@burtson-labs/bandit-stealth-cli 1.7.104 → 1.7.106
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +36 -0
- package/dist/cli.js +535 -529
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -126,6 +126,42 @@ The agent writes `.bandit/skills/linter.md`. Next prompt, it's live. Ask *"lint
|
|
|
126
126
|
|
|
127
127
|
---
|
|
128
128
|
|
|
129
|
+
## MCP — Model Context Protocol servers
|
|
130
|
+
|
|
131
|
+
Bandit speaks MCP as a client, so any MCP server you can spawn (filesystem, git, GitHub, Google Drive, Gmail, Slack, Postgres, custom workplace tools…) plugs straight into the same tool-use loop. Each server's tools are namespaced as `<server>.<tool>` and registered alongside `read_file`, `apply_edit`, etc.
|
|
132
|
+
|
|
133
|
+
**Configure** at `~/.bandit/mcp-servers.json` (global) or `.bandit/mcp-servers.json` (workspace, takes precedence). Schema is the standard MCP `mcpServers` shape — the same JSON other MCP clients use, so configs port between them:
|
|
134
|
+
|
|
135
|
+
```jsonc
|
|
136
|
+
{
|
|
137
|
+
"mcpServers": {
|
|
138
|
+
"fs-tmp": {
|
|
139
|
+
"command": "npx",
|
|
140
|
+
"args": ["-y", "@modelcontextprotocol/server-filesystem", "/tmp"]
|
|
141
|
+
},
|
|
142
|
+
"github": {
|
|
143
|
+
"command": "npx",
|
|
144
|
+
"args": ["-y", "@modelcontextprotocol/server-github"],
|
|
145
|
+
"env": { "GITHUB_PERSONAL_ACCESS_TOKEN": "ghp_..." }
|
|
146
|
+
}
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
```
|
|
150
|
+
|
|
151
|
+
**Manage** with the `/mcp` slash command:
|
|
152
|
+
|
|
153
|
+
| Command | What it does |
|
|
154
|
+
|---|---|
|
|
155
|
+
| `/mcp` | List configured servers + status (connected / idle / error) and tool counts |
|
|
156
|
+
| `/mcp tools <name>` | Spawn the server (lazy) and introspect its exposed tools |
|
|
157
|
+
| `/mcp connect <name>` | Explicit warmup so the first invocation isn't slow |
|
|
158
|
+
| `/mcp disconnect <name>` | Close the server's child process (re-spawns lazily on next use) |
|
|
159
|
+
| `/mcp reload` | Re-read the config files from disk after edits — no restart needed |
|
|
160
|
+
|
|
161
|
+
Servers spawn lazily on first invocation, persist for the session, and get cleaned up on REPL exit. Failures are isolated — a broken server logs an error and the rest of the loop keeps running on native tools only. Off by default — no config file = zero behavior change.
|
|
162
|
+
|
|
163
|
+
---
|
|
164
|
+
|
|
129
165
|
## Recommended models
|
|
130
166
|
|
|
131
167
|
Pull one with `ollama pull <model>`. Bandit auto-detects each model's capabilities and takes the native tool-calling path when supported.
|