@askmesh/mcp 0.11.1 → 0.11.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -4,8 +4,18 @@ import type { Server } from '@modelcontextprotocol/sdk/server/index.js';
|
|
|
4
4
|
export declare class AutoResponder {
|
|
5
5
|
private client;
|
|
6
6
|
private mcpServer;
|
|
7
|
+
private profile;
|
|
7
8
|
constructor(client: AskMeshClient);
|
|
8
9
|
setServer(server: Server): void;
|
|
10
|
+
setProfile(profile: {
|
|
11
|
+
agentType: string;
|
|
12
|
+
allowedScopes: string[];
|
|
13
|
+
}): void;
|
|
14
|
+
/**
|
|
15
|
+
* Build a scope-aware extension to the system prompt.
|
|
16
|
+
* Only applies for server agents — dev/ci agents are unrestricted.
|
|
17
|
+
*/
|
|
18
|
+
private scopePrompt;
|
|
9
19
|
/**
|
|
10
20
|
* Send a reply through the AskMesh client with a pre-send redaction scan.
|
|
11
21
|
* If secrets are detected, the reply is blocked and a desktop notification +
|
|
@@ -22,12 +22,41 @@ Avoid quoting raw config values — describe them instead.`;
|
|
|
22
22
|
export class AutoResponder {
|
|
23
23
|
client;
|
|
24
24
|
mcpServer = null;
|
|
25
|
+
profile = null;
|
|
25
26
|
constructor(client) {
|
|
26
27
|
this.client = client;
|
|
27
28
|
}
|
|
28
29
|
setServer(server) {
|
|
29
30
|
this.mcpServer = server;
|
|
30
31
|
}
|
|
32
|
+
setProfile(profile) {
|
|
33
|
+
this.profile = profile;
|
|
34
|
+
}
|
|
35
|
+
/**
|
|
36
|
+
* Build a scope-aware extension to the system prompt.
|
|
37
|
+
* Only applies for server agents — dev/ci agents are unrestricted.
|
|
38
|
+
*/
|
|
39
|
+
scopePrompt() {
|
|
40
|
+
if (!this.profile || this.profile.agentType !== 'server')
|
|
41
|
+
return '';
|
|
42
|
+
const scopes = this.profile.allowedScopes;
|
|
43
|
+
if (!scopes || scopes.length === 0) {
|
|
44
|
+
return [
|
|
45
|
+
'',
|
|
46
|
+
'SERVER AGENT — RESTRICTIVE MODE:',
|
|
47
|
+
'No allowed scopes have been declared. Refuse to share any project content.',
|
|
48
|
+
'Reply with: "This is a restricted server agent. Please ask the human owner directly."',
|
|
49
|
+
].join('\n');
|
|
50
|
+
}
|
|
51
|
+
const lines = ['', 'SERVER AGENT — ALLOWED SCOPES:'];
|
|
52
|
+
lines.push('You are a restricted server agent. You may ONLY share information that falls within these scopes:');
|
|
53
|
+
for (const s of scopes) {
|
|
54
|
+
lines.push(` • ${s}`);
|
|
55
|
+
}
|
|
56
|
+
lines.push('');
|
|
57
|
+
lines.push('Refuse anything outside these scopes with: "This server agent is not authorized to share that information."');
|
|
58
|
+
return lines.join('\n');
|
|
59
|
+
}
|
|
31
60
|
/**
|
|
32
61
|
* Send a reply through the AskMesh client with a pre-send redaction scan.
|
|
33
62
|
* If secrets are detected, the reply is blocked and a desktop notification +
|
|
@@ -73,6 +102,7 @@ export class AutoResponder {
|
|
|
73
102
|
if (this.mcpServer) {
|
|
74
103
|
try {
|
|
75
104
|
const context = readLocalContext();
|
|
105
|
+
const scopeRules = this.scopePrompt();
|
|
76
106
|
const result = (await this.mcpServer.request({
|
|
77
107
|
method: 'sampling/createMessage',
|
|
78
108
|
params: {
|
|
@@ -83,6 +113,7 @@ export class AutoResponder {
|
|
|
83
113
|
type: 'text',
|
|
84
114
|
text: [
|
|
85
115
|
`A teammate @${request.fromUsername} is asking you a question via AskMesh.`,
|
|
116
|
+
scopeRules,
|
|
86
117
|
``,
|
|
87
118
|
`Your project context:`,
|
|
88
119
|
context,
|
|
@@ -150,6 +181,7 @@ export class AutoResponder {
|
|
|
150
181
|
}
|
|
151
182
|
async callAnthropicAPI(apiKey, request, context) {
|
|
152
183
|
const model = process.env.ANTHROPIC_MODEL || 'claude-sonnet-4-20250514';
|
|
184
|
+
const fullSystem = SYSTEM_PROMPT + this.scopePrompt();
|
|
153
185
|
const response = await fetch('https://api.anthropic.com/v1/messages', {
|
|
154
186
|
method: 'POST',
|
|
155
187
|
headers: {
|
|
@@ -160,7 +192,7 @@ export class AutoResponder {
|
|
|
160
192
|
body: JSON.stringify({
|
|
161
193
|
model,
|
|
162
194
|
max_tokens: 2048,
|
|
163
|
-
system:
|
|
195
|
+
system: fullSystem,
|
|
164
196
|
messages: [
|
|
165
197
|
{
|
|
166
198
|
role: 'user',
|
|
@@ -54,6 +54,13 @@ export declare class AskMeshClient {
|
|
|
54
54
|
status: string;
|
|
55
55
|
lastSeenAt: string | null;
|
|
56
56
|
}>;
|
|
57
|
+
getMe(): Promise<{
|
|
58
|
+
id: number;
|
|
59
|
+
username: string;
|
|
60
|
+
agentType: 'dev' | 'server' | 'ci';
|
|
61
|
+
requireApproval: boolean;
|
|
62
|
+
allowedScopes: string[];
|
|
63
|
+
}>;
|
|
57
64
|
setContext(context: string): Promise<{
|
|
58
65
|
message: string;
|
|
59
66
|
context: string;
|
|
@@ -71,6 +71,14 @@ export class AskMeshClient {
|
|
|
71
71
|
throw new Error(`getAgentStatus failed: ${res.status}`);
|
|
72
72
|
return res.json();
|
|
73
73
|
}
|
|
74
|
+
async getMe() {
|
|
75
|
+
const res = await fetch(`${this.baseUrl}/api/v1/agents/me`, {
|
|
76
|
+
headers: this.headers(),
|
|
77
|
+
});
|
|
78
|
+
if (!res.ok)
|
|
79
|
+
throw new Error(`getMe failed: ${res.status}`);
|
|
80
|
+
return res.json();
|
|
81
|
+
}
|
|
74
82
|
async setContext(context) {
|
|
75
83
|
const res = await fetch(`${this.baseUrl}/api/v1/agents/context`, {
|
|
76
84
|
method: 'PUT',
|
package/dist/index.js
CHANGED
|
@@ -11,7 +11,7 @@ const TOKEN = process.env.ASKMESH_TOKEN;
|
|
|
11
11
|
const URL = process.env.ASKMESH_URL || 'https://api.askmesh.dev';
|
|
12
12
|
const server = new McpServer({
|
|
13
13
|
name: 'askmesh',
|
|
14
|
-
version: '0.11.
|
|
14
|
+
version: '0.11.2',
|
|
15
15
|
});
|
|
16
16
|
if (!TOKEN) {
|
|
17
17
|
// No token — start in setup-only mode
|
|
@@ -25,6 +25,18 @@ else {
|
|
|
25
25
|
const autoResponder = new AutoResponder(client);
|
|
26
26
|
registerAskMesh(server, client);
|
|
27
27
|
autoResponder.setServer(server.server);
|
|
28
|
+
// Fetch agent profile (type, scopes) — used by auto-responder for prompt enforcement
|
|
29
|
+
client.getMe()
|
|
30
|
+
.then((me) => {
|
|
31
|
+
autoResponder.setProfile({ agentType: me.agentType, allowedScopes: me.allowedScopes || [] });
|
|
32
|
+
const scopeInfo = me.agentType === 'server'
|
|
33
|
+
? ` — scopes: ${(me.allowedScopes || []).join(', ') || 'none (restrictive)'}`
|
|
34
|
+
: '';
|
|
35
|
+
console.error(`[AskMesh] Authenticated as @${me.username} (${me.agentType})${scopeInfo}`);
|
|
36
|
+
})
|
|
37
|
+
.catch((err) => {
|
|
38
|
+
console.error('[AskMesh] Failed to fetch agent profile:', err instanceof Error ? err.message : err);
|
|
39
|
+
});
|
|
28
40
|
// Start SSE listener
|
|
29
41
|
const sse = new SseListener();
|
|
30
42
|
sse.start(URL, TOKEN, async (request) => {
|
package/dist/tools/askmesh.js
CHANGED
|
@@ -282,7 +282,7 @@ Si l'utilisateur n'a pas encore de compte, dirige-le vers https://askmesh.dev po
|
|
|
282
282
|
return text('Action inconnue.');
|
|
283
283
|
});
|
|
284
284
|
}
|
|
285
|
-
const CURRENT_VERSION = '0.11.
|
|
285
|
+
const CURRENT_VERSION = '0.11.2';
|
|
286
286
|
async function checkUpdateAndSetup() {
|
|
287
287
|
const lines = [];
|
|
288
288
|
lines.push(`Version actuelle : ${CURRENT_VERSION}`);
|