@kya-os/create-mcpi-app 1.7.17 → 1.7.20

package/src/helpers/fetch-cloudflare-mcpi-template.ts

@@ -0,0 +1,2311 @@
+import fs from "fs-extra";
+import path from "path";
+import chalk from "chalk";
+import { generateIdentity } from "./generate-identity.js";
+
+interface CloudflareMcpiTemplateOptions {
+  packageManager?: string;
+  projectName?: string;
+  apikey?: string;
+  projectId?: string;
+  skipIdentity?: boolean;
+}
+
+/**
+ * Scaffold Cloudflare Worker MCP server
+ * Uses McpAgent from agents/mcp for MCP protocol support
+ */
+export async function fetchCloudflareMcpiTemplate(
+  projectPath: string,
+  options: CloudflareMcpiTemplateOptions = {}
+): Promise<void> {
+  const {
+    packageManager = "npm",
+    projectName = path.basename(projectPath),
+    apikey,
+    projectId,
+    skipIdentity = false,
+  } = options;
+
+  // Sanitize project name for class names
+  const className = projectName
+    .replace(/[^a-zA-Z0-9]/g, "")
+    .replace(/^[0-9]/, "_$&");
+  const pascalClassName =
+    className.charAt(0).toUpperCase() + className.slice(1);
+
+  try {
+    console.log(chalk.blue("📦 Setting up Cloudflare Worker MCP server..."));
+
+    // Create package.json
+    const packageJson = {
+      name: projectName,
+      version: "0.1.0",
+      private: true,
+      scripts: {
+        setup: "node scripts/setup.js",
+        postinstall: "npm run setup",
+        deploy: "wrangler deploy",
+        dev: "wrangler dev",
+        start: "wrangler dev",
+        "kv:create":
+          "npm run kv:create-nonce && npm run kv:create-proof && npm run kv:create-identity && npm run kv:create-delegation && npm run kv:create-tool-protection",
+        "kv:create-nonce": `wrangler kv namespace create ${className.toUpperCase()}_NONCE_CACHE`,
+        "kv:create-proof": `wrangler kv namespace create ${className.toUpperCase()}_PROOF_ARCHIVE`,
+        "kv:create-identity": `wrangler kv namespace create ${className.toUpperCase()}_IDENTITY_STORAGE`,
+        "kv:create-delegation": `wrangler kv namespace create ${className.toUpperCase()}_DELEGATION_STORAGE`,
+        "kv:create-tool-protection": `wrangler kv namespace create ${className.toUpperCase()}_TOOL_PROTECTION_KV`,
+        "kv:list":
+          "wrangler kv namespace list | grep -E '(NONCE|PROOF|IDENTITY|DELEGATION|TOOL_PROTECTION|MCPI)' || wrangler kv namespace list",
+        "kv:keys-nonce": `wrangler kv key list --binding=${className.toUpperCase()}_NONCE_CACHE`,
+        "kv:keys-proof": `wrangler kv key list --binding=${className.toUpperCase()}_PROOF_ARCHIVE`,
+        "kv:keys-identity": `wrangler kv key list --binding=${className.toUpperCase()}_IDENTITY_STORAGE`,
+        "kv:keys-delegation": `wrangler kv key list --binding=${className.toUpperCase()}_DELEGATION_STORAGE`,
+        "kv:keys-tool-protection": `wrangler kv key list --binding=${className.toUpperCase()}_TOOL_PROTECTION_KV`,
+        "kv:delete-nonce": `wrangler kv namespace delete --binding=${className.toUpperCase()}_NONCE_CACHE`,
+        "kv:delete-proof": `wrangler kv namespace delete --binding=${className.toUpperCase()}_PROOF_ARCHIVE`,
+        "kv:delete-identity": `wrangler kv namespace delete --binding=${className.toUpperCase()}_IDENTITY_STORAGE`,
+        "kv:delete-delegation": `wrangler kv namespace delete --binding=${className.toUpperCase()}_DELEGATION_STORAGE`,
+        "kv:delete-tool-protection": `wrangler kv namespace delete --binding=${className.toUpperCase()}_TOOL_PROTECTION_KV`,
+        "kv:delete":
+          "npm run kv:delete-nonce && npm run kv:delete-proof && npm run kv:delete-identity && npm run kv:delete-delegation && npm run kv:delete-tool-protection",
+        "kv:reset": "npm run kv:delete && npm run kv:create",
+        "kv:setup":
+          "echo 'KV Commands: kv:create (create all), kv:list (list all), kv:keys-* (view keys), kv:delete (delete all), kv:reset (delete+recreate)'",
+        "cf-typegen": "wrangler types",
+        "type-check": "tsc --noEmit",
+        test: "vitest",
+        "test:watch": "vitest --watch",
+        "test:coverage": "vitest run --coverage",
+      },
+      dependencies: {
+        "@kya-os/mcp-i-cloudflare": "^1.3.2",
+        "@modelcontextprotocol/sdk": "^1.19.1",
+        agents: "^0.2.8",
+        hono: "^4.9.10",
+        zod: "^3.25.76",
+      },
+      devDependencies: {
+        "@cloudflare/workers-types": "^4.20240925.0",
+        "@vitest/coverage-v8": "^3.2.4",
+        miniflare: "^3.0.0",
+        typescript: "^5.6.2",
+        vitest: "^3.2.4",
+        wrangler: "^4.42.2",
+      },
+    };
+
+    fs.ensureDirSync(projectPath);
+    fs.writeJsonSync(path.join(projectPath, "package.json"), packageJson, {
+      spaces: 2,
+    });
+
+    // Create src directory and tools
+    const srcDir = path.join(projectPath, "src");
+    const toolsDir = path.join(srcDir, "tools");
+    fs.ensureDirSync(toolsDir);
+
+    // Create scripts directory
+    const scriptsDir = path.join(projectPath, "scripts");
+    fs.ensureDirSync(scriptsDir);
+
+    // Create setup.js automation script
+    const setupScriptContent = `#!/usr/bin/env node
+
+/**
+ * Automated Setup Script for ${projectName}
+ *
+ * This script automates the tedious process of:
+ * 1. Checking/installing wrangler
+ * 2. Creating KV namespaces
+ * 3. Extracting namespace IDs
+ * 4. Updating wrangler.toml automatically
+ * 5. Setting up local development environment
+ */
+
+const { execSync } = require('child_process');
+const fs = require('fs');
+const path = require('path');
+const readline = require('readline');
+
+const rl = readline.createInterface({
+  input: process.stdin,
+  output: process.stdout
+});
+
+// Colors for terminal output
+const colors = {
+  reset: '\\x1b[0m',
+  bright: '\\x1b[1m',
+  green: '\\x1b[32m',
+  yellow: '\\x1b[33m',
+  blue: '\\x1b[36m',
+  red: '\\x1b[31m'
+};
+
+function log(message, color = colors.reset) {
+  console.log(color + message + colors.reset);
+}
+
+function skipToPostKVSetup() {
+  // Skip KV creation but continue with other setup steps
+  const devVarsPath = path.join(__dirname, '..', '.dev.vars');
+  const devVarsExamplePath = path.join(__dirname, '..', '.dev.vars.example');
+
+  // Create .dev.vars from example if it doesn't exist
+  if (!fs.existsSync(devVarsPath) && fs.existsSync(devVarsExamplePath)) {
+    log('\\n📋 Creating .dev.vars from example...', colors.blue);
+    fs.copyFileSync(devVarsExamplePath, devVarsPath);
+    log('✅ Created .dev.vars - Please update with your values', colors.green);
+  }
+
+  // Check if identity needs to be generated
+  if (fs.existsSync(devVarsPath)) {
+    const devVarsContent = fs.readFileSync(devVarsPath, 'utf-8');
+    if (devVarsContent.includes('your-private-key-here')) {
+      log('\\n🔑 Generating agent identity...', colors.blue);
+      try {
+        execSync('npx @kya-os/create-mcpi-app regenerate-identity', { stdio: 'inherit' });
+        log('✅ Identity generated successfully', colors.green);
+      } catch {
+        log('⚠️  Could not generate identity automatically. Run: npx @kya-os/create-mcpi-app regenerate-identity', colors.yellow);
+      }
+    }
+  }
+
+  // Show modified next steps
+  log('\\n✨ Setup partially complete! Next steps:\\n', colors.bright + colors.green);
+  log('1. Set your Cloudflare account ID (required for KV namespaces):', colors.blue);
+  log('   export CLOUDFLARE_ACCOUNT_ID=your-account-id', colors.reset);
+  log('   OR add to wrangler.toml: account_id = "your-account-id"\\n', colors.reset);
+  log('2. Create KV namespaces: npm run kv:create', colors.blue);
+  log('3. Review .dev.vars and add any missing values', colors.blue);
+  log('4. Start development server: npm run dev', colors.blue);
+  log('5. Deploy to production: npm run deploy', colors.blue);
+  log('\\nUseful commands:', colors.bright);
+  log('  npm run dev                    - Start local development server');
+  log('  npm run deploy                 - Deploy to Cloudflare Workers');
+  log('  npm run kv:list                - List all KV namespaces');
+  log('  wrangler secret put <KEY>      - Set production secrets');
+  log('\\nFor more information, see the README.md file.\\n');
+
+  rl.close();
+}
+
+async function setup() {
+  log('\\n🚀 Starting automated setup for ${projectName}...\\n', colors.bright + colors.blue);
+
+  // 1. Check wrangler installation
+  try {
+    const wranglerVersion = execSync('wrangler --version', { encoding: 'utf-8' });
+    log('✅ Wrangler CLI detected: ' + wranglerVersion.trim(), colors.green);
+  } catch {
+    log('📦 Wrangler CLI not found. Installing...', colors.yellow);
+    try {
+      execSync('npm install -g wrangler', { stdio: 'inherit' });
+      log('✅ Wrangler CLI installed successfully', colors.green);
+    } catch (error) {
+      log('❌ Failed to install Wrangler. Please install manually: npm install -g wrangler', colors.red);
+      process.exit(1);
+    }
+  }
+
+  // 2. Check if user is logged in to Cloudflare
+  try {
+    execSync('wrangler whoami', { encoding: 'utf-8' });
+    log('✅ Logged in to Cloudflare', colors.green);
+  } catch {
+    log('🔑 Please log in to Cloudflare:', colors.yellow);
+    try {
+      execSync('wrangler login', { stdio: 'inherit' });
+    } catch (error) {
+      log('❌ Login failed. Please run: wrangler login', colors.red);
+      process.exit(1);
+    }
+  }
+
+  // 2.5. Set up wrangler.toml path for later use
+  const wranglerTomlPath = path.join(__dirname, '..', 'wrangler.toml');
+  let wranglerContent = '';
+
+  try {
+    wranglerContent = fs.readFileSync(wranglerTomlPath, 'utf-8');
+  } catch (error) {
+    log('⚠️  Could not read wrangler.toml', colors.yellow);
+  }
+
+  // 3. Create KV namespaces
+  log('\\n📚 Creating KV namespaces...\\n', colors.bright);
+
+  const namespaces = [
+    { binding: '${className.toUpperCase()}_NONCE_CACHE', name: 'Nonce Cache', purpose: 'Replay attack prevention' },
+    { binding: '${className.toUpperCase()}_PROOF_ARCHIVE', name: 'Proof Archive', purpose: 'Cryptographic proof storage' },
+    { binding: '${className.toUpperCase()}_IDENTITY_STORAGE', name: 'Identity Storage', purpose: 'Agent identity persistence' },
+    { binding: '${className.toUpperCase()}_DELEGATION_STORAGE', name: 'Delegation Storage', purpose: 'OAuth token storage' },
+    { binding: '${className.toUpperCase()}_TOOL_PROTECTION_KV', name: 'Tool Protection', purpose: 'Permission caching' }
+  ];
+
+  const kvIds = {};
+  let multipleAccountsDetected = false;
+
+  for (const ns of namespaces) {
+    // If we already detected multiple accounts, skip remaining namespaces
+    if (multipleAccountsDetected) {
+      break;
+    }
+
+    log(\`Creating \${ns.name} (\${ns.purpose})...\`, colors.blue);
+
+    try {
+      // Create the namespace
+      const output = execSync(\`wrangler kv namespace create "\${ns.binding}"\`, { encoding: 'utf-8', stderr: 'pipe' });
+
+      // Extract the ID from output
+      const idMatch = output.match(/id = "([^"]+)"/);
+
+      if (idMatch && idMatch[1]) {
+        kvIds[ns.binding] = idMatch[1];
+        log(\`  ✅ Created with ID: \${idMatch[1]}\`, colors.green);
+      } else {
+        // Try to get existing namespace
+        const listOutput = execSync('wrangler kv namespace list', { encoding: 'utf-8' });
+
+        try {
+          const namespaces = JSON.parse(listOutput);
+          const existingNamespace = namespaces.find(n => n.title === ns.binding);
+
+          if (existingNamespace && existingNamespace.id) {
+            kvIds[ns.binding] = existingNamespace.id;
+            log(\`  ⚠️  Namespace already exists with ID: \${existingNamespace.id}\`, colors.yellow);
+          } else {
+            log(\`  ⚠️  Could not extract ID for \${ns.binding}. You may need to add it manually.\`, colors.yellow);
+          }
+        } catch (parseError) {
+          // Fallback to regex if JSON parsing fails
+          const existingMatch = listOutput.match(new RegExp(\`"title":\\s*"\${ns.binding}"[^}]*"id":\\s*"([^"]+)"\`));
+
+          if (existingMatch && existingMatch[1]) {
+            kvIds[ns.binding] = existingMatch[1];
+            log(\`  ⚠️  Namespace already exists with ID: \${existingMatch[1]}\`, colors.yellow);
+          } else {
+            log(\`  ⚠️  Could not extract ID for \${ns.binding}. You may need to add it manually.\`, colors.yellow);
+          }
+        }
+      }
+    } catch (error) {
+      const errorMessage = error.message || error.toString();
+
+      // Check if this is a multiple accounts error
+      if (errorMessage.includes('More than one account') || errorMessage.includes('multiple accounts')) {
+        multipleAccountsDetected = true;
+        log('\\n⚠️  Multiple Cloudflare accounts detected!\\n', colors.yellow);
+        log('Wrangler cannot automatically select an account in non-interactive mode.\\n', colors.yellow);
+        log('To fix this, choose one of these options:\\n', colors.bright);
+        log('Option 1: Set environment variable (recommended):', colors.blue);
+        log('  export CLOUDFLARE_ACCOUNT_ID=your-account-id', colors.reset);
+        log('  npm run setup\\n', colors.reset);
+        log('Option 2: Add to wrangler.toml (permanent):', colors.blue);
+        log('  Edit wrangler.toml and add:', colors.reset);
+        log('  account_id = "your-account-id"\\n', colors.reset);
+        log('Find your account IDs in the error above or run:', colors.blue);
+        log('  wrangler whoami\\n', colors.reset);
+        log('⏭️  Skipping remaining KV namespace creation.', colors.yellow);
+        log('After setting account_id, run: npm run setup\\n', colors.yellow);
+        break;
+      }
+
+      // Check if namespace already exists
+      try {
+        const listOutput = execSync('wrangler kv namespace list', { encoding: 'utf-8' });
+
+        // Parse JSON output
+        try {
+          const namespaces = JSON.parse(listOutput);
+
+          // Look for namespace by title (which matches the binding name)
+          const existingNamespace = namespaces.find(n => n.title === ns.binding);
+
+          if (existingNamespace && existingNamespace.id) {
+            kvIds[ns.binding] = existingNamespace.id;
+            log(\`  ⚠️  Found existing namespace with ID: \${existingNamespace.id}\`, colors.yellow);
+          } else {
+            log(\`  ⚠️  Could not find existing namespace: \${ns.binding}\`, colors.yellow);
+            log(\`     Error: \${errorMessage}\`, colors.yellow);
+          }
+        } catch (parseError) {
+          // If JSON parse fails, try regex as fallback
+          const existingMatch = listOutput.match(new RegExp(\`"title":\\s*"\${ns.binding}"[^}]*"id":\\s*"([^"]+)"\`));
+
+          if (existingMatch && existingMatch[1]) {
+            kvIds[ns.binding] = existingMatch[1];
+            log(\`  ⚠️  Found existing namespace with ID: \${existingMatch[1]}\`, colors.yellow);
+          } else {
+            log(\`  ❌ Failed to create \${ns.binding}: \${errorMessage}\`, colors.red);
+          }
+        }
+      } catch (listError) {
+        log(\`  ❌ Failed to create or find \${ns.binding}\`, colors.red);
+      }
+    }
+  }
+
+  // If multiple accounts detected, skip to post-KV setup
+  if (multipleAccountsDetected) {
+    return skipToPostKVSetup();
+  }
+
+  // 4. Update wrangler.toml with KV IDs
+  if (Object.keys(kvIds).length > 0) {
+    log('\\n📝 Updating wrangler.toml with KV namespace IDs...\\n', colors.bright);
+
+    try {
+      wranglerContent = fs.readFileSync(wranglerTomlPath, 'utf-8');
+      let updatedCount = 0;
+
+      for (const [binding, id] of Object.entries(kvIds)) {
+        // Match pattern: binding = "BINDING_NAME"\\nid = "anything" (including placeholders)
+        const pattern = new RegExp(\`(binding = "\${binding}")\\\\s*\\\\nid = "[^"]*"\`, 'g');
+        const replacement = \`$1\\nid = "\${id}"\`;
+
+        const newContent = wranglerContent.replace(pattern, replacement);
+        if (newContent !== wranglerContent) {
+          updatedCount++;
+          log(\`  ✅ Updated \${binding} with ID: \${id}\`, colors.green);
+        }
+        wranglerContent = newContent;
+      }
+
+      fs.writeFileSync(wranglerTomlPath, wranglerContent);
+      log(\`\\n✅ Updated \${updatedCount} namespace ID(s) in wrangler.toml\`, colors.green);
+
+      // Show remaining placeholder IDs if any
+      const placeholderMatches = wranglerContent.match(/binding = "[^"]+"\\s*\\nid = "your_[^"]+"/g);
+      if (placeholderMatches) {
+        log('\\n⚠️  Some namespace IDs still have placeholders:', colors.yellow);
+        placeholderMatches.forEach(match => {
+          const bindingMatch = match.match(/binding = "([^"]+)"/);
+          if (bindingMatch) {
+            log(\`  - \${bindingMatch[1]}\`, colors.yellow);
+          }
+        });
+      }
+    } catch (error) {
+      log(\`❌ Failed to update wrangler.toml: \${error.message}\`, colors.red);
+    }
+  }
+
+  // 5. Create .dev.vars from example if it doesn't exist
+  const devVarsPath = path.join(__dirname, '..', '.dev.vars');
+  const devVarsExamplePath = path.join(__dirname, '..', '.dev.vars.example');
+
+  if (!fs.existsSync(devVarsPath) && fs.existsSync(devVarsExamplePath)) {
+    log('\\n📋 Creating .dev.vars from example...', colors.blue);
+    fs.copyFileSync(devVarsExamplePath, devVarsPath);
+    log('✅ Created .dev.vars - Please update with your values', colors.green);
+  }
+
+  // 6. Check if identity needs to be generated
+  if (fs.existsSync(devVarsPath)) {
+    const devVarsContent = fs.readFileSync(devVarsPath, 'utf-8');
+    if (devVarsContent.includes('your-private-key-here')) {
+      log('\\n🔑 Generating agent identity...', colors.blue);
+      try {
+        execSync('npx @kya-os/create-mcpi-app regenerate-identity', { stdio: 'inherit' });
+        log('✅ Identity generated successfully', colors.green);
+      } catch {
+        log('⚠️  Could not generate identity automatically. Run: npx @kya-os/create-mcpi-app regenerate-identity', colors.yellow);
+      }
+    }
+  }
+
+  // 7. Show next steps
+  log('\\n✨ Setup complete! Next steps:\\n', colors.bright + colors.green);
+  log('1. Review .dev.vars and add any missing values (AgentShield API key, etc.)', colors.blue);
+  log('2. Start development server: npm run dev', colors.blue);
+  log('3. Deploy to production: npm run deploy', colors.blue);
+  log('\\nUseful commands:', colors.bright);
+  log('  npm run dev                    - Start local development server');
+  log('  npm run deploy                 - Deploy to Cloudflare Workers');
+  log('  npm run kv:list                - List all KV namespaces');
+  log('  wrangler secret put <KEY>      - Set production secrets');
+  log('\\nFor more information, see the README.md file.\\n');
+
+  rl.close();
+}
+
+// Handle errors gracefully
+process.on('unhandledRejection', (error) => {
+  log(\`\\n❌ Setup failed: \${error.message}\`, colors.red);
+  process.exit(1);
+});
+
+// Run the setup
+setup().catch((error) => {
+  log(\`\\n❌ Setup failed: \${error.message}\`, colors.red);
+  process.exit(1);
+});
+`;
+    fs.writeFileSync(path.join(scriptsDir, "setup.js"), setupScriptContent);
+
+    // Make setup script executable
+    if (process.platform !== "win32") {
+      fs.chmodSync(path.join(scriptsDir, "setup.js"), "755");
+    }
+
+    // Create tests directory
+    const testsDir = path.join(projectPath, "tests");
+    fs.ensureDirSync(testsDir);
+
+    // Create delegation test file
+    const delegationTestContent = `import { describe, test, expect, vi, beforeEach } from 'vitest';
+
+/**
+ * Delegation Management Tests
+ * Tests delegation verification, caching, and invalidation
+ */
+describe('Delegation Management', () => {
+  const mockDelegationStorage = {
+    get: vi.fn(),
+    put: vi.fn(),
+    delete: vi.fn()
+  };
+
+  const mockVerificationCache = {
+    get: vi.fn(),
+    put: vi.fn(),
+    delete: vi.fn()
+  };
+
+  const mockEnv = {
+    ${className.toUpperCase()}_DELEGATION_STORAGE: mockDelegationStorage,
+    TOOL_PROTECTION_KV: mockVerificationCache,
+    AGENTSHIELD_API_KEY: 'test-key',
+    AGENTSHIELD_API_URL: 'https://test.agentshield.ai'
+  };
+
+  beforeEach(() => {
+    vi.clearAllMocks();
+    global.fetch = vi.fn();
+  });
+
+  test('should verify delegation token with AgentShield API', async () => {
+    const token = 'test-delegation-token';
+
+    // Mock verification cache miss
+    mockVerificationCache.get.mockResolvedValueOnce(null);
+
+    // Mock API success
+    global.fetch = vi.fn().mockResolvedValueOnce({
+      ok: true
+    });
+
+    // Test verification would happen here
+    expect(global.fetch).toHaveBeenCalledWith(
+      expect.stringContaining('/api/v1/bouncer/delegations/verify'),
+      expect.objectContaining({
+        method: 'POST',
+        body: JSON.stringify({ token })
+      })
+    );
+  });
+
+  test('should use 5-minute cache TTL for delegations', async () => {
+    const token = 'test-token';
+    const sessionId = 'test-session';
+
+    await mockDelegationStorage.put(
+      \`session:\${sessionId}\`,
+      token,
+      { expirationTtl: 300 } // 5 minutes
+    );
+
+    expect(mockDelegationStorage.put).toHaveBeenCalledWith(
+      expect.any(String),
+      token,
+      { expirationTtl: 300 }
+    );
+  });
+
+  test('should invalidate cache on revocation', async () => {
+    const sessionId = 'revoked-session';
+    const token = 'revoked-token';
+
+    // Test invalidation
+    await Promise.all([
+      mockDelegationStorage.delete(\`session:\${sessionId}\`),
+      mockVerificationCache.delete(\`verified:\${token.substring(0, 16)}\`)
+    ]);
+
+    expect(mockDelegationStorage.delete).toHaveBeenCalled();
+    expect(mockVerificationCache.delete).toHaveBeenCalled();
+  });
+});
+`;
+    fs.writeFileSync(
+      path.join(testsDir, "delegation.test.ts"),
+      delegationTestContent
+    );
+
+    // Create DO routing test file
+    const doRoutingTestContent = `import { describe, test, expect } from 'vitest';
+
+/**
+ * Durable Object Routing Tests
+ * Tests multi-instance DO routing for horizontal scaling
+ */
+describe('DO Multi-Instance Routing', () => {
+
+  function getDoInstanceId(request: Request, env: { DO_ROUTING_STRATEGY?: string; DO_SHARD_COUNT?: string }): string {
+    const strategy = env.DO_ROUTING_STRATEGY || 'session';
+    const headers = request.headers;
+
+    switch (strategy) {
+      case 'session': {
+        const sessionId = headers.get('mcp-session-id') ||
+                         headers.get('Mcp-Session-Id') ||
+                         crypto.randomUUID();
+        return \`session:\${sessionId}\`;
+      }
+
+      case 'shard': {
+        const identifier = headers.get('mcp-session-id') || Math.random().toString();
+        let hash = 0;
+        for (let i = 0; i < identifier.length; i++) {
+          hash = ((hash << 5) - hash) + identifier.charCodeAt(i);
+          hash = hash & hash;
+        }
+        const shardCount = parseInt(env.DO_SHARD_COUNT || '10');
+        // Validate shard count - must be a valid positive number
+        const validShardCount = (!isNaN(shardCount) && shardCount > 0) ? shardCount : 10;
+        const shard = Math.abs(hash) % validShardCount;
+        return \`shard:\${shard}\`;
+      }
+
+      default:
+        return 'default';
+    }
+  }
+
+  test('should route to different instances for different sessions', () => {
+    const env = { DO_ROUTING_STRATEGY: 'session' };
+
+    const req1 = new Request('http://test/mcp', {
+      headers: { 'mcp-session-id': 'session-123' }
+    });
+    const req2 = new Request('http://test/mcp', {
+      headers: { 'mcp-session-id': 'session-456' }
+    });
+
+    const id1 = getDoInstanceId(req1, env);
+    const id2 = getDoInstanceId(req2, env);
+
+    expect(id1).toBe('session:session-123');
+    expect(id2).toBe('session:session-456');
+    expect(id1).not.toBe(id2);
+  });
+
+  test('should distribute load across shards', () => {
+    const env = {
+      DO_ROUTING_STRATEGY: 'shard',
+      DO_SHARD_COUNT: '10'
+    };
+
+    const distribution = new Map<string, number>();
+
+    // Generate 100 requests
+    for (let i = 0; i < 100; i++) {
+      const req = new Request('http://test/mcp', {
+        headers: { 'mcp-session-id': \`session-\${i}\` }
+      });
+
+      const instanceId = getDoInstanceId(req, env);
+      const shard = instanceId.split(':')[1];
+
+      distribution.set(shard, (distribution.get(shard) || 0) + 1);
+    }
+
+    // Should use multiple shards
+    expect(distribution.size).toBeGreaterThan(5);
+  });
+});
+`;
+    fs.writeFileSync(
+      path.join(testsDir, "do-routing.test.ts"),
+      doRoutingTestContent
+    );
+
+    // Create security test file
+    const securityTestContent = `import { describe, test, expect } from 'vitest';
+
+/**
+ * Security Tests
+ * Tests CORS configuration and API key handling
+ */
+describe('Security Configuration', () => {
+
+  function getCorsOrigin(requestOrigin: string | null, env: { ALLOWED_ORIGINS?: string; MCPI_ENV?: string }): string | null {
+    const allowedOrigins = env.ALLOWED_ORIGINS?.split(',').map((o: string) => o.trim()) || [
+      'https://claude.ai',
+      'https://app.anthropic.com'
+    ];
+
+    if (env.MCPI_ENV !== 'production' && !allowedOrigins.includes('http://localhost:3000')) {
+      allowedOrigins.push('http://localhost:3000');
+    }
+
+    const origin = requestOrigin || '';
+    const isAllowed = allowedOrigins.includes(origin);
+
+    return isAllowed ? origin : allowedOrigins[0];
+  }
+
+  test('should allow Claude.ai by default', () => {
+    const env = {};
+    const origin = 'https://claude.ai';
+    const result = getCorsOrigin(origin, env);
+
+    expect(result).toBe(origin);
+  });
+
+  test('should reject unauthorized origins', () => {
+    const env = { MCPI_ENV: 'production' };
+    const origin = 'https://evil.com';
+    const result = getCorsOrigin(origin, env);
+
+    expect(result).toBe('https://claude.ai');
+    expect(result).not.toBe(origin);
+  });
+
+  test('should not expose API keys in wrangler.toml', () => {
+    // This test validates that API keys are only in .dev.vars
+    const wranglerContent = \`
+      [vars]
+      AGENTSHIELD_API_URL = "https://kya.vouched.id"
+      # AGENTSHIELD_API_KEY - Set securely
+    \`;
+
+    expect(wranglerContent).not.toContain('sk_');
+    expect(wranglerContent).toContain('Set securely');
+  });
+
+  test('should use short TTLs for security', () => {
+    const DELEGATION_TTL = 300; // 5 minutes
+    const VERIFICATION_TTL = 60; // 1 minute
+
+    expect(DELEGATION_TTL).toBeLessThanOrEqual(300);
+    expect(VERIFICATION_TTL).toBeLessThanOrEqual(60);
+  });
+});
+`;
+    fs.writeFileSync(
+      path.join(testsDir, "security.test.ts"),
+      securityTestContent
+    );
+
+    // Create vitest config file
+    const vitestConfigContent = `import { defineConfig } from 'vitest/config';
+
+export default defineConfig({
+  test: {
+    environment: 'miniflare',
+    environmentOptions: {
+      kvNamespaces: [
+        '${className.toUpperCase()}_NONCE_CACHE',
+        '${className.toUpperCase()}_PROOF_ARCHIVE',
+        '${className.toUpperCase()}_IDENTITY_STORAGE',
+        '${className.toUpperCase()}_DELEGATION_STORAGE',
+        '${className.toUpperCase()}_TOOL_PROTECTION_KV'
+      ],
+      durableObjects: {
+        ${className.toUpperCase()}_OBJECT: '${pascalClassName}MCP'
+      }
+    },
+    coverage: {
+      provider: 'v8',
+      reporter: ['text', 'html'],
+      exclude: ['node_modules/', 'tests/', '*.config.ts'],
+      thresholds: {
+        statements: 80,
+        branches: 70,
+        functions: 80,
+        lines: 80
+      }
+    }
+  }
+});
+`;
+    fs.writeFileSync(
+      path.join(projectPath, "vitest.config.ts"),
+      vitestConfigContent
+    );
+
+    // Create greet tool
+    const greetToolContent = `import { z } from "zod";
+
+/**
+ * Greet Tool - Example MCP tool with AgentShield integration
+ *
+ * This tool demonstrates proper scopeId configuration for tool auto-discovery.
+ *
+ * Configure the corresponding scope in mcpi-runtime-config.ts:
+ * \`\`\`typescript
+ * toolProtections: {
+ *   greet: {
+ *     requiresDelegation: false,
+ *     requiredScopes: ["greet:execute"],  // ← This becomes the scopeId in proofs
+ *   }
+ * }
+ * \`\`\`
+ *
+ * The scopeId format is "toolName:action":
+ * - Tool name: "greet" (extracted before the ":")
+ * - Action: "execute" (extracted after the ":")
+ * - Risk level: Auto-determined from action keyword (execute = high)
+ *
+ * Other scopeId examples:
+ * - "files:read" → Medium risk
+ * - "files:write" → High risk
+ * - "database:delete" → Critical risk
+ */
+export const greetTool = {
+  name: "greet",
+  description: "Greet a user by name",
+  inputSchema: z.object({
+    name: z.string().describe("The name of the user to greet")
+  }),
+  handler: async ({ name }: { name: string }) => {
+    return {
+      content: [
+        {
+          type: "text" as const,
+          text: \`Hello, \${name}! Welcome to your Cloudflare MCP server.\`
+        }
+      ]
+    };
+  }
+};
+`;
+    fs.writeFileSync(path.join(toolsDir, "greet.ts"), greetToolContent);
+
+    // Create mcpi-runtime-config.ts for AgentShield integration
+    const runtimeConfigContent = `import type { MCPIConfig } from '@kya-os/contracts/config';
+import type { CloudflareRuntimeConfig } from '@kya-os/mcp-i-cloudflare/config';
+import type { CloudflareEnv } from '@kya-os/mcp-i-cloudflare';
+import { buildBaseConfig } from '@kya-os/create-mcpi-app/config-builder';
+// Always import CloudflareRuntime for tool protection service creation
+import { CloudflareRuntime } from "@kya-os/mcp-i-cloudflare";
+
+/**
+ * Runtime configuration for MCP-I server
+ *
+ * This file configures runtime features like proof submission to AgentShield,
+ * delegation verification, and audit logging.
+ *
+ * Environment variables are automatically injected from wrangler.toml (Cloudflare)
+ * or .env (Node.js). Configure them there:
+ * - AGENTSHIELD_API_URL: AgentShield API base URL
+ * - AGENTSHIELD_API_KEY: Your AgentShield API key
+ * - MCPI_ENV: "development" or "production"
+ *
+ * Note: The service fetches tool protection config by agent DID automatically.
+ * No project ID configuration needed!
+ *
+ * This config uses the unified MCPIConfig architecture, ensuring the same
+ * base configuration shape across all platforms (Cloudflare, Node.js, Vercel).
+ */
+export function getRuntimeConfig(env: CloudflareEnv): CloudflareRuntimeConfig {
+  // Build base config that works across all platforms
+  const baseConfig = buildBaseConfig(env);
+
+  // Extend with Cloudflare-specific properties
+  return {
+    ...baseConfig,
+    // Identity configuration
+    identity: {
+      ...baseConfig.identity,
+      enabled: true,
+      environment: (env.ENVIRONMENT || env.MCPI_ENV || 'development') as 'development' | 'production'
+    },
+    // Proofing configuration
+    proofing: {
+      enabled: true,
+      batchQueue: {
+        destinations: [
+          {
+            type: "agentshield" as const,
+            apiUrl: env.AGENTSHIELD_API_URL || 'https://kya.vouched.id',
+            apiKey: env.AGENTSHIELD_API_KEY || ''
+          }
+        ],
+        maxBatchSize: 10,
+        flushIntervalMs: 5000,
+        maxRetries: 3,
+        debug: (env.ENVIRONMENT || env.MCPI_ENV || 'development') === 'development'
+      }
+    },
+    // Delegation configuration
+    delegation: {
+      ...baseConfig.delegation
+    },
+    // Audit configuration
+    audit: {
+      ...baseConfig.audit
+    },
+    // Cloudflare Workers-specific configuration
+    workers: {
+      cpuMs: 50,
+      memoryMb: 128
+    },
+    // KV namespace bindings
+    kv: env.TOOL_PROTECTION_KV ? [{
+      name: 'TOOL_PROTECTION_KV',
+      purpose: 'cache' as const
+    }] : [],
+    // Environment variable bindings
+    vars: {
+      ENVIRONMENT: env.ENVIRONMENT || env.MCPI_ENV || 'development',
+      AGENTSHIELD_API_KEY: env.AGENTSHIELD_API_KEY
+    },
+    // Tool protection service (Cloudflare-specific)
+    toolProtection: env.TOOL_PROTECTION_KV && env.AGENTSHIELD_API_KEY ? {
+      source: 'agentshield' as const,
+      agentShield: {
+        apiUrl: env.AGENTSHIELD_API_URL || 'https://kya.vouched.id',
+        apiKey: env.AGENTSHIELD_API_KEY,
+        projectId: env.AGENTSHIELD_PROJECT_ID,
+        cacheTtl: 300000 // 5 minutes
+      },
+      fallback: {
+        greet: {
+          requiresDelegation: false,
+          requiredScopes: ['greet:execute']
+        }
+      }
+    } : undefined
+  } as CloudflareRuntimeConfig;
+}
+`;
+    fs.writeFileSync(
+      path.join(srcDir, "mcpi-runtime-config.ts"),
+      runtimeConfigContent
+    );
+
+    // Create main index.ts using McpAgent with MCP-I runtime
+    const indexContent = `import { McpAgent } from "agents/mcp";
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { createCloudflareRuntime, type CloudflareEnv, KVProofArchive, type DetachedProof, createOAuthCallbackHandler, CloudflareRuntime } from "@kya-os/mcp-i-cloudflare";
+import { DelegationRequiredError } from "@kya-os/mcp-i-core";
+import type { ToolProtectionService } from "@kya-os/mcp-i-core";
+import { Hono } from "hono";
+import { cors } from "hono/cors";
+import { greetTool } from "./tools/greet";
+import { getRuntimeConfig } from "./mcpi-runtime-config";
+import type { CloudflareRuntimeConfig } from "@kya-os/mcp-i-cloudflare/config";
+
+/**
+ * Extended CloudflareEnv with prefixed KV bindings for multi-agent deployments
+ * This allows multiple agents to share the same Cloudflare account without conflicts
+ */
+interface PrefixedCloudflareEnv extends CloudflareEnv {
+  // Prefixed KV bindings (e.g., MYAGENT_NONCE_CACHE, MYAGENT_PROOF_ARCHIVE)
+  [key: string]: KVNamespace | string | DurableObjectState | undefined;
+  // Optional routing configuration
+  DO_ROUTING_STRATEGY?: string;
+  DO_SHARD_COUNT?: string;
+  // Prefixed KV namespaces (dynamically accessed)
+  ${className.toUpperCase()}_NONCE_CACHE?: KVNamespace;
+  ${className.toUpperCase()}_PROOF_ARCHIVE?: KVNamespace;
+  ${className.toUpperCase()}_IDENTITY_STORAGE?: KVNamespace;
+  ${className.toUpperCase()}_DELEGATION_STORAGE?: KVNamespace;
+  ${className.toUpperCase()}_TOOL_PROTECTION_KV?: KVNamespace;
+}
+
+export class ${pascalClassName}MCP extends McpAgent {
+  server = new McpServer({
+    name: "${projectName}",
+    version: "1.0.0"
+  });
+
+  private mcpiRuntime?: ReturnType<typeof createCloudflareRuntime>;
+  private proofArchive?: KVProofArchive;
+  private agentShieldConfig?: { apiUrl: string; apiKey: string };
+  private env: PrefixedCloudflareEnv;
+  private mcpServerUrl?: string;
+
+  constructor(state: DurableObjectState, env: PrefixedCloudflareEnv) {
+    super(state, env);
+    this.env = env;
+
+    // Create CloudflareEnv adapter to map prefixed KV bindings to expected names
+    // This allows multiple agents to be deployed without KV namespace conflicts
+    const mappedEnv: CloudflareEnv = {
+      // Map prefixed bindings to standard names expected by createCloudflareRuntime
+      NONCE_CACHE: env.${className.toUpperCase()}_NONCE_CACHE,
+      PROOF_ARCHIVE: env.${className.toUpperCase()}_PROOF_ARCHIVE,
+      IDENTITY_STORAGE: env.${className.toUpperCase()}_IDENTITY_STORAGE,
+      DELEGATION_STORAGE: env.${className.toUpperCase()}_DELEGATION_STORAGE,
+      TOOL_PROTECTION_KV: env.${className.toUpperCase()}_TOOL_PROTECTION_KV,
+      // Pass through environment variables unchanged
+      MCP_IDENTITY_PRIVATE_KEY: env.MCP_IDENTITY_PRIVATE_KEY,
+      MCP_IDENTITY_PUBLIC_KEY: env.MCP_IDENTITY_PUBLIC_KEY,
+      MCP_IDENTITY_AGENT_DID: env.MCP_IDENTITY_AGENT_DID,
+      // Pass through other env vars for runtime config
+      AGENTSHIELD_API_URL: env.AGENTSHIELD_API_URL,
+      AGENTSHIELD_API_KEY: env.AGENTSHIELD_API_KEY,
+      AGENTSHIELD_PROJECT_ID: env.AGENTSHIELD_PROJECT_ID,
+      MCPI_ENV: env.MCPI_ENV,
+      MCP_SERVER_URL: env.MCP_SERVER_URL,
+      // Pass Durable Object state for identity persistence
+      // NOTE: Without this, identity will be ephemeral (new DID every call)!
+      // Note: createCloudflareRuntime will automatically use KVIdentityProvider if IDENTITY_STORAGE KV is available
+      _durableObjectState: state,
+    };
+
+    // Store MCP server URL for proof submission context
+    this.mcpServerUrl = env.MCP_SERVER_URL;
+    if (this.mcpServerUrl) {
+      console.log('[MCP-I] MCP Server URL configured:', this.mcpServerUrl);
+    } else {
+      console.log('[MCP-I] Warning: MCP_SERVER_URL not configured');
+    }
+
+    // Load runtime configuration for AgentShield integration
+    // Pass mappedEnv so it can access KV bindings with standard names
+    const runtimeConfig = getRuntimeConfig(mappedEnv);
+
+    // ✅ Create tool protection service helper function
+    // Always import CloudflareRuntime but conditionally instantiate
+    function createToolProtectionService(env: CloudflareEnv, runtimeConfig: CloudflareRuntimeConfig): ToolProtectionService | undefined {
+      if (!runtimeConfig.toolProtection) {
+        return undefined;
+      }
+
+      if (!env.TOOL_PROTECTION_KV || !env.AGENTSHIELD_API_KEY) {
+        console.log('[MCP-I] Tool protection disabled - configure TOOL_PROTECTION_KV and AGENTSHIELD_API_KEY to enable');
+        return undefined;
+      }
+
+      return CloudflareRuntime.createToolProtectionService(
+        env.TOOL_PROTECTION_KV,
+        {
+          apiUrl: runtimeConfig.toolProtection.agentShield?.apiUrl || env.AGENTSHIELD_API_URL || 'https://kya.vouched.id',
+          apiKey: env.AGENTSHIELD_API_KEY,
+          projectId: runtimeConfig.toolProtection.agentShield?.projectId || env.AGENTSHIELD_PROJECT_ID,
+          cacheTtl: runtimeConfig.toolProtection.agentShield?.cacheTtl || 300000,
+          debug: runtimeConfig.environment === 'development',
+          fallbackConfig: runtimeConfig.toolProtection.fallback
+        }
+      );
+    }
+
+    // Create tool protection service if configured
+    // Note: createCloudflareRuntime will automatically use KVIdentityProvider if IDENTITY_STORAGE KV is available
+    const toolProtectionService = createToolProtectionService(mappedEnv, runtimeConfig);
+
+    // Initialize MCP-I runtime for cryptographic proofs and identity
+    this.mcpiRuntime = createCloudflareRuntime({
+      env: mappedEnv,
+      environment: runtimeConfig.environment,
+      audit: {
+        enabled: runtimeConfig.audit?.enabled ?? true,
+        logFunction: runtimeConfig.audit?.logFunction || ((record) => console.log('[MCP-I Audit]', record))
+      },
+      toolProtectionService
+    });
+
+    // Initialize proof archive if PROOF_ARCHIVE KV is available
+    if (mappedEnv.PROOF_ARCHIVE) {
+      this.proofArchive = new KVProofArchive(mappedEnv.PROOF_ARCHIVE);
+      console.log('[MCP-I] Proof archive enabled');
+    }
+
+    // Load AgentShield config for proof submission
+    if (runtimeConfig.proofing?.enabled && runtimeConfig.proofing.batchQueue) {
+      const agentShieldDest = runtimeConfig.proofing.batchQueue.destinations?.find(
+        (dest) => dest.type === "agentshield" && dest.apiKey
+      );
+      if (agentShieldDest) {
+        this.agentShieldConfig = {
+          apiUrl: agentShieldDest.apiUrl,
+          apiKey: agentShieldDest.apiKey!
+        };
+        console.log('[MCP-I] AgentShield enabled:', agentShieldDest.apiUrl);
+      }
+    }
+  }
+
+  /**
+   * Override getInstanceId() to enable multi-instance Durable Object routing
+   *
+   * This method is called internally by McpAgent to determine which DO instance
+   * should handle the request. By overriding it, we can implement custom routing
+   * strategies (session-based, shard-based, etc.) while maintaining full
+   * McpAgent compatibility and preserving PartyServer routing context.
+   *
+   * @returns Instance ID used by McpAgent for DO routing
+   */
+  getInstanceId(): string {
+    try {
+      // Get session ID from McpAgent's built-in extraction
+      const sessionId = this.getSessionId();
+
+      // Get routing strategy from environment (default: session)
+      const strategy = this.env.DO_ROUTING_STRATEGY || 'session';
+
+      if (strategy === 'session') {
+        // One DO instance per MCP session (recommended for most use cases)
+        // Sessions are isolated, ensuring data consistency per client
+        return \`session:\${sessionId}\`;
+      } else if (strategy === 'shard') {
+        // Hash-based sharding across N DO instances (for high load)
+        // Distributes load evenly while maintaining session affinity
+        const shardCount = parseInt(this.env.DO_SHARD_COUNT || '10');
+        // Validate shard count - must be a valid positive number
+        const validShardCount = (!isNaN(shardCount) && shardCount > 0) ? shardCount : 10;
+
+        // Simple hash function for session ID
+        let hash = 0;
+        for (let i = 0; i < sessionId.length; i++) {
+          hash = ((hash << 5) - hash) + sessionId.charCodeAt(i);
+          hash = hash & hash; // Convert to 32bit integer
+        }
+
+        const shard = Math.abs(hash) % validShardCount;
+        return \`shard:\${shard}\`;
+      }
+
+      // Fallback to single instance (legacy behavior)
+      return 'default';
+    } catch (error) {
+      // If session extraction fails, fall back to default instance
+      console.error('[DO Routing] Failed to extract session ID:', error);
+      return 'default';
+    }
+  }
+
+  /**
+   * Retrieve delegation token from KV storage
+   * Uses two-tier lookup: session cache (fast) → agent DID (stable)
+   *
+   * @param sessionId - MCP session ID from Claude Desktop
+   * @returns Delegation token if found, null otherwise
+   */
+  private async getDelegationToken(sessionId?: string): Promise<string | null> {
+    const delegationStorage = this.env.${className.toUpperCase()}_DELEGATION_STORAGE;
+
+    if (!delegationStorage) {
+      console.log('[Delegation] No delegation storage configured');
+      return null;
+    }
+
+    try {
+      // Fast path: Try session cache first
+      if (sessionId) {
+        const sessionKey = \`session:\${sessionId}\`;
+        const sessionToken = await delegationStorage.get(sessionKey);
+
+        if (sessionToken) {
+          // Verify token is still valid before returning
+          const isValid = await this.verifyDelegationWithAgentShield(sessionToken);
+          if (isValid) {
+            console.log('[Delegation] ✅ Token retrieved from session cache and verified');
+            return sessionToken;
+          } else {
+            // Token invalid, remove from cache
+            await this.invalidateDelegationCache(sessionId, sessionToken);
+            console.log('[Delegation] ⚠️ Cached token was invalid, removed from cache');
+          }
+        }
+      }
+
+      // Fallback: Try agent DID (stable across session changes)
+      if (this.mcpiRuntime) {
+        const identity = await this.mcpiRuntime.getIdentity();
+        if (identity?.did) {
+          const agentKey = \`agent:\${identity.did}:delegation\`;
+          const agentToken = await delegationStorage.get(agentKey);
+
+          if (agentToken) {
+            // Verify token is still valid before returning
+            const isValid = await this.verifyDelegationWithAgentShield(agentToken);
+            if (isValid) {
+              console.log('[Delegation] ✅ Token retrieved using agent DID and verified');
+
+              // Re-cache for current session (performance optimization)
+              if (sessionId) {
+                const sessionCacheKey = \`session:\${sessionId}\`;
+                await delegationStorage.put(sessionCacheKey, agentToken, {
+                  expirationTtl: 300 // 5 minutes for security (reduced from 30)
+                });
+                console.log('[Delegation] Token cached for session with 5-minute TTL:', sessionId);
+              }
+
+              return agentToken;
+            } else {
+              // Token invalid, remove from cache
+              await this.invalidateDelegationCache(sessionId, agentToken, identity.did);
+              console.log('[Delegation] ⚠️ Agent token was invalid, removed from cache');
+            }
+          }
+        }
+      }
+
+      console.log('[Delegation] No delegation token found');
+      return null;
+    } catch (error) {
+      console.error('[Delegation] Failed to retrieve token:', error);
+      return null;
+    }
+  }
+
+  /**
+   * Verify delegation token with AgentShield API
+   * @param token - Delegation token to verify
+   * @returns True if token is valid, false otherwise
+   */
+  private async verifyDelegationWithAgentShield(token: string): Promise<boolean> {
+    // Check verification cache first (1 minute TTL for verified tokens)
+    const verificationCache = this.env.TOOL_PROTECTION_KV;
+    if (verificationCache) {
+      const cacheKey = \`verified:\${token.substring(0, 16)}\`; // Use prefix to avoid key size issues
+      const cached = await verificationCache.get(cacheKey);
+      if (cached === '1') {
+        console.log('[Delegation] Token verification cached as valid');
+        return true;
+      }
+    }
+
+    try {
+      const agentShieldUrl = this.env.AGENTSHIELD_API_URL || 'https://kya.vouched.id';
+      const apiKey = this.env.AGENTSHIELD_API_KEY;
+
+      if (!apiKey) {
+        console.warn('[Delegation] No AgentShield API key configured, skipping verification');
+        return true; // Allow in development without API key
+      }
+
+      // Verify with AgentShield API
+      const response = await fetch(\`\${agentShieldUrl}/api/v1/bouncer/delegations/verify\`, {
+        method: 'POST',
+        headers: {
+          'Authorization': \`Bearer \${apiKey}\`,
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify({ token })
+      });
+
+      if (response.ok) {
+        // Cache successful verification for 1 minute
+        if (verificationCache) {
+          const cacheKey = \`verified:\${token.substring(0, 16)}\`;
+          await verificationCache.put(cacheKey, '1', {
+            expirationTtl: 60 // 1 minute cache for verified tokens
+          });
+        }
+        console.log('[Delegation] Token verified successfully with AgentShield');
+        return true;
+      }
+
+      if (response.status === 401 || response.status === 403) {
+        console.log('[Delegation] Token verification failed: unauthorized');
+        return false;
+      }
+
+      console.warn('[Delegation] Token verification returned unexpected status:', response.status);
+      return false; // Fail closed for security
+
+    } catch (error) {
+      console.error('[Delegation] Error verifying token with AgentShield:', error);
+      return false; // Fail closed on errors
+    }
+  }
+
+  /**
+   * Invalidate delegation token in all caches
+   * @param sessionId - Session ID to clear
+   * @param token - Token to invalidate
+   * @param agentDid - Agent DID to clear
+   */
+  private async invalidateDelegationCache(sessionId?: string, token?: string, agentDid?: string): Promise<void> {
+    const delegationStorage = this.env.${className.toUpperCase()}_DELEGATION_STORAGE;
+    const verificationCache = this.env.TOOL_PROTECTION_KV;
+
+    if (!delegationStorage) return;
+
+    const deletions: Promise<void>[] = [];
+
+    // Clear session cache
+    if (sessionId) {
+      const sessionKey = \`session:\${sessionId}\`;
+      deletions.push(delegationStorage.delete(sessionKey));
+    }
+
+    // Clear agent cache
+    if (agentDid) {
+      const agentKey = \`agent:\${agentDid}:delegation\`;
+      deletions.push(delegationStorage.delete(agentKey));
+    }
+
+    // Clear verification cache
+    if (token && verificationCache) {
+      const cacheKey = \`verified:\${token.substring(0, 16)}\`;
+      deletions.push(verificationCache.delete(cacheKey));
+    }
+
+    await Promise.all(deletions);
+    console.log('[Delegation] Cache invalidated for revoked/invalid token');
+  }
+
+  /**
+   * Submit proof to AgentShield API
+   * Uses the proof.jws directly (full JWS format from CloudflareRuntime)
+   *
+   * Also submits optional context for AgentShield dashboard integration.
+   * Context provides plaintext tool/args data while proof provides cryptographic verification.
+   */
+  private async submitProofToAgentShield(
+    proof: DetachedProof,
+    session: { id: string },
+    toolName: string,
+    args: Record<string, unknown>,
+    result: unknown
+  ): Promise<void> {
+    if (!this.agentShieldConfig || !proof.jws || !proof.meta) return;
+
+    const { apiUrl, apiKey } = this.agentShieldConfig;
+
+    // Get tool call context from runtime (if available)
+    const toolCallContext = this.mcpiRuntime?.getLastToolCallContext();
+
+    // Proof already has correct format from CloudflareRuntime
+    // Adding optional context for AgentShield dashboard (Option A architecture)
+    const requestBody = {
+      session_id: session.id,
+      delegation_id: null,
+      proofs: [{
+        jws: proof.jws,  // Already in full JWS format
+        meta: proof.meta  // Already has all required fields
+      }],
+      // ✅ NEW: Optional context for dashboard integration
+      context: {
+        toolCalls: toolCallContext ? [toolCallContext] : [{
+          // Fallback if context not available from runtime
+          tool: toolName,
+          args: args,
+          result: result,
+          scopeId: proof.meta.scopeId || \`\${toolName}:execute\`
+        }],
+        // ✅ NEW: MCP server URL for tool discovery (optional, only needed once)
+        mcpServerUrl: this.mcpServerUrl
+      }
+    };
+
+    console.log('[AgentShield] Submitting proof with context:', {
+      did: proof.meta.did,
+      sessionId: proof.meta.sessionId,
+      jwsFormat: proof.jws.split('.').length === 3 ? 'valid (3 parts)' : 'invalid',
+      contextTool: requestBody.context.toolCalls[0]?.tool,
+      contextScopeId: requestBody.context.toolCalls[0]?.scopeId,
+      mcpServerUrl: requestBody.context.mcpServerUrl || 'not-set'
+    });
+
+    const response = await fetch(\`\${apiUrl}/api/v1/bouncer/proofs\`, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': \`Bearer \${apiKey}\`
+      },
+      body: JSON.stringify(requestBody)
+    });
+
+    if (!response.ok) {
+      const errorText = await response.text();
+      console.error('[AgentShield] Submission failed:', response.status, errorText);
+      throw new Error(\`AgentShield error: \${response.status}\`);
+    }
+
+    const responseData = await response.json() as { success?: boolean; received?: number; processed?: number; accepted?: number; rejected?: number; errors?: Array<{ proofId: string; error: string }> };
+    console.log('[AgentShield] Response:', responseData);
+
+    if (responseData.accepted) {
+      console.log('[AgentShield] ✅ Proofs accepted:', responseData.accepted);
+    }
+    if (responseData.rejected) {
+      console.log('[AgentShield] ❌ Proofs rejected:', responseData.rejected);
+    }
+  }
+
+  async init() {
+    // Initialize MCP-I runtime (generates/loads identity, sets up nonce cache)
+    await this.mcpiRuntime?.initialize();
+
+    const identity = await this.mcpiRuntime?.getIdentity();
+    console.log('[MCP-I] Initialized with DID:', identity?.did);
+
+    this.server.tool(
+      greetTool.name,
+      greetTool.description,
+      greetTool.inputSchema.shape,
+      async (args: { name: string }) => {
+        // Use MCP-I runtime's processToolCall for automatic proof generation
+        if (this.mcpiRuntime) {
+          try {
+            // Read MCP session ID from Claude Desktop (via agents framework)
+            let mcpSessionId: string | undefined;
+            try {
+              mcpSessionId = this.getSessionId();
+              console.log('[Delegation] Session ID from agents framework:', mcpSessionId);
+            } catch (error) {
+              console.log('[Delegation] Failed to get session ID from framework:', error);
+              mcpSessionId = undefined;
+            }
+
+            // Retrieve delegation token if available
+            const delegationToken = await this.getDelegationToken(mcpSessionId);
+
+            // Create session with proper ID (use actual session ID when available)
+            const timestamp = Date.now();
+            const sessionId = mcpSessionId || \`ephemeral-\${timestamp}-\${Math.random().toString(36).substring(2, 10)}\`;
+
+            const session = {
+              id: sessionId,  // Use actual session ID from Claude Desktop
+              audience: 'https://kya.vouched.id',  // CRITICAL: Must match AgentShield domain
+              agentDid: (await this.mcpiRuntime.getIdentity()).did,
+              createdAt: timestamp,
+              expiresAt: timestamp + (30 * 60 * 1000), // 30 minutes
+              delegationToken  // Include delegation token if available
+            };
+
+            // Execute tool with automatic proof generation
+            const result = await this.mcpiRuntime.processToolCall(
+              greetTool.name,
+              args,
+              greetTool.handler,
+              session
+            );
+
+            // Get proof in DetachedProof format
+            const proof = this.mcpiRuntime.getLastProof() as DetachedProof;
+
+            if (proof && proof.jws && proof.meta) {
+              // Log proof details (using DetachedProof format)
+              console.log('[MCP-I Proof]', {
+                tool: greetTool.name,
+                did: proof.meta.did,
+                timestamp: proof.meta.ts,
+                jws: proof.jws.substring(0, 50) + '...',
+                jwsValid: proof.jws.split('.').length === 3
+              });
+
+              // Parallelize proof operations for better performance
+              const proofOperations: Promise<void>[] = [];
+
+              // Add proof archive operation
+              if (this.proofArchive) {
+                proofOperations.push(
+                  this.proofArchive.store(proof, {
+                    toolName: greetTool.name
+                  }).then(() => {
+                    console.log('[MCP-I] Proof stored in archive');
+                  }).catch((archiveError: unknown) => {
+                    console.error('[MCP-I] Archive error:', archiveError instanceof Error ? archiveError.message : String(archiveError));
+                  })
+                );
+              }
+
+              // Add AgentShield submission operation
+              if (this.agentShieldConfig) {
+                proofOperations.push(
+                  this.submitProofToAgentShield(proof, session, greetTool.name, args, result)
+                    .catch((err: unknown) => {
+                      console.error('[MCP-I] AgentShield failed:', err instanceof Error ? err.message : String(err));
+                    })
+                );
+              }
+
+              // Execute all proof operations in parallel for better performance
+              if (proofOperations.length > 0) {
+                await Promise.allSettled(proofOperations);
+              }
+
+              // Attach proof to result for MCP Inspector
+              if (result && typeof result === 'object' && result !== null) {
+                (result as Record<string, unknown>)._meta = {
+                  proof: {
+                    jws: proof.jws,
+                    did: proof.meta.did,
+                    kid: proof.meta.kid,
+                    timestamp: proof.meta.ts,
+                    nonce: proof.meta.nonce,
+                    sessionId: proof.meta.sessionId,
+                    requestHash: proof.meta.requestHash,
+                    responseHash: proof.meta.responseHash
+                  }
+                };
+              }
+            }
+
+            return result;
+          } catch (error: unknown) {
+            // If this is a DelegationRequiredError, re-throw it so the MCP framework can handle it properly
+            // The agents/mcp framework will format it as a proper error response to Claude Desktop
+            if (error instanceof DelegationRequiredError) {
+              console.warn('[MCP-I] Delegation required, propagating error:', {
+                tool: error.toolName,
+                requiredScopes: error.requiredScopes,
+                consentUrl: error.consentUrl
+              });
+              throw error;
+            }
+            // Check for DelegationRequiredError by name (for cases where error is not instanceof)
+            if (error && typeof error === 'object' && 'name' in error && error.name === 'DelegationRequiredError') {
+              const delegationError = error as DelegationRequiredError;
+              console.warn('[MCP-I] Delegation required, propagating error:', {
+                tool: delegationError.toolName,
+                requiredScopes: delegationError.requiredScopes,
+                consentUrl: delegationError.consentUrl
+              });
+              throw error;
+            }
+            
+            // For other errors, log and fallback to direct execution
+            console.error('[MCP-I] Failed to process tool with runtime:', error);
+            // Fallback to direct execution
+            return await greetTool.handler(args);
+          }
+        }
+
+        // Fallback if runtime not available
+        return await greetTool.handler(args);
+      }
+    );
+  }
+}
+
+const app = new Hono();
+
+// Secure CORS configuration
+app.use("/*", (c, next) => {
+  const allowedOrigins = c.env.ALLOWED_ORIGINS?.split(',').map((o: string) => o.trim()) || [
+    'https://claude.ai',
+    'https://app.anthropic.com'
+  ];
+
+  // Add localhost for development if not in production
+  if (c.env.MCPI_ENV !== 'production' && !allowedOrigins.includes('http://localhost:3000')) {
+    allowedOrigins.push('http://localhost:3000');
+  }
+
+  const origin = c.req.header('Origin') || '';
+  const isAllowed = allowedOrigins.includes(origin);
+
+  return cors({
+    origin: isAllowed ? origin : allowedOrigins[0], // Default to first allowed origin if not matched
+    allowMethods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
+    allowHeaders: ["Content-Type", "Authorization", "mcp-session-id", "Mcp-Session-Id", "mcp-protocol-version"],
+    exposeHeaders: ["mcp-session-id", "Mcp-Session-Id"],
+    credentials: true,
+  })(c, next);
+});
+
+app.get("/health", (c) => c.json({
+  status: 'healthy',
+  timestamp: new Date().toISOString(),
+  transport: { sse: '/sse', streamableHttp: '/mcp' }
+}));
+
+/**
+ * Admin endpoint to clear tool protection cache
+ *
+ * This allows AgentShield dashboard to invalidate cached tool protection
+ * config immediately after changing delegation requirements.
+ *
+ * The API key is validated by making a test call to AgentShield API.
+ *
+ * Usage:
+ *   POST /admin/clear-cache
+ *   Headers: Authorization: Bearer <AGENTSHIELD_ADMIN_API_KEY>
+ *   Body: { "agent_did": "did:key:z6Mk..." }
+ *
+ * Response:
+ *   { "success": true, "message": "Cache cleared", "agent_did": "..." }
+ */
+app.post("/admin/clear-cache", async (c) => {
+  const env = c.env as PrefixedCloudflareEnv;
+
+  // Parse request body first to get agent_did
+  const body = await c.req.json().catch(() => ({}));
+  const agentDid = body.agent_did;
+
+  if (!agentDid || typeof agentDid !== 'string') {
+    return c.json({
+      success: false,
+      error: "Bad Request - agent_did required in body"
+    }, 400);
+  }
+
+  // Extract API key from Authorization header
+  const authHeader = c.req.header("Authorization");
+  if (!authHeader || !authHeader.startsWith("Bearer ")) {
+    return c.json({
+      success: false,
+      error: "Unauthorized - Missing or invalid Authorization header"
+    }, 401);
+  }
+
+  const apiKey = authHeader.slice(7); // Remove "Bearer " prefix
+
+  // Validate API key by making a test call to AgentShield
+  // Use the bouncer config endpoint as the validation mechanism
+  const agentShieldUrl = env.AGENTSHIELD_API_URL || "https://kya.vouched.id";
+  const validationUrl = \`\${agentShieldUrl}/api/v1/bouncer/config?agent_did=\${encodeURIComponent(agentDid)}\`;
+
+  try {
+    const validationResponse = await fetch(validationUrl, {
+      method: 'GET',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': \`Bearer \${apiKey}\`
+      }
+    });
+
+    if (!validationResponse.ok) {
+      console.warn('[Admin] API key validation failed:', validationResponse.status);
+      return c.json({
+        success: false,
+        error: "Unauthorized - Invalid API key"
+      }, 401);
+    }
+
+    // API key is valid, proceed to clear cache
+    console.log('[Admin] API key validated successfully');
+  } catch (error) {
+    console.error('[Admin] API key validation error:', error);
+    return c.json({
+      success: false,
+      error: "Failed to validate API key with AgentShield"
+    }, 500);
+  }
+
+  // Clear cache from KV
+  // Cache key format: KVToolProtectionCache uses 'tool-protection:' prefix + agentDid
+  // Since we're accessing KV directly (not through cache service), we need the full key
+  const cacheKey = \`tool-protection:\${agentDid}\`;
+  const kvNamespace = env.${className.toUpperCase()}_TOOL_PROTECTION_KV;
+
+  if (!kvNamespace) {
+    return c.json({
+      success: false,
+      error: "Tool protection KV namespace not configured"
+    }, 500);
+  }
+
+  try {
+    // Log before and after for debugging
+    const before = await kvNamespace.get(cacheKey);
+    await kvNamespace.delete(cacheKey);
+    const after = await kvNamespace.get(cacheKey);
+    
+    console.log('[Admin] Cache clear operation', {
+      agentDid: agentDid.slice(0, 20) + '...',
+      cacheKey,
+      hadValue: !!before,
+      cleared: !after,
+    });
+    
+    return c.json({
+      success: true,
+      message: "Cache cleared successfully. Next tool call will fetch fresh config from AgentShield.",
+      agent_did: agentDid,
+      cache_key: cacheKey,
+      had_value: !!before,
+    });
+  } catch (error) {
+    console.error('[Admin] Failed to clear cache:', error);
+    return c.json({
+      success: false,
+      error: "Internal error clearing cache",
+      details: error instanceof Error ? error.message : String(error)
+    }, 500);
+  }
+});
+
+/**
+ * OAuth Authorization Code Flow callback handler
+ *
+ * Handles the redirect from AgentShield after user approves delegation.
+ * Exchanges authorization code for delegation token and stores in KV.
+ *
+ * This endpoint is called by AgentShield after user approves delegation:
+ * 1. Receives authorization code and state from query params
+ * 2. Exchanges code for delegation token with AgentShield API
+ * 3. Stores token in KV with session ID as key
+ * 4. Returns success page to user
+ */
+app.get('/oauth/callback', (c) => {
+  const env = c.env as PrefixedCloudflareEnv;
+  return createOAuthCallbackHandler({
+    agentShieldApiUrl: env.AGENTSHIELD_API_URL || 'https://kya.vouched.id',
+    delegationStorage: env.${className.toUpperCase()}_DELEGATION_STORAGE,
+    autoClose: true,
+    autoCloseDelay: 5000
+  })(c);
+});
+
+// Multi-instance DO routing using McpAgent's getInstanceId() override
+// The ${pascalClassName}MCP class overrides getInstanceId() to enable session-based
+// or shard-based routing while preserving PartyServer compatibility.
+//
+// Routing strategies (configured via DO_ROUTING_STRATEGY env var):
+//   - 'session' (default): One DO per MCP session - ensures data isolation
+//   - 'shard': Hash-based distribution across N shards - for high load
+//
+// McpAgent automatically routes to the correct DO instance using the ID
+// returned by getInstanceId(), maintaining full routing context.
+app.mount("/sse", ${pascalClassName}MCP.serveSSE("/sse").fetch, { replaceRequest: false });
+app.mount("/mcp", ${pascalClassName}MCP.serve("/mcp").fetch, { replaceRequest: false });
+
+export default app;
+`;
+    fs.writeFileSync(path.join(srcDir, "index.ts"), indexContent);
+
+    // Create wrangler.toml with optional API key
+    const wranglerContent = `#:schema node_modules/wrangler/config-schema.json
+name = "${projectName}"
+main = "src/index.ts"
+compatibility_date = "2025-06-18"
+compatibility_flags = ["nodejs_compat"]
+
+[[durable_objects.bindings]]
+name = "MCP_OBJECT"
+class_name = "${pascalClassName}MCP"
+
+[[migrations]]
+tag = "v1"
+new_sqlite_classes = ["${pascalClassName}MCP"]
+
+# KV Namespace for nonce cache (REQUIRED for replay attack prevention)
+#
+# RECOMMENDED: Share a single NONCE_CACHE namespace across all MCP-I workers
+# This namespace is automatically created by the setup script (npm run setup)
+# If you need to recreate it: npm run kv:create-nonce
+[[kv_namespaces]]
+binding = "${className.toUpperCase()}_NONCE_CACHE"
+id = "your_nonce_kv_namespace_id"  # Auto-filled by setup script
+
+# KV Namespace for proof archive (RECOMMENDED for auditability)
+#
+# Stores detached cryptographic proofs for all tool calls
+# Enables proof querying, session tracking, and audit trails
+# This namespace is automatically created by the setup script (npm run setup)
+# If you need to recreate it: npm run kv:create-proof
+#
+# Note: Comment out if you don't need proof archiving
+[[kv_namespaces]]
+binding = "${className.toUpperCase()}_PROOF_ARCHIVE"
+id = "your_proof_kv_namespace_id"  # Auto-filled by setup script
+
+# KV Namespace for identity storage (RECOMMENDED for persistent agent identity)
+#
+# Stores the agent's cryptographic identity (DID, keys) in KV
+# Ensures consistent identity across Worker restarts and deployments
+# This namespace is automatically created by the setup script (npm run setup)
+# If you need to recreate it: npm run kv:create-identity
+[[kv_namespaces]]
+binding = "${className.toUpperCase()}_IDENTITY_STORAGE"
+id = "your_identity_kv_namespace_id"  # Auto-filled by setup script
+
+# KV Namespace for delegation storage (REQUIRED for OAuth/delegation flows)
+#
+# Stores active delegations from users to agents
+# Enables OAuth consent flows and scope-based authorization
+# This namespace is automatically created by the setup script (npm run setup)
+# If you need to recreate it: npm run kv:create-delegation
+[[kv_namespaces]]
+binding = "${className.toUpperCase()}_DELEGATION_STORAGE"
+id = "your_delegation_kv_namespace_id"  # Auto-filled by setup script
+
+# KV Namespace for tool protection config (${apikey ? "ENABLED" : "OPTIONAL"} for dashboard-controlled delegation)
+#
+# 🆕 Enables dynamic tool protection configuration from AgentShield dashboard
+# Caches which tools require user delegation based on dashboard toggle switches
+#
+# Benefits:
+# - Control tool permissions from AgentShield dashboard without code changes
+# - Update delegation requirements in real-time (5-minute cache)
+# - No redeployments needed to change tool permissions
+#
+# Setup:
+# This namespace is automatically created by the setup script (npm run setup)
+# If you need to recreate it: npm run kv:create-tool-protection
+# After deployment, toggle delegation requirements in AgentShield dashboard
+#
+# Note: This namespace is REQUIRED when using AgentShield API key (--apikey)
+#       It will be automatically created by the setup script (npm run setup)
+[[kv_namespaces]]
+binding = "${className.toUpperCase()}_TOOL_PROTECTION_KV"
+id = "your_tool_protection_kv_id"  # Auto-filled by setup script
+
+[vars]
+XMCP_I_TS_SKEW_SEC = "120"
+XMCP_I_SESSION_TTL = "1800"
+
+# AgentShield Integration (https://kya.vouched.id)
+AGENTSHIELD_API_URL = "https://kya.vouched.id"
+# AGENTSHIELD_API_KEY - MUST be declared here for .dev.vars to work
+#   Development: Add to .dev.vars file (already configured if --apikey was provided)
+#   Production: wrangler secret put AGENTSHIELD_API_KEY
+AGENTSHIELD_API_KEY = ""
+# AGENTSHIELD_PROJECT_ID - Your project ID from AgentShield dashboard (e.g., "batman-txh0ae")
+#   Required for project-scoped tool protection configuration (recommended)
+#   Find it in your dashboard URL: https://kya.vouched.id/dashboard/projects/{PROJECT_ID}
+#   Or in your project settings
+#   Development: Add to .dev.vars file${projectId ? ` (already configured: ${projectId})` : ""}
+#   Production: wrangler secret put AGENTSHIELD_PROJECT_ID
+AGENTSHIELD_PROJECT_ID = "${projectId || ""}"
+MCPI_ENV = "development"
+
+# Optional: MCP Server URL for tool discovery
+# Uncomment to explicitly set your MCP server URL (auto-detected if not set)
+# MCP_SERVER_URL = "https://your-worker.workers.dev/mcp"
+`;
+    fs.writeFileSync(path.join(projectPath, "wrangler.toml"), wranglerContent);
+
+    // Generate persistent identity for Cloudflare Worker
+    if (!skipIdentity) {
+      console.log(chalk.cyan("🔐 Generating persistent identity..."));
+
+      try {
+        const identity = await generateIdentity();
+
+        // Read existing wrangler.toml
+        const wranglerPath = path.join(projectPath, "wrangler.toml");
+        let wranglerTomlContent = fs.readFileSync(wranglerPath, "utf8");
+
+        // Find [vars] section and add identity environment variables
+        // Add ALL identity variables (empty values will be overridden by .dev.vars)
+        const varsMatch = wranglerTomlContent.match(/\[vars\]/);
+        if (varsMatch) {
+          const insertPosition = varsMatch.index! + varsMatch[0].length;
+          const identityVars = `
+# Agent DID (public identifier - safe to commit)
+MCP_IDENTITY_AGENT_DID = "${identity.did}"
+
+# Identity keys - MUST be declared here for .dev.vars to work!
+# Development: Values in .dev.vars will override these empty strings
+# Production: Use wrangler secret put to set these
+MCP_IDENTITY_PRIVATE_KEY = ""
+MCP_IDENTITY_PUBLIC_KEY = ""
+
+# ALLOWED_ORIGINS for CORS (update for production)
+ALLOWED_ORIGINS = "https://claude.ai,https://app.anthropic.com"
+
+# DO routing strategy: "session" for dev, "shard" for production high-load
+DO_ROUTING_STRATEGY = "session"
+DO_SHARD_COUNT = "10"  # Number of shards if using shard strategy
+
+`;
+
+          // Check if API key variables already exist in wrangler.toml
+          // (They may have been added by the initial template)
+          const hasAgentshieldApiKey = /AGENTSHIELD_API_KEY\s*=/.test(
+            wranglerTomlContent
+          );
+          const hasAgentshieldProjectId = /AGENTSHIELD_PROJECT_ID\s*=/.test(
+            wranglerTomlContent
+          );
+          const hasAdminApiKey = /ADMIN_API_KEY\s*=/.test(wranglerTomlContent);
+
+          // Build API key declarations only for variables that don't already exist
+          // Cloudflare Workers REQUIRE variables to be declared in [vars] for .dev.vars to work
+          const apiKeyVarsParts: string[] = [];
+
+          if (
+            !hasAgentshieldApiKey ||
+            !hasAgentshieldProjectId ||
+            !hasAdminApiKey
+          ) {
+            apiKeyVarsParts.push(
+              `# API keys - MUST be declared here for .dev.vars to work!`
+            );
+            apiKeyVarsParts.push(
+              `# Development: Values in .dev.vars will override these empty strings`
+            );
+            apiKeyVarsParts.push(
+              `# Production: Use wrangler secret put to set these`
+            );
+          }
+
+          if (!hasAgentshieldApiKey) {
+            apiKeyVarsParts.push(`AGENTSHIELD_API_KEY = ""`);
+          }
+          if (!hasAdminApiKey) {
+            apiKeyVarsParts.push(`ADMIN_API_KEY = ""`);
+          }
+          if (!hasAgentshieldProjectId) {
+            apiKeyVarsParts.push(`AGENTSHIELD_PROJECT_ID = ""`);
+          }
+
+          const apiKeyVars =
+            apiKeyVarsParts.length > 0
+              ? `\n${apiKeyVarsParts.join("\n")}\n`
+              : "";
+
+          wranglerTomlContent =
+            wranglerTomlContent.slice(0, insertPosition) +
+            identityVars +
+            apiKeyVars +
+            wranglerTomlContent.slice(insertPosition);
+
+          // Write updated wrangler.toml (without secrets)
+          fs.writeFileSync(wranglerPath, wranglerTomlContent);
+
+          // Create .dev.vars file for local development (git-ignored)
+          const devVarsPath = path.join(projectPath, ".dev.vars");
+          const devVarsContent = `# Local development secrets (DO NOT COMMIT)
+# This file is git-ignored and contains sensitive data
+# 
+# HOW IT WORKS:
+# 1. Variables are declared in wrangler.toml [vars] as empty strings
+# 2. This file (.dev.vars) overrides them for local development
+# 3. Production uses: wrangler secret put VARIABLE_NAME
+
+# Identity keys (generated by create-mcpi-app)
+MCP_IDENTITY_PRIVATE_KEY="${identity.privateKey}"
+MCP_IDENTITY_PUBLIC_KEY="${identity.publicKey}"
+
+# AgentShield API key (get from https://kya.vouched.id/dashboard)
+AGENTSHIELD_API_KEY="${apikey || ""}"${apikey ? "  # Provided via --apikey flag" : ""}
+
+# AgentShield Project ID (from dashboard URL: /dashboard/projects/{PROJECT_ID})
+AGENTSHIELD_PROJECT_ID="${projectId || ""}"${projectId ? "  # Provided via --project flag" : ""}
+
+# Admin API key for protected endpoints
+ADMIN_API_KEY=""
+`;
+          fs.writeFileSync(devVarsPath, devVarsContent);
+
+          // Create .dev.vars.example for reference
+          const devVarsExamplePath = path.join(
+            projectPath,
+            ".dev.vars.example"
+          );
+          const devVarsExampleContent = `# Copy this file to .dev.vars and fill in your values
+# DO NOT commit .dev.vars to version control
+
+# Identity keys (generate with: npx @kya-os/create-mcpi-app regenerate-identity)
+MCP_IDENTITY_PRIVATE_KEY="your-private-key-here"
+MCP_IDENTITY_PUBLIC_KEY="your-public-key-here"
+
+# AgentShield API key (get from https://agentshield.ai)
+AGENTSHIELD_API_KEY="your-api-key-here"
+
+# Admin API key for protected endpoints
+ADMIN_API_KEY="your-admin-key-here"
+`;
+          fs.writeFileSync(devVarsExamplePath, devVarsExampleContent);
+
+          console.log(chalk.green("✅ Generated persistent identity"));
+          console.log(chalk.dim(`   DID: ${identity.did}`));
+          console.log(chalk.green("✅ Created secure configuration:"));
+          console.log(
+            chalk.dim("   • Public DID in wrangler.toml (safe to commit)")
+          );
+          console.log(
+            chalk.dim("   • Private keys in .dev.vars (git-ignored)")
+          );
+          console.log(chalk.dim("   • Example template in .dev.vars.example"));
+          console.log();
+          console.log(chalk.yellow("🔒 Production Security:"));
+          console.log(
+            chalk.dim("   Set secrets using wrangler (never commit them):")
+          );
+          console.log(
+            chalk.cyan("   $ wrangler secret put MCP_IDENTITY_PRIVATE_KEY")
+          );
+          console.log(
+            chalk.cyan("   $ wrangler secret put MCP_IDENTITY_PUBLIC_KEY")
+          );
+          console.log(
+            chalk.cyan("   $ wrangler secret put AGENTSHIELD_API_KEY")
+          );
+          console.log();
+        }
+      } catch (error: any) {
+        console.log(
+          chalk.yellow("⚠️  Failed to generate identity:"),
+          error.message
+        );
+        console.log(chalk.dim("   You can generate one later with:"));
+        console.log(
+          chalk.cyan("   $ npx @kya-os/create-mcpi-app regenerate-identity")
+        );
+        console.log();
+      }
+    }
+
+    // Create tsconfig.json
+    const tsconfigContent = {
+      compilerOptions: {
+        target: "ES2022",
+        module: "ES2022",
+        lib: ["ES2022"],
+        types: ["@cloudflare/workers-types"],
+        moduleResolution: "bundler",
+        resolveJsonModule: true,
+        allowSyntheticDefaultImports: true,
+        esModuleInterop: true,
+        strict: true,
+        skipLibCheck: true,
+        forceConsistentCasingInFileNames: true,
+      },
+      include: ["src/**/*"],
+    };
+    fs.writeJsonSync(path.join(projectPath, "tsconfig.json"), tsconfigContent, {
+      spaces: 2,
+    });
+
+    // Create .gitignore
+    const gitignoreContent = `node_modules/
+dist/
+.wrangler/
+.dev.vars
+.env
+.env.local
+*.log
+`;
+    fs.writeFileSync(path.join(projectPath, ".gitignore"), gitignoreContent);
+
+    // Create README.md
+    const readmeContent = `# ${projectName}
+
+MCP server running on Cloudflare Workers with MCP-I identity features, cryptographic proofs, and full SSE/HTTP streaming support.
+
+## Features
+
+- ✅ **MCP Protocol Support**: SSE and HTTP streaming transports
+- ✅ **Cryptographic Identity**: DID-based agent identity with Ed25519 signatures
+- ✅ **Proof Generation**: Every tool call generates a cryptographic proof
+- ✅ **Audit Logging**: Track all operations with proof IDs and signatures
+- ✅ **Nonce Protection**: Replay attack prevention via KV-backed nonce cache
+- ✅ **Proof Archiving**: Optional KV storage for proof history
+
+## Quick Start
+
+### 1. Install Dependencies
+
+\`\`\`bash
+${packageManager} install
+\`\`\`
+
+### 2. Create KV Namespaces
+
+#### Create All KV Namespaces (Recommended)
+
+\`\`\`bash
+${packageManager === "npm" ? "npm run" : packageManager} kv:create
+\`\`\`
+
+This creates all 5 KV namespaces at once:
+- \`NONCE_CACHE\` - Replay attack prevention (Required)
+- \`PROOF_ARCHIVE\` - Cryptographic proof storage (Recommended)
+- \`IDENTITY_STORAGE\` - Agent identity persistence (Recommended)
+- \`DELEGATION_STORAGE\` - OAuth delegation storage (Required for delegation)
+- \`TOOL_PROTECTION_KV\` - Dashboard-controlled permissions (Optional)
+
+Copy the namespace IDs from the output and update each one in \`wrangler.toml\`:
+
+\`\`\`toml
+[[kv_namespaces]]
+binding = "NONCE_CACHE"
+id = "your_nonce_kv_id_here"  # ← Update this
+
+[[kv_namespaces]]
+binding = "PROOF_ARCHIVE"
+id = "your_proof_kv_id_here"  # ← Update this
+
+[[kv_namespaces]]
+binding = "IDENTITY_STORAGE"
+id = "your_identity_kv_id_here"  # ← Update this
+
+[[kv_namespaces]]
+binding = "DELEGATION_STORAGE"
+id = "your_delegation_kv_id_here"  # ← Update this
+
+[[kv_namespaces]]
+binding = "TOOL_PROTECTION_KV"
+id = "your_tool_protection_kv_id_here"  # ← Update this
+\`\`\`
+
+**Note:** You can also create namespaces individually:
+- \`${packageManager === "npm" ? "npm run" : packageManager} kv:create-nonce\` - Create nonce cache only
+- \`${packageManager === "npm" ? "npm run" : packageManager} kv:create-proof\` - Create proof archive only
+- \`${packageManager === "npm" ? "npm run" : packageManager} kv:create-identity\` - Create identity storage only
+- \`${packageManager === "npm" ? "npm run" : packageManager} kv:create-delegation\` - Create delegation storage only
+- \`${packageManager === "npm" ? "npm run" : packageManager} kv:create-tool-protection\` - Create tool protection cache only
+
+### 3. Test Locally
+
+\`\`\`bash
+${packageManager === "npm" ? "npm run" : packageManager} dev
+\`\`\`
+
+### 4. Deploy
+
+\`\`\`bash
+${packageManager === "npm" ? "npm run" : packageManager} deploy
+\`\`\`
+
+## Connect with Claude Desktop
+
+Add to \`~/Library/Application Support/Claude/claude_desktop_config.json\`:
+
+\`\`\`json
+{
+  "mcpServers": {
+    "${projectName}": {
+      "command": "npx",
+      "args": ["mcp-remote", "https://your-worker.workers.dev/sse"]
+    }
+  }
+}
+\`\`\`
+
+**Note:** Use the \`/sse\` endpoint for Claude Desktop compatibility.
+
+Restart Claude Desktop and test: "Use the greet tool to say hello to Alice"
+
+## Adding Tools
+
+Create tools in \`src/tools/\`:
+
+\`\`\`typescript
+import { z } from "zod";
+
+export const myTool = {
+  name: "my_tool",
+  description: "Tool description",
+  inputSchema: z.object({
+    input: z.string().describe("Input parameter")
+  }),
+  handler: async ({ input }: { input: string }) => ({
+    content: [{ type: "text" as const, text: \`Result: \${input}\` }]
+  })
+};
+\`\`\`
+
+Register in \`src/index.ts\` init method:
+
+\`\`\`typescript
+this.server.tool(
+  myTool.name,
+  myTool.description,
+  myTool.inputSchema.shape,
+  myTool.handler
+);
+\`\`\`
+
+## Endpoints
+
+- \`/health\` - Health check
+- \`/sse\` - SSE transport for MCP
+- \`/mcp\` - Streamable HTTP transport for MCP
+- \`/oauth/callback\` - OAuth callback for delegation flows
+- \`/admin/clear-cache\` - Clear tool protection cache (requires API key)
+
+## Viewing Cryptographic Proofs
+
+Every tool call generates a cryptographic proof that's logged to the console:
+
+\`\`\`bash
+${packageManager === "npm" ? "npm run" : packageManager} dev
+\`\`\`
+
+When you call a tool, you'll see logs like:
+
+\`\`\`
+[MCP-I] Initialized with DID: did:web:localhost:agents:key-abc123
+[MCP-I Proof] {
+  tool: 'greet',
+  did: 'did:web:localhost:agents:key-abc123',
+  proofId: 'proof_1234567890_abcd',
+  signature: 'mNYP8x2k9FqV3...'
+}
+\`\`\`
+
+### Proof Archives (Optional)
+
+If you configured the \`PROOF_ARCHIVE\` KV namespace, proofs are also stored for querying:
+
+\`\`\`bash
+# List all proofs
+wrangler kv:key list --namespace-id=your_proof_kv_id
+
+# View a specific proof
+wrangler kv:key get "proof_1234567890_abcd" --namespace-id=your_proof_kv_id
+\`\`\`
+
+## Identity Management
+
+Your agent's cryptographic identity is stored in Durable Objects state. To view your agent's DID:
+
+1. Check the logs during \`init()\` - it prints the DID
+2. Or query the runtime: \`await mcpiRuntime.getIdentity()\`
+
+The identity includes:
+- \`did\`: Decentralized identifier (e.g., \`did:web:your-worker.workers.dev:agents:key-xyz\`)
+- \`publicKey\`: Ed25519 public key for signature verification
+- \`privateKey\`: Ed25519 private key (secured in Durable Object state)
+
+## AgentShield Integration
+
+This project is configured to send cryptographic proofs to AgentShield for audit trails and compliance monitoring.
+
+### Setup
+
+1. **Get your AgentShield API key**:
+   - Sign up at https://kya.vouched.id
+   - Create a project
+   - Copy your API key from the dashboard
+
+2. **Update \`wrangler.toml\`**:
+   \`\`\`toml
+   [vars]
+   AGENTSHIELD_API_URL = "https://kya.vouched.id"
+   AGENTSHIELD_API_KEY = "sk_your_actual_key_here"  # ← Replace this
+   MCPI_ENV = "development"
+   \`\`\`
+
+3. **Test proof submission**:
+   \`\`\`bash
+   ${packageManager === "npm" ? "npm run" : packageManager} dev
+   \`\`\`
+
+   Call a tool and check the logs:
+   \`\`\`
+   [AgentShield] Submitting proof: { did: 'did:web:...', sessionId: '...', jwsFormat: 'valid (3 parts)' }
+   [AgentShield] ✅ Proofs accepted: 1
+   \`\`\`
+
+4. **View proofs in dashboard**:
+   - Go to https://kya.vouched.id/dashboard
+   - Select your project
+   - Click "Interactions" tab
+   - See your proofs in real-time
+
+### Configuration
+
+The AgentShield integration is configured in \`src/mcpi-runtime-config.ts\`. You can customize:
+- Proof batch size (\`maxBatchSize\`)
+- Flush interval (\`flushIntervalMs\`)
+- Retry policy (\`maxRetries\`)
+- Tool protection rules (\`toolProtections\`)
+
+### Dashboard-Controlled Tool Protection (Advanced)
+
+🆕 **NEW**: Control which tools require user delegation directly from the AgentShield dashboard - no code changes needed!
+
+Instead of hardcoding \`requiresDelegation\` in your config, enable dynamic tool protection:
+
+1. **Create Tool Protection KV namespace**:
+   \`\`\`bash
+   ${packageManager === "npm" ? "npm run" : packageManager} kv:create-tool-protection
+   \`\`\`
+
+2. **Uncomment TOOL_PROTECTION_KV in \`wrangler.toml\`**:
+   \`\`\`toml
+   [[kv_namespaces]]
+   binding = "TOOL_PROTECTION_KV"
+   id = "your_tool_protection_kv_id"  # ← Add the ID from step 1
+   \`\`\`
+
+3. **Enable Tool Protection Service in \`src/mcpi-runtime-config.ts\`**:
+   - Uncomment the import: \`import { CloudflareRuntime } from "@kya-os/mcp-i-cloudflare";\`
+   - Uncomment the \`toolProtectionService\` configuration block
+
+4. **Deploy and test**:
+   \`\`\`bash
+   ${packageManager === "npm" ? "npm run" : packageManager} deploy
+   \`\`\`
+
+5. **Control delegation from dashboard**:
+   - Go to https://kya.vouched.id/dashboard
+   - Select your project → "Tools" tab
+   - Toggle "Require Delegation" for any tool
+   - Changes apply in real-time (5-minute cache)
+
+**Benefits:**
+- Update tool permissions without redeploying
+- Test delegation flows instantly
+- Different requirements per environment (dev vs prod)
+- Automatic tool discovery from proof submissions
+
+**Note:** The first time a tool is called, it auto-discovers in the dashboard. The \`requiresDelegation\` toggle will appear after the first proof is submitted.
+
+### Disable AgentShield (Optional)
+
+If you don't want to use AgentShield, edit \`src/mcpi-runtime-config.ts\`:
+
+\`\`\`typescript
+proofing: {
+  enabled: false,  // Disable proof submission
+  // ...
+}
+\`\`\`
+
+Or simply don't configure the \`AGENTSHIELD_API_KEY\` environment variable.
+
+## References
+
+- [Cloudflare Agents MCP](https://developers.cloudflare.com/agents/model-context-protocol/)
+- [MCP Specification](https://spec.modelcontextprotocol.io/)
+- [MCP-I Documentation](https://github.com/kya-os/xmcp-i)
+`;
+    fs.writeFileSync(path.join(projectPath, "README.md"), readmeContent);
+
+    console.log(chalk.green("✅ Cloudflare Worker MCP server created"));
+    console.log();
+
+    if (apikey) {
+      console.log(
+        chalk.green("🔑 AgentShield API key configured in wrangler.toml")
+      );
+      console.log(
+        chalk.dim("   Your API key has been added to the [vars] section")
+      );
+      console.log(chalk.dim("   Tool protection enforcement is ready to use!"));
+      console.log();
+    } else {
+      console.log(chalk.yellow("⚠️  No AgentShield API key provided"));
+      console.log(
+        chalk.dim(
+          "   Add your API key to wrangler.toml [vars] section before deployment"
+        )
+      );
+      console.log(
+        chalk.dim("   Get your key at: https://kya.vouched.id/dashboard")
+      );
+      console.log();
+    }
+
+    console.log(chalk.bold("📦 All KV Namespaces Configured"));
+    console.log(chalk.dim("   - NONCE_CACHE: Replay attack prevention"));
+    console.log(chalk.dim("   - PROOF_ARCHIVE: Cryptographic proof storage"));
+    console.log(chalk.dim("   - IDENTITY_STORAGE: Agent identity persistence"));
+    console.log(chalk.dim("   - DELEGATION_STORAGE: OAuth delegation storage"));
+    console.log(
+      chalk.dim("   - TOOL_PROTECTION_KV: Dashboard-controlled permissions")
+    );
+    console.log();
+    console.log(
+      chalk.cyan("   Run 'npm run kv:create' to create all namespaces")
+    );
+    console.log();
+  } catch (error) {
+    console.error(
+      chalk.red("Failed to set up Cloudflare Worker MCP server:"),
+      error
+    );
+    throw error;
+  }
+}