@agent-lint/mcp 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +39 -27
- package/dist/bin.d.ts +3 -0
- package/dist/bin.d.ts.map +1 -0
- package/dist/bin.js +1 -1
- package/dist/{chunk-VAI3GWJA.js → chunk-ZYDIOQXE.js} +263 -209
- package/dist/chunk-ZYDIOQXE.js.map +1 -0
- package/dist/http-security.d.ts +73 -0
- package/dist/http-security.d.ts.map +1 -0
- package/dist/http.d.ts +35 -0
- package/dist/http.d.ts.map +1 -0
- package/dist/index.d.ts +9 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +1 -1
- package/dist/logger.d.ts +4 -0
- package/dist/logger.d.ts.map +1 -0
- package/dist/prompts/register-prompts.d.ts +3 -0
- package/dist/prompts/register-prompts.d.ts.map +1 -0
- package/dist/resources/register-resources.d.ts +3 -0
- package/dist/resources/register-resources.d.ts.map +1 -0
- package/dist/server.d.ts +12 -0
- package/dist/server.d.ts.map +1 -0
- package/dist/stdio.d.ts +2 -0
- package/dist/stdio.d.ts.map +1 -0
- package/dist/tools/emit-maintenance-snippet.d.ts +3 -0
- package/dist/tools/emit-maintenance-snippet.d.ts.map +1 -0
- package/dist/tools/get-guidelines.d.ts +3 -0
- package/dist/tools/get-guidelines.d.ts.map +1 -0
- package/dist/tools/index.d.ts +6 -0
- package/dist/tools/index.d.ts.map +1 -0
- package/dist/tools/plan-workspace-autofix.d.ts +6 -0
- package/dist/tools/plan-workspace-autofix.d.ts.map +1 -0
- package/dist/tools/quick-check.d.ts +3 -0
- package/dist/tools/quick-check.d.ts.map +1 -0
- package/dist/tools/schema-compat.d.ts +13 -0
- package/dist/tools/schema-compat.d.ts.map +1 -0
- package/dist/tools/tool-result.d.ts +4 -0
- package/dist/tools/tool-result.d.ts.map +1 -0
- package/dist/transport-security.d.ts +51 -0
- package/dist/transport-security.d.ts.map +1 -0
- package/package.json +6 -3
- package/dist/chunk-VAI3GWJA.js.map +0 -1
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* HTTP transport security utilities.
|
|
3
|
+
*
|
|
4
|
+
* - Origin/Host validation (DNS rebinding protection)
|
|
5
|
+
* - CORS preflight handling
|
|
6
|
+
* - Bearer token authentication (optional)
|
|
7
|
+
* - Simple in-memory rate limiting
|
|
8
|
+
*
|
|
9
|
+
* @module
|
|
10
|
+
*/
|
|
11
|
+
import type { IncomingMessage, ServerResponse } from "node:http";
|
|
12
|
+
export interface HttpSecurityOptions {
|
|
13
|
+
/**
|
|
14
|
+
* Allowed origins for CORS and DNS rebinding protection.
|
|
15
|
+
* Default: ["http://localhost", "http://127.0.0.1"] + any port variants.
|
|
16
|
+
*/
|
|
17
|
+
allowedOrigins?: string[];
|
|
18
|
+
/**
|
|
19
|
+
* Allowed host header values.
|
|
20
|
+
* Default: ["localhost", "127.0.0.1", "[::1]"] + any port variants.
|
|
21
|
+
*/
|
|
22
|
+
allowedHosts?: string[];
|
|
23
|
+
/**
|
|
24
|
+
* Optional bearer token for authentication.
|
|
25
|
+
* If set, all requests must include `Authorization: Bearer <token>`.
|
|
26
|
+
* Read from MCP_AUTH_TOKEN env var if not provided.
|
|
27
|
+
*/
|
|
28
|
+
authToken?: string;
|
|
29
|
+
/**
|
|
30
|
+
* Rate limit: max requests per window per IP.
|
|
31
|
+
* Default: 100 requests per 60 seconds.
|
|
32
|
+
*/
|
|
33
|
+
rateLimitMax?: number;
|
|
34
|
+
/**
|
|
35
|
+
* Rate limit window in milliseconds.
|
|
36
|
+
* Default: 60_000 (60 seconds).
|
|
37
|
+
*/
|
|
38
|
+
rateLimitWindowMs?: number;
|
|
39
|
+
/**
|
|
40
|
+
* Enable strict origin checking. When true, requests without
|
|
41
|
+
* a valid Origin header are rejected (except health checks).
|
|
42
|
+
* Default: true.
|
|
43
|
+
*/
|
|
44
|
+
strictOriginCheck?: boolean;
|
|
45
|
+
}
|
|
46
|
+
export declare function startRateLimitCleanup(): void;
|
|
47
|
+
export declare function stopRateLimitCleanup(): void;
|
|
48
|
+
export declare function setCorsHeaders(res: ServerResponse, origin: string | undefined, allowedOrigins: string[]): void;
|
|
49
|
+
export declare function handleCorsPreflightIfNeeded(req: IncomingMessage, res: ServerResponse, allowedOrigins: string[]): boolean;
|
|
50
|
+
export interface HttpSecurityContext {
|
|
51
|
+
allowedOrigins: string[];
|
|
52
|
+
allowedHosts: string[];
|
|
53
|
+
authToken: string | undefined;
|
|
54
|
+
rateLimitMax: number;
|
|
55
|
+
rateLimitWindowMs: number;
|
|
56
|
+
strictOriginCheck: boolean;
|
|
57
|
+
}
|
|
58
|
+
export declare function createSecurityContext(options?: HttpSecurityOptions): HttpSecurityContext;
|
|
59
|
+
/**
|
|
60
|
+
* Validates an incoming HTTP request against security rules.
|
|
61
|
+
* Returns an error message string if the request should be rejected, or undefined if OK.
|
|
62
|
+
*/
|
|
63
|
+
export declare function validateRequest(req: IncomingMessage, ctx: HttpSecurityContext, skipOriginCheck?: boolean): string | undefined;
|
|
64
|
+
/**
|
|
65
|
+
* Send a JSON error response.
|
|
66
|
+
*/
|
|
67
|
+
export declare function sendJsonError(res: ServerResponse, statusCode: number, message: string, jsonrpcId?: unknown): void;
|
|
68
|
+
/**
|
|
69
|
+
* Parse JSON body from an IncomingMessage.
|
|
70
|
+
* Returns the parsed body, or undefined if parsing fails.
|
|
71
|
+
*/
|
|
72
|
+
export declare function parseJsonBody(req: IncomingMessage): Promise<unknown>;
|
|
73
|
+
//# sourceMappingURL=http-security.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"http-security.d.ts","sourceRoot":"","sources":["../src/http-security.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAOjE,MAAM,WAAW,mBAAmB;IAClC;;;OAGG;IACH,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAE1B;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IAExB;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;;;OAIG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;CAC7B;AAsED,wBAAgB,qBAAqB,IAAI,IAAI,CAY5C;AAED,wBAAgB,oBAAoB,IAAI,IAAI,CAM3C;AAwCD,wBAAgB,cAAc,CAC5B,GAAG,EAAE,cAAc,EACnB,MAAM,EAAE,MAAM,GAAG,SAAS,EAC1B,cAAc,EAAE,MAAM,EAAE,GACvB,IAAI,CAYN;AAED,wBAAgB,2BAA2B,CACzC,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,cAAc,EAAE,MAAM,EAAE,GACvB,OAAO,CAOT;AAMD,MAAM,WAAW,mBAAmB;IAClC,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,OAAO,CAAC;CAC5B;AAED,wBAAgB,qBAAqB,CAAC,OAAO,GAAE,mBAAwB,GAAG,mBAAmB,CAS5F;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAC7B,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,mBAAmB,EACxB,eAAe,UAAQ,GACtB,MAAM,GAAG,SAAS,CAoCpB;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,GAAG,EAAE,cAAc,EACnB,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,EACf,SAAS,CAAC,EAAE,OAAO,GAClB,IAAI,CAWN;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,CA+BpE"}
|
package/dist/http.d.ts
ADDED
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* HTTP transport for AgentLint MCP server.
|
|
3
|
+
*
|
|
4
|
+
* Uses Node.js native `http` module with `StreamableHTTPServerTransport`
|
|
5
|
+
* from the MCP SDK. No express, no extra dependencies.
|
|
6
|
+
*
|
|
7
|
+
* Features:
|
|
8
|
+
* - Stateful session management via Map<sessionId, transport>
|
|
9
|
+
* - POST/GET/DELETE /mcp → StreamableHTTPServerTransport.handleRequest()
|
|
10
|
+
* - GET /healthz → liveness probe
|
|
11
|
+
* - GET /readyz → readiness probe with session count
|
|
12
|
+
* - Full security middleware integration (CORS, auth, rate limiting, origin/host validation)
|
|
13
|
+
* - Graceful shutdown (SIGINT/SIGTERM)
|
|
14
|
+
*
|
|
15
|
+
* apply_patches is disabled in HTTP mode per great_plan.md §1.3.
|
|
16
|
+
*
|
|
17
|
+
* @module
|
|
18
|
+
*/
|
|
19
|
+
import { type Server } from "node:http";
|
|
20
|
+
import { type HttpSecurityOptions } from "./http-security.js";
|
|
21
|
+
export interface HttpServerOptions {
|
|
22
|
+
/** TCP port. Default: 3001 or MCP_HTTP_PORT env var. */
|
|
23
|
+
port?: number;
|
|
24
|
+
/** Hostname to bind. Default: "127.0.0.1" (loopback only for safety). */
|
|
25
|
+
hostname?: string;
|
|
26
|
+
/** Security options forwarded to createSecurityContext(). */
|
|
27
|
+
security?: HttpSecurityOptions;
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* Creates and starts the AgentLint MCP HTTP server.
|
|
31
|
+
*
|
|
32
|
+
* Returns the Node.js `http.Server` instance for programmatic control.
|
|
33
|
+
*/
|
|
34
|
+
export declare function runHttpServer(options?: HttpServerOptions): Promise<Server>;
|
|
35
|
+
//# sourceMappingURL=http.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../src/http.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAA2D,KAAK,MAAM,EAAE,MAAM,WAAW,CAAC;AASjG,OAAO,EASL,KAAK,mBAAmB,EACzB,MAAM,oBAAoB,CAAC;AAM5B,MAAM,WAAW,iBAAiB;IAChC,wDAAwD;IACxD,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd,yEAAyE;IACzE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,6DAA6D;IAC7D,QAAQ,CAAC,EAAE,mBAAmB,CAAC;CAChC;AA2HD;;;;GAIG;AACH,wBAAsB,aAAa,CAAC,OAAO,GAAE,iBAAsB,GAAG,OAAO,CAAC,MAAM,CAAC,CA8HpF"}
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
export { createAgentLintMcpServer, DEFAULT_MCP_SERVER_NAME, type AgentLintTransportMode, type CreateAgentLintMcpServerOptions, } from "./server.js";
|
|
2
|
+
export { runStdioServer } from "./stdio.js";
|
|
3
|
+
export { runHttpServer, type HttpServerOptions } from "./http.js";
|
|
4
|
+
export { createSecurityContext, validateRequest, setCorsHeaders, handleCorsPreflightIfNeeded, sendJsonError, parseJsonBody, startRateLimitCleanup, stopRateLimitCleanup, type HttpSecurityOptions, type HttpSecurityContext, } from "./http-security.js";
|
|
5
|
+
export { registerAgentLintTools, type RegisterAgentLintToolsOptions, } from "./tools/index.js";
|
|
6
|
+
export { registerAgentLintResources } from "./resources/register-resources.js";
|
|
7
|
+
export { registerAgentLintPrompts } from "./prompts/register-prompts.js";
|
|
8
|
+
export { applyMessageSizeGuard, withToolTimeout, getToolTimeout, ToolTimeoutError, TOOL_TIMEOUTS, MAX_JSONRPC_MESSAGE_BYTES, DEFAULT_TOOL_TIMEOUT_MS, } from "./transport-security.js";
|
|
9
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,wBAAwB,EACxB,uBAAuB,EACvB,KAAK,sBAAsB,EAC3B,KAAK,+BAA+B,GACrC,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAE5C,OAAO,EAAE,aAAa,EAAE,KAAK,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAElE,OAAO,EACL,qBAAqB,EACrB,eAAe,EACf,cAAc,EACd,2BAA2B,EAC3B,aAAa,EACb,aAAa,EACb,qBAAqB,EACrB,oBAAoB,EACpB,KAAK,mBAAmB,EACxB,KAAK,mBAAmB,GACzB,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EACL,sBAAsB,EACtB,KAAK,6BAA6B,GACnC,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EAAE,0BAA0B,EAAE,MAAM,mCAAmC,CAAC;AAC/E,OAAO,EAAE,wBAAwB,EAAE,MAAM,+BAA+B,CAAC;AACzE,OAAO,EACL,qBAAqB,EACrB,eAAe,EACf,cAAc,EACd,gBAAgB,EAChB,aAAa,EACb,yBAAyB,EACzB,uBAAuB,GACxB,MAAM,yBAAyB,CAAC"}
|
package/dist/index.js
CHANGED
package/dist/logger.d.ts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"logger.d.ts","sourceRoot":"","sources":["../src/logger.ts"],"names":[],"mappings":"AAAA,KAAK,WAAW,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;AAE7C,wBAAgB,MAAM,CAAC,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,GAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAM,GAAG,IAAI,CASpG"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"register-prompts.d.ts","sourceRoot":"","sources":["../../src/prompts/register-prompts.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAEzE,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,SAAS,GAAG,IAAI,CAGjE"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"register-resources.d.ts","sourceRoot":"","sources":["../../src/resources/register-resources.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAoB,MAAM,yCAAyC,CAAC;AAkCtF,wBAAgB,0BAA0B,CAAC,MAAM,EAAE,SAAS,GAAG,IAAI,CAyGlE"}
|
package/dist/server.d.ts
ADDED
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
|
|
2
|
+
export declare const DEFAULT_MCP_SERVER_NAME = "agentlint";
|
|
3
|
+
export type AgentLintTransportMode = "stdio" | "http";
|
|
4
|
+
export type CreateAgentLintMcpServerOptions = {
|
|
5
|
+
name?: string;
|
|
6
|
+
version?: string;
|
|
7
|
+
instructions?: string;
|
|
8
|
+
transportMode?: AgentLintTransportMode;
|
|
9
|
+
enableWorkspaceScan?: boolean;
|
|
10
|
+
};
|
|
11
|
+
export declare function createAgentLintMcpServer(options?: CreateAgentLintMcpServerOptions): McpServer;
|
|
12
|
+
//# sourceMappingURL=server.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAMpE,eAAO,MAAM,uBAAuB,cAAc,CAAC;AAanD,MAAM,MAAM,sBAAsB,GAAG,OAAO,GAAG,MAAM,CAAC;AAEtD,MAAM,MAAM,+BAA+B,GAAG;IAC5C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,sBAAsB,CAAC;IACvC,mBAAmB,CAAC,EAAE,OAAO,CAAC;CAC/B,CAAC;AAkCF,wBAAgB,wBAAwB,CACtC,OAAO,GAAE,+BAAoC,GAC5C,SAAS,CA4BX"}
|
package/dist/stdio.d.ts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"stdio.d.ts","sourceRoot":"","sources":["../src/stdio.ts"],"names":[],"mappings":"AAKA,wBAAsB,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC,CA0BpD"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"emit-maintenance-snippet.d.ts","sourceRoot":"","sources":["../../src/tools/emit-maintenance-snippet.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAQzE,wBAAgB,kCAAkC,CAAC,MAAM,EAAE,SAAS,GAAG,IAAI,CA4B1E"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"get-guidelines.d.ts","sourceRoot":"","sources":["../../src/tools/get-guidelines.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAQzE,wBAAgB,yBAAyB,CAAC,MAAM,EAAE,SAAS,GAAG,IAAI,CA0BjE"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
|
|
2
|
+
export type RegisterAgentLintToolsOptions = {
|
|
3
|
+
enableWorkspaceScan: boolean;
|
|
4
|
+
};
|
|
5
|
+
export declare function registerAgentLintTools(server: McpServer, options: RegisterAgentLintToolsOptions): void;
|
|
6
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/tools/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAOzE,MAAM,MAAM,6BAA6B,GAAG;IAC1C,mBAAmB,EAAE,OAAO,CAAC;CAC9B,CAAC;AAEF,wBAAgB,sBAAsB,CACpC,MAAM,EAAE,SAAS,EACjB,OAAO,EAAE,6BAA6B,GACrC,IAAI,CAKN"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
|
|
2
|
+
export type RegisterPlanWorkspaceAutofixToolOptions = {
|
|
3
|
+
enabled: boolean;
|
|
4
|
+
};
|
|
5
|
+
export declare function registerPlanWorkspaceAutofixTool(server: McpServer, options: RegisterPlanWorkspaceAutofixToolOptions): void;
|
|
6
|
+
//# sourceMappingURL=plan-workspace-autofix.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"plan-workspace-autofix.d.ts","sourceRoot":"","sources":["../../src/tools/plan-workspace-autofix.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAQzE,MAAM,MAAM,uCAAuC,GAAG;IACpD,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,wBAAgB,gCAAgC,CAC9C,MAAM,EAAE,SAAS,EACjB,OAAO,EAAE,uCAAuC,GAC/C,IAAI,CAgCN"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"quick-check.d.ts","sourceRoot":"","sources":["../../src/tools/quick-check.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAQzE,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,SAAS,GAAG,IAAI,CA2B9D"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
|
|
2
|
+
type ToolConfig = Parameters<McpServer["registerTool"]>[1];
|
|
3
|
+
type ToolHandler = Parameters<McpServer["registerTool"]>[2];
|
|
4
|
+
type PromptConfig = Parameters<McpServer["registerPrompt"]>[1];
|
|
5
|
+
type PromptHandler = Parameters<McpServer["registerPrompt"]>[2];
|
|
6
|
+
export type CompatibleInputSchema = NonNullable<ToolConfig["inputSchema"]>;
|
|
7
|
+
export type CompatiblePromptArgsSchema = NonNullable<PromptConfig["argsSchema"]>;
|
|
8
|
+
export declare function asInputSchema<T>(schema: T): CompatibleInputSchema;
|
|
9
|
+
export declare function asToolHandler<T>(handler: T): ToolHandler;
|
|
10
|
+
export declare function asPromptArgsSchema<T>(schema: T): CompatiblePromptArgsSchema;
|
|
11
|
+
export declare function asPromptHandler<T>(handler: T): PromptHandler;
|
|
12
|
+
export {};
|
|
13
|
+
//# sourceMappingURL=schema-compat.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"schema-compat.d.ts","sourceRoot":"","sources":["../../src/tools/schema-compat.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAEzE,KAAK,UAAU,GAAG,UAAU,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC3D,KAAK,WAAW,GAAG,UAAU,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAE5D,KAAK,YAAY,GAAG,UAAU,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC/D,KAAK,aAAa,GAAG,UAAU,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAEhE,MAAM,MAAM,qBAAqB,GAAG,WAAW,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC;AAC3E,MAAM,MAAM,0BAA0B,GAAG,WAAW,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC,CAAC;AAEjF,wBAAgB,aAAa,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,GAAG,qBAAqB,CAEjE;AAED,wBAAgB,aAAa,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,GAAG,WAAW,CAExD;AAED,wBAAgB,kBAAkB,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,GAAG,0BAA0B,CAE3E;AAED,wBAAgB,eAAe,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,GAAG,aAAa,CAE5D"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tool-result.d.ts","sourceRoot":"","sources":["../../src/tools/tool-result.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AAEzE,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,cAAc,CASjE;AAED,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,cAAc,CAU7D"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Transport security utilities for MCP server.
|
|
3
|
+
*
|
|
4
|
+
* - Message size limiting for JSON-RPC transport
|
|
5
|
+
* - Tool execution timeout wrapper
|
|
6
|
+
*
|
|
7
|
+
* @module
|
|
8
|
+
*/
|
|
9
|
+
import type { Transport } from "@modelcontextprotocol/sdk/shared/transport.js";
|
|
10
|
+
/**
|
|
11
|
+
* Maximum allowed JSON-RPC message size in bytes (10 MB).
|
|
12
|
+
* Prevents memory exhaustion from oversized payloads.
|
|
13
|
+
*/
|
|
14
|
+
export declare const MAX_JSONRPC_MESSAGE_BYTES: number;
|
|
15
|
+
/**
|
|
16
|
+
* Per-tool timeout values in milliseconds, from dos_and_donts.md.
|
|
17
|
+
*/
|
|
18
|
+
export declare const TOOL_TIMEOUTS: Record<string, number>;
|
|
19
|
+
/** Default timeout for unknown tools: 30 seconds */
|
|
20
|
+
export declare const DEFAULT_TOOL_TIMEOUT_MS = 30000;
|
|
21
|
+
/**
|
|
22
|
+
* Wraps a Transport's `onmessage` callback so that oversized messages are
|
|
23
|
+
* rejected before reaching the MCP server's handler. The message is serialized
|
|
24
|
+
* to JSON to compute its byte length — the same representation that travels
|
|
25
|
+
* over stdio.
|
|
26
|
+
*
|
|
27
|
+
* Non-destructive: the original transport is returned (mutated in-place for
|
|
28
|
+
* the `onmessage` wrapper). All other methods are untouched.
|
|
29
|
+
*/
|
|
30
|
+
export declare function applyMessageSizeGuard<T extends Transport>(transport: T, maxBytes?: number): T;
|
|
31
|
+
/**
|
|
32
|
+
* Error subclass for tool execution timeouts.
|
|
33
|
+
*/
|
|
34
|
+
export declare class ToolTimeoutError extends Error {
|
|
35
|
+
readonly toolName: string;
|
|
36
|
+
readonly timeoutMs: number;
|
|
37
|
+
constructor(toolName: string, timeoutMs: number);
|
|
38
|
+
}
|
|
39
|
+
/**
|
|
40
|
+
* Returns the configured timeout for a given tool name.
|
|
41
|
+
*/
|
|
42
|
+
export declare function getToolTimeout(toolName: string): number;
|
|
43
|
+
/**
|
|
44
|
+
* Wraps an async function with a timeout. If the function does not resolve
|
|
45
|
+
* within `timeoutMs`, a `ToolTimeoutError` is thrown.
|
|
46
|
+
*
|
|
47
|
+
* Uses `AbortSignal.timeout()` where available (Node 18+), with a
|
|
48
|
+
* `setTimeout` fallback.
|
|
49
|
+
*/
|
|
50
|
+
export declare function withToolTimeout<T>(toolName: string, fn: () => Promise<T>, timeoutMs?: number): Promise<T>;
|
|
51
|
+
//# sourceMappingURL=transport-security.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"transport-security.d.ts","sourceRoot":"","sources":["../src/transport-security.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,+CAA+C,CAAC;AAQ/E;;;GAGG;AACH,eAAO,MAAM,yBAAyB,QAAmB,CAAC;AAE1D;;GAEG;AACH,eAAO,MAAM,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAUhD,CAAC;AAEF,oDAAoD;AACpD,eAAO,MAAM,uBAAuB,QAAS,CAAC;AAM9C;;;;;;;;GAQG;AACH,wBAAgB,qBAAqB,CAAC,CAAC,SAAS,SAAS,EACvD,SAAS,EAAE,CAAC,EACZ,QAAQ,GAAE,MAAkC,GAC3C,CAAC,CAwCH;AAMD;;GAEG;AACH,qBAAa,gBAAiB,SAAQ,KAAK;IACzC,SAAgB,QAAQ,EAAE,MAAM,CAAC;IACjC,SAAgB,SAAS,EAAE,MAAM,CAAC;gBAEtB,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;CAMhD;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAEvD;AAED;;;;;;GAMG;AACH,wBAAsB,eAAe,CAAC,CAAC,EACrC,QAAQ,EAAE,MAAM,EAChB,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACpB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,CAAC,CAAC,CA+BZ"}
|
package/package.json
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@agent-lint/mcp",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.3.0",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"license": "MIT",
|
|
6
|
-
"description": "MCP server for AI agent context artifact orchestration.
|
|
6
|
+
"description": "MCP server for AI agent context artifact orchestration. Guidelines, workspace scanning, and maintenance rules for AGENTS.md, skills, rules, workflows, and plans. No LLM, no database.",
|
|
7
7
|
"author": "Agent Lint Contributors",
|
|
8
8
|
"repository": {
|
|
9
9
|
"type": "git",
|
|
@@ -41,9 +41,12 @@
|
|
|
41
41
|
"engines": {
|
|
42
42
|
"node": ">=18"
|
|
43
43
|
},
|
|
44
|
+
"publishConfig": {
|
|
45
|
+
"access": "public",
|
|
46
|
+
"provenance": true
|
|
47
|
+
},
|
|
44
48
|
"scripts": {
|
|
45
49
|
"build": "tsup",
|
|
46
|
-
"prepublishOnly": "pnpm run build",
|
|
47
50
|
"typecheck": "tsc --noEmit"
|
|
48
51
|
},
|
|
49
52
|
"dependencies": {
|