@evantahler/mcpx 0.16.4 → 0.17.1

package/.claude/skills/mcpx.md

@@ -8,6 +8,26 @@ trigger: when the user wants to interact with external services, APIs, or MCP to
 
 You have access to external tools via `mcpx`. Use this workflow:
 
+## 0. Self-authorize (if needed)
+
+By default, Claude Code prompts the user for every `mcpx exec` call. If the user has approved `Bash(mcpx allow:*)` (you cannot do this yourself — the user must approve it when prompted), you can grant yourself granular permissions before executing:
+
+```bash
+mcpx allow <server> <tool>
+```
+
+This writes a specific pattern to `.claude/settings.local.json`. After that, `mcpx exec <server> <tool>` runs without prompting.
+
+For broader access:
+
+```bash
+mcpx allow <server>                # all tools on a server
+mcpx allow --all-read              # search, info, list, servers, ping, etc.
+mcpx allow --all                   # all mcpx exec calls
+```
+
+**Important:** If the user has not approved `Bash(mcpx allow:*)`, skip this step — Claude Code will prompt the user directly for each `mcpx exec` call instead.
+
 ## 1. Search for tools
 
 ```bash
@@ -152,6 +172,17 @@ mcpx deauth <server>           # remove stored auth
 | `mcpx task get <server> <taskId>`     | Get task status                   |
 | `mcpx task result <server> <taskId>`  | Retrieve completed task result    |
 | `mcpx task cancel <server> <taskId>`  | Cancel a running task             |
+| `mcpx allow <server>`                | Allow agent to exec all tools on a server |
+| `mcpx allow <server> <tools...>`     | Allow specific tools only         |
+| `mcpx allow --all`                   | Allow all mcpx exec calls         |
+| `mcpx allow --all-read`              | Allow read-only commands          |
+| `mcpx allow --list`                  | Show current mcpx permissions     |
+| `mcpx allow --cursor <server>`       | Target Cursor instead of Claude   |
+| `mcpx deny <server>`                 | Remove server permissions         |
+| `mcpx deny --all`                    | Remove all mcpx permissions       |
+| `mcpx deny --cursor <server>`        | Target Cursor instead of Claude   |
+| `mcpx check-update`                  | Check for a newer version of mcpx |
+| `mcpx upgrade`                       | Upgrade mcpx to the latest version|
 
 ## Global flags
 

package/.cursor/rules/mcpx.mdc

@@ -101,6 +101,22 @@ mcpx task list my-server
 
 Some servers request user input mid-operation. mcpx handles this automatically in interactive mode. Use `-N` / `--no-interactive` to decline all elicitation (for scripts/CI), or `--json` to handle elicitation programmatically via stdin/stdout.
 
+## 6. Self-authorize (if needed)
+
+Cursor prompts you for every `mcpx exec` call. You can grant yourself granular permissions:
+
+```bash
+mcpx allow <server> --cursor              # all tools on a server
+mcpx allow <server> <tool> --cursor       # specific tool
+mcpx allow --all-read --cursor            # search, info, list, etc.
+mcpx allow --all --cursor                 # all mcpx exec calls
+mcpx allow --list --cursor                # show current permissions
+mcpx deny <server> --cursor               # revoke server permissions
+mcpx deny --all --cursor                  # revoke all permissions
+```
+
+This writes `Shell(mcpx exec:server:*)` patterns to `.cursor/cli.json`.
+
 ## Authentication
 
 ```bash
@@ -132,7 +148,7 @@ mcpx deauth <server>           # remove stored auth
 | `mcpx index -i`                       | Show index status                 |
 | `mcpx auth <server>`                  | Authenticate with OAuth           |
 | `mcpx auth <server> -s`               | Check token status and TTL        |
-| `mcpx auth <server> -r`              | Force token refresh               |
+| `mcpx auth <server> -r`               | Force token refresh               |
 | `mcpx auth <server> --no-index`       | Authenticate without rebuilding index |
 | `mcpx deauth <server>`                | Remove stored authentication      |
 | `mcpx ping`                           | Check connectivity to all servers |
@@ -152,6 +168,15 @@ mcpx deauth <server>           # remove stored auth
 | `mcpx task get <server> <taskId>`     | Get task status                   |
 | `mcpx task result <server> <taskId>`  | Retrieve completed task result    |
 | `mcpx task cancel <server> <taskId>`  | Cancel a running task             |
+| `mcpx allow <server> --cursor`        | Allow exec all tools on a server  |
+| `mcpx allow <server> <tools...> --cursor` | Allow specific tools only    |
+| `mcpx allow --all --cursor`           | Allow all mcpx exec calls         |
+| `mcpx allow --all-read --cursor`      | Allow read-only commands          |
+| `mcpx allow --list --cursor`          | Show current permissions          |
+| `mcpx deny <server> --cursor`         | Remove server permissions         |
+| `mcpx deny --all --cursor`            | Remove all mcpx permissions       |
+| `mcpx check-update`                   | Check for a newer version of mcpx |
+| `mcpx upgrade`                        | Upgrade mcpx to the latest version|
 
 ## Global flags
 

package/README.md

@@ -104,6 +104,16 @@ mcpx search -n 5 "manage pull requests"
 | `mcpx task get <server> <taskId>`      | Get task status                                        |
 | `mcpx task result <server> <taskId>`   | Retrieve completed task result                         |
 | `mcpx task cancel <server> <taskId>`   | Cancel a running task                                  |
+| `mcpx allow <server>`                  | Allow an agent to exec all tools on a server           |
+| `mcpx allow <server> <tools...>`       | Allow specific tools only                              |
+| `mcpx allow --all`                     | Allow all mcpx exec calls                              |
+| `mcpx allow --all-read`                | Allow read-only commands (search, info, list, etc.)    |
+| `mcpx allow --list`                    | Show current mcpx-related permissions                  |
+| `mcpx allow --cursor <server>`         | Allow for Cursor instead of Claude Code                |
+| `mcpx deny <server>`                   | Remove permissions for a server                        |
+| `mcpx deny --all`                      | Remove all mcpx-related permissions                    |
+| `mcpx check-update`                    | Check for a newer version of mcpx                      |
+| `mcpx upgrade`                         | Upgrade mcpx to the latest version                     |
 
 ## Options
 
@@ -625,6 +635,82 @@ To execute tools:
 Always search before executing — don't assume tool names.
 ```
 
+## Permissions (Claude Code & Cursor)
+
+AI agents like Claude Code and Cursor prompt users to approve each `mcpx exec` call. `mcpx allow` and `mcpx deny` manage fine-grained permission rules so agents can self-authorize specific tools without broad access.
+
+**Key insight:** If the user allows the initial permission pattern once (safe — it only writes to local settings files), the agent can then grant itself access to specific tools as needed. This is an opt-in workflow — by default, agents cannot self-authorize and will prompt the user for each `mcpx exec` call.
+
+```bash
+# Allow all tools on a server (Claude Code, default)
+mcpx allow github
+
+# Allow for Cursor instead
+mcpx allow github --cursor
+
+# Allow specific tools only
+mcpx allow github search_repositories get_file
+
+# Allow read-only commands (search, info, list, servers, ping, etc.)
+mcpx allow --all-read
+
+# Allow all mcpx exec calls
+mcpx allow --all
+
+# Show current permissions across all scopes
+mcpx allow --list
+mcpx allow --list --cursor
+
+# Preview what would be written
+mcpx allow github --dry-run
+
+# Revoke a server's permissions
+mcpx deny github
+
+# Revoke all mcpx permissions
+mcpx deny --all
+```
+
+**Target flag** — by default, permissions target Claude Code. Use `--cursor` to target Cursor instead:
+
+| Flag        | Pattern prefix | Settings files                                  |
+| ----------- | -------------- | ----------------------------------------------- |
+| _(default)_ | `Bash(…)`      | `.claude/settings.local.json`, etc.             |
+| `--cursor`  | `Shell(…)`     | `.cursor/cli.json`, `~/.cursor/cli-config.json` |
+
+**Scope flags** control where the permission is written:
+
+| Flag        | Claude Code file              | Cursor file                 | Default |
+| ----------- | ----------------------------- | --------------------------- | ------- |
+| `--local`   | `.claude/settings.local.json` | `.cursor/cli.json`          | ✓       |
+| `--project` | `.claude/settings.json`       | `.cursor/cli.json`          |         |
+| `--global`  | `~/.claude/settings.json`     | `~/.cursor/cli-config.json` |         |
+
+**`allow` options:**
+
+| Flag         | Purpose                                             |
+| ------------ | --------------------------------------------------- |
+| `--all`      | Allow all mcpx exec calls                           |
+| `--all-read` | Allow read-only commands (search, info, list, etc.) |
+| `--list`     | Show current mcpx-related permissions               |
+| `--cursor`   | Target Cursor settings instead of Claude Code       |
+| `--local`    | Write to local settings (default)                   |
+| `--project`  | Write to project settings (shared)                  |
+| `--global`   | Write to global settings                            |
+| `--dry-run`  | Show patterns without writing                       |
+
+**`deny` options:**
+
+| Flag         | Purpose                                       |
+| ------------ | --------------------------------------------- |
+| `--all`      | Remove all mcpx-related permissions           |
+| `--all-read` | Remove read-only command permissions          |
+| `--cursor`   | Target Cursor settings instead of Claude Code |
+| `--local`    | Write to local settings (default)             |
+| `--project`  | Write to project settings (shared)            |
+| `--global`   | Write to global settings                      |
+| `--dry-run`  | Show what would be removed                    |
+
 ## Development
 
 ```bash

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@evantahler/mcpx",
-  "version": "0.16.4",
+  "version": "0.17.1",
   "description": "A command-line interface for MCP servers. curl for MCP.",
   "type": "module",
   "bin": {

package/src/cli.ts

@@ -15,6 +15,11 @@ import { registerResourceCommand } from "./commands/resource.ts";
 import { registerPromptCommand } from "./commands/prompt.ts";
 import { registerServersCommand } from "./commands/servers.ts";
 import { registerTaskCommand } from "./commands/task.ts";
+import { registerAllowCommand } from "./commands/allow.ts";
+import { registerDenyCommand } from "./commands/deny.ts";
+import { registerCheckUpdateCommand } from "./commands/check-update.ts";
+import { registerUpgradeCommand } from "./commands/upgrade.ts";
+import { maybeCheckForUpdate } from "./update/background.ts";
 
 import pkg from "../package.json";
 
@@ -50,6 +55,10 @@ registerResourceCommand(program);
 registerPromptCommand(program);
 registerServersCommand(program);
 registerTaskCommand(program);
+registerAllowCommand(program);
+registerDenyCommand(program);
+registerCheckUpdateCommand(program);
+registerUpgradeCommand(program);
 
 // Detect unknown subcommands before commander misreports them as "too many arguments"
 const knownCommands = new Set(program.commands.map((c) => c.name()));
@@ -77,4 +86,13 @@ if (firstCommand && !knownCommands.has(firstCommand)) {
   process.exit(1);
 }
 
+// Fire-and-forget background update check
+const updateNotice = maybeCheckForUpdate();
+
 program.parse();
+
+// Print update notice after command output completes
+process.on("beforeExit", async () => {
+  const notice = await updateNotice;
+  if (notice) process.stderr.write(notice);
+});

package/src/commands/allow.ts

@@ -0,0 +1,163 @@
+import type { Command } from "commander";
+import { bold, cyan, dim, green, yellow } from "ansis";
+import {
+  type Client,
+  type Scope,
+  resolveSettingsPath,
+  readClientSettings,
+  writeClientSettings,
+  execPattern,
+  readOnlyPatterns,
+  allExecPattern,
+  allowCommandPattern,
+  denyCommandPattern,
+  addPatterns,
+  getMcpxPatterns,
+} from "../lib/client-settings.ts";
+import { formatOutput } from "../output/format-output.ts";
+import type { FormatOptions } from "../output/formatter.ts";
+
+export function registerAllowCommand(program: Command) {
+  program
+    .command("allow")
+    .description("add permission rules for mcpx commands (Claude Code or Cursor)")
+    .argument("[server]", "server name to allow")
+    .argument("[tools...]", "specific tool names to allow")
+    .option("--all", "allow all mcpx exec calls")
+    .option("--all-read", "allow read-only commands (search, info, list, servers, ping, etc.)")
+    .option("--list", "show current mcpx-related permissions")
+    .option("--cursor", "target Cursor settings instead of Claude Code")
+    .option("--local", "write to local settings (default)")
+    .option("--project", "write to project settings (shared)")
+    .option("--global", "write to global settings")
+    .option("--dry-run", "show patterns without writing")
+    .action(
+      async (
+        server: string | undefined,
+        tools: string[],
+        options: {
+          all?: boolean;
+          allRead?: boolean;
+          list?: boolean;
+          cursor?: boolean;
+          local?: boolean;
+          project?: boolean;
+          global?: boolean;
+          dryRun?: boolean;
+        },
+      ) => {
+        const formatOptions: FormatOptions = { json: program.opts().json };
+        const client: Client = options.cursor ? "cursor" : "claude";
+
+        // --list mode: show current permissions across all scopes
+        if (options.list) {
+          // Cursor maps local and project to the same file, so only show unique scopes
+          const scopes: Scope[] =
+            client === "cursor" ? ["local", "global"] : ["local", "project", "global"];
+          const results: { scope: Scope; path: string; patterns: string[] }[] = [];
+
+          for (const scope of scopes) {
+            const path = resolveSettingsPath(scope, client);
+            const settings = await readClientSettings(path);
+            const patterns = getMcpxPatterns(settings, client);
+            results.push({ scope, path, patterns });
+          }
+
+          console.log(
+            formatOutput(
+              results.map((r) => ({ scope: r.scope, path: r.path, patterns: r.patterns })),
+              () => {
+                const lines: string[] = [];
+                for (const r of results) {
+                  lines.push(bold(`${r.scope}`) + dim(` (${r.path})`));
+                  if (r.patterns.length === 0) {
+                    lines.push(`  ${dim("(none)")}`);
+                  } else {
+                    for (const p of r.patterns) {
+                      lines.push(`  ${green("✓")} ${p}`);
+                    }
+                  }
+                  lines.push("");
+                }
+                return lines.join("\n").trimEnd();
+              },
+              formatOptions,
+            ),
+          );
+          return;
+        }
+
+        // Build the list of patterns to add
+        const patterns: string[] = [];
+
+        if (options.all) {
+          patterns.push(allExecPattern(client));
+        }
+
+        if (options.allRead) {
+          patterns.push(...readOnlyPatterns(client));
+        }
+
+        if (server && tools.length > 0) {
+          for (const tool of tools) {
+            patterns.push(execPattern(server, tool, client));
+          }
+        } else if (server) {
+          patterns.push(execPattern(server, undefined, client));
+        }
+
+        if (patterns.length === 0) {
+          console.error("error: specify a server, --all, or --all-read. See 'mcpx allow --help'.");
+          process.exit(1);
+        }
+
+        // Always include allow/deny command patterns so the agent can self-manage
+        patterns.push(allowCommandPattern(client));
+        patterns.push(denyCommandPattern(client));
+
+        const scope: Scope = options.global ? "global" : options.project ? "project" : "local";
+        const path = resolveSettingsPath(scope, client);
+
+        if (options.dryRun) {
+          console.log(
+            formatOutput(
+              { scope, path, patterns },
+              () => {
+                const lines: string[] = [];
+                lines.push(bold("Dry run") + dim(` — would write to ${path}:`));
+                for (const p of patterns) {
+                  lines.push(`  ${yellow("+")} ${p}`);
+                }
+                return lines.join("\n");
+              },
+              formatOptions,
+            ),
+          );
+          return;
+        }
+
+        const settings = await readClientSettings(path);
+        const { settings: updated, added } = addPatterns(settings, patterns);
+        await writeClientSettings(path, updated);
+
+        console.log(
+          formatOutput(
+            { scope, path, added, total: (updated.permissions?.allow ?? []).length },
+            () => {
+              const lines: string[] = [];
+              if (added.length === 0) {
+                lines.push(dim("All patterns already present — no changes."));
+              } else {
+                lines.push(bold(`Added ${added.length} permission(s)`) + dim(` → ${path}`));
+                for (const p of added) {
+                  lines.push(`  ${green("+")} ${p}`);
+                }
+              }
+              return lines.join("\n");
+            },
+            formatOptions,
+          ),
+        );
+      },
+    );
+}

package/src/commands/check-update.ts

@@ -0,0 +1,70 @@
+import { green, yellow, cyan, dim } from "ansis";
+import type { Command } from "commander";
+import { createSpinner } from "nanospinner";
+import pkg from "../../package.json";
+import { checkForUpdate } from "../update/checker.ts";
+import { saveUpdateCache } from "../update/cache.ts";
+import type { UpdateCache } from "../update/checker.ts";
+
+export function registerCheckUpdateCommand(program: Command) {
+  program
+    .command("check-update")
+    .description("Check for a newer version of mcpx")
+    .action(async () => {
+      const opts = program.opts();
+      const json = !!(opts.json as boolean | undefined);
+      const isTTY = process.stderr.isTTY ?? false;
+
+      const spinner =
+        !json && isTTY
+          ? createSpinner("Checking for updates...", { stream: process.stderr }).start()
+          : null;
+
+      try {
+        const info = await checkForUpdate(pkg.version);
+
+        // Save to cache
+        const cache: UpdateCache = {
+          lastCheckAt: new Date().toISOString(),
+          latestVersion: info.latestVersion,
+          hasUpdate: info.hasUpdate,
+          changelog: info.changelog,
+        };
+        await saveUpdateCache(cache);
+
+        spinner?.stop();
+
+        if (json) {
+          console.log(JSON.stringify(info, null, 2));
+          return;
+        }
+
+        if (!info.hasUpdate) {
+          if (info.aheadOfLatest) {
+            console.log(
+              yellow(
+                `mcpx v${info.currentVersion} is ahead of latest published release (v${info.latestVersion})`,
+              ),
+            );
+          } else {
+            console.log(green(`mcpx is up to date (v${info.currentVersion})`));
+          }
+          return;
+        }
+
+        console.log(yellow(`Update available: ${info.currentVersion} → ${info.latestVersion}`));
+
+        if (info.changelog) {
+          console.log("");
+          console.log(dim(info.changelog));
+        }
+
+        console.log("");
+        console.log(cyan(`Run \`mcpx upgrade\` to update`));
+      } catch (err) {
+        spinner?.error({ text: "Failed to check for updates" });
+        console.error(String(err));
+        process.exit(1);
+      }
+    });
+}

package/src/commands/deny.ts

@@ -0,0 +1,134 @@
+import type { Command } from "commander";
+import { bold, dim, green, red, yellow } from "ansis";
+import {
+  type Client,
+  type Scope,
+  resolveSettingsPath,
+  readClientSettings,
+  writeClientSettings,
+  execPattern,
+  readOnlyPatterns,
+  allExecPattern,
+  removePatterns,
+  removeAllMcpxPatterns,
+  getServerPatterns,
+} from "../lib/client-settings.ts";
+import { formatOutput } from "../output/format-output.ts";
+import type { FormatOptions } from "../output/formatter.ts";
+
+export function registerDenyCommand(program: Command) {
+  program
+    .command("deny")
+    .description("remove permission rules for mcpx commands (Claude Code or Cursor)")
+    .argument("[server]", "server name to deny")
+    .argument("[tools...]", "specific tool names to deny")
+    .option("--all", "remove all mcpx-related permissions")
+    .option("--all-read", "remove read-only command permissions")
+    .option("--cursor", "target Cursor settings instead of Claude Code")
+    .option("--local", "write to local settings (default)")
+    .option("--project", "write to project settings (shared)")
+    .option("--global", "write to global settings")
+    .option("--dry-run", "show what would be removed")
+    .action(
+      async (
+        server: string | undefined,
+        tools: string[],
+        options: {
+          all?: boolean;
+          allRead?: boolean;
+          cursor?: boolean;
+          local?: boolean;
+          project?: boolean;
+          global?: boolean;
+          dryRun?: boolean;
+        },
+      ) => {
+        const formatOptions: FormatOptions = { json: program.opts().json };
+        const client: Client = options.cursor ? "cursor" : "claude";
+        const scope: Scope = options.global ? "global" : options.project ? "project" : "local";
+        const path = resolveSettingsPath(scope, client);
+        const settings = await readClientSettings(path);
+
+        let result: { settings: typeof settings; removed: string[] };
+
+        if (options.all) {
+          // Remove all mcpx-related patterns
+          result = removeAllMcpxPatterns(settings, client);
+        } else {
+          // Build the list of patterns to remove
+          const patterns: string[] = [];
+
+          if (options.allRead) {
+            patterns.push(...readOnlyPatterns(client));
+          }
+
+          if (server && tools.length > 0) {
+            for (const tool of tools) {
+              patterns.push(execPattern(server, tool, client));
+            }
+          } else if (server) {
+            // Remove the server-level pattern AND all tool-specific patterns for this server
+            patterns.push(execPattern(server, undefined, client));
+            patterns.push(...getServerPatterns(settings, server, client));
+          }
+
+          if (patterns.length === 0) {
+            console.error("error: specify a server, --all, or --all-read. See 'mcpx deny --help'.");
+            process.exit(1);
+          }
+
+          result = removePatterns(settings, patterns);
+        }
+
+        if (options.dryRun) {
+          console.log(
+            formatOutput(
+              { scope, path, wouldRemove: result.removed },
+              () => {
+                const lines: string[] = [];
+                lines.push(bold("Dry run") + dim(` — would remove from ${path}:`));
+                if (result.removed.length === 0) {
+                  lines.push(`  ${dim("(no matching patterns found)")}`);
+                } else {
+                  for (const p of result.removed) {
+                    lines.push(`  ${yellow("-")} ${p}`);
+                  }
+                }
+                return lines.join("\n");
+              },
+              formatOptions,
+            ),
+          );
+          return;
+        }
+
+        await writeClientSettings(path, result.settings);
+
+        console.log(
+          formatOutput(
+            {
+              scope,
+              path,
+              removed: result.removed,
+              total: (result.settings.permissions?.allow ?? []).length,
+            },
+            () => {
+              const lines: string[] = [];
+              if (result.removed.length === 0) {
+                lines.push(dim("No matching patterns found — no changes."));
+              } else {
+                lines.push(
+                  bold(`Removed ${result.removed.length} permission(s)`) + dim(` → ${path}`),
+                );
+                for (const p of result.removed) {
+                  lines.push(`  ${red("-")} ${p}`);
+                }
+              }
+              return lines.join("\n");
+            },
+            formatOptions,
+          ),
+        );
+      },
+    );
+}

package/src/commands/upgrade.ts

@@ -0,0 +1,226 @@
+import { $ } from "bun";
+import { green, yellow, red, cyan, dim } from "ansis";
+import type { Command } from "commander";
+import { createSpinner } from "nanospinner";
+import { tmpdir } from "os";
+import { join } from "path";
+import pkg from "../../package.json";
+import {
+  checkForUpdate,
+  detectInstallMethod,
+  needsCheck,
+  type InstallMethod,
+} from "../update/checker.ts";
+import { loadUpdateCache, saveUpdateCache, clearUpdateCache } from "../update/cache.ts";
+import type { UpdateCache } from "../update/checker.ts";
+import pkgMeta from "../../package.json";
+
+const GITHUB_REPO = pkgMeta.repository.url
+  .replace(/^https:\/\/github\.com\//, "")
+  .replace(/\.git$/, "");
+
+function platformArtifactName(): string {
+  let os: string;
+  let ext = "";
+  switch (process.platform) {
+    case "darwin":
+      os = "darwin";
+      break;
+    case "win32":
+      os = "windows";
+      ext = ".exe";
+      break;
+    default:
+      os = "linux";
+      break;
+  }
+  const arch = process.arch === "arm64" ? "arm64" : "x64";
+  return `mcpx-${os}-${arch}${ext}`;
+}
+
+async function upgradeWithPackageManager(command: string, args: string[]): Promise<boolean> {
+  const result = await $`${command} ${args}`.nothrow();
+  return result.exitCode === 0;
+}
+
+async function upgradeFromBinary(latestVersion: string): Promise<boolean> {
+  const artifact = platformArtifactName();
+  const tag = `v${latestVersion}`;
+  const url = `https://github.com/${GITHUB_REPO}/releases/download/${tag}/${artifact}`;
+
+  const tmpPath = join(tmpdir(), `mcpx-upgrade-${Date.now()}`);
+  const targetPath = process.execPath;
+
+  try {
+    const res = await fetch(url);
+    if (!res.ok) {
+      console.error(red(`Failed to download binary: HTTP ${res.status}`));
+      return false;
+    }
+
+    const bytes = await res.arrayBuffer();
+    await Bun.write(tmpPath, bytes);
+
+    await $`chmod +x ${tmpPath}`.quiet();
+
+    // Try to move into place
+    const mv = await $`mv ${tmpPath} ${targetPath}`.quiet().nothrow();
+
+    if (mv.exitCode !== 0) {
+      // Try with sudo
+      console.log(dim("Requires elevated permissions..."));
+      const sudo = await $`sudo mv ${tmpPath} ${targetPath}`.nothrow();
+      if (sudo.exitCode !== 0) {
+        console.error(red("Failed to install binary. Try running with sudo."));
+        return false;
+      }
+    }
+
+    return true;
+  } catch (err) {
+    console.error(red(`Failed to upgrade binary: ${err}`));
+    // Clean up temp file
+    await $`rm -f ${tmpPath}`.quiet().nothrow();
+    return false;
+  }
+}
+
+export function registerUpgradeCommand(program: Command) {
+  program
+    .command("upgrade")
+    .description("Upgrade mcpx to the latest version")
+    .action(async () => {
+      const opts = program.opts();
+      const json = !!(opts.json as boolean | undefined);
+      const isTTY = process.stderr.isTTY ?? false;
+
+      const spinner =
+        !json && isTTY
+          ? createSpinner("Checking for updates...", { stream: process.stderr }).start()
+          : null;
+
+      try {
+        // Check for update (use cache if fresh)
+        const cache = await loadUpdateCache();
+        let latestVersion: string;
+        let hasUpdate: boolean;
+
+        if (!needsCheck(cache) && cache) {
+          latestVersion = cache.latestVersion;
+          hasUpdate = cache.hasUpdate;
+        } else {
+          const info = await checkForUpdate(pkg.version);
+          latestVersion = info.latestVersion;
+          hasUpdate = info.hasUpdate;
+
+          const newCache: UpdateCache = {
+            lastCheckAt: new Date().toISOString(),
+            latestVersion,
+            hasUpdate,
+            changelog: info.changelog,
+          };
+          await saveUpdateCache(newCache);
+        }
+
+        if (!hasUpdate) {
+          spinner?.stop();
+          if (json) {
+            console.log(
+              JSON.stringify({
+                upgraded: false,
+                currentVersion: pkg.version,
+                message: "Already up to date",
+              }),
+            );
+          } else {
+            console.log(green(`mcpx is already up to date (v${pkg.version})`));
+          }
+          return;
+        }
+
+        const method: InstallMethod = detectInstallMethod();
+        spinner?.update({
+          text: `Upgrading from v${pkg.version} to v${latestVersion} (${method})...`,
+        });
+
+        let success = false;
+
+        switch (method) {
+          case "bun":
+            spinner?.stop();
+            success = await upgradeWithPackageManager("bun", [
+              "install",
+              "-g",
+              `@evantahler/mcpx@${latestVersion}`,
+            ]);
+            break;
+
+          case "npm":
+            spinner?.stop();
+            success = await upgradeWithPackageManager("npm", [
+              "install",
+              "-g",
+              `@evantahler/mcpx@${latestVersion}`,
+            ]);
+            break;
+
+          case "binary":
+            spinner?.stop();
+            success = await upgradeFromBinary(latestVersion);
+            break;
+
+          case "local-dev":
+            spinner?.stop();
+            if (json) {
+              console.log(
+                JSON.stringify({
+                  upgraded: false,
+                  currentVersion: pkg.version,
+                  latestVersion,
+                  installMethod: "local-dev",
+                  message: "Running from source. Use `git pull && bun install` to update.",
+                }),
+              );
+            } else {
+              console.log(yellow("Running from source. Use `git pull && bun install` to update."));
+            }
+            return;
+        }
+
+        if (success) {
+          await clearUpdateCache();
+          if (json) {
+            console.log(
+              JSON.stringify({
+                upgraded: true,
+                previousVersion: pkg.version,
+                newVersion: latestVersion,
+                installMethod: method,
+              }),
+            );
+          } else {
+            console.log(green(`Successfully upgraded mcpx: v${pkg.version} → v${latestVersion}`));
+          }
+        } else {
+          if (json) {
+            console.log(
+              JSON.stringify({
+                upgraded: false,
+                currentVersion: pkg.version,
+                latestVersion,
+                installMethod: method,
+                message: "Upgrade failed",
+              }),
+            );
+          } else {
+            console.error(red("Upgrade failed. See errors above."));
+          }
+          process.exit(1);
+        }
+      } catch (err) {
+        spinner?.error({ text: "Upgrade failed" });
+        console.error(String(err));
+        process.exit(1);
+      }
+    });
+}

package/src/config/loader.ts

@@ -1,7 +1,6 @@
 import { join, resolve } from "path";
-import { homedir } from "os";
 import { interpolateEnv } from "./env.ts";
-import { ENV } from "../constants.ts";
+import { DEFAULT_CONFIG_DIR, ENV } from "../constants.ts";
 import {
   type Config,
   type ServersFile,
@@ -12,8 +11,6 @@ import {
   validateSearchIndex,
 } from "./schemas.ts";
 
-const DEFAULT_CONFIG_DIR = join(homedir(), ".mcpx");
-
 const EMPTY_SERVERS: ServersFile = { mcpServers: {} };
 const EMPTY_AUTH: AuthFile = {};
 const EMPTY_SEARCH_INDEX: SearchIndex = {

package/src/constants.ts

@@ -1,3 +1,9 @@
+import { join } from "path";
+import { homedir } from "os";
+
+/** Default config directory (~/.mcpx) */
+export const DEFAULT_CONFIG_DIR = join(homedir(), ".mcpx");
+
 /** Environment variable names used by mcpx */
 export const ENV = {
   DEBUG: "MCP_DEBUG",
@@ -6,6 +12,7 @@ export const ENV = {
   MAX_RETRIES: "MCP_MAX_RETRIES",
   STRICT_ENV: "MCP_STRICT_ENV",
   CONFIG_PATH: "MCP_CONFIG_PATH",
+  NO_UPDATE_CHECK: "MCPX_NO_UPDATE_CHECK",
 } as const;
 
 /** Default values for configurable options */
@@ -16,4 +23,6 @@ export const DEFAULTS = {
   TASK_TTL_MS: 60_000,
   SEARCH_TOP_K: 10,
   LOG_LEVEL: "warning",
+  UPDATE_CHECK_INTERVAL_MS: 24 * 60 * 60 * 1000,
+  UPDATE_CHECK_TIMEOUT_MS: 5_000,
 } as const;

package/src/lib/client-settings.ts

@@ -0,0 +1,210 @@
+import { join } from "path";
+import { homedir } from "os";
+import { readFile, mkdir, writeFile } from "fs/promises";
+
+export type Client = "claude" | "cursor";
+export type Scope = "local" | "project" | "global";
+
+export interface ClientSettings {
+  permissions?: {
+    allow?: string[];
+    deny?: string[];
+  };
+  [key: string]: unknown;
+}
+
+function prefix(client: Client): string {
+  return client === "claude" ? "Bash" : "Shell";
+}
+
+/** Resolve the settings file path for a given scope and client */
+export function resolveSettingsPath(scope: Scope, client: Client = "claude"): string {
+  if (client === "cursor") {
+    switch (scope) {
+      case "local":
+      case "project":
+        return join(process.cwd(), ".cursor", "cli.json");
+      case "global":
+        return join(homedir(), ".cursor", "cli-config.json");
+    }
+  }
+
+  switch (scope) {
+    case "local":
+      return join(process.cwd(), ".claude", "settings.local.json");
+    case "project":
+      return join(process.cwd(), ".claude", "settings.json");
+    case "global":
+      return join(homedir(), ".claude", "settings.json");
+  }
+}
+
+/** Read client settings from a file, returning empty settings if the file doesn't exist */
+export async function readClientSettings(path: string): Promise<ClientSettings> {
+  try {
+    const content = await readFile(path, "utf-8");
+    return JSON.parse(content) as ClientSettings;
+  } catch {
+    return {};
+  }
+}
+
+/** Write client settings to a file, creating parent directories as needed */
+export async function writeClientSettings(path: string, settings: ClientSettings): Promise<void> {
+  const dir = join(path, "..");
+  await mkdir(dir, { recursive: true });
+  await writeFile(path, JSON.stringify(settings, null, 2) + "\n", "utf-8");
+}
+
+/** Generate a permission pattern for mcpx exec with a specific server and optional tool */
+export function execPattern(server: string, tool?: string, client: Client = "claude"): string {
+  const p = prefix(client);
+  if (tool) {
+    return `${p}(mcpx exec:${server}:${tool}:*)`;
+  }
+  return `${p}(mcpx exec:${server}:*)`;
+}
+
+/** Read-only mcpx commands that are safe to allow broadly */
+const READ_ONLY_COMMANDS = [
+  "search",
+  "info",
+  "servers",
+  "ping",
+  "resource",
+  "prompt",
+  "task",
+  "index",
+];
+
+/** Generate patterns for all read-only mcpx commands */
+export function readOnlyPatterns(client: Client = "claude"): string[] {
+  const p = prefix(client);
+  return READ_ONLY_COMMANDS.map((cmd) => `${p}(mcpx ${cmd}:*)`);
+}
+
+/** Generate the broad allow-all pattern for mcpx exec */
+export function allExecPattern(client: Client = "claude"): string {
+  return `${prefix(client)}(mcpx exec:*)`;
+}
+
+/** Generate the allow pattern for mcpx allow itself */
+export function allowCommandPattern(client: Client = "claude"): string {
+  return `${prefix(client)}(mcpx allow:*)`;
+}
+
+/** Generate the allow pattern for mcpx deny itself */
+export function denyCommandPattern(client: Client = "claude"): string {
+  return `${prefix(client)}(mcpx deny:*)`;
+}
+
+/** Check if a permission pattern is mcpx-related */
+export function isMcpxPattern(pattern: string, client: Client = "claude"): boolean {
+  return pattern.startsWith(`${prefix(client)}(mcpx `);
+}
+
+/** Add patterns to settings, deduplicating. Returns the updated settings and list of newly added patterns. */
+export function addPatterns(
+  settings: ClientSettings,
+  patterns: string[],
+): { settings: ClientSettings; added: string[] } {
+  const existing = new Set(settings.permissions?.allow ?? []);
+  const added: string[] = [];
+
+  for (const p of patterns) {
+    if (!existing.has(p)) {
+      existing.add(p);
+      added.push(p);
+    }
+  }
+
+  return {
+    settings: {
+      ...settings,
+      permissions: {
+        ...settings.permissions,
+        allow: [...existing],
+      },
+    },
+    added,
+  };
+}
+
+/** Remove specific patterns from settings. Returns the updated settings and list of removed patterns. */
+export function removePatterns(
+  settings: ClientSettings,
+  patterns: string[],
+): { settings: ClientSettings; removed: string[] } {
+  const existing = settings.permissions?.allow ?? [];
+  const toRemove = new Set(patterns);
+  const removed: string[] = [];
+  const remaining: string[] = [];
+
+  for (const p of existing) {
+    if (toRemove.has(p)) {
+      removed.push(p);
+    } else {
+      remaining.push(p);
+    }
+  }
+
+  return {
+    settings: {
+      ...settings,
+      permissions: {
+        ...settings.permissions,
+        allow: remaining,
+      },
+    },
+    removed,
+  };
+}
+
+/** Remove all mcpx-related patterns from settings. Returns the updated settings and list of removed patterns. */
+export function removeAllMcpxPatterns(
+  settings: ClientSettings,
+  client: Client = "claude",
+): {
+  settings: ClientSettings;
+  removed: string[];
+} {
+  const existing = settings.permissions?.allow ?? [];
+  const removed: string[] = [];
+  const remaining: string[] = [];
+
+  for (const p of existing) {
+    if (isMcpxPattern(p, client)) {
+      removed.push(p);
+    } else {
+      remaining.push(p);
+    }
+  }
+
+  return {
+    settings: {
+      ...settings,
+      permissions: {
+        ...settings.permissions,
+        allow: remaining,
+      },
+    },
+    removed,
+  };
+}
+
+/** Extract all mcpx-related patterns from settings */
+export function getMcpxPatterns(settings: ClientSettings, client: Client = "claude"): string[] {
+  return (settings.permissions?.allow ?? []).filter((p) => isMcpxPattern(p, client));
+}
+
+/** Get all mcpx-related patterns for a specific server */
+export function getServerPatterns(
+  settings: ClientSettings,
+  server: string,
+  client: Client = "claude",
+): string[] {
+  const p = prefix(client);
+  return getMcpxPatterns(settings, client).filter(
+    (pat) => pat.startsWith(`${p}(mcpx exec:${server}:`) || pat === `${p}(mcpx exec:${server}:*)`,
+  );
+}

package/src/update/background.ts

@@ -0,0 +1,76 @@
+import { yellow, cyan, dim } from "ansis";
+import pkg from "../../package.json";
+import { ENV, DEFAULTS } from "../constants.ts";
+import { checkForUpdate, needsCheck, type UpdateCache } from "./checker.ts";
+import { loadUpdateCache, saveUpdateCache } from "./cache.ts";
+
+/** Format an update notice for stderr output. */
+function formatNotice(currentVersion: string, latestVersion: string, changelog?: string): string {
+  const lines: string[] = ["", yellow(`Update available: ${currentVersion} → ${latestVersion}`)];
+
+  if (changelog) {
+    lines.push("");
+    lines.push(dim(changelog));
+  }
+
+  lines.push("");
+  lines.push(cyan(`Run \`mcpx upgrade\` to update`));
+  lines.push("");
+
+  return lines.join("\n");
+}
+
+/**
+ * Non-blocking background update check. Returns a formatted notice string
+ * if an update is available, or null otherwise. Never throws.
+ */
+export async function maybeCheckForUpdate(): Promise<string | null> {
+  try {
+    // Opt-out via env var
+    if (process.env[ENV.NO_UPDATE_CHECK] === "1") return null;
+
+    // Skip if this is the check-update or upgrade command
+    const args = process.argv.slice(2);
+    const command = args.find((a) => !a.startsWith("-"));
+    if (command === "check-update" || command === "upgrade") return null;
+
+    // Only show in TTY
+    if (!(process.stderr.isTTY ?? false)) return null;
+
+    const cache = await loadUpdateCache();
+
+    if (!needsCheck(cache)) {
+      // Cache is fresh — use cached result
+      if (cache?.hasUpdate) {
+        return formatNotice(pkg.version, cache.latestVersion, cache.changelog);
+      }
+      return null;
+    }
+
+    // Cache is stale or missing — check with timeout
+    const controller = new AbortController();
+    const timeout = setTimeout(() => controller.abort(), DEFAULTS.UPDATE_CHECK_TIMEOUT_MS);
+
+    try {
+      const info = await checkForUpdate(pkg.version, controller.signal);
+
+      const newCache: UpdateCache = {
+        lastCheckAt: new Date().toISOString(),
+        latestVersion: info.latestVersion,
+        hasUpdate: info.hasUpdate,
+        changelog: info.changelog,
+      };
+      await saveUpdateCache(newCache);
+
+      if (info.hasUpdate) {
+        return formatNotice(pkg.version, info.latestVersion, info.changelog);
+      }
+    } finally {
+      clearTimeout(timeout);
+    }
+
+    return null;
+  } catch {
+    return null;
+  }
+}

package/src/update/cache.ts

@@ -0,0 +1,37 @@
+import { join } from "path";
+import { DEFAULT_CONFIG_DIR } from "../constants.ts";
+import type { UpdateCache } from "./checker.ts";
+
+const UPDATE_CACHE_PATH = join(DEFAULT_CONFIG_DIR, "update.json");
+
+/** Load the cached update check result, if it exists. */
+export async function loadUpdateCache(): Promise<UpdateCache | undefined> {
+  try {
+    const file = Bun.file(UPDATE_CACHE_PATH);
+    if (!(await file.exists())) return undefined;
+    return JSON.parse(await file.text()) as UpdateCache;
+  } catch {
+    return undefined;
+  }
+}
+
+/** Save update check result to the cache file. */
+export async function saveUpdateCache(cache: UpdateCache): Promise<void> {
+  try {
+    await Bun.write(UPDATE_CACHE_PATH, JSON.stringify(cache, null, 2) + "\n");
+  } catch {
+    // Ignore write failures (e.g. permissions)
+  }
+}
+
+/** Remove the cached update check result. */
+export async function clearUpdateCache(): Promise<void> {
+  try {
+    const file = Bun.file(UPDATE_CACHE_PATH);
+    if (await file.exists()) {
+      await Bun.write(UPDATE_CACHE_PATH, "");
+    }
+  } catch {
+    // Ignore
+  }
+}

package/src/update/checker.ts

@@ -0,0 +1,122 @@
+import pkg from "../../package.json";
+import { DEFAULTS } from "../constants.ts";
+
+const NPM_REGISTRY_URL = `https://registry.npmjs.org/${pkg.name}/latest`;
+const GITHUB_REPO = pkg.repository.url
+  .replace(/^https:\/\/github\.com\//, "")
+  .replace(/\.git$/, "");
+
+export interface UpdateInfo {
+  currentVersion: string;
+  latestVersion: string;
+  hasUpdate: boolean;
+  aheadOfLatest: boolean;
+  changelog?: string;
+}
+
+export interface UpdateCache {
+  lastCheckAt: string;
+  latestVersion: string;
+  hasUpdate: boolean;
+  changelog?: string;
+}
+
+export type InstallMethod = "npm" | "bun" | "binary" | "local-dev";
+
+/** Compare two semver strings. Returns true if latest > current. */
+export function isNewerVersion(current: string, latest: string): boolean {
+  return Bun.semver.order(current, latest) === -1;
+}
+
+/** Fetch the latest version from the npm registry. */
+export async function fetchLatestVersion(signal?: AbortSignal): Promise<string> {
+  try {
+    const res = await fetch(NPM_REGISTRY_URL, { signal });
+    if (!res.ok) return pkg.version;
+    const data = (await res.json()) as { version: string };
+    return data.version;
+  } catch {
+    return pkg.version;
+  }
+}
+
+/** Fetch changelog from GitHub releases between two versions. */
+export async function fetchChangelog(
+  fromVersion: string,
+  toVersion: string,
+  signal?: AbortSignal,
+): Promise<string | undefined> {
+  try {
+    const res = await fetch(`https://api.github.com/repos/${GITHUB_REPO}/releases?per_page=20`, {
+      signal,
+      headers: { Accept: "application/vnd.github.v3+json" },
+    });
+    if (!res.ok) return undefined;
+
+    const releases = (await res.json()) as Array<{
+      tag_name: string;
+      body: string | null;
+    }>;
+
+    const relevant = releases.filter((r) => {
+      const v = r.tag_name.replace(/^v/, "");
+      return isNewerVersion(fromVersion, v) && !isNewerVersion(toVersion, v);
+    });
+
+    if (relevant.length === 0) return undefined;
+
+    return relevant
+      .map((r) => `## ${r.tag_name}\n${r.body ?? ""}`)
+      .join("\n\n")
+      .trim();
+  } catch {
+    return undefined;
+  }
+}
+
+/** Check npm for a newer version and fetch changelog if available. */
+export async function checkForUpdate(
+  currentVersion: string,
+  signal?: AbortSignal,
+): Promise<UpdateInfo> {
+  const latestVersion = await fetchLatestVersion(signal);
+  const hasUpdate = isNewerVersion(currentVersion, latestVersion);
+  const aheadOfLatest = isNewerVersion(latestVersion, currentVersion);
+
+  let changelog: string | undefined;
+  if (hasUpdate) {
+    changelog = await fetchChangelog(currentVersion, latestVersion, signal);
+  }
+
+  return { currentVersion, latestVersion, hasUpdate, aheadOfLatest, changelog };
+}
+
+/** Returns true if the cache is missing or older than 24 hours. */
+export function needsCheck(cache?: UpdateCache): boolean {
+  if (!cache?.lastCheckAt) return true;
+  return Date.now() - new Date(cache.lastCheckAt).getTime() > DEFAULTS.UPDATE_CHECK_INTERVAL_MS;
+}
+
+/** Detect how mcpx was installed. */
+export function detectInstallMethod(): InstallMethod {
+  const script = process.argv[1] ?? "";
+  const execPath = process.execPath;
+
+  // Local dev: running src/cli.ts directly outside node_modules
+  if (script.includes("src/cli.ts") && !script.includes("node_modules")) {
+    return "local-dev";
+  }
+
+  // Compiled binary: execPath is the binary itself (not bun/node)
+  if (!execPath.includes("bun") && !execPath.includes("node")) {
+    return "binary";
+  }
+
+  // Bun global install: path contains .bun/install
+  if (script.includes(".bun/install") || script.includes(".bun/bin")) {
+    return "bun";
+  }
+
+  // npm global install: fallback for node_modules paths
+  return "npm";
+}