@askmesh/mcp 0.10.5 → 0.11.0

package/dist/agent/askmeshignore.d.ts

@@ -0,0 +1,10 @@
+export interface IgnoreMatcher {
+    patterns: string[];
+    shouldIgnore: (filePath: string) => boolean;
+    describe: () => string;
+}
+/**
+ * Load .askmeshignore from the current working directory and merge with defaults.
+ * Returns a matcher with shouldIgnore() and a describe() helper for prompts.
+ */
+export declare function loadIgnore(cwd?: string): IgnoreMatcher;

package/dist/agent/askmeshignore.js

@@ -0,0 +1,97 @@
+import { readFileSync, existsSync } from 'node:fs';
+import { join, basename } from 'node:path';
+// Default exclusions — applied even when no .askmeshignore file exists.
+// These are patterns that almost no project should ever share via the mesh.
+const DEFAULT_PATTERNS = [
+    // Environment files
+    '.env',
+    '.env.*',
+    '*.env',
+    // Secrets folders
+    'secrets/',
+    'secret/',
+    'private/',
+    '.secrets/',
+    // Keys and certificates
+    '*.key',
+    '*.pem',
+    '*.p12',
+    '*.pfx',
+    '*.crt',
+    '*.csr',
+    '*.der',
+    'id_rsa',
+    'id_rsa.*',
+    'id_dsa',
+    'id_ecdsa',
+    'id_ed25519',
+    // Credentials
+    'credentials',
+    'credentials.*',
+    '.npmrc',
+    '.pypirc',
+    '.netrc',
+    '.aws/',
+    '.ssh/',
+    '.gnupg/',
+    // Cloud
+    'service-account.json',
+    'service-account-*.json',
+    'gcp-key.json',
+    'firebase-adminsdk-*.json',
+    // Common build/dep dirs
+    'node_modules/',
+    '.git/',
+];
+/**
+ * Load .askmeshignore from the current working directory and merge with defaults.
+ * Returns a matcher with shouldIgnore() and a describe() helper for prompts.
+ */
+export function loadIgnore(cwd = process.cwd()) {
+    const patterns = [...DEFAULT_PATTERNS];
+    const file = join(cwd, '.askmeshignore');
+    if (existsSync(file)) {
+        try {
+            const content = readFileSync(file, 'utf-8');
+            for (const rawLine of content.split('\n')) {
+                const line = rawLine.trim();
+                if (!line || line.startsWith('#'))
+                    continue;
+                patterns.push(line);
+            }
+        }
+        catch { }
+    }
+    const compiled = patterns.map(compile);
+    const shouldIgnore = (filePath) => {
+        const name = basename(filePath);
+        return compiled.some((re) => re.test(filePath) || re.test(name));
+    };
+    const describe = () => {
+        return patterns.join(', ');
+    };
+    return { patterns, shouldIgnore, describe };
+}
+/**
+ * Convert a glob-like pattern to a RegExp.
+ * Supports: *, **, trailing / (folder), leading * (suffix match)
+ */
+function compile(pattern) {
+    let p = pattern.trim();
+    // Folder pattern (trailing /)
+    const isFolder = p.endsWith('/');
+    if (isFolder)
+        p = p.slice(0, -1);
+    // Escape regex special chars except * and ?
+    let re = p.replace(/[.+^${}()|[\]\\]/g, '\\$&');
+    // ** matches anything (including /)
+    re = re.replace(/\*\*/g, '§§');
+    // * matches anything except /
+    re = re.replace(/\*/g, '[^/]*');
+    re = re.replace(/§§/g, '.*');
+    re = re.replace(/\?/g, '.');
+    if (isFolder) {
+        return new RegExp(`(^|/)${re}(/|$)`);
+    }
+    return new RegExp(`(^|/)${re}$`);
+}

package/dist/agent/auto_responder.d.ts

@@ -6,6 +6,12 @@ export declare class AutoResponder {
     private mcpServer;
     constructor(client: AskMeshClient);
     setServer(server: Server): void;
+    /**
+     * Send a reply through the AskMesh client with a pre-send redaction scan.
+     * If secrets are detected, the reply is blocked and a desktop notification +
+     * status line update inform the owner. Returns true if the reply was sent.
+     */
+    private safeReply;
     handleRequest(request: IncomingRequest): Promise<void>;
     private callAnthropicAPI;
 }

package/dist/agent/auto_responder.js

@@ -1,12 +1,24 @@
 import { readLocalContext } from './context_reader.js';
 import { sendDesktopNotification } from './notifier.js';
+import { scanForSecrets, formatBlockedMessage } from './redaction.js';
 const SYSTEM_PROMPT = `You are an AI coding agent responding on behalf of a developer through AskMesh.
 You have access to the developer's project context below.
 Use this context to answer accurately and concisely.
 Reference specific files, conventions, or decisions when relevant.
 If the context doesn't contain enough info, say so honestly.
 Answer in the same language as the question.
-Keep responses under 500 words unless more detail is needed.`;
+Keep responses under 500 words unless more detail is needed.
+
+SECURITY RULES:
+- READ-ONLY: Never suggest or execute destructive operations (DELETE, DROP, rm, reset --hard, etc.)
+- NO SECRETS: Never include passwords, API keys, tokens, or credentials in your responses
+- NO SENSITIVE DATA: Never expose personal data, database connection strings, or internal URLs
+- HONOR .askmeshignore: Never read or share files listed by the project's privacy policy
+- If asked for sensitive information, respond: "I can't share this information via AskMesh for security reasons."
+- You may share: code patterns, architecture decisions, file structures, conventions, public configs
+
+A pre-send filter will block your response if it contains detectable secrets (API keys, JWTs, private keys, DB URLs, etc.).
+Avoid quoting raw config values — describe them instead.`;
 export class AutoResponder {
     client;
     mcpServer = null;
@@ -16,6 +28,37 @@ export class AutoResponder {
     setServer(server) {
         this.mcpServer = server;
     }
+    /**
+     * Send a reply through the AskMesh client with a pre-send redaction scan.
+     * If secrets are detected, the reply is blocked and a desktop notification +
+     * status line update inform the owner. Returns true if the reply was sent.
+     */
+    async safeReply(requestId, answer, source) {
+        const scan = scanForSecrets(answer);
+        if (!scan.safe) {
+            const samples = scan.hits.map((h) => `${h.pattern} (${h.sample})`).join(', ');
+            console.error(`[AskMesh] 🚫 BLOCKED reply #${requestId} (${source}) — secrets detected: ${samples}`);
+            // Notify the owner via desktop and via the MCP logging channel
+            sendDesktopNotification('AskMesh — réponse bloquée', `Secrets détectés: ${scan.hits.map((h) => h.pattern).join(', ')}`);
+            if (this.mcpServer) {
+                try {
+                    await this.mcpServer.sendLoggingMessage({
+                        level: 'warning',
+                        data: formatBlockedMessage(scan),
+                    });
+                }
+                catch { }
+            }
+            // Revert thread status to pending so the human can take over
+            try {
+                await this.client.updateThreadStatus(requestId, 'pending');
+            }
+            catch { }
+            return false;
+        }
+        await this.client.replyToThread(requestId, answer);
+        return true;
+    }
     async handleRequest(request) {
         console.error(`[AskMesh] Question from @${request.fromUsername}: "${request.question}"`);
         // Desktop notification
@@ -60,8 +103,9 @@ export class AutoResponder {
                 }, {}));
                 const answer = result?.content?.text || result?.content?.[0]?.text;
                 if (answer) {
-                    await this.client.replyToThread(request.id, answer);
-                    console.error(`[AskMesh] Responded to #${request.id} via Claude Code`);
+                    const sent = await this.safeReply(request.id, answer, 'Claude Code');
+                    if (sent)
+                        console.error(`[AskMesh] Responded to #${request.id} via Claude Code`);
                     return;
                 }
             }
@@ -76,8 +120,9 @@ export class AutoResponder {
                 const context = readLocalContext();
                 const answer = await this.callAnthropicAPI(apiKey, request, context);
                 if (answer) {
-                    await this.client.replyToThread(request.id, answer);
-                    console.error(`[AskMesh] Responded to #${request.id} via Anthropic API`);
+                    const sent = await this.safeReply(request.id, answer, 'Anthropic API');
+                    if (sent)
+                        console.error(`[AskMesh] Responded to #${request.id} via Anthropic API`);
                     return;
                 }
             }

package/dist/agent/context_reader.js

@@ -1,18 +1,22 @@
 import { readFileSync, readdirSync, existsSync } from 'node:fs';
 import { join } from 'node:path';
 import { homedir } from 'node:os';
+import { loadIgnore } from './askmeshignore.js';
 export function readLocalContext() {
     const parts = [];
+    const ignore = loadIgnore();
     // 1. CLAUDE.md from current working directory
     const claudeMdPath = join(process.cwd(), 'CLAUDE.md');
-    if (existsSync(claudeMdPath)) {
+    if (existsSync(claudeMdPath) && !ignore.shouldIgnore('CLAUDE.md')) {
         parts.push('=== CLAUDE.md ===');
         parts.push(readSafe(claudeMdPath));
     }
     // 2. Global Claude Code memories
     const globalMemDir = join(homedir(), '.claude', 'memory');
     if (existsSync(globalMemDir)) {
-        const files = safeReadDir(globalMemDir).filter((f) => f.endsWith('.md'));
+        const files = safeReadDir(globalMemDir)
+            .filter((f) => f.endsWith('.md'))
+            .filter((f) => !ignore.shouldIgnore(f));
         if (files.length > 0) {
             parts.push('=== Global memories ===');
             for (const file of files.slice(0, 10)) {
@@ -32,7 +36,9 @@ export function readLocalContext() {
             if (dir.includes(cwdKey) || cwdKey.includes(dir)) {
                 const memDir = join(projectsDir, dir, 'memory');
                 if (existsSync(memDir)) {
-                    const files = safeReadDir(memDir).filter((f) => f.endsWith('.md'));
+                    const files = safeReadDir(memDir)
+                        .filter((f) => f.endsWith('.md'))
+                        .filter((f) => !ignore.shouldIgnore(f));
                     if (files.length > 0) {
                         parts.push('=== Project memories ===');
                         for (const file of files.slice(0, 10)) {
@@ -45,6 +51,9 @@ export function readLocalContext() {
             }
         }
     }
+    // 4. Append the active ignore policy so the agent knows what NOT to read
+    parts.push('=== Privacy policy (.askmeshignore) ===');
+    parts.push(`Never read or share contents of files matching these patterns: ${ignore.describe()}`);
     return parts.join('\n\n') || 'No local context available.';
 }
 function readSafe(path) {

package/dist/agent/redaction.d.ts

@@ -0,0 +1,16 @@
+export interface RedactionResult {
+    safe: boolean;
+    hits: Array<{
+        pattern: string;
+        sample: string;
+    }>;
+}
+/**
+ * Scan a reply for known secret patterns. Returns safe=false if any are found.
+ * The hits include the pattern name and a truncated sample for logging/audit.
+ */
+export declare function scanForSecrets(text: string): RedactionResult;
+/**
+ * Format a user-facing block message when redaction triggers.
+ */
+export declare function formatBlockedMessage(result: RedactionResult): string;

package/dist/agent/redaction.js

@@ -0,0 +1,101 @@
+// Pre-send redaction — scans outgoing replies for common secret patterns
+// and blocks them before they're sent through the mesh.
+//
+// This is a defense-in-depth layer. The agent is also instructed not to share
+// secrets, but we don't trust the LLM to never slip up.
+const PATTERNS = [
+    {
+        name: 'AWS Access Key',
+        detect: (t) => match(t, /\bAKIA[0-9A-Z]{16}\b/g),
+    },
+    {
+        name: 'AWS Secret Key (assignment)',
+        detect: (t) => match(t, /aws_secret_access_key\s*[=:]\s*['"][^'"]+['"]/gi),
+    },
+    {
+        name: 'OpenAI API Key',
+        detect: (t) => match(t, /\bsk-(?:proj-)?[A-Za-z0-9_\-]{32,}\b/g),
+    },
+    {
+        name: 'Anthropic API Key',
+        detect: (t) => match(t, /\bsk-ant-[A-Za-z0-9_\-]{20,}\b/g),
+    },
+    {
+        name: 'GitHub Token',
+        detect: (t) => match(t, /\bgh[poursa]_[A-Za-z0-9_]{36,}\b/g),
+    },
+    {
+        name: 'Slack Token',
+        detect: (t) => match(t, /\bxox[bpoars]-[A-Za-z0-9-]{10,}\b/g),
+    },
+    {
+        name: 'Stripe Key',
+        detect: (t) => match(t, /\b(?:sk|pk|rk)_(?:test|live)_[A-Za-z0-9]{20,}\b/g),
+    },
+    {
+        name: 'JWT',
+        detect: (t) => match(t, /\beyJ[A-Za-z0-9_-]{10,}\.eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b/g),
+    },
+    {
+        name: 'Private Key (PEM)',
+        detect: (t) => match(t, /-----BEGIN (?:RSA |EC |OPENSSH |DSA |PGP )?PRIVATE KEY-----/g),
+    },
+    {
+        name: 'Database URL',
+        detect: (t) => match(t, /\b(?:postgres(?:ql)?|mysql|mongodb(?:\+srv)?|redis|amqp):\/\/[^\s'"]*:[^\s'"@]+@[^\s'"]+/gi),
+    },
+    {
+        name: 'Generic API Key Assignment',
+        detect: (t) => match(t, /\b(?:api[_-]?key|apikey|secret(?:[_-]?key)?|access[_-]?token|auth[_-]?token|password)\s*[:=]\s*['"][A-Za-z0-9_\-+/=]{16,}['"]/gi),
+    },
+    {
+        name: 'Google API Key',
+        detect: (t) => match(t, /\bAIza[0-9A-Za-z\-_]{35}\b/g),
+    },
+    {
+        name: 'Square Token',
+        detect: (t) => match(t, /\bsq0(?:atp|csp|idp)-[A-Za-z0-9_-]{22,}\b/g),
+    },
+    {
+        name: 'Twilio API Key',
+        detect: (t) => match(t, /\bSK[a-f0-9]{32}\b/g),
+    },
+    {
+        name: 'SendGrid API Key',
+        detect: (t) => match(t, /\bSG\.[A-Za-z0-9_-]{20,}\.[A-Za-z0-9_-]{20,}\b/g),
+    },
+    {
+        name: 'Mailgun API Key',
+        detect: (t) => match(t, /\bkey-[a-f0-9]{32}\b/g),
+    },
+];
+function match(text, re) {
+    const found = text.match(re);
+    return found && found.length > 0 ? found : null;
+}
+/**
+ * Scan a reply for known secret patterns. Returns safe=false if any are found.
+ * The hits include the pattern name and a truncated sample for logging/audit.
+ */
+export function scanForSecrets(text) {
+    const hits = [];
+    for (const p of PATTERNS) {
+        const found = p.detect(text);
+        if (found) {
+            for (const f of found) {
+                hits.push({
+                    pattern: p.name,
+                    sample: f.length > 24 ? `${f.slice(0, 8)}…${f.slice(-4)}` : f,
+                });
+            }
+        }
+    }
+    return { safe: hits.length === 0, hits };
+}
+/**
+ * Format a user-facing block message when redaction triggers.
+ */
+export function formatBlockedMessage(result) {
+    const list = result.hits.map((h) => `  - ${h.pattern}: ${h.sample}`).join('\n');
+    return `🚫 Réponse bloquée par le filtre AskMesh — secrets détectés :\n${list}\n\nReformule ta réponse sans les valeurs sensibles.`;
+}

package/dist/index.js

@@ -11,7 +11,7 @@ const TOKEN = process.env.ASKMESH_TOKEN;
 const URL = process.env.ASKMESH_URL || 'https://api.askmesh.dev';
 const server = new McpServer({
     name: 'askmesh',
-    version: '0.10.5',
+    version: '0.11.0',
 });
 if (!TOKEN) {
     // No token — start in setup-only mode

package/dist/statusline/cache.d.ts

@@ -2,6 +2,7 @@ interface StatusCache {
     pending: number;
     active: number;
     unread_replies: number;
+    loop_active: boolean;
     last_update: string;
 }
 /** Call once at startup with the agent token to isolate the cache file per agent */
@@ -13,4 +14,6 @@ export declare function onReplyAdded(): void;
 export declare function onThreadClosed(): void;
 export declare function onPendingFetched(count: number): void;
 export declare function syncFromApi(pending: number, active: number): void;
+export declare function setLoopActive(active: boolean): void;
+export declare function isLoopActive(): boolean;
 export {};

package/dist/statusline/cache.js

@@ -3,7 +3,7 @@ import { createHash } from 'crypto';
 import { tmpdir } from 'os';
 import { join } from 'path';
 let CACHE_FILE = join(tmpdir(), 'askmesh_status.json');
-let cache = { pending: 0, active: 0, unread_replies: 0, last_update: '' };
+let cache = { pending: 0, active: 0, unread_replies: 0, loop_active: false, last_update: '' };
 /** Call once at startup with the agent token to isolate the cache file per agent */
 export function init(token) {
     const hash = createHash('md5').update(token).digest('hex').slice(0, 8);
@@ -25,7 +25,7 @@ export function load() {
         cache = JSON.parse(raw);
     }
     catch {
-        cache = { pending: 0, active: 0, unread_replies: 0, last_update: '' };
+        cache = { pending: 0, active: 0, unread_replies: 0, loop_active: false, last_update: '' };
     }
     return cache;
 }
@@ -58,3 +58,12 @@ export function syncFromApi(pending, active) {
     cache.unread_replies = 0;
     flush();
 }
+export function setLoopActive(active) {
+    load();
+    cache.loop_active = active;
+    flush();
+}
+export function isLoopActive() {
+    load();
+    return cache.loop_active;
+}

package/dist/tools/askmesh.js

@@ -35,8 +35,10 @@ Actions disponibles :
 - "broadcast" : envoyer un message à toute ton équipe (notification Telegram/Slack, sans créer de thread)
 - "context" : partager ton contexte projet avec ton équipe
 - "setup" : installer les slash commands (/ask-inbox, /ask-broadcast, etc.) et la status line dans le projet courant
-- "update" : vérifier les mises à jour du MCP, mettre à jour les skills et la status line`, {
-        action: z.enum(['ask', 'list', 'status', 'pending', 'inbox', 'answer', 'reply', 'thread', 'close', 'my-threads', 'board', 'progress', 'broadcast', 'context', 'setup', 'update']).describe('Action à effectuer'),
+- "update" : vérifier les mises à jour du MCP, mettre à jour les skills et la status line
+- "loop-start" : marquer le loop comme actif (utilisé par /ask-loop)
+- "loop-stop" : arrêter le loop (utilisé par /ask-loop-stop)`, {
+        action: z.enum(['ask', 'list', 'status', 'pending', 'inbox', 'answer', 'reply', 'thread', 'close', 'my-threads', 'board', 'progress', 'broadcast', 'context', 'setup', 'update', 'loop-start', 'loop-stop']).describe('Action à effectuer'),
         username: z.string().optional().describe("Username de l'agent cible (pour ask/status)"),
         question: z.string().optional().describe('Question à poser (pour ask)'),
         requestId: z.number().optional().describe('ID de la requête (pour answer/reply/thread/close/progress)'),
@@ -233,8 +235,19 @@ Actions disponibles :
             case 'update': {
                 return await checkUpdateAndSetup();
             }
+            case 'loop-start': {
+                if (statusCache.isLoopActive()) {
+                    return text('Un loop est déjà actif. Utilise /ask-loop-stop pour l\'arrêter avant d\'en lancer un nouveau.');
+                }
+                statusCache.setLoopActive(true);
+                return text('Loop activé. La status line affiche maintenant l\'indicateur "loop".');
+            }
+            case 'loop-stop': {
+                statusCache.setLoopActive(false);
+                return text('Loop arrêté.');
+            }
             default:
-                return text('Action inconnue. Actions disponibles : ask, list, status, pending, answer, context, setup, update');
+                return text('Action inconnue.');
         }
     });
 }
@@ -264,7 +277,7 @@ Si l'utilisateur n'a pas encore de compte, dirige-le vers https://askmesh.dev po
         return text('Action inconnue.');
     });
 }
-const CURRENT_VERSION = '0.10.5';
+const CURRENT_VERSION = '0.11.0';
 async function checkUpdateAndSetup() {
     const lines = [];
     lines.push(`Version actuelle : ${CURRENT_VERSION}`);
@@ -319,6 +332,8 @@ function setupSkillsAndStatusLine(token, pollInterval, url) {
         'ask-status.md': `Utilise l'outil MCP askmesh avec l'action "list" pour voir qui est connecté sur le réseau.\n\nAffiche la liste des membres de l'équipe avec leur statut (online/offline) de manière claire et concise.`,
         'ask-setup.md': `Utilise l'outil MCP askmesh avec l'action "setup" pour installer ou mettre à jour la configuration AskMesh dans ce projet.\n\nCela va :\n- Créer ou vérifier le .env avec le token AskMesh\n- Installer les slash commands (/ask-inbox, /ask-broadcast, etc.)\n- Configurer la status line\n- Ajouter .env au .gitignore\n\nSi l'utilisateur fournit un token dans les arguments ($ARGUMENTS), passe-le en paramètre "token".`,
         'ask-update.md': `Utilise l'outil MCP askmesh avec l'action "update" pour vérifier les mises à jour et mettre à jour les skills et la status line.\n\nCela va :\n- Vérifier si une nouvelle version du MCP est disponible sur npm\n- Mettre à jour les slash commands\n- Mettre à jour le script de status line\n\nSi une mise à jour est disponible, indique à l'utilisateur comment l'installer (relancer Claude Code ou npx clear-npx-cache).`,
+        'ask-loop.md': `Lance une boucle de vérification périodique des messages AskMesh.\n\nÉtapes :\n1. D'abord, utilise l'outil MCP askmesh avec l'action "loop-start" pour vérifier qu'aucun loop n'est déjà actif et marquer le loop comme actif\n2. Si le loop-start réussit, lance : /loop <intervalle ou 2m> /ask-inbox\n\nArguments optionnels : $ARGUMENTS (intervalle, ex: "2m", "5m", "30s")\nPar défaut : 2m\n\nSi un loop est déjà actif, préviens l'utilisateur et propose /ask-loop-stop.`,
+        'ask-loop-stop.md': `Arrête la boucle de vérification périodique des messages AskMesh.\n\nÉtapes :\n1. Utilise l'outil MCP askmesh avec l'action "loop-stop" pour marquer le loop comme inactif\n2. Indique à l'utilisateur que le loop est arrêté\n\nNote : cela met à jour la status line pour retirer l'indicateur "loop".`,
     };
     // Create commands directory
     try {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@askmesh/mcp",
-  "version": "0.10.5",
+  "version": "0.11.0",
   "description": "AskMesh MCP server — connect your AI coding agent to your team's mesh network",
   "type": "module",
   "bin": {

package/statusline.sh

@@ -11,6 +11,7 @@ hash="$1"
 pending=0
 active=0
 replies=0
+loop="false"
 
 if [ -n "$hash" ]; then
   # Read specific agent cache
@@ -19,6 +20,7 @@ if [ -n "$hash" ]; then
     pending=$(jq -r '.pending // 0' "$f" 2>/dev/null)
     active=$(jq -r '.active // 0' "$f" 2>/dev/null)
     replies=$(jq -r '.unread_replies // 0' "$f" 2>/dev/null)
+    loop=$(jq -r '.loop_active // false' "$f" 2>/dev/null)
   fi
 else
   # Fallback: aggregate all agent caches
@@ -27,14 +29,19 @@ else
     p=$(jq -r '.pending // 0' "$f" 2>/dev/null)
     a=$(jq -r '.active // 0' "$f" 2>/dev/null)
     r=$(jq -r '.unread_replies // 0' "$f" 2>/dev/null)
+    l=$(jq -r '.loop_active // false' "$f" 2>/dev/null)
     pending=$((pending + p))
     active=$((active + a))
     replies=$((replies + r))
+    [ "$l" = "true" ] && loop="true"
   done
 fi
 
 parts=()
 
+if [ "$loop" = "true" ]; then
+  parts+=("\033[35mloop\033[0m")
+fi
 if [ "$pending" -gt 0 ] 2>/dev/null; then
   parts+=("\033[33m${pending} pending\033[0m")
 fi