@agentvalet/mcp-server 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js CHANGED
@@ -43,7 +43,16 @@ process.stderr.write(`[mcp-server] config ok | agent=${AGENT_ID} | owner=${OWNER
43
43
  const server = new Server({ name: "agentvalet", version: "1.0.0" }, { capabilities: { tools: {} }, instructions: renderInstructions(undefined) });
44
44
  // The config + server bundle threaded into auth + handlers (see context.ts) —
45
45
  // keeps those modules free of globals.
46
- const ctx = { AGENT_ID, OWNER_ID, PROXY_URL, AGENT_PRIVATE_KEY_RAW, privateKey, server };
46
+ const ctx = {
47
+ AGENT_ID,
48
+ OWNER_ID,
49
+ PROXY_URL,
50
+ AGENT_PRIVATE_KEY_RAW,
51
+ privateKey,
52
+ server,
53
+ OBSERVE_PLATFORM: process.env.OBSERVE_PLATFORM ?? "",
54
+ OBSERVE_CREDENTIAL: process.env.OBSERVE_CREDENTIAL ?? "",
55
+ };
47
56
  // Boot-time platform fetch — primes the proxy connection and surfaces auth
48
57
  // failures in the stderr boot diagnostics. Best-effort and fire-and-forget so
49
58
  // it can NEVER delay the `initialize` response (a top-level await here used to
@@ -46,6 +46,44 @@ export async function handleUsePlatform(ctx, params, progressToken) {
46
46
  const gate = await requireCredentials(ctx);
47
47
  if (gate)
48
48
  return gate;
49
+ // Observe Mode: when a BYO credential is configured locally, route to the
50
+ // audit-only relay and attach the credential as a header (NEVER in the body —
51
+ // it must not enter model-visible tool args). Governed behaviour is unchanged
52
+ // when no observe credential is set.
53
+ //
54
+ // Platform-match guard: if OBSERVE_PLATFORM is set, only route to the observe
55
+ // relay when the requested platform matches — preventing BYO credential leakage
56
+ // to unrelated platforms. If OBSERVE_PLATFORM is empty, route observe for any
57
+ // platform (backwards-compat when only OBSERVE_CREDENTIAL is set).
58
+ const observePlatformMatch = ctx.OBSERVE_CREDENTIAL &&
59
+ (ctx.OBSERVE_PLATFORM === "" || ctx.OBSERVE_PLATFORM === params.platform);
60
+ if (observePlatformMatch) {
61
+ const observeBody = {
62
+ platform: params.platform,
63
+ endpoint: params.endpoint,
64
+ method: params.method,
65
+ action: params.scope,
66
+ ...(params.data !== undefined && { body: params.data }),
67
+ };
68
+ let response;
69
+ try {
70
+ // fetchWithAuth signs and attaches the AV agent JWT (Authorization: Bearer …).
71
+ // Content-Type: application/json is added by fetchWithAuth before spreading
72
+ // init.headers, so X-AV-Observe-Credential survives.
73
+ response = await fetchWithAuth(ctx, `${ctx.PROXY_URL}/v1/observe/actions`, {
74
+ method: "POST",
75
+ headers: { "X-AV-Observe-Credential": ctx.OBSERVE_CREDENTIAL },
76
+ body: JSON.stringify(observeBody),
77
+ });
78
+ }
79
+ catch (err) {
80
+ return errorContent(`Network error: ${err instanceof Error ? err.message : err}`);
81
+ }
82
+ const text = await response.text();
83
+ if (!response.ok)
84
+ return errorContent(`Proxy error ${response.status}: ${text}`);
85
+ return jsonContent(text);
86
+ }
49
87
  const requestBody = {
50
88
  platform: params.platform,
51
89
  endpoint: params.endpoint,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@agentvalet/mcp-server",
3
- "version": "1.2.0",
3
+ "version": "1.3.0",
4
4
  "description": "AgentValet MCP server — lets AI agents call approved platforms via the AgentValet proxy",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",