@agiflowai/one-mcp 0.2.0 → 0.2.1

package/dist/cli.cjs

@@ -1,8 +1,8 @@
 #!/usr/bin/env node
-const require_http = require('./http-B5WVqLzz.cjs');
+const require_http = require('./http-23nhycE8.cjs');
 let node_fs_promises = require("node:fs/promises");
-let commander = require("commander");
 let node_path = require("node:path");
+let commander = require("commander");
 let __agiflowai_aicode_utils = require("@agiflowai/aicode-utils");
 
 //#region src/types/index.ts
@@ -396,7 +396,7 @@ const useToolCommand = new commander.Command("use-tool").description("Execute an
 
 //#endregion
 //#region src/templates/mcp-config.yaml?raw
-var mcp_config_default = "# MCP Server Configuration\n# This file configures the MCP servers that one-mcp will connect to\n#\n# Environment Variable Interpolation:\n# Use ${VAR_NAME} syntax to reference environment variables\n# Example: ${HOME}, ${API_KEY}, ${DATABASE_URL}\n#\n# Instructions:\n# - config.instruction: Server's default instruction (from server documentation)\n# - instruction: User override (optional, takes precedence over config.instruction)\n# - config.toolBlacklist: Array of tool names to hide/block from this server\n# - config.omitToolDescription: Boolean to show only tool names without descriptions (saves tokens)\n\nmcpServers:\n  # Example MCP server using stdio transport\n  example-server:\n    command: node\n    args:\n      - /path/to/mcp-server/build/index.js\n    env:\n      # Environment variables for the MCP server\n      LOG_LEVEL: info\n      # You can use environment variable interpolation:\n      # DATABASE_URL: ${DATABASE_URL}\n      # API_KEY: ${MY_API_KEY}\n    config:\n      # Server's default instruction (from server documentation)\n      instruction: Use this server for...\n      # Optional: Block specific tools from being listed or executed\n      # toolBlacklist:\n      #   - dangerous_tool_name\n      #   - another_blocked_tool\n      # Optional: Omit tool descriptions to save tokens (default: false)\n      # omitToolDescription: true\n    # instruction: Optional user override - takes precedence over config.instruction\n\n  # Example MCP server using SSE transport with environment variables\n  # remote-server:\n  #   url: https://example.com/mcp\n  #   type: sse\n  #   headers:\n  #     # Use ${VAR_NAME} to interpolate environment variables\n  #     Authorization: Bearer ${API_KEY}\n  #   config:\n  #     instruction: This server provides tools for...\n  #     # Optional: Block specific tools from being listed or executed\n  #     # toolBlacklist:\n  #     #   - tool_to_block\n  #     # Optional: Omit tool descriptions to save tokens (default: false)\n  #     # omitToolDescription: true\n  #   # instruction: Optional user override\n";
+var mcp_config_default = "# MCP Server Configuration\n# This file configures the MCP servers that one-mcp will connect to\n#\n# Environment Variable Interpolation:\n# Use ${VAR_NAME} syntax to reference environment variables\n# Example: ${HOME}, ${API_KEY}, ${DATABASE_URL}\n#\n# Instructions:\n# - config.instruction: Server's default instruction (from server documentation)\n# - instruction: User override (optional, takes precedence over config.instruction)\n# - config.toolBlacklist: Array of tool names to hide/block from this server\n# - config.omitToolDescription: Boolean to show only tool names without descriptions (saves tokens)\n\n# Remote Configuration Sources (OPTIONAL)\n# Fetch and merge configurations from remote URLs\n# Remote configs are merged with local configs based on merge strategy\n#\n# SECURITY: SSRF Protection is ENABLED by default\n# - Only HTTPS URLs are allowed (set security.enforceHttps: false to allow HTTP)\n# - Private IPs and localhost are blocked (set security.allowPrivateIPs: true for internal networks)\n# - Blocked ranges: 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16\nremoteConfigs:\n  # Example 1: Basic remote config with default security\n  # - url: ${AGIFLOW_URL}/api/v1/mcp-configs\n  #   headers:\n  #     Authorization: Bearer ${AGIFLOW_API_KEY}\n  #   mergeStrategy: local-priority  # Options: local-priority (default), remote-priority, merge-deep\n  #\n  # Example 2: Remote config with custom security settings (for internal networks)\n  # - url: ${INTERNAL_URL}/mcp-configs\n  #   headers:\n  #     Authorization: Bearer ${INTERNAL_TOKEN}\n  #   security:\n  #     allowPrivateIPs: true   # Allow internal IPs (default: false)\n  #     enforceHttps: false     # Allow HTTP (default: true, HTTPS only)\n  #   mergeStrategy: local-priority\n  #\n  # Example 3: Remote config with additional validation (OPTIONAL)\n  # - url: ${AGIFLOW_URL}/api/v1/mcp-configs\n  #   headers:\n  #     Authorization: Bearer ${AGIFLOW_API_KEY}\n  #     X-API-Key: ${AGIFLOW_API_KEY}\n  #   security:\n  #     enforceHttps: true      # Require HTTPS (default: true)\n  #     allowPrivateIPs: false  # Block private IPs (default: false)\n  #   validation:  # OPTIONAL: Additional regex validation on top of security checks\n  #     url: ^https://.*\\.agiflow\\.io/.*  # OPTIONAL: Regex pattern to validate URL format\n  #     headers:  # OPTIONAL: Regex patterns to validate header values\n  #       Authorization: ^Bearer [A-Za-z0-9_-]+$\n  #       X-API-Key: ^[A-Za-z0-9_-]{32,}$\n  #   mergeStrategy: local-priority\n\nmcpServers:\n  # Example MCP server using stdio transport\n  example-server:\n    command: node\n    args:\n      - /path/to/mcp-server/build/index.js\n    env:\n      # Environment variables for the MCP server\n      LOG_LEVEL: info\n      # You can use environment variable interpolation:\n      # DATABASE_URL: ${DATABASE_URL}\n      # API_KEY: ${MY_API_KEY}\n    config:\n      # Server's default instruction (from server documentation)\n      instruction: Use this server for...\n      # Optional: Block specific tools from being listed or executed\n      # toolBlacklist:\n      #   - dangerous_tool_name\n      #   - another_blocked_tool\n      # Optional: Omit tool descriptions to save tokens (default: false)\n      # omitToolDescription: true\n    # instruction: Optional user override - takes precedence over config.instruction\n\n  # Example MCP server using SSE transport with environment variables\n  # remote-server:\n  #   url: https://example.com/mcp\n  #   type: sse\n  #   headers:\n  #     # Use ${VAR_NAME} to interpolate environment variables\n  #     Authorization: Bearer ${API_KEY}\n  #   config:\n  #     instruction: This server provides tools for...\n  #     # Optional: Block specific tools from being listed or executed\n  #     # toolBlacklist:\n  #     #   - tool_to_block\n  #     # Optional: Omit tool descriptions to save tokens (default: false)\n  #     # omitToolDescription: true\n  #   # instruction: Optional user override\n";
 
 //#endregion
 //#region src/templates/mcp-config.json?raw
@@ -457,7 +457,7 @@ const initCommand = new commander.Command("init").description("Initialize MCP co
 
 //#endregion
 //#region package.json
-var version = "0.1.0";
+var version = "0.2.0";
 
 //#endregion
 //#region src/cli.ts

package/dist/cli.mjs

@@ -1,8 +1,8 @@
 #!/usr/bin/env node
-import { a as McpClientManagerService, i as createServer, n as SseTransportHandler, o as ConfigFetcherService, r as StdioTransportHandler, t as HttpTransportHandler } from "./http-B1EDyxR_.mjs";
+import { a as McpClientManagerService, i as createServer, n as SseTransportHandler, o as ConfigFetcherService, r as StdioTransportHandler, t as HttpTransportHandler } from "./http-CkWO35l-.mjs";
 import { writeFile } from "node:fs/promises";
-import { Command } from "commander";
 import { resolve } from "node:path";
+import { Command } from "commander";
 import { log } from "@agiflowai/aicode-utils";
 
 //#region src/types/index.ts
@@ -396,7 +396,7 @@ const useToolCommand = new Command("use-tool").description("Execute an MCP tool
 
 //#endregion
 //#region src/templates/mcp-config.yaml?raw
-var mcp_config_default = "# MCP Server Configuration\n# This file configures the MCP servers that one-mcp will connect to\n#\n# Environment Variable Interpolation:\n# Use ${VAR_NAME} syntax to reference environment variables\n# Example: ${HOME}, ${API_KEY}, ${DATABASE_URL}\n#\n# Instructions:\n# - config.instruction: Server's default instruction (from server documentation)\n# - instruction: User override (optional, takes precedence over config.instruction)\n# - config.toolBlacklist: Array of tool names to hide/block from this server\n# - config.omitToolDescription: Boolean to show only tool names without descriptions (saves tokens)\n\nmcpServers:\n  # Example MCP server using stdio transport\n  example-server:\n    command: node\n    args:\n      - /path/to/mcp-server/build/index.js\n    env:\n      # Environment variables for the MCP server\n      LOG_LEVEL: info\n      # You can use environment variable interpolation:\n      # DATABASE_URL: ${DATABASE_URL}\n      # API_KEY: ${MY_API_KEY}\n    config:\n      # Server's default instruction (from server documentation)\n      instruction: Use this server for...\n      # Optional: Block specific tools from being listed or executed\n      # toolBlacklist:\n      #   - dangerous_tool_name\n      #   - another_blocked_tool\n      # Optional: Omit tool descriptions to save tokens (default: false)\n      # omitToolDescription: true\n    # instruction: Optional user override - takes precedence over config.instruction\n\n  # Example MCP server using SSE transport with environment variables\n  # remote-server:\n  #   url: https://example.com/mcp\n  #   type: sse\n  #   headers:\n  #     # Use ${VAR_NAME} to interpolate environment variables\n  #     Authorization: Bearer ${API_KEY}\n  #   config:\n  #     instruction: This server provides tools for...\n  #     # Optional: Block specific tools from being listed or executed\n  #     # toolBlacklist:\n  #     #   - tool_to_block\n  #     # Optional: Omit tool descriptions to save tokens (default: false)\n  #     # omitToolDescription: true\n  #   # instruction: Optional user override\n";
+var mcp_config_default = "# MCP Server Configuration\n# This file configures the MCP servers that one-mcp will connect to\n#\n# Environment Variable Interpolation:\n# Use ${VAR_NAME} syntax to reference environment variables\n# Example: ${HOME}, ${API_KEY}, ${DATABASE_URL}\n#\n# Instructions:\n# - config.instruction: Server's default instruction (from server documentation)\n# - instruction: User override (optional, takes precedence over config.instruction)\n# - config.toolBlacklist: Array of tool names to hide/block from this server\n# - config.omitToolDescription: Boolean to show only tool names without descriptions (saves tokens)\n\n# Remote Configuration Sources (OPTIONAL)\n# Fetch and merge configurations from remote URLs\n# Remote configs are merged with local configs based on merge strategy\n#\n# SECURITY: SSRF Protection is ENABLED by default\n# - Only HTTPS URLs are allowed (set security.enforceHttps: false to allow HTTP)\n# - Private IPs and localhost are blocked (set security.allowPrivateIPs: true for internal networks)\n# - Blocked ranges: 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16\nremoteConfigs:\n  # Example 1: Basic remote config with default security\n  # - url: ${AGIFLOW_URL}/api/v1/mcp-configs\n  #   headers:\n  #     Authorization: Bearer ${AGIFLOW_API_KEY}\n  #   mergeStrategy: local-priority  # Options: local-priority (default), remote-priority, merge-deep\n  #\n  # Example 2: Remote config with custom security settings (for internal networks)\n  # - url: ${INTERNAL_URL}/mcp-configs\n  #   headers:\n  #     Authorization: Bearer ${INTERNAL_TOKEN}\n  #   security:\n  #     allowPrivateIPs: true   # Allow internal IPs (default: false)\n  #     enforceHttps: false     # Allow HTTP (default: true, HTTPS only)\n  #   mergeStrategy: local-priority\n  #\n  # Example 3: Remote config with additional validation (OPTIONAL)\n  # - url: ${AGIFLOW_URL}/api/v1/mcp-configs\n  #   headers:\n  #     Authorization: Bearer ${AGIFLOW_API_KEY}\n  #     X-API-Key: ${AGIFLOW_API_KEY}\n  #   security:\n  #     enforceHttps: true      # Require HTTPS (default: true)\n  #     allowPrivateIPs: false  # Block private IPs (default: false)\n  #   validation:  # OPTIONAL: Additional regex validation on top of security checks\n  #     url: ^https://.*\\.agiflow\\.io/.*  # OPTIONAL: Regex pattern to validate URL format\n  #     headers:  # OPTIONAL: Regex patterns to validate header values\n  #       Authorization: ^Bearer [A-Za-z0-9_-]+$\n  #       X-API-Key: ^[A-Za-z0-9_-]{32,}$\n  #   mergeStrategy: local-priority\n\nmcpServers:\n  # Example MCP server using stdio transport\n  example-server:\n    command: node\n    args:\n      - /path/to/mcp-server/build/index.js\n    env:\n      # Environment variables for the MCP server\n      LOG_LEVEL: info\n      # You can use environment variable interpolation:\n      # DATABASE_URL: ${DATABASE_URL}\n      # API_KEY: ${MY_API_KEY}\n    config:\n      # Server's default instruction (from server documentation)\n      instruction: Use this server for...\n      # Optional: Block specific tools from being listed or executed\n      # toolBlacklist:\n      #   - dangerous_tool_name\n      #   - another_blocked_tool\n      # Optional: Omit tool descriptions to save tokens (default: false)\n      # omitToolDescription: true\n    # instruction: Optional user override - takes precedence over config.instruction\n\n  # Example MCP server using SSE transport with environment variables\n  # remote-server:\n  #   url: https://example.com/mcp\n  #   type: sse\n  #   headers:\n  #     # Use ${VAR_NAME} to interpolate environment variables\n  #     Authorization: Bearer ${API_KEY}\n  #   config:\n  #     instruction: This server provides tools for...\n  #     # Optional: Block specific tools from being listed or executed\n  #     # toolBlacklist:\n  #     #   - tool_to_block\n  #     # Optional: Omit tool descriptions to save tokens (default: false)\n  #     # omitToolDescription: true\n  #   # instruction: Optional user override\n";
 
 //#endregion
 //#region src/templates/mcp-config.json?raw
@@ -457,7 +457,7 @@ const initCommand = new Command("init").description("Initialize MCP configuratio
 
 //#endregion
 //#region package.json
-var version = "0.1.0";
+var version = "0.2.0";
 
 //#endregion
 //#region src/cli.ts

package/dist/{http-B5WVqLzz.cjs → http-23nhycE8.cjs}

@@ -28,6 +28,9 @@ let node_fs = require("node:fs");
 let js_yaml = require("js-yaml");
 js_yaml = __toESM(js_yaml);
 let zod = require("zod");
+let node_crypto = require("node:crypto");
+let node_path = require("node:path");
+let node_os = require("node:os");
 let __modelcontextprotocol_sdk_client_index_js = require("@modelcontextprotocol/sdk/client/index.js");
 let __modelcontextprotocol_sdk_client_stdio_js = require("@modelcontextprotocol/sdk/client/stdio.js");
 let __modelcontextprotocol_sdk_client_sse_js = require("@modelcontextprotocol/sdk/client/sse.js");
@@ -35,7 +38,6 @@ let __modelcontextprotocol_sdk_server_stdio_js = require("@modelcontextprotocol/
 let __modelcontextprotocol_sdk_server_sse_js = require("@modelcontextprotocol/sdk/server/sse.js");
 let express = require("express");
 express = __toESM(express);
-let node_crypto = require("node:crypto");
 let __modelcontextprotocol_sdk_server_streamableHttp_js = require("@modelcontextprotocol/sdk/server/streamableHttp.js");
 
 //#region src/utils/mcpConfigSchema.ts
@@ -105,6 +107,95 @@ function interpolateEnvVarsInObject(obj) {
 	return obj;
 }
 /**
+* Private IP range patterns for SSRF protection
+* Covers both IPv4 and IPv6 loopback, private, and link-local ranges
+*/
+const PRIVATE_IP_PATTERNS = [
+	/^127\./,
+	/^10\./,
+	/^172\.(1[6-9]|2\d|3[01])\./,
+	/^192\.168\./,
+	/^169\.254\./,
+	/^0\./,
+	/^224\./,
+	/^240\./,
+	/^localhost$/i,
+	/^.*\.localhost$/i,
+	/^\[::\]/,
+	/^\[::1\]/,
+	/^\[0:0:0:0:0:0:0:1\]/,
+	/^\[0{1,4}:0{1,4}:0{1,4}:0{1,4}:0{1,4}:0{1,4}:0{1,4}:1\]/i,
+	/^\[fe80:/i,
+	/^\[fc00:/i,
+	/^\[fd00:/i,
+	/^\[::ffff:127\./i,
+	/^\[::ffff:7f[0-9a-f]{2}:/i,
+	/^\[::ffff:10\./i,
+	/^\[::ffff:a[0-9a-f]{2}:/i,
+	/^\[::ffff:172\.(1[6-9]|2\d|3[01])\./i,
+	/^\[::ffff:ac1[0-9a-f]:/i,
+	/^\[::ffff:192\.168\./i,
+	/^\[::ffff:c0a8:/i,
+	/^\[::ffff:169\.254\./i,
+	/^\[::ffff:a9fe:/i,
+	/^\[::ffff:0\./i,
+	/^\[::127\./i,
+	/^\[::7f[0-9a-f]{2}:/i,
+	/^\[::10\./i,
+	/^\[::a[0-9a-f]{2}:/i,
+	/^\[::192\.168\./i,
+	/^\[::c0a8:/i
+];
+/**
+* Validate URL for SSRF protection
+*
+* @param url - The URL to validate (after env var interpolation)
+* @param security - Security settings
+* @throws Error if URL is unsafe
+*/
+function validateUrlSecurity(url, security) {
+	const allowPrivateIPs = security?.allowPrivateIPs ?? false;
+	const enforceHttps = security?.enforceHttps ?? true;
+	let parsedUrl;
+	try {
+		parsedUrl = new URL(url);
+	} catch (error) {
+		throw new Error(`Invalid URL format: ${url}`);
+	}
+	const protocol = parsedUrl.protocol.replace(":", "");
+	if (enforceHttps && protocol !== "https") throw new Error(`HTTPS is required for security. URL uses '${protocol}://'. Set security.enforceHttps: false to allow HTTP.`);
+	if (protocol !== "http" && protocol !== "https") throw new Error(`Invalid URL protocol '${protocol}://'. Only http:// and https:// are allowed.`);
+	if (!allowPrivateIPs) {
+		const hostname = parsedUrl.hostname.toLowerCase();
+		if (PRIVATE_IP_PATTERNS.some((pattern) => pattern.test(hostname))) throw new Error(`Private IP addresses and localhost are blocked for security (${hostname}). Set security.allowPrivateIPs: true to allow internal networks.`);
+	}
+}
+/**
+* Validate a remote config source against its validation rules
+*
+* @param source - Remote config source with validation rules
+* @throws Error if validation fails
+*/
+function validateRemoteConfigSource(source) {
+	const interpolatedUrl = interpolateEnvVars(source.url);
+	validateUrlSecurity(interpolatedUrl, source.security);
+	if (!source.validation) return;
+	if (source.validation.url) {
+		if (!new RegExp(source.validation.url).test(interpolatedUrl)) throw new Error(`Remote config URL "${interpolatedUrl}" does not match validation pattern: ${source.validation.url}`);
+	}
+	if (source.validation.headers && Object.keys(source.validation.headers).length > 0) {
+		if (!source.headers) {
+			const requiredHeaders = Object.keys(source.validation.headers);
+			throw new Error(`Remote config is missing required headers: ${requiredHeaders.join(", ")}`);
+		}
+		for (const [headerName, pattern] of Object.entries(source.validation.headers)) {
+			if (!(headerName in source.headers)) throw new Error(`Remote config is missing required header: ${headerName}`);
+			const interpolatedHeaderValue = interpolateEnvVars(source.headers[headerName]);
+			if (!new RegExp(pattern).test(interpolatedHeaderValue)) throw new Error(`Remote config header "${headerName}" value "${interpolatedHeaderValue}" does not match validation pattern: ${pattern}`);
+		}
+	}
+}
+/**
 * Claude Code / Claude Desktop standard MCP config format
 * This is the format users write in their config files
 */
@@ -130,10 +221,32 @@ const ClaudeCodeHttpServerSchema = zod.z.object({
 	config: AdditionalConfigSchema
 });
 const ClaudeCodeServerConfigSchema = zod.z.union([ClaudeCodeStdioServerSchema, ClaudeCodeHttpServerSchema]);
+const RemoteConfigValidationSchema = zod.z.object({
+	url: zod.z.string().optional(),
+	headers: zod.z.record(zod.z.string(), zod.z.string()).optional()
+}).optional();
+const RemoteConfigSecuritySchema = zod.z.object({
+	allowPrivateIPs: zod.z.boolean().optional(),
+	enforceHttps: zod.z.boolean().optional()
+}).optional();
+const RemoteConfigSourceSchema = zod.z.object({
+	url: zod.z.string(),
+	headers: zod.z.record(zod.z.string(), zod.z.string()).optional(),
+	validation: RemoteConfigValidationSchema,
+	security: RemoteConfigSecuritySchema,
+	mergeStrategy: zod.z.enum([
+		"local-priority",
+		"remote-priority",
+		"merge-deep"
+	]).optional()
+});
 /**
 * Full Claude Code MCP configuration schema
 */
-const ClaudeCodeMcpConfigSchema = zod.z.object({ mcpServers: zod.z.record(zod.z.string(), ClaudeCodeServerConfigSchema) });
+const ClaudeCodeMcpConfigSchema = zod.z.object({
+	mcpServers: zod.z.record(zod.z.string(), ClaudeCodeServerConfigSchema),
+	remoteConfigs: zod.z.array(RemoteConfigSourceSchema).optional()
+});
 /**
 * Internal MCP config format
 * This is the normalized format used internally by the proxy
@@ -242,6 +355,226 @@ function parseMcpConfig(rawConfig) {
 	return InternalMcpConfigSchema.parse(internalConfig);
 }
 
+//#endregion
+//#region src/services/RemoteConfigCacheService.ts
+/**
+* RemoteConfigCacheService
+*
+* DESIGN PATTERNS:
+* - Service pattern for cache management
+* - Single responsibility principle
+* - File-based caching with TTL support
+*
+* CODING STANDARDS:
+* - Use async/await for asynchronous operations
+* - Handle file system errors gracefully
+* - Keep cache organized by URL hash
+* - Implement automatic cache expiration
+*
+* AVOID:
+* - Storing sensitive data in cache (headers with tokens)
+* - Unbounded cache growth
+* - Missing error handling for file operations
+*/
+/**
+* Service for caching remote MCP configurations
+*/
+var RemoteConfigCacheService = class {
+	cacheDir;
+	cacheTTL;
+	readEnabled;
+	writeEnabled;
+	constructor(options) {
+		this.cacheDir = (0, node_path.join)((0, node_os.tmpdir)(), "one-mcp-cache", "remote-configs");
+		this.cacheTTL = options?.ttl || 3600 * 1e3;
+		this.readEnabled = options?.readEnabled !== void 0 ? options.readEnabled : true;
+		this.writeEnabled = options?.writeEnabled !== void 0 ? options.writeEnabled : true;
+	}
+	/**
+	* Generate a hash key from remote config URL
+	* Only uses URL for hashing to avoid caching credentials in the key
+	*/
+	generateCacheKey(url) {
+		return (0, node_crypto.createHash)("sha256").update(url).digest("hex");
+	}
+	/**
+	* Get the cache file path for a given cache key
+	*/
+	getCacheFilePath(cacheKey) {
+		return (0, node_path.join)(this.cacheDir, `${cacheKey}.json`);
+	}
+	/**
+	* Initialize cache directory
+	* Uses mkdir with recursive option which handles existing directories gracefully
+	* (no TOCTOU race condition from existsSync check)
+	*/
+	async ensureCacheDir() {
+		try {
+			await (0, node_fs_promises.mkdir)(this.cacheDir, { recursive: true });
+		} catch (error) {
+			if (error?.code !== "EEXIST") throw error;
+		}
+	}
+	/**
+	* Get cached data for a remote config URL
+	*/
+	async get(url) {
+		if (!this.readEnabled) return null;
+		try {
+			await this.ensureCacheDir();
+			const cacheKey = this.generateCacheKey(url);
+			const cacheFilePath = this.getCacheFilePath(cacheKey);
+			if (!(0, node_fs.existsSync)(cacheFilePath)) return null;
+			const cacheContent = await (0, node_fs_promises.readFile)(cacheFilePath, "utf-8");
+			const cacheEntry = JSON.parse(cacheContent);
+			const now = Date.now();
+			if (now > cacheEntry.expiresAt) {
+				await (0, node_fs_promises.unlink)(cacheFilePath).catch(() => {});
+				return null;
+			}
+			const expiresInSeconds = Math.round((cacheEntry.expiresAt - now) / 1e3);
+			console.error(`Remote config cache hit for ${url} (expires in ${expiresInSeconds}s)`);
+			return cacheEntry.data;
+		} catch (error) {
+			console.error(`Failed to read remote config cache for ${url}:`, error);
+			return null;
+		}
+	}
+	/**
+	* Set cached data for a remote config URL
+	*/
+	async set(url, data) {
+		if (!this.writeEnabled) return;
+		try {
+			await this.ensureCacheDir();
+			const cacheKey = this.generateCacheKey(url);
+			const cacheFilePath = this.getCacheFilePath(cacheKey);
+			const now = Date.now();
+			const cacheEntry = {
+				data,
+				timestamp: now,
+				expiresAt: now + this.cacheTTL,
+				url
+			};
+			await (0, node_fs_promises.writeFile)(cacheFilePath, JSON.stringify(cacheEntry, null, 2), "utf-8");
+			console.error(`Cached remote config for ${url} (TTL: ${Math.round(this.cacheTTL / 1e3)}s)`);
+		} catch (error) {
+			console.error(`Failed to write remote config cache for ${url}:`, error);
+		}
+	}
+	/**
+	* Clear cache for a specific URL
+	*/
+	async clear(url) {
+		try {
+			const cacheKey = this.generateCacheKey(url);
+			const cacheFilePath = this.getCacheFilePath(cacheKey);
+			if ((0, node_fs.existsSync)(cacheFilePath)) {
+				await (0, node_fs_promises.unlink)(cacheFilePath);
+				console.error(`Cleared remote config cache for ${url}`);
+			}
+		} catch (error) {
+			console.error(`Failed to clear remote config cache for ${url}:`, error);
+		}
+	}
+	/**
+	* Clear all cached remote configs
+	*/
+	async clearAll() {
+		try {
+			if (!(0, node_fs.existsSync)(this.cacheDir)) return;
+			const files = await (0, node_fs_promises.readdir)(this.cacheDir);
+			const deletePromises = files.filter((file) => file.endsWith(".json")).map((file) => (0, node_fs_promises.unlink)((0, node_path.join)(this.cacheDir, file)).catch(() => {}));
+			await Promise.all(deletePromises);
+			console.error(`Cleared all remote config cache entries (${files.length} files)`);
+		} catch (error) {
+			console.error("Failed to clear all remote config cache:", error);
+		}
+	}
+	/**
+	* Clean up expired cache entries
+	*/
+	async cleanExpired() {
+		try {
+			if (!(0, node_fs.existsSync)(this.cacheDir)) return;
+			const now = Date.now();
+			const files = await (0, node_fs_promises.readdir)(this.cacheDir);
+			let expiredCount = 0;
+			for (const file of files) {
+				if (!file.endsWith(".json")) continue;
+				const filePath = (0, node_path.join)(this.cacheDir, file);
+				try {
+					const content = await (0, node_fs_promises.readFile)(filePath, "utf-8");
+					if (now > JSON.parse(content).expiresAt) {
+						await (0, node_fs_promises.unlink)(filePath);
+						expiredCount++;
+					}
+				} catch (error) {
+					await (0, node_fs_promises.unlink)(filePath).catch(() => {});
+					expiredCount++;
+				}
+			}
+			if (expiredCount > 0) console.error(`Cleaned up ${expiredCount} expired remote config cache entries`);
+		} catch (error) {
+			console.error("Failed to clean expired remote config cache:", error);
+		}
+	}
+	/**
+	* Get cache statistics
+	*/
+	async getStats() {
+		try {
+			if (!(0, node_fs.existsSync)(this.cacheDir)) return {
+				totalEntries: 0,
+				totalSize: 0
+			};
+			const jsonFiles = (await (0, node_fs_promises.readdir)(this.cacheDir)).filter((file) => file.endsWith(".json"));
+			let totalSize = 0;
+			for (const file of jsonFiles) {
+				const filePath = (0, node_path.join)(this.cacheDir, file);
+				try {
+					const content = await (0, node_fs_promises.readFile)(filePath, "utf-8");
+					totalSize += Buffer.byteLength(content, "utf-8");
+				} catch {}
+			}
+			return {
+				totalEntries: jsonFiles.length,
+				totalSize
+			};
+		} catch (error) {
+			console.error("Failed to get remote config cache stats:", error);
+			return {
+				totalEntries: 0,
+				totalSize: 0
+			};
+		}
+	}
+	/**
+	* Check if read from cache is enabled
+	*/
+	isReadEnabled() {
+		return this.readEnabled;
+	}
+	/**
+	* Check if write to cache is enabled
+	*/
+	isWriteEnabled() {
+		return this.writeEnabled;
+	}
+	/**
+	* Set read enabled state
+	*/
+	setReadEnabled(enabled) {
+		this.readEnabled = enabled;
+	}
+	/**
+	* Set write enabled state
+	*/
+	setWriteEnabled(enabled) {
+		this.writeEnabled = enabled;
+	}
+};
+
 //#endregion
 //#region src/services/ConfigFetcherService.ts
 /**
@@ -263,35 +596,62 @@ function parseMcpConfig(rawConfig) {
 * - Direct tool implementation (services should be tool-agnostic)
 */
 /**
-* Service for fetching and caching MCP server configurations from local file
+* Service for fetching and caching MCP server configurations from local file and remote sources
+* Supports merging multiple remote configs with local config
 */
 var ConfigFetcherService = class {
 	configFilePath;
 	cacheTtlMs;
 	cachedConfig = null;
 	lastFetchTime = 0;
+	remoteConfigCache;
 	constructor(options) {
 		this.configFilePath = options.configFilePath;
 		this.cacheTtlMs = options.cacheTtlMs || 6e4;
+		const useCache = options.useCache !== void 0 ? options.useCache : true;
+		this.remoteConfigCache = new RemoteConfigCacheService({
+			ttl: options.remoteCacheTtlMs || 3600 * 1e3,
+			readEnabled: useCache,
+			writeEnabled: true
+		});
 		if (!this.configFilePath) throw new Error("configFilePath must be provided");
 	}
 	/**
-	* Fetch MCP configuration from local file with caching
+	* Fetch MCP configuration from local file and remote sources with caching
+	* Merges remote configs with local config based on merge strategy
 	* @param forceRefresh - Force reload from source, bypassing cache
 	*/
 	async fetchConfiguration(forceRefresh = false) {
 		const now = Date.now();
 		if (!forceRefresh && this.cachedConfig && now - this.lastFetchTime < this.cacheTtlMs) return this.cachedConfig;
-		const config = await this.loadFromFile();
-		if (!config.mcpServers || typeof config.mcpServers !== "object") throw new Error("Invalid MCP configuration: missing or invalid mcpServers");
-		this.cachedConfig = config;
+		const localConfigData = await this.loadRawConfigFromFile();
+		const remoteConfigSources = localConfigData.remoteConfigs || [];
+		let mergedConfig = await this.parseConfig(localConfigData);
+		const remoteConfigPromises = remoteConfigSources.map(async (remoteSource) => {
+			try {
+				validateRemoteConfigSource(remoteSource);
+				return {
+					config: await this.loadFromUrl(remoteSource),
+					mergeStrategy: remoteSource.mergeStrategy || "local-priority",
+					url: remoteSource.url
+				};
+			} catch (error) {
+				if (error instanceof Error) console.error(`Failed to fetch remote config from ${remoteSource.url}: ${error.message}`);
+				return null;
+			}
+		});
+		const remoteConfigResults = await Promise.all(remoteConfigPromises);
+		for (const result of remoteConfigResults) if (result !== null) mergedConfig = this.mergeConfigurations(mergedConfig, result.config, result.mergeStrategy);
+		if (!mergedConfig.mcpServers || typeof mergedConfig.mcpServers !== "object") throw new Error("Invalid MCP configuration: missing or invalid mcpServers");
+		this.cachedConfig = mergedConfig;
 		this.lastFetchTime = now;
-		return config;
+		return mergedConfig;
 	}
 	/**
-	* Load configuration from a local file (supports JSON and YAML)
+	* Load raw configuration data from a local file (supports JSON and YAML)
+	* Returns unparsed config data to allow access to remoteConfigs
 	*/
-	async loadFromFile() {
+	async loadRawConfigFromFile() {
 		if (!this.configFilePath) throw new Error("No config file path provided");
 		if (!(0, node_fs.existsSync)(this.configFilePath)) throw new Error(`Config file not found: ${this.configFilePath}`);
 		try {
@@ -299,13 +659,117 @@ var ConfigFetcherService = class {
 			let rawConfig;
 			if (this.configFilePath.endsWith(".yaml") || this.configFilePath.endsWith(".yml")) rawConfig = js_yaml.default.load(content);
 			else rawConfig = JSON.parse(content);
-			return parseMcpConfig(rawConfig);
+			return rawConfig;
 		} catch (error) {
 			if (error instanceof Error) throw new Error(`Failed to load config file: ${error.message}`);
 			throw new Error("Failed to load config file: Unknown error");
 		}
 	}
 	/**
+	* Parse raw config data using Zod schema
+	* Filters out remoteConfigs to avoid including them in the final config
+	*/
+	async parseConfig(rawConfig) {
+		try {
+			const { remoteConfigs, ...configWithoutRemote } = rawConfig;
+			return parseMcpConfig(configWithoutRemote);
+		} catch (error) {
+			if (error instanceof Error) throw new Error(`Failed to parse config: ${error.message}`);
+			throw new Error("Failed to parse config: Unknown error");
+		}
+	}
+	/**
+	* Load configuration from a remote URL with caching
+	*
+	* SECURITY NOTE: This method fetches remote configs based on URLs from the local config file.
+	* This is intentional and safe because:
+	* 1. URLs are user-controlled via their local config file (not external input)
+	* 2. SSRF protection validates URLs before fetching (blocks private IPs, enforces HTTPS)
+	* 3. Users explicitly opt-in to remote configs in their local configuration
+	* 4. This enables centralized config management (intended feature, not a vulnerability)
+	*
+	* CodeQL alert "file-access-to-http" is a false positive here - we're not leaking
+	* file contents to arbitrary URLs, we're fetching configs from user-specified sources.
+	*/
+	async loadFromUrl(source) {
+		try {
+			const interpolatedUrl = this.interpolateEnvVars(source.url);
+			const cachedConfig = await this.remoteConfigCache.get(interpolatedUrl);
+			if (cachedConfig) return cachedConfig;
+			const interpolatedHeaders = source.headers ? Object.fromEntries(Object.entries(source.headers).map(([key, value]) => [key, this.interpolateEnvVars(value)])) : {};
+			const response = await fetch(interpolatedUrl, { headers: interpolatedHeaders });
+			if (!response.ok) throw new Error(`Failed to fetch remote config: ${response.status} ${response.statusText}`);
+			const config = parseMcpConfig(await response.json());
+			await this.remoteConfigCache.set(interpolatedUrl, config);
+			return config;
+		} catch (error) {
+			if (error instanceof Error) throw new Error(`Failed to fetch remote config from ${source.url}: ${error.message}`);
+			throw new Error(`Failed to fetch remote config from ${source.url}: Unknown error`);
+		}
+	}
+	/**
+	* Interpolate environment variables in a string
+	* Supports ${VAR_NAME} syntax
+	*/
+	interpolateEnvVars(value) {
+		return value.replace(/\$\{([^}]+)\}/g, (_, varName) => {
+			const envValue = process.env[varName];
+			if (envValue === void 0) {
+				console.warn(`Environment variable ${varName} is not defined, keeping placeholder`);
+				return `\${${varName}}`;
+			}
+			return envValue;
+		});
+	}
+	/**
+	* Merge two MCP configurations based on the specified merge strategy
+	* @param localConfig Configuration loaded from local file
+	* @param remoteConfig Configuration loaded from remote URL
+	* @param mergeStrategy Strategy for merging configs
+	* @returns Merged configuration
+	*/
+	mergeConfigurations(localConfig, remoteConfig, mergeStrategy) {
+		switch (mergeStrategy) {
+			case "local-priority": return { mcpServers: {
+				...remoteConfig.mcpServers,
+				...localConfig.mcpServers
+			} };
+			case "remote-priority": return { mcpServers: {
+				...localConfig.mcpServers,
+				...remoteConfig.mcpServers
+			} };
+			case "merge-deep": {
+				const merged = { ...remoteConfig.mcpServers };
+				for (const [serverName, localServerConfig] of Object.entries(localConfig.mcpServers)) if (merged[serverName]) {
+					const remoteServer = merged[serverName];
+					const mergedConfig = {
+						...remoteServer.config,
+						...localServerConfig.config
+					};
+					const remoteEnv = "env" in remoteServer.config ? remoteServer.config.env : void 0;
+					const localEnv = "env" in localServerConfig.config ? localServerConfig.config.env : void 0;
+					if (remoteEnv || localEnv) mergedConfig.env = {
+						...remoteEnv || {},
+						...localEnv || {}
+					};
+					const remoteHeaders = "headers" in remoteServer.config ? remoteServer.config.headers : void 0;
+					const localHeaders = "headers" in localServerConfig.config ? localServerConfig.config.headers : void 0;
+					if (remoteHeaders || localHeaders) mergedConfig.headers = {
+						...remoteHeaders || {},
+						...localHeaders || {}
+					};
+					merged[serverName] = {
+						...remoteServer,
+						...localServerConfig,
+						config: mergedConfig
+					};
+				} else merged[serverName] = localServerConfig;
+				return { mcpServers: merged };
+			}
+			default: throw new Error(`Unknown merge strategy: ${mergeStrategy}`);
+		}
+	}
+	/**
 	* Clear the cached configuration
 	*/
 	clearCache() {
@@ -862,7 +1326,10 @@ async function createServer(options) {
 	}, { capabilities: { tools: {} } });
 	const clientManager = new McpClientManagerService();
 	if (options?.configFilePath) try {
-		const config = await new ConfigFetcherService({ configFilePath: options.configFilePath }).fetchConfiguration(options.noCache || false);
+		const config = await new ConfigFetcherService({
+			configFilePath: options.configFilePath,
+			useCache: !options.noCache
+		}).fetchConfiguration(options.noCache || false);
 		const connectionPromises = Object.entries(config.mcpServers).map(async ([serverName, serverConfig]) => {
 			try {
 				await clientManager.connectToServer(serverName, serverConfig);

package/dist/{http-B1EDyxR_.mjs → http-CkWO35l-.mjs}

@@ -1,16 +1,18 @@
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";
 import { CallToolRequestSchema, ListToolsRequestSchema, isInitializeRequest } from "@modelcontextprotocol/sdk/types.js";
-import { readFile } from "node:fs/promises";
+import { mkdir, readFile, readdir, unlink, writeFile } from "node:fs/promises";
 import { existsSync } from "node:fs";
 import yaml from "js-yaml";
 import { z } from "zod";
+import { createHash, randomUUID } from "node:crypto";
+import { join } from "node:path";
+import { tmpdir } from "node:os";
 import { Client } from "@modelcontextprotocol/sdk/client/index.js";
 import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js";
 import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { SSEServerTransport } from "@modelcontextprotocol/sdk/server/sse.js";
 import express from "express";
-import { randomUUID } from "node:crypto";
 import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
 
 //#region src/utils/mcpConfigSchema.ts
@@ -80,6 +82,95 @@ function interpolateEnvVarsInObject(obj) {
 	return obj;
 }
 /**
+* Private IP range patterns for SSRF protection
+* Covers both IPv4 and IPv6 loopback, private, and link-local ranges
+*/
+const PRIVATE_IP_PATTERNS = [
+	/^127\./,
+	/^10\./,
+	/^172\.(1[6-9]|2\d|3[01])\./,
+	/^192\.168\./,
+	/^169\.254\./,
+	/^0\./,
+	/^224\./,
+	/^240\./,
+	/^localhost$/i,
+	/^.*\.localhost$/i,
+	/^\[::\]/,
+	/^\[::1\]/,
+	/^\[0:0:0:0:0:0:0:1\]/,
+	/^\[0{1,4}:0{1,4}:0{1,4}:0{1,4}:0{1,4}:0{1,4}:0{1,4}:1\]/i,
+	/^\[fe80:/i,
+	/^\[fc00:/i,
+	/^\[fd00:/i,
+	/^\[::ffff:127\./i,
+	/^\[::ffff:7f[0-9a-f]{2}:/i,
+	/^\[::ffff:10\./i,
+	/^\[::ffff:a[0-9a-f]{2}:/i,
+	/^\[::ffff:172\.(1[6-9]|2\d|3[01])\./i,
+	/^\[::ffff:ac1[0-9a-f]:/i,
+	/^\[::ffff:192\.168\./i,
+	/^\[::ffff:c0a8:/i,
+	/^\[::ffff:169\.254\./i,
+	/^\[::ffff:a9fe:/i,
+	/^\[::ffff:0\./i,
+	/^\[::127\./i,
+	/^\[::7f[0-9a-f]{2}:/i,
+	/^\[::10\./i,
+	/^\[::a[0-9a-f]{2}:/i,
+	/^\[::192\.168\./i,
+	/^\[::c0a8:/i
+];
+/**
+* Validate URL for SSRF protection
+*
+* @param url - The URL to validate (after env var interpolation)
+* @param security - Security settings
+* @throws Error if URL is unsafe
+*/
+function validateUrlSecurity(url, security) {
+	const allowPrivateIPs = security?.allowPrivateIPs ?? false;
+	const enforceHttps = security?.enforceHttps ?? true;
+	let parsedUrl;
+	try {
+		parsedUrl = new URL(url);
+	} catch (error) {
+		throw new Error(`Invalid URL format: ${url}`);
+	}
+	const protocol = parsedUrl.protocol.replace(":", "");
+	if (enforceHttps && protocol !== "https") throw new Error(`HTTPS is required for security. URL uses '${protocol}://'. Set security.enforceHttps: false to allow HTTP.`);
+	if (protocol !== "http" && protocol !== "https") throw new Error(`Invalid URL protocol '${protocol}://'. Only http:// and https:// are allowed.`);
+	if (!allowPrivateIPs) {
+		const hostname = parsedUrl.hostname.toLowerCase();
+		if (PRIVATE_IP_PATTERNS.some((pattern) => pattern.test(hostname))) throw new Error(`Private IP addresses and localhost are blocked for security (${hostname}). Set security.allowPrivateIPs: true to allow internal networks.`);
+	}
+}
+/**
+* Validate a remote config source against its validation rules
+*
+* @param source - Remote config source with validation rules
+* @throws Error if validation fails
+*/
+function validateRemoteConfigSource(source) {
+	const interpolatedUrl = interpolateEnvVars(source.url);
+	validateUrlSecurity(interpolatedUrl, source.security);
+	if (!source.validation) return;
+	if (source.validation.url) {
+		if (!new RegExp(source.validation.url).test(interpolatedUrl)) throw new Error(`Remote config URL "${interpolatedUrl}" does not match validation pattern: ${source.validation.url}`);
+	}
+	if (source.validation.headers && Object.keys(source.validation.headers).length > 0) {
+		if (!source.headers) {
+			const requiredHeaders = Object.keys(source.validation.headers);
+			throw new Error(`Remote config is missing required headers: ${requiredHeaders.join(", ")}`);
+		}
+		for (const [headerName, pattern] of Object.entries(source.validation.headers)) {
+			if (!(headerName in source.headers)) throw new Error(`Remote config is missing required header: ${headerName}`);
+			const interpolatedHeaderValue = interpolateEnvVars(source.headers[headerName]);
+			if (!new RegExp(pattern).test(interpolatedHeaderValue)) throw new Error(`Remote config header "${headerName}" value "${interpolatedHeaderValue}" does not match validation pattern: ${pattern}`);
+		}
+	}
+}
+/**
 * Claude Code / Claude Desktop standard MCP config format
 * This is the format users write in their config files
 */
@@ -105,10 +196,32 @@ const ClaudeCodeHttpServerSchema = z.object({
 	config: AdditionalConfigSchema
 });
 const ClaudeCodeServerConfigSchema = z.union([ClaudeCodeStdioServerSchema, ClaudeCodeHttpServerSchema]);
+const RemoteConfigValidationSchema = z.object({
+	url: z.string().optional(),
+	headers: z.record(z.string(), z.string()).optional()
+}).optional();
+const RemoteConfigSecuritySchema = z.object({
+	allowPrivateIPs: z.boolean().optional(),
+	enforceHttps: z.boolean().optional()
+}).optional();
+const RemoteConfigSourceSchema = z.object({
+	url: z.string(),
+	headers: z.record(z.string(), z.string()).optional(),
+	validation: RemoteConfigValidationSchema,
+	security: RemoteConfigSecuritySchema,
+	mergeStrategy: z.enum([
+		"local-priority",
+		"remote-priority",
+		"merge-deep"
+	]).optional()
+});
 /**
 * Full Claude Code MCP configuration schema
 */
-const ClaudeCodeMcpConfigSchema = z.object({ mcpServers: z.record(z.string(), ClaudeCodeServerConfigSchema) });
+const ClaudeCodeMcpConfigSchema = z.object({
+	mcpServers: z.record(z.string(), ClaudeCodeServerConfigSchema),
+	remoteConfigs: z.array(RemoteConfigSourceSchema).optional()
+});
 /**
 * Internal MCP config format
 * This is the normalized format used internally by the proxy
@@ -217,6 +330,226 @@ function parseMcpConfig(rawConfig) {
 	return InternalMcpConfigSchema.parse(internalConfig);
 }
 
+//#endregion
+//#region src/services/RemoteConfigCacheService.ts
+/**
+* RemoteConfigCacheService
+*
+* DESIGN PATTERNS:
+* - Service pattern for cache management
+* - Single responsibility principle
+* - File-based caching with TTL support
+*
+* CODING STANDARDS:
+* - Use async/await for asynchronous operations
+* - Handle file system errors gracefully
+* - Keep cache organized by URL hash
+* - Implement automatic cache expiration
+*
+* AVOID:
+* - Storing sensitive data in cache (headers with tokens)
+* - Unbounded cache growth
+* - Missing error handling for file operations
+*/
+/**
+* Service for caching remote MCP configurations
+*/
+var RemoteConfigCacheService = class {
+	cacheDir;
+	cacheTTL;
+	readEnabled;
+	writeEnabled;
+	constructor(options) {
+		this.cacheDir = join(tmpdir(), "one-mcp-cache", "remote-configs");
+		this.cacheTTL = options?.ttl || 3600 * 1e3;
+		this.readEnabled = options?.readEnabled !== void 0 ? options.readEnabled : true;
+		this.writeEnabled = options?.writeEnabled !== void 0 ? options.writeEnabled : true;
+	}
+	/**
+	* Generate a hash key from remote config URL
+	* Only uses URL for hashing to avoid caching credentials in the key
+	*/
+	generateCacheKey(url) {
+		return createHash("sha256").update(url).digest("hex");
+	}
+	/**
+	* Get the cache file path for a given cache key
+	*/
+	getCacheFilePath(cacheKey) {
+		return join(this.cacheDir, `${cacheKey}.json`);
+	}
+	/**
+	* Initialize cache directory
+	* Uses mkdir with recursive option which handles existing directories gracefully
+	* (no TOCTOU race condition from existsSync check)
+	*/
+	async ensureCacheDir() {
+		try {
+			await mkdir(this.cacheDir, { recursive: true });
+		} catch (error) {
+			if (error?.code !== "EEXIST") throw error;
+		}
+	}
+	/**
+	* Get cached data for a remote config URL
+	*/
+	async get(url) {
+		if (!this.readEnabled) return null;
+		try {
+			await this.ensureCacheDir();
+			const cacheKey = this.generateCacheKey(url);
+			const cacheFilePath = this.getCacheFilePath(cacheKey);
+			if (!existsSync(cacheFilePath)) return null;
+			const cacheContent = await readFile(cacheFilePath, "utf-8");
+			const cacheEntry = JSON.parse(cacheContent);
+			const now = Date.now();
+			if (now > cacheEntry.expiresAt) {
+				await unlink(cacheFilePath).catch(() => {});
+				return null;
+			}
+			const expiresInSeconds = Math.round((cacheEntry.expiresAt - now) / 1e3);
+			console.error(`Remote config cache hit for ${url} (expires in ${expiresInSeconds}s)`);
+			return cacheEntry.data;
+		} catch (error) {
+			console.error(`Failed to read remote config cache for ${url}:`, error);
+			return null;
+		}
+	}
+	/**
+	* Set cached data for a remote config URL
+	*/
+	async set(url, data) {
+		if (!this.writeEnabled) return;
+		try {
+			await this.ensureCacheDir();
+			const cacheKey = this.generateCacheKey(url);
+			const cacheFilePath = this.getCacheFilePath(cacheKey);
+			const now = Date.now();
+			const cacheEntry = {
+				data,
+				timestamp: now,
+				expiresAt: now + this.cacheTTL,
+				url
+			};
+			await writeFile(cacheFilePath, JSON.stringify(cacheEntry, null, 2), "utf-8");
+			console.error(`Cached remote config for ${url} (TTL: ${Math.round(this.cacheTTL / 1e3)}s)`);
+		} catch (error) {
+			console.error(`Failed to write remote config cache for ${url}:`, error);
+		}
+	}
+	/**
+	* Clear cache for a specific URL
+	*/
+	async clear(url) {
+		try {
+			const cacheKey = this.generateCacheKey(url);
+			const cacheFilePath = this.getCacheFilePath(cacheKey);
+			if (existsSync(cacheFilePath)) {
+				await unlink(cacheFilePath);
+				console.error(`Cleared remote config cache for ${url}`);
+			}
+		} catch (error) {
+			console.error(`Failed to clear remote config cache for ${url}:`, error);
+		}
+	}
+	/**
+	* Clear all cached remote configs
+	*/
+	async clearAll() {
+		try {
+			if (!existsSync(this.cacheDir)) return;
+			const files = await readdir(this.cacheDir);
+			const deletePromises = files.filter((file) => file.endsWith(".json")).map((file) => unlink(join(this.cacheDir, file)).catch(() => {}));
+			await Promise.all(deletePromises);
+			console.error(`Cleared all remote config cache entries (${files.length} files)`);
+		} catch (error) {
+			console.error("Failed to clear all remote config cache:", error);
+		}
+	}
+	/**
+	* Clean up expired cache entries
+	*/
+	async cleanExpired() {
+		try {
+			if (!existsSync(this.cacheDir)) return;
+			const now = Date.now();
+			const files = await readdir(this.cacheDir);
+			let expiredCount = 0;
+			for (const file of files) {
+				if (!file.endsWith(".json")) continue;
+				const filePath = join(this.cacheDir, file);
+				try {
+					const content = await readFile(filePath, "utf-8");
+					if (now > JSON.parse(content).expiresAt) {
+						await unlink(filePath);
+						expiredCount++;
+					}
+				} catch (error) {
+					await unlink(filePath).catch(() => {});
+					expiredCount++;
+				}
+			}
+			if (expiredCount > 0) console.error(`Cleaned up ${expiredCount} expired remote config cache entries`);
+		} catch (error) {
+			console.error("Failed to clean expired remote config cache:", error);
+		}
+	}
+	/**
+	* Get cache statistics
+	*/
+	async getStats() {
+		try {
+			if (!existsSync(this.cacheDir)) return {
+				totalEntries: 0,
+				totalSize: 0
+			};
+			const jsonFiles = (await readdir(this.cacheDir)).filter((file) => file.endsWith(".json"));
+			let totalSize = 0;
+			for (const file of jsonFiles) {
+				const filePath = join(this.cacheDir, file);
+				try {
+					const content = await readFile(filePath, "utf-8");
+					totalSize += Buffer.byteLength(content, "utf-8");
+				} catch {}
+			}
+			return {
+				totalEntries: jsonFiles.length,
+				totalSize
+			};
+		} catch (error) {
+			console.error("Failed to get remote config cache stats:", error);
+			return {
+				totalEntries: 0,
+				totalSize: 0
+			};
+		}
+	}
+	/**
+	* Check if read from cache is enabled
+	*/
+	isReadEnabled() {
+		return this.readEnabled;
+	}
+	/**
+	* Check if write to cache is enabled
+	*/
+	isWriteEnabled() {
+		return this.writeEnabled;
+	}
+	/**
+	* Set read enabled state
+	*/
+	setReadEnabled(enabled) {
+		this.readEnabled = enabled;
+	}
+	/**
+	* Set write enabled state
+	*/
+	setWriteEnabled(enabled) {
+		this.writeEnabled = enabled;
+	}
+};
+
 //#endregion
 //#region src/services/ConfigFetcherService.ts
 /**
@@ -238,35 +571,62 @@ function parseMcpConfig(rawConfig) {
 * - Direct tool implementation (services should be tool-agnostic)
 */
 /**
-* Service for fetching and caching MCP server configurations from local file
+* Service for fetching and caching MCP server configurations from local file and remote sources
+* Supports merging multiple remote configs with local config
 */
 var ConfigFetcherService = class {
 	configFilePath;
 	cacheTtlMs;
 	cachedConfig = null;
 	lastFetchTime = 0;
+	remoteConfigCache;
 	constructor(options) {
 		this.configFilePath = options.configFilePath;
 		this.cacheTtlMs = options.cacheTtlMs || 6e4;
+		const useCache = options.useCache !== void 0 ? options.useCache : true;
+		this.remoteConfigCache = new RemoteConfigCacheService({
+			ttl: options.remoteCacheTtlMs || 3600 * 1e3,
+			readEnabled: useCache,
+			writeEnabled: true
+		});
 		if (!this.configFilePath) throw new Error("configFilePath must be provided");
 	}
 	/**
-	* Fetch MCP configuration from local file with caching
+	* Fetch MCP configuration from local file and remote sources with caching
+	* Merges remote configs with local config based on merge strategy
 	* @param forceRefresh - Force reload from source, bypassing cache
 	*/
 	async fetchConfiguration(forceRefresh = false) {
 		const now = Date.now();
 		if (!forceRefresh && this.cachedConfig && now - this.lastFetchTime < this.cacheTtlMs) return this.cachedConfig;
-		const config = await this.loadFromFile();
-		if (!config.mcpServers || typeof config.mcpServers !== "object") throw new Error("Invalid MCP configuration: missing or invalid mcpServers");
-		this.cachedConfig = config;
+		const localConfigData = await this.loadRawConfigFromFile();
+		const remoteConfigSources = localConfigData.remoteConfigs || [];
+		let mergedConfig = await this.parseConfig(localConfigData);
+		const remoteConfigPromises = remoteConfigSources.map(async (remoteSource) => {
+			try {
+				validateRemoteConfigSource(remoteSource);
+				return {
+					config: await this.loadFromUrl(remoteSource),
+					mergeStrategy: remoteSource.mergeStrategy || "local-priority",
+					url: remoteSource.url
+				};
+			} catch (error) {
+				if (error instanceof Error) console.error(`Failed to fetch remote config from ${remoteSource.url}: ${error.message}`);
+				return null;
+			}
+		});
+		const remoteConfigResults = await Promise.all(remoteConfigPromises);
+		for (const result of remoteConfigResults) if (result !== null) mergedConfig = this.mergeConfigurations(mergedConfig, result.config, result.mergeStrategy);
+		if (!mergedConfig.mcpServers || typeof mergedConfig.mcpServers !== "object") throw new Error("Invalid MCP configuration: missing or invalid mcpServers");
+		this.cachedConfig = mergedConfig;
 		this.lastFetchTime = now;
-		return config;
+		return mergedConfig;
 	}
 	/**
-	* Load configuration from a local file (supports JSON and YAML)
+	* Load raw configuration data from a local file (supports JSON and YAML)
+	* Returns unparsed config data to allow access to remoteConfigs
 	*/
-	async loadFromFile() {
+	async loadRawConfigFromFile() {
 		if (!this.configFilePath) throw new Error("No config file path provided");
 		if (!existsSync(this.configFilePath)) throw new Error(`Config file not found: ${this.configFilePath}`);
 		try {
@@ -274,13 +634,117 @@ var ConfigFetcherService = class {
 			let rawConfig;
 			if (this.configFilePath.endsWith(".yaml") || this.configFilePath.endsWith(".yml")) rawConfig = yaml.load(content);
 			else rawConfig = JSON.parse(content);
-			return parseMcpConfig(rawConfig);
+			return rawConfig;
 		} catch (error) {
 			if (error instanceof Error) throw new Error(`Failed to load config file: ${error.message}`);
 			throw new Error("Failed to load config file: Unknown error");
 		}
 	}
 	/**
+	* Parse raw config data using Zod schema
+	* Filters out remoteConfigs to avoid including them in the final config
+	*/
+	async parseConfig(rawConfig) {
+		try {
+			const { remoteConfigs, ...configWithoutRemote } = rawConfig;
+			return parseMcpConfig(configWithoutRemote);
+		} catch (error) {
+			if (error instanceof Error) throw new Error(`Failed to parse config: ${error.message}`);
+			throw new Error("Failed to parse config: Unknown error");
+		}
+	}
+	/**
+	* Load configuration from a remote URL with caching
+	*
+	* SECURITY NOTE: This method fetches remote configs based on URLs from the local config file.
+	* This is intentional and safe because:
+	* 1. URLs are user-controlled via their local config file (not external input)
+	* 2. SSRF protection validates URLs before fetching (blocks private IPs, enforces HTTPS)
+	* 3. Users explicitly opt-in to remote configs in their local configuration
+	* 4. This enables centralized config management (intended feature, not a vulnerability)
+	*
+	* CodeQL alert "file-access-to-http" is a false positive here - we're not leaking
+	* file contents to arbitrary URLs, we're fetching configs from user-specified sources.
+	*/
+	async loadFromUrl(source) {
+		try {
+			const interpolatedUrl = this.interpolateEnvVars(source.url);
+			const cachedConfig = await this.remoteConfigCache.get(interpolatedUrl);
+			if (cachedConfig) return cachedConfig;
+			const interpolatedHeaders = source.headers ? Object.fromEntries(Object.entries(source.headers).map(([key, value]) => [key, this.interpolateEnvVars(value)])) : {};
+			const response = await fetch(interpolatedUrl, { headers: interpolatedHeaders });
+			if (!response.ok) throw new Error(`Failed to fetch remote config: ${response.status} ${response.statusText}`);
+			const config = parseMcpConfig(await response.json());
+			await this.remoteConfigCache.set(interpolatedUrl, config);
+			return config;
+		} catch (error) {
+			if (error instanceof Error) throw new Error(`Failed to fetch remote config from ${source.url}: ${error.message}`);
+			throw new Error(`Failed to fetch remote config from ${source.url}: Unknown error`);
+		}
+	}
+	/**
+	* Interpolate environment variables in a string
+	* Supports ${VAR_NAME} syntax
+	*/
+	interpolateEnvVars(value) {
+		return value.replace(/\$\{([^}]+)\}/g, (_, varName) => {
+			const envValue = process.env[varName];
+			if (envValue === void 0) {
+				console.warn(`Environment variable ${varName} is not defined, keeping placeholder`);
+				return `\${${varName}}`;
+			}
+			return envValue;
+		});
+	}
+	/**
+	* Merge two MCP configurations based on the specified merge strategy
+	* @param localConfig Configuration loaded from local file
+	* @param remoteConfig Configuration loaded from remote URL
+	* @param mergeStrategy Strategy for merging configs
+	* @returns Merged configuration
+	*/
+	mergeConfigurations(localConfig, remoteConfig, mergeStrategy) {
+		switch (mergeStrategy) {
+			case "local-priority": return { mcpServers: {
+				...remoteConfig.mcpServers,
+				...localConfig.mcpServers
+			} };
+			case "remote-priority": return { mcpServers: {
+				...localConfig.mcpServers,
+				...remoteConfig.mcpServers
+			} };
+			case "merge-deep": {
+				const merged = { ...remoteConfig.mcpServers };
+				for (const [serverName, localServerConfig] of Object.entries(localConfig.mcpServers)) if (merged[serverName]) {
+					const remoteServer = merged[serverName];
+					const mergedConfig = {
+						...remoteServer.config,
+						...localServerConfig.config
+					};
+					const remoteEnv = "env" in remoteServer.config ? remoteServer.config.env : void 0;
+					const localEnv = "env" in localServerConfig.config ? localServerConfig.config.env : void 0;
+					if (remoteEnv || localEnv) mergedConfig.env = {
+						...remoteEnv || {},
+						...localEnv || {}
+					};
+					const remoteHeaders = "headers" in remoteServer.config ? remoteServer.config.headers : void 0;
+					const localHeaders = "headers" in localServerConfig.config ? localServerConfig.config.headers : void 0;
+					if (remoteHeaders || localHeaders) mergedConfig.headers = {
+						...remoteHeaders || {},
+						...localHeaders || {}
+					};
+					merged[serverName] = {
+						...remoteServer,
+						...localServerConfig,
+						config: mergedConfig
+					};
+				} else merged[serverName] = localServerConfig;
+				return { mcpServers: merged };
+			}
+			default: throw new Error(`Unknown merge strategy: ${mergeStrategy}`);
+		}
+	}
+	/**
 	* Clear the cached configuration
 	*/
 	clearCache() {
@@ -837,7 +1301,10 @@ async function createServer(options) {
 	}, { capabilities: { tools: {} } });
 	const clientManager = new McpClientManagerService();
 	if (options?.configFilePath) try {
-		const config = await new ConfigFetcherService({ configFilePath: options.configFilePath }).fetchConfiguration(options.noCache || false);
+		const config = await new ConfigFetcherService({
+			configFilePath: options.configFilePath,
+			useCache: !options.noCache
+		}).fetchConfiguration(options.noCache || false);
 		const connectionPromises = Object.entries(config.mcpServers).map(async ([serverName, serverConfig]) => {
 			try {
 				await clientManager.connectToServer(serverName, serverConfig);
@@ -990,14 +1457,14 @@ var SseTransportHandler = class {
 		}
 	}
 	async start() {
-		return new Promise((resolve, reject) => {
+		return new Promise((resolve$1, reject) => {
 			try {
 				this.server = this.app.listen(this.config.port, this.config.host, () => {
 					console.error(`@agiflowai/one-mcp MCP server started with SSE transport on http://${this.config.host}:${this.config.port}`);
 					console.error(`SSE endpoint: http://${this.config.host}:${this.config.port}/sse`);
 					console.error(`Messages endpoint: http://${this.config.host}:${this.config.port}/messages`);
 					console.error(`Health check: http://${this.config.host}:${this.config.port}/health`);
-					resolve();
+					resolve$1();
 				});
 				this.server.on("error", (error) => {
 					reject(error);
@@ -1008,17 +1475,17 @@ var SseTransportHandler = class {
 		});
 	}
 	async stop() {
-		return new Promise((resolve, reject) => {
+		return new Promise((resolve$1, reject) => {
 			if (this.server) {
 				this.sessionManager.clear();
 				this.server.close((err) => {
 					if (err) reject(err);
 					else {
 						this.server = null;
-						resolve();
+						resolve$1();
 					}
 				});
-			} else resolve();
+			} else resolve$1();
 		});
 	}
 	getPort() {
@@ -1170,12 +1637,12 @@ var HttpTransportHandler = class {
 		this.sessionManager.deleteSession(sessionId);
 	}
 	async start() {
-		return new Promise((resolve, reject) => {
+		return new Promise((resolve$1, reject) => {
 			try {
 				this.server = this.app.listen(this.config.port, this.config.host, () => {
 					console.error(`@agiflowai/one-mcp MCP server started on http://${this.config.host}:${this.config.port}/mcp`);
 					console.error(`Health check: http://${this.config.host}:${this.config.port}/health`);
-					resolve();
+					resolve$1();
 				});
 				this.server.on("error", (error) => {
 					reject(error);
@@ -1186,17 +1653,17 @@ var HttpTransportHandler = class {
 		});
 	}
 	async stop() {
-		return new Promise((resolve, reject) => {
+		return new Promise((resolve$1, reject) => {
 			if (this.server) {
 				this.sessionManager.clear();
 				this.server.close((err) => {
 					if (err) reject(err);
 					else {
 						this.server = null;
-						resolve();
+						resolve$1();
 					}
 				});
-			} else resolve();
+			} else resolve$1();
 		});
 	}
 	getPort() {

package/dist/index.cjs

@@ -1,4 +1,4 @@
-const require_http = require('./http-B5WVqLzz.cjs');
+const require_http = require('./http-23nhycE8.cjs');
 
 exports.HttpTransportHandler = require_http.HttpTransportHandler;
 exports.SseTransportHandler = require_http.SseTransportHandler;

package/dist/index.mjs

@@ -1,3 +1,3 @@
-import { i as createServer, n as SseTransportHandler, r as StdioTransportHandler, t as HttpTransportHandler } from "./http-B1EDyxR_.mjs";
+import { i as createServer, n as SseTransportHandler, r as StdioTransportHandler, t as HttpTransportHandler } from "./http-CkWO35l-.mjs";
 
 export { HttpTransportHandler, SseTransportHandler, StdioTransportHandler, createServer };

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@agiflowai/one-mcp",
   "description": "One MCP server package",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "license": "AGPL-3.0",
   "keywords": [
     "mcp",