAAM,CAAC;QAClB,cAAc,EAAE,MAAM,GAAG,OAAO,GAAG,kBAAkB,CAAC;QACtD,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,UAAU,EAAE,MAAM,CAAC;QACnB,gBAAgB,EAAE,MAAM,CAAC;KAC1B;EAyBJ"}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
import { z } from "zod";
|
|
2
|
+
export function shareSecretTool(client) {
|
|
3
|
+
return {
|
|
4
|
+
name: "share_secret",
|
|
5
|
+
description: "Share a specific secret with a user or agent by their ID, or create " +
|
|
6
|
+
"an open share link (anyone_with_link). Agents cannot create email-based shares — " +
|
|
7
|
+
"only human users can share via email from the dashboard. " +
|
|
8
|
+
"For vault-wide access, use grant_access instead.",
|
|
9
|
+
parameters: z.object({
|
|
10
|
+
secret_id: z
|
|
11
|
+
.string()
|
|
12
|
+
.uuid()
|
|
13
|
+
.describe("UUID of the secret entry to share"),
|
|
14
|
+
recipient_type: z
|
|
15
|
+
.enum(["user", "agent", "anyone_with_link"])
|
|
16
|
+
.describe("Type of recipient: user, agent, or anyone_with_link"),
|
|
17
|
+
recipient_id: z
|
|
18
|
+
.string()
|
|
19
|
+
.uuid()
|
|
20
|
+
.optional()
|
|
21
|
+
.describe("UUID of the recipient user or agent (required for user/agent types)"),
|
|
22
|
+
expires_at: z
|
|
23
|
+
.string()
|
|
24
|
+
.describe("ISO-8601 expiry date (e.g. '2026-12-31T00:00:00Z')"),
|
|
25
|
+
max_access_count: z
|
|
26
|
+
.number()
|
|
27
|
+
.int()
|
|
28
|
+
.positive()
|
|
29
|
+
.default(5)
|
|
30
|
+
.describe("Max number of times the secret can be accessed (default: 5)"),
|
|
31
|
+
}),
|
|
32
|
+
execute: async (args) => {
|
|
33
|
+
if ((args.recipient_type === "user" || args.recipient_type === "agent") &&
|
|
34
|
+
!args.recipient_id) {
|
|
35
|
+
return `Error: recipient_id is required when sharing with a ${args.recipient_type}.`;
|
|
36
|
+
}
|
|
37
|
+
const share = await client.shareSecret(args.secret_id, {
|
|
38
|
+
recipient_type: args.recipient_type,
|
|
39
|
+
recipient_id: args.recipient_id,
|
|
40
|
+
expires_at: args.expires_at,
|
|
41
|
+
max_access_count: args.max_access_count,
|
|
42
|
+
});
|
|
43
|
+
return (`Secret shared successfully.\n` +
|
|
44
|
+
` Share ID: ${share.id}\n` +
|
|
45
|
+
` Recipient: ${args.recipient_type}${args.recipient_id ? ` (${args.recipient_id})` : ""}\n` +
|
|
46
|
+
` Expires: ${share.expires_at}\n` +
|
|
47
|
+
` Max accesses: ${share.max_access_count}\n` +
|
|
48
|
+
` URL: ${share.share_url}\n\n` +
|
|
49
|
+
`The recipient must accept the share before they can access the secret.`);
|
|
50
|
+
},
|
|
51
|
+
};
|
|
52
|
+
}
|
|
53
|
+
//# sourceMappingURL=share_secret.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"share_secret.js","sourceRoot":"","sources":["../../src/tools/share_secret.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,MAAM,UAAU,eAAe,CAAC,MAAqB;IACnD,OAAO;QACL,IAAI,EAAE,cAAuB;QAC7B,WAAW,EACT,sEAAsE;YACtE,mFAAmF;YACnF,2DAA2D;YAC3D,kDAAkD;QACpD,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC;YACnB,SAAS,EAAE,CAAC;iBACT,MAAM,EAAE;iBACR,IAAI,EAAE;iBACN,QAAQ,CAAC,mCAAmC,CAAC;YAChD,cAAc,EAAE,CAAC;iBACd,IAAI,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,kBAAkB,CAAC,CAAC;iBAC3C,QAAQ,CAAC,qDAAqD,CAAC;YAClE,YAAY,EAAE,CAAC;iBACZ,MAAM,EAAE;iBACR,IAAI,EAAE;iBACN,QAAQ,EAAE;iBACV,QAAQ,CAAC,qEAAqE,CAAC;YAClF,UAAU,EAAE,CAAC;iBACV,MAAM,EAAE;iBACR,QAAQ,CAAC,oDAAoD,CAAC;YACjE,gBAAgB,EAAE,CAAC;iBAChB,MAAM,EAAE;iBACR,GAAG,EAAE;iBACL,QAAQ,EAAE;iBACV,OAAO,CAAC,CAAC,CAAC;iBACV,QAAQ,CAAC,6DAA6D,CAAC;SAC3E,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,IAMf,EAAE,EAAE;YACH,IACE,CAAC,IAAI,CAAC,cAAc,KAAK,MAAM,IAAI,IAAI,CAAC,cAAc,KAAK,OAAO,CAAC;gBACnE,CAAC,IAAI,CAAC,YAAY,EAClB,CAAC;gBACD,OAAO,uDAAuD,IAAI,CAAC,cAAc,GAAG,CAAC;YACvF,CAAC;YAED,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE;gBACrD,cAAc,EAAE,IAAI,CAAC,cAAc;gBACnC,YAAY,EAAE,IAAI,CAAC,YAAY;gBAC/B,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;aACxC,CAAC,CAAC;YACH,OAAO,CACL,+BAA+B;gBAC/B,eAAe,KAAK,CAAC,EAAE,IAAI;gBAC3B,gBAAgB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC,CAAC,EAAE,IAAI;gBAC5F,cAAc,KAAK,CAAC,UAAU,IAAI;gBAClC,mBAAmB,KAAK,CAAC,gBAAgB,IAAI;gBAC7C,UAAU,KAAK,CAAC,SAAS,MAAM;gBAC/B,wEAAwE,CACzE,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC"}
|
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
export declare const SECRET_TYPES: readonly ["api_key", "password", "private_key", "certificate", "file", "note", "ssh_key", "env_bundle"];
|
|
2
|
+
export type SecretType = (typeof SECRET_TYPES)[number];
|
|
3
|
+
export interface SecretMetadata {
|
|
4
|
+
id: string;
|
|
5
|
+
path: string;
|
|
6
|
+
type: SecretType;
|
|
7
|
+
version: number;
|
|
8
|
+
metadata: Record<string, unknown>;
|
|
9
|
+
created_at: string;
|
|
10
|
+
expires_at: string | null;
|
|
11
|
+
}
|
|
12
|
+
export interface SecretWithValue extends SecretMetadata {
|
|
13
|
+
value: string;
|
|
14
|
+
}
|
|
15
|
+
export interface SecretListResponse {
|
|
16
|
+
secrets: SecretMetadata[];
|
|
17
|
+
}
|
|
18
|
+
export interface VaultResponse {
|
|
19
|
+
id: string;
|
|
20
|
+
name: string;
|
|
21
|
+
description: string;
|
|
22
|
+
created_by: string;
|
|
23
|
+
created_by_type: string;
|
|
24
|
+
created_at: string;
|
|
25
|
+
}
|
|
26
|
+
export interface VaultListResponse {
|
|
27
|
+
vaults: VaultResponse[];
|
|
28
|
+
}
|
|
29
|
+
export interface PolicyResponse {
|
|
30
|
+
id: string;
|
|
31
|
+
vault_id: string;
|
|
32
|
+
secret_path_pattern: string;
|
|
33
|
+
principal_type: string;
|
|
34
|
+
principal_id: string;
|
|
35
|
+
permissions: string[];
|
|
36
|
+
conditions: Record<string, unknown>;
|
|
37
|
+
expires_at: string | null;
|
|
38
|
+
created_by: string;
|
|
39
|
+
created_by_type: string;
|
|
40
|
+
created_at: string;
|
|
41
|
+
}
|
|
42
|
+
export interface ShareLinkResponse {
|
|
43
|
+
id: string;
|
|
44
|
+
share_url: string;
|
|
45
|
+
recipient_type: string;
|
|
46
|
+
recipient_email?: string;
|
|
47
|
+
expires_at: string;
|
|
48
|
+
max_access_count: number;
|
|
49
|
+
}
|
|
50
|
+
export interface ApiErrorBody {
|
|
51
|
+
type: string;
|
|
52
|
+
title: string;
|
|
53
|
+
status: number;
|
|
54
|
+
detail: string;
|
|
55
|
+
}
|
|
56
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,YAAY,yGASf,CAAC;AAEX,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC;AAEvD,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,UAAU,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAED,MAAM,WAAW,eAAgB,SAAQ,cAAc;IACrD,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,cAAc,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,aAAa,EAAE,CAAC;CACzB;AAED,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACpC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;CAChB"}
|
package/dist/types.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,SAAS;IACT,UAAU;IACV,aAAa;IACb,aAAa;IACb,MAAM;IACN,MAAM;IACN,SAAS;IACT,YAAY;CACJ,CAAC"}
|
package/package.json
ADDED
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@1claw/mcp",
|
|
3
|
+
"version": "0.1.0",
|
|
4
|
+
"description": "MCP server for the 1claw secrets vault — lets AI agents fetch, store, and manage secrets at runtime",
|
|
5
|
+
"type": "module",
|
|
6
|
+
"main": "dist/index.js",
|
|
7
|
+
"types": "dist/index.d.ts",
|
|
8
|
+
"bin": {
|
|
9
|
+
"1claw-mcp": "dist/index.js"
|
|
10
|
+
},
|
|
11
|
+
"files": [
|
|
12
|
+
"dist",
|
|
13
|
+
"README.md",
|
|
14
|
+
"LICENSE"
|
|
15
|
+
],
|
|
16
|
+
"scripts": {
|
|
17
|
+
"build": "tsc",
|
|
18
|
+
"prepublishOnly": "npm run build",
|
|
19
|
+
"dev": "npx fastmcp dev src/index.ts",
|
|
20
|
+
"inspect": "npx fastmcp inspect src/index.ts",
|
|
21
|
+
"start": "node dist/index.js"
|
|
22
|
+
},
|
|
23
|
+
"keywords": [
|
|
24
|
+
"mcp",
|
|
25
|
+
"secrets",
|
|
26
|
+
"vault",
|
|
27
|
+
"ai-agents",
|
|
28
|
+
"hsm",
|
|
29
|
+
"1claw"
|
|
30
|
+
],
|
|
31
|
+
"repository": {
|
|
32
|
+
"type": "git",
|
|
33
|
+
"url": "https://github.com/1clawAI/1claw-mcp.git"
|
|
34
|
+
},
|
|
35
|
+
"homepage": "https://1claw.xyz",
|
|
36
|
+
"license": "SEE LICENSE IN LICENSE",
|
|
37
|
+
"dependencies": {
|
|
38
|
+
"fastmcp": "^3.33.0",
|
|
39
|
+
"zod": "^3.24.0"
|
|
40
|
+
},
|
|
41
|
+
"devDependencies": {
|
|
42
|
+
"@types/node": "^20.0.0",
|
|
43
|
+
"typescript": "^5.5.0"
|
|
44
|
+
},
|
|
45
|
+
"engines": {
|
|
46
|
+
"node": ">=20.0.0"
|
|
47
|
+
}
|
|
48
|
+
}
|