@kakunin/mcp 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +2 -0
  2. package/dist/index.js +28 -22
  3. package/package.json +2 -2
package/README.md CHANGED
@@ -1,5 +1,7 @@
1
1
  # @kakunin/mcp
2
2
 
3
+ [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/nqzai/kakunin-mcp/badge)](https://scorecard.dev/viewer/?uri=github.com/nqzai/kakunin-mcp)
4
+
3
5
  Model Context Protocol server for the [Kakunin](https://kakunin.ai) AI agent compliance API. Lets AI agents self-verify scope, check their own risk score, and log behavioral events — all from within Claude, Cursor, or any MCP-compatible runtime.
4
6
 
5
7
  ```bash
package/dist/index.js CHANGED
@@ -76,8 +76,8 @@ var verifyScopeInputSchema = z.object({
76
76
  venue: z.string().optional().describe('Optional trading venue or system being accessed (e.g. "euronext", "xetra").'),
77
77
  amount_usd: z.number().optional().describe("Optional transaction amount in USD for financial scope enforcement.")
78
78
  });
79
- async function verifyScopeHandler(client2, input) {
80
- const cert = await client2.getActiveCertificate();
79
+ async function verifyScopeHandler(client, input) {
80
+ const cert = await client.getActiveCertificate();
81
81
  const checkedAt = (/* @__PURE__ */ new Date()).toISOString();
82
82
  if (!cert) {
83
83
  return {
@@ -151,8 +151,8 @@ function isActionPermitted(action, permitted) {
151
151
  }
152
152
 
153
153
  // src/tools/check-risk.ts
154
- async function checkRiskHandler(client2) {
155
- const profile = await client2.getRiskProfile();
154
+ async function checkRiskHandler(client) {
155
+ const profile = await client.getRiskProfile();
156
156
  const checkedAt = (/* @__PURE__ */ new Date()).toISOString();
157
157
  const trend = profile.drift.drift_trend ?? "insufficient_data";
158
158
  const recommendation = buildRecommendation(profile.dominant_band, trend, profile.avg_score);
@@ -204,8 +204,8 @@ var auditLogAppendInputSchema = z2.object({
204
204
  ),
205
205
  session_id: z2.string().optional().describe("Optional session ID for grouping related events in the audit trail.")
206
206
  });
207
- async function auditLogAppendHandler(client2, input) {
208
- const result = await client2.ingestEvent(
207
+ async function auditLogAppendHandler(client, input) {
208
+ const result = await client.ingestEvent(
209
209
  input.event_type,
210
210
  input.metadata,
211
211
  input.session_id
@@ -224,29 +224,35 @@ async function auditLogAppendHandler(client2, input) {
224
224
  var apiKey = process.env["KAKUNIN_API_KEY"];
225
225
  var agentId = process.env["KAKUNIN_AGENT_ID"];
226
226
  var baseUrl = process.env["KAKUNIN_BASE_URL"];
227
- if (!apiKey) {
228
- console.error("[kakunin-mcp] KAKUNIN_API_KEY is required");
229
- process.exit(1);
230
- }
231
- if (!agentId) {
232
- console.error("[kakunin-mcp] KAKUNIN_AGENT_ID is required");
233
- process.exit(1);
227
+ var _client;
228
+ function getClient() {
229
+ if (!apiKey) {
230
+ throw new Error(
231
+ "KAKUNIN_API_KEY is required to call Kakunin tools. Set it in your MCP server environment."
232
+ );
233
+ }
234
+ if (!agentId) {
235
+ throw new Error(
236
+ "KAKUNIN_AGENT_ID is required to call Kakunin tools. Set it in your MCP server environment."
237
+ );
238
+ }
239
+ _client ??= new KakuninMcpClient({
240
+ apiKey,
241
+ agentId,
242
+ ...baseUrl !== void 0 ? { baseUrl } : {}
243
+ });
244
+ return _client;
234
245
  }
235
- var client = new KakuninMcpClient({
236
- apiKey,
237
- agentId,
238
- ...baseUrl !== void 0 ? { baseUrl } : {}
239
- });
240
246
  var server = new McpServer({
241
247
  name: "kakunin",
242
- version: "0.1.0"
248
+ version: "0.2.1"
243
249
  });
244
250
  server.tool(
245
251
  "verify_agent_scope",
246
252
  "Check whether this agent is authorised to perform a specific action or call a specific endpoint. Verifies the active X.509 certificate, permitted_actions scope, financial limits, and revocation status. Call this BEFORE executing any action that might exceed scope \u2014 not after.",
247
253
  verifyScopeInputSchema.shape,
248
254
  async (input) => {
249
- const result = await verifyScopeHandler(client, input);
255
+ const result = await verifyScopeHandler(getClient(), input);
250
256
  return {
251
257
  content: [
252
258
  {
@@ -263,7 +269,7 @@ server.tool(
263
269
  // No input parameters
264
270
  {},
265
271
  async () => {
266
- const result = await checkRiskHandler(client);
272
+ const result = await checkRiskHandler(getClient());
267
273
  return {
268
274
  content: [
269
275
  {
@@ -291,7 +297,7 @@ server.tool(
291
297
  isError: true
292
298
  };
293
299
  }
294
- const result = await auditLogAppendHandler(client, parsed.data);
300
+ const result = await auditLogAppendHandler(getClient(), parsed.data);
295
301
  return {
296
302
  content: [
297
303
  {
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@kakunin/mcp",
3
- "version": "0.2.0",
4
- "description": "Kakunin MCP server \u2014 lets AI agents query their own scope, risk score, and log behavioral events",
3
+ "version": "0.2.1",
4
+ "description": "Kakunin MCP server lets AI agents query their own scope, risk score, and log behavioral events",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",
7
7
  "types": "./dist/index.d.ts",