@agentvalet/mcp-server 1.2.0 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +10 -1
- package/dist/tools/handlers.js +38 -0
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -43,7 +43,16 @@ process.stderr.write(`[mcp-server] config ok | agent=${AGENT_ID} | owner=${OWNER
|
|
|
43
43
|
const server = new Server({ name: "agentvalet", version: "1.0.0" }, { capabilities: { tools: {} }, instructions: renderInstructions(undefined) });
|
|
44
44
|
// The config + server bundle threaded into auth + handlers (see context.ts) —
|
|
45
45
|
// keeps those modules free of globals.
|
|
46
|
-
const ctx = {
|
|
46
|
+
const ctx = {
|
|
47
|
+
AGENT_ID,
|
|
48
|
+
OWNER_ID,
|
|
49
|
+
PROXY_URL,
|
|
50
|
+
AGENT_PRIVATE_KEY_RAW,
|
|
51
|
+
privateKey,
|
|
52
|
+
server,
|
|
53
|
+
OBSERVE_PLATFORM: process.env.OBSERVE_PLATFORM ?? "",
|
|
54
|
+
OBSERVE_CREDENTIAL: process.env.OBSERVE_CREDENTIAL ?? "",
|
|
55
|
+
};
|
|
47
56
|
// Boot-time platform fetch — primes the proxy connection and surfaces auth
|
|
48
57
|
// failures in the stderr boot diagnostics. Best-effort and fire-and-forget so
|
|
49
58
|
// it can NEVER delay the `initialize` response (a top-level await here used to
|
package/dist/tools/handlers.js
CHANGED
|
@@ -46,6 +46,44 @@ export async function handleUsePlatform(ctx, params, progressToken) {
|
|
|
46
46
|
const gate = await requireCredentials(ctx);
|
|
47
47
|
if (gate)
|
|
48
48
|
return gate;
|
|
49
|
+
// Observe Mode: when a BYO credential is configured locally, route to the
|
|
50
|
+
// audit-only relay and attach the credential as a header (NEVER in the body —
|
|
51
|
+
// it must not enter model-visible tool args). Governed behaviour is unchanged
|
|
52
|
+
// when no observe credential is set.
|
|
53
|
+
//
|
|
54
|
+
// Platform-match guard: if OBSERVE_PLATFORM is set, only route to the observe
|
|
55
|
+
// relay when the requested platform matches — preventing BYO credential leakage
|
|
56
|
+
// to unrelated platforms. If OBSERVE_PLATFORM is empty, route observe for any
|
|
57
|
+
// platform (backwards-compat when only OBSERVE_CREDENTIAL is set).
|
|
58
|
+
const observePlatformMatch = ctx.OBSERVE_CREDENTIAL &&
|
|
59
|
+
(ctx.OBSERVE_PLATFORM === "" || ctx.OBSERVE_PLATFORM === params.platform);
|
|
60
|
+
if (observePlatformMatch) {
|
|
61
|
+
const observeBody = {
|
|
62
|
+
platform: params.platform,
|
|
63
|
+
endpoint: params.endpoint,
|
|
64
|
+
method: params.method,
|
|
65
|
+
action: params.scope,
|
|
66
|
+
...(params.data !== undefined && { body: params.data }),
|
|
67
|
+
};
|
|
68
|
+
let response;
|
|
69
|
+
try {
|
|
70
|
+
// fetchWithAuth signs and attaches the AV agent JWT (Authorization: Bearer …).
|
|
71
|
+
// Content-Type: application/json is added by fetchWithAuth before spreading
|
|
72
|
+
// init.headers, so X-AV-Observe-Credential survives.
|
|
73
|
+
response = await fetchWithAuth(ctx, `${ctx.PROXY_URL}/v1/observe/actions`, {
|
|
74
|
+
method: "POST",
|
|
75
|
+
headers: { "X-AV-Observe-Credential": ctx.OBSERVE_CREDENTIAL },
|
|
76
|
+
body: JSON.stringify(observeBody),
|
|
77
|
+
});
|
|
78
|
+
}
|
|
79
|
+
catch (err) {
|
|
80
|
+
return errorContent(`Network error: ${err instanceof Error ? err.message : err}`);
|
|
81
|
+
}
|
|
82
|
+
const text = await response.text();
|
|
83
|
+
if (!response.ok)
|
|
84
|
+
return errorContent(`Proxy error ${response.status}: ${text}`);
|
|
85
|
+
return jsonContent(text);
|
|
86
|
+
}
|
|
49
87
|
const requestBody = {
|
|
50
88
|
platform: params.platform,
|
|
51
89
|
endpoint: params.endpoint,
|