@agentwonderland/mcp 0.1.33 → 0.1.35

package/dist/core/file-upload.js

@@ -90,8 +90,14 @@ export async function uploadLocalFiles(input) {
         if (!isLocalFilePath(value))
             continue;
         const resolved = resolvePath(value);
-        if (!existsSync(resolved))
-            continue;
+        if (!existsSync(resolved)) {
+            throw new Error(`File not found at "${value}" (for input field "${key}"). ` +
+                `This MCP server reads files from its own filesystem — if your client ` +
+                `sandboxes attachments (e.g. a web session with a /mnt/... path), the ` +
+                `bytes aren't reachable here. Fix: call upload_file({ filename: "${basename(resolved)}" }) ` +
+                `to get a presigned upload URL, PUT the bytes to it (e.g. curl -T), then pass the ` +
+                `returned GET URL as "${key}" instead of the path.`);
+        }
         try {
             const url = await uploadFile(value);
             result[key] = url;

package/dist/index.js

@@ -12,6 +12,7 @@ import { registerWalletTools } from "./tools/wallet.js";
 import { registerFavoriteTools } from "./tools/favorites.js";
 import { registerTipTools } from "./tools/tip.js";
 import { registerPassTools } from "./tools/passes.js";
+import { registerUploadTools } from "./tools/upload.js";
 // ── Resources ────────────────────────────────────────────────────
 import { registerAgentResources } from "./resources/agents.js";
 import { registerWalletResources } from "./resources/wallet.js";
@@ -73,6 +74,7 @@ export async function startMcpServer() {
     registerFavoriteTools(server);
     registerTipTools(server);
     registerPassTools(server);
+    registerUploadTools(server);
     // Register resources
     registerAgentResources(server);
     registerWalletResources(server);

package/dist/tools/index.d.ts

@@ -8,3 +8,4 @@ export { registerWalletTools } from "./wallet.js";
 export { registerFavoriteTools } from "./favorites.js";
 export { registerTipTools } from "./tip.js";
 export { registerPassTools } from "./passes.js";
+export { registerUploadTools } from "./upload.js";

package/dist/tools/index.js

@@ -8,3 +8,4 @@ export { registerWalletTools } from "./wallet.js";
 export { registerFavoriteTools } from "./favorites.js";
 export { registerTipTools } from "./tip.js";
 export { registerPassTools } from "./passes.js";
+export { registerUploadTools } from "./upload.js";

package/dist/tools/run.js

@@ -85,7 +85,7 @@ function buildCreditPackOfferLines(agent) {
     ];
 }
 export function registerRunTools(server) {
-    server.tool("run_agent", "Run an AI agent from the marketplace. Pays automatically via configured wallet. Returns the agent's output, cost, and job ID for tracking. If spending confirmation is enabled, first call returns a price quote — call again with confirmed: true to execute. Local file paths in the input (e.g. /Users/.../photo.jpg) are automatically uploaded to temporary storage and replaced with download URLs before execution.", {
+    server.tool("run_agent", "Run an AI agent from the marketplace. Pays automatically via configured wallet. Returns the agent's output, cost, and job ID for tracking. If spending confirmation is enabled, first call returns a price quote — call again with confirmed: true to execute. Local file paths in the input (e.g. /Users/.../photo.jpg) are automatically uploaded to temporary storage and replaced with download URLs before execution. If a file you need isn't on this MCP server's filesystem (e.g. a sandboxed /mnt/... attachment), call upload_file first to get a presigned upload URL, PUT the bytes to it, then pass the returned GET URL as input instead — that keeps the bytes out of the conversation context.", {
         agent_id: z.string().describe("Agent ID (UUID, slug, or name)"),
         input: z.record(z.unknown()).describe("Input payload for the agent"),
         pay_with: z.string().trim().min(1).optional().describe("Payment method — wallet ID, chain name (tempo, base, etc.), or 'card'. Auto-detected if omitted."),

package/dist/tools/solve.js

@@ -105,7 +105,7 @@ function buildCreditPackSummary(agent) {
     ];
 }
 export function registerSolveTools(server) {
-    server.tool("solve", "Solve a task by finding the best agent, paying, and executing. The primary way to use the marketplace. If spending confirmation is enabled, returns a price quote first — call again with confirmed: true to execute. Local file paths in the input are auto-uploaded before execution.", {
+    server.tool("solve", "Solve a task by finding the best agent, paying, and executing. The primary way to use the marketplace. If spending confirmation is enabled, returns a price quote first — call again with confirmed: true to execute. Local file paths in the input are auto-uploaded before execution. If a file you need isn't on this MCP server's filesystem (e.g. a sandboxed /mnt/... attachment), call upload_file first to get a presigned upload URL, PUT the bytes to it, then pass the returned GET URL as input instead.", {
         intent: z
             .string()
             .describe("What you want to accomplish (natural language)"),

package/dist/tools/upload.d.ts

@@ -0,0 +1,2 @@
+import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+export declare function registerUploadTools(server: McpServer): void;

package/dist/tools/upload.js

@@ -0,0 +1,46 @@
+import { z } from "zod";
+import { apiPost } from "../core/api-client.js";
+function text(t) {
+    return { content: [{ type: "text", text: t }] };
+}
+export function registerUploadTools(server) {
+    server.tool("upload_file", [
+        "Get a pair of presigned R2 URLs to upload a file without passing bytes through the conversation.",
+        "Use this when the file lives in a sandbox the MCP server can't read (e.g. Claude web /mnt/user-data/..., any hosted-agent environment).",
+        "Flow:",
+        "  1. Call this tool with the filename and content_type.",
+        "  2. PUT the file bytes to `upload_url` over HTTP (e.g. via bash curl). The bytes never touch the LLM context.",
+        "  3. Pass `get_url` as the input value when running an agent that needs a URL.",
+        "On Claude Desktop with real filesystem paths (/Users/... or ~/...), just pass the path to run_agent — it auto-uploads. Only reach for upload_file when auto-upload isn't possible.",
+    ].join("\n"), {
+        filename: z
+            .string()
+            .min(1)
+            .max(255)
+            .describe("Base filename, e.g. 'photo.jpg'. Path separators are stripped."),
+        content_type: z
+            .string()
+            .optional()
+            .describe("MIME type (e.g. 'image/jpeg'). Inferred from filename if omitted."),
+    }, async ({ filename, content_type }) => {
+        const result = await apiPost("/uploads/presign-put", {
+            filename,
+            content_type,
+        });
+        const lines = [
+            `Upload slot ready for ${filename} (${result.content_type}).`,
+            "",
+            `Upload URL (PUT, expires in ${Math.round(result.upload_expires_in / 60)}m):`,
+            result.upload_url,
+            "",
+            `Public URL to pass to run_agent (GET, expires in ${Math.round(result.get_expires_in / 3600)}h):`,
+            result.get_url,
+            "",
+            "Upload the file with:",
+            `  curl -X PUT -H "Content-Type: ${result.content_type}" --data-binary @<path-to-file> "${result.upload_url}"`,
+            "",
+            "Then pass the GET URL above as the input value (e.g. { image: \"<get_url>\" }).",
+        ];
+        return text(lines.join("\n"));
+    });
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agentwonderland/mcp",
-  "version": "0.1.33",
+  "version": "0.1.35",
   "type": "module",
   "description": "MCP server for the Agent Wonderland AI agent marketplace",
   "bin": {

package/src/core/file-upload.ts

@@ -112,7 +112,16 @@ export async function uploadLocalFiles(
     if (!isLocalFilePath(value)) continue;
 
     const resolved = resolvePath(value);
-    if (!existsSync(resolved)) continue;
+    if (!existsSync(resolved)) {
+      throw new Error(
+        `File not found at "${value}" (for input field "${key}"). ` +
+        `This MCP server reads files from its own filesystem — if your client ` +
+        `sandboxes attachments (e.g. a web session with a /mnt/... path), the ` +
+        `bytes aren't reachable here. Fix: call upload_file({ filename: "${basename(resolved)}" }) ` +
+        `to get a presigned upload URL, PUT the bytes to it (e.g. curl -T), then pass the ` +
+        `returned GET URL as "${key}" instead of the path.`,
+      );
+    }
 
     try {
       const url = await uploadFile(value);

package/src/index.ts

@@ -14,6 +14,7 @@ import { registerWalletTools } from "./tools/wallet.js";
 import { registerFavoriteTools } from "./tools/favorites.js";
 import { registerTipTools } from "./tools/tip.js";
 import { registerPassTools } from "./tools/passes.js";
+import { registerUploadTools } from "./tools/upload.js";
 
 // ── Resources ────────────────────────────────────────────────────
 import { registerAgentResources } from "./resources/agents.js";
@@ -82,6 +83,7 @@ export async function startMcpServer(): Promise<void> {
   registerFavoriteTools(server);
   registerTipTools(server);
   registerPassTools(server);
+  registerUploadTools(server);
 
   // Register resources
   registerAgentResources(server);

package/src/tools/index.ts

@@ -8,3 +8,4 @@ export { registerWalletTools } from "./wallet.js";
 export { registerFavoriteTools } from "./favorites.js";
 export { registerTipTools } from "./tip.js";
 export { registerPassTools } from "./passes.js";
+export { registerUploadTools } from "./upload.js";

package/src/tools/run.ts

@@ -123,7 +123,7 @@ function buildCreditPackOfferLines(agent: AgentRecord): string[] {
 export function registerRunTools(server: McpServer): void {
   server.tool(
     "run_agent",
-    "Run an AI agent from the marketplace. Pays automatically via configured wallet. Returns the agent's output, cost, and job ID for tracking. If spending confirmation is enabled, first call returns a price quote — call again with confirmed: true to execute. Local file paths in the input (e.g. /Users/.../photo.jpg) are automatically uploaded to temporary storage and replaced with download URLs before execution.",
+    "Run an AI agent from the marketplace. Pays automatically via configured wallet. Returns the agent's output, cost, and job ID for tracking. If spending confirmation is enabled, first call returns a price quote — call again with confirmed: true to execute. Local file paths in the input (e.g. /Users/.../photo.jpg) are automatically uploaded to temporary storage and replaced with download URLs before execution. If a file you need isn't on this MCP server's filesystem (e.g. a sandboxed /mnt/... attachment), call upload_file first to get a presigned upload URL, PUT the bytes to it, then pass the returned GET URL as input instead — that keeps the bytes out of the conversation context.",
     {
       agent_id: z.string().describe("Agent ID (UUID, slug, or name)"),
       input: z.record(z.unknown()).describe("Input payload for the agent"),

package/src/tools/solve.ts

@@ -137,7 +137,7 @@ function buildCreditPackSummary(agent: AgentRecord): string[] {
 export function registerSolveTools(server: McpServer): void {
   server.tool(
     "solve",
-    "Solve a task by finding the best agent, paying, and executing. The primary way to use the marketplace. If spending confirmation is enabled, returns a price quote first — call again with confirmed: true to execute. Local file paths in the input are auto-uploaded before execution.",
+    "Solve a task by finding the best agent, paying, and executing. The primary way to use the marketplace. If spending confirmation is enabled, returns a price quote first — call again with confirmed: true to execute. Local file paths in the input are auto-uploaded before execution. If a file you need isn't on this MCP server's filesystem (e.g. a sandboxed /mnt/... attachment), call upload_file first to get a presigned upload URL, PUT the bytes to it, then pass the returned GET URL as input instead.",
     {
       intent: z
         .string()

package/src/tools/upload.ts

@@ -0,0 +1,65 @@
+import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { z } from "zod";
+import { apiPost } from "../core/api-client.js";
+
+function text(t: string) {
+  return { content: [{ type: "text" as const, text: t }] };
+}
+
+interface PresignResponse {
+  upload_url: string;
+  get_url: string;
+  key: string;
+  content_type: string;
+  upload_expires_in: number;
+  get_expires_in: number;
+}
+
+export function registerUploadTools(server: McpServer) {
+  server.tool(
+    "upload_file",
+    [
+      "Get a pair of presigned R2 URLs to upload a file without passing bytes through the conversation.",
+      "Use this when the file lives in a sandbox the MCP server can't read (e.g. Claude web /mnt/user-data/..., any hosted-agent environment).",
+      "Flow:",
+      "  1. Call this tool with the filename and content_type.",
+      "  2. PUT the file bytes to `upload_url` over HTTP (e.g. via bash curl). The bytes never touch the LLM context.",
+      "  3. Pass `get_url` as the input value when running an agent that needs a URL.",
+      "On Claude Desktop with real filesystem paths (/Users/... or ~/...), just pass the path to run_agent — it auto-uploads. Only reach for upload_file when auto-upload isn't possible.",
+    ].join("\n"),
+    {
+      filename: z
+        .string()
+        .min(1)
+        .max(255)
+        .describe("Base filename, e.g. 'photo.jpg'. Path separators are stripped."),
+      content_type: z
+        .string()
+        .optional()
+        .describe("MIME type (e.g. 'image/jpeg'). Inferred from filename if omitted."),
+    },
+    async ({ filename, content_type }) => {
+      const result = await apiPost<PresignResponse>("/uploads/presign-put", {
+        filename,
+        content_type,
+      });
+
+      const lines = [
+        `Upload slot ready for ${filename} (${result.content_type}).`,
+        "",
+        `Upload URL (PUT, expires in ${Math.round(result.upload_expires_in / 60)}m):`,
+        result.upload_url,
+        "",
+        `Public URL to pass to run_agent (GET, expires in ${Math.round(result.get_expires_in / 3600)}h):`,
+        result.get_url,
+        "",
+        "Upload the file with:",
+        `  curl -X PUT -H "Content-Type: ${result.content_type}" --data-binary @<path-to-file> "${result.upload_url}"`,
+        "",
+        "Then pass the GET URL above as the input value (e.g. { image: \"<get_url>\" }).",
+      ];
+
+      return text(lines.join("\n"));
+    },
+  );
+}

package/test-x402-flow.mjs

@@ -1,58 +0,0 @@
-// End-to-end x402 client test against prod Agent Wonderland on Base mainnet.
-//
-// 1. POST /x402/agents/:id/run (no PAYMENT header) → 402 with Stripe-issued payTo
-// 2. Sign the payment authorization on Base mainnet with user's OWS-managed wallet
-// 3. Retry with PAYMENT header → agent runs, USDC transferred to Stripe
-//
-// Then we inspect the resulting payment_attempt + transfer rows to confirm the
-// Connect transfer is funded via source_transaction (same path MPP uses).
-
-import { owsAccountFromWalletId } from "./src/core/ows-adapter.ts";
-import { x402Client } from "@x402/core/client";
-import { registerExactEvmScheme } from "@x402/evm/exact/client";
-import { encodePaymentSignatureHeader } from "@x402/core/http";
-
-const API = "https://api.agentwonderland.com";
-const AGENT_SLUG = "diagram-renderer-qyf0";
-const INPUT = { code: "graph TD; A-->B;", format: "png" };
-const OWS_WALLET_ID = "9558b02c-93bf-480f-8708-5fe135bf53d9"; // from ~/.agentwonderland/config.json
-
-// 1. Get the account
-const account = await owsAccountFromWalletId(OWS_WALLET_ID);
-console.log(`signer: ${account.address}`);
-
-// 2. Fetch the 402 challenge
-const first = await fetch(`${API}/x402/agents/${AGENT_SLUG}/run`, {
-  method: "POST",
-  headers: { "Content-Type": "application/json" },
-  body: JSON.stringify({ input: INPUT }),
-});
-console.log(`first response: ${first.status}`);
-const paymentRequired = await first.json();
-console.log("accepts[0].payTo:", paymentRequired.accepts?.[0]?.payTo);
-console.log("payment_attempt_id:", paymentRequired.payment_attempt_id);
-
-// 3. Build + sign the payment
-const client = new x402Client();
-registerExactEvmScheme(client, {
-  signer: account,
-  networks: ["eip155:8453"],
-});
-const paymentPayload = await client.createPaymentPayload(paymentRequired);
-console.log("FULL payment payload:", JSON.stringify(paymentPayload, null, 2));
-
-const paymentHeader = encodePaymentSignatureHeader(paymentPayload);
-console.log("PAYMENT header length:", paymentHeader.length);
-
-// 4. Retry with PAYMENT header
-const second = await fetch(`${API}/x402/agents/${AGENT_SLUG}/run`, {
-  method: "POST",
-  headers: {
-    "Content-Type": "application/json",
-    PAYMENT: paymentHeader,
-  },
-  body: JSON.stringify({ input: INPUT }),
-});
-console.log(`second response: ${second.status}`);
-const body = await second.text();
-console.log("body preview:", body.slice(0, 400));