@leadbay/mcp 0.20.1 → 0.21.1

package/CHANGELOG.md

@@ -1,5 +1,14 @@
 # Changelog — @leadbay/mcp
 
+## 0.21.1 — 2026-06-16
+
+- **CSV import no longer 400s on a lead status the agent didn't uppercase** (product#3745): `leadbay_import_leads` / `leadbay_import_and_qualify` forwarded `default_status` / `statuses` values verbatim to `POST /imports/{id}/update_mappings`, whose backend `MappingsPayload` decodes them as the strict, case-sensitive `LeadStatus` enum (`DEFAULT, INBOUND, UNWANTED, WANTED, LOST, WON`). A value like "Won" failed deserialization and the whole call 400'd with an opaque "JSON deserialization error" before any record committed — JM hit this trying to tag 179 companies as Won. The MCP now owns the canonical set and enforces it before sending: status values are matched case-insensitively to their enum member ("Won" → "WON"), an empty default means no default, and a genuinely unknown status returns a clear `IMPORT_INVALID_STATUS` error naming the valid values instead of an opaque backend 400. The two tools' input schemas now declare the enum.
+
+## 0.21.0 — 2026-06-16
+
+- **Hosted MCP now triggers OAuth sign-in in Claude Desktop / ChatGPT** (remote custom connectors): the Fly endpoint was not an OAuth-compliant resource server, so a remote client had nothing to discover, never prompted the user to sign in, and then surfaced a host-side "needs auth / token expired" state even though the user never had a token. The server now implements the MCP authorization spec (RFC 9728): it serves OAuth 2.0 Protected Resource Metadata at `/.well-known/oauth-protected-resource[/<resource>]` and answers an unauthenticated (or invalid/expired) `POST /mcp` with `401` + `WWW-Authenticate: Bearer ... resource_metadata="…"`. The client discovers the Leadbay authorization server (the existing regional backend used by `login --oauth`) and runs the browser sign-in. Tool requests auto-probe both regions, so a valid token routes correctly and a stale one re-prompts instead of erroring.
+- **Region-pinned connector URLs**: OAuth discovery runs before sign-in and Leadbay tokens are region-scoped, so the region is encoded in the URL. US accounts use `https://leadbay-mcp-prod.fly.dev/mcp`; FR accounts use `https://leadbay-mcp-prod.fly.dev/fr/mcp`. The path only selects which authorization server the sign-in prompt points at. Permissive CORS + an `OPTIONS` preflight are served on the discovery and MCP endpoints for browser-based remote clients. README's remote-client section updated to document Claude Desktop and the per-region URLs.
+
 ## 0.20.1 — 2026-06-15
 
 - **Triage board stays the first next-step option on a poor-fit batch** (`leadbay_daily_check_in`): when today's batch is an ICP mismatch (every lead AI-scored off-profile), the agent was demoting the interactive triage board below "refine audience" in the NEXT STEPS widget — the plain ordering rule kept losing to the agent's own leverage judgment ("the whole batch is junk, so lead with fixing the lens"). The workflow contract requires the named artifact to be the FIRST option. The ordering rule now holds the triage board at position 1 even on a mismatched batch; the mismatch is surfaced in the prose nudge and offered as a *later* "refine the lens" option, never by displacing the artifact. Verified 5/5/5/5 across 3 consecutive eval runs on an all-off-ICP batch (the exact case that defeated the weaker rule).

package/README.md

@@ -290,21 +290,23 @@ Leadbay connection OK.
   AI credits:    420 / 1000
 ```
 
-### ChatGPT Desktop / remote-MCP clients
+### Claude Desktop / ChatGPT / remote-MCP clients
 
-Leadbay runs a hosted MCP server that any remote-MCP client can connect to without a local install:
+Leadbay runs a hosted MCP server that any remote-MCP client can connect to without a local install. Pick the URL for your account's region:
 
 ```
-https://leadbay-mcp-prod.fly.dev/mcp
+https://leadbay-mcp-prod.fly.dev/mcp       # US accounts
+https://leadbay-mcp-prod.fly.dev/fr/mcp    # FR accounts
 ```
 
-**ChatGPT Desktop**: open Settings → Apps → Add app → paste the URL above.
+- **Claude Desktop**: Settings → Connectors → Add custom connector → paste the URL.
+- **ChatGPT Desktop**: Settings → Apps → Add app → paste the URL.
 
-The server authenticates each request from the `Authorization: Bearer <token>` header your client sends automatically once you sign in via ChatGPT's OAuth prompt. No token to copy-paste, no local Node install needed.
+On first connect the client runs the Leadbay OAuth sign-in (the server advertises OAuth 2.0 Protected Resource Metadata per RFC 9728 and challenges unauthenticated requests with `401 + WWW-Authenticate`). Sign in once in the browser; the client stores the token and sends it as `Authorization: Bearer <token>` on every request. No token to copy-paste, no local Node install needed.
 
-**Updates are automatic** — the hosted server is always running the latest published release. You never need to update a config file or restart anything on your side.
+The region is encoded in the URL because OAuth discovery happens before sign-in and Leadbay tokens are region-scoped — a US account uses `/mcp`, a FR account uses `/fr/mcp`. If the sign-in prompt never appears, you're on an old build of the hosted server (pre-0.21.0); it auto-updates on release.
 
-If your client requires a region header, add `X-Leadbay-Region: us` or `X-Leadbay-Region: fr` to match your Leadbay account's region.
+**Updates are automatic** — the hosted server is always running the latest published release. You never need to update a config file or restart anything on your side.
 
 ## 4. Example prompts that work
 

package/dist/bin.js

@@ -10828,6 +10828,13 @@ function coerceCell(client, v, path) {
     return String(v);
   throw client.makeError("IMPORT_INVALID_CELL_TYPE", `Cell at ${path} is ${Array.isArray(v) ? "an array" : typeof v}, expected string|number|boolean|null`, `Convert the value to a string before passing.`, "POST /imports");
 }
+function enforceLeadStatus(client, raw, path) {
+  const canonical = String(raw).trim().toUpperCase();
+  if (!LEAD_STATUS_SET.has(canonical)) {
+    throw client.makeError("IMPORT_INVALID_STATUS", `${path} ${JSON.stringify(raw)} is not a valid lead status`, `Use one of ${LEAD_STATUSES.join(", ")} (case-insensitive), or omit it.`, "POST /imports");
+  }
+  return canonical;
+}
 function prepareDomainsMode(client, inputs) {
   const validInputs = [];
   const malformedDomains = [];
@@ -10949,6 +10956,12 @@ function prepareRecordsMode(client, records, mappings, customFieldCatalog) {
     if (normDomain && !byDomain.has(normDomain))
       byDomain.set(normDomain, idx);
   });
+  const statuses = {};
+  for (const [cell, status] of Object.entries(mappings.statuses ?? {})) {
+    statuses[cell] = enforceLeadStatus(client, status, `mappings.statuses[${JSON.stringify(cell)}]`);
+  }
+  const rawDefault = mappings.default_status;
+  const default_status = rawDefault == null || String(rawDefault).trim() === "" ? null : enforceLeadStatus(client, rawDefault, "mappings.default_status");
   return {
     mode: "records",
     validInputs,
@@ -10958,8 +10971,8 @@ function prepareRecordsMode(client, records, mappings, customFieldCatalog) {
     header,
     mappings: {
       fields: { ...normalizedFields },
-      statuses: mappings.statuses ?? {},
-      default_status: mappings.default_status ?? null
+      statuses,
+      default_status
     }
   };
 }
@@ -11334,7 +11347,7 @@ async function runImportInBackground(client, prep, uploadedChunks, opts, ctx, ha
     })();
   }, 0);
 }
-var CHUNK_SIZE, POLL_INTERVAL_MS2, DEFAULT_PER_PHASE_BUDGET_MS, DEFAULT_TOTAL_BUDGET_MS, STABILIZATION_POLLS, MAX_COLUMN_NAME_LEN, RESERVED_COLUMN_RE, CUSTOM_FIELD_RE, IMPORT_RESOLVER_FIELDS, PUBLIC_MAILBOX_DOMAINS, importLeads;
+var CHUNK_SIZE, POLL_INTERVAL_MS2, DEFAULT_PER_PHASE_BUDGET_MS, DEFAULT_TOTAL_BUDGET_MS, STABILIZATION_POLLS, MAX_COLUMN_NAME_LEN, RESERVED_COLUMN_RE, CUSTOM_FIELD_RE, IMPORT_RESOLVER_FIELDS, PUBLIC_MAILBOX_DOMAINS, LEAD_STATUSES, LEAD_STATUS_SET, importLeads;
 var init_import_leads = __esm({
   "../core/dist/composite/import-leads.js"() {
     "use strict";
@@ -11379,6 +11392,15 @@ var init_import_leads = __esm({
       "163.com",
       "126.com"
     ]);
+    LEAD_STATUSES = [
+      "DEFAULT",
+      "INBOUND",
+      "UNWANTED",
+      "WANTED",
+      "LOST",
+      "WON"
+    ];
+    LEAD_STATUS_SET = new Set(LEAD_STATUSES);
     importLeads = {
       name: "leadbay_import_leads",
       annotations: {
@@ -11437,11 +11459,12 @@ var init_import_leads = __esm({
               },
               statuses: {
                 type: "object",
-                description: "Optional status string mapping (rarely needed). Defaults to {}."
+                description: `Optional map of raw CSV status-cell text \u2192 lead status (rarely needed). Keys are the verbatim cell strings; values must be one of ${LEAD_STATUSES.join(", ")} (case-insensitive). Defaults to {}.`
               },
               default_status: {
                 type: ["string", "null"],
-                description: "Optional default status. Defaults to null."
+                enum: [...LEAD_STATUSES, null],
+                description: `Optional default lead status applied to rows without an explicit status. One of ${LEAD_STATUSES.join(", ")} (case-insensitive). Defaults to null.`
               }
             },
             required: ["fields"]
@@ -17499,8 +17522,15 @@ var init_import_and_qualify = __esm({
                 type: "object",
                 description: "Ergonomic shorthand: `{CsvColumn: <number-id>}` or `{CsvColumn: '<field-name>'}` for custom-field mappings. Resolved against /crm/custom_fields catalog."
               },
-              statuses: { type: "object", description: "Optional status string mapping." },
-              default_status: { type: ["string", "null"], description: "Optional default status." }
+              statuses: {
+                type: "object",
+                description: `Optional map of raw CSV status-cell text \u2192 lead status. Values must be one of ${LEAD_STATUSES.join(", ")} (case-insensitive); keys are the verbatim cell strings.`
+              },
+              default_status: {
+                type: ["string", "null"],
+                enum: [...LEAD_STATUSES, null],
+                description: `Optional default lead status. One of ${LEAD_STATUSES.join(", ")} (case-insensitive).`
+              }
             },
             // mappings has a closed shape (fields/custom_fields/statuses/default_status).
             // Inner objects (fields, custom_fields, statuses) keep open shapes
@@ -25928,7 +25958,7 @@ var OAUTH_BASE_URLS = {
     fr: "https://staging.api.leadbay.app"
   }
 };
-var VERSION = "0.20.1";
+var VERSION = "0.21.1";
 var HELP = `
 leadbay-mcp ${VERSION} \u2014 Leadbay Model Context Protocol server
 

package/dist/http-server.js

@@ -7,6 +7,9 @@ var __export = (target, all) => {
 
 // src/http-server.ts
 import { randomUUID as randomUUID4 } from "crypto";
+import { realpathSync } from "fs";
+import { basename } from "path";
+import { fileURLToPath } from "url";
 import { Hono } from "hono";
 import { bodyLimit } from "hono/body-limit";
 import { serve } from "@hono/node-server";
@@ -11521,6 +11524,22 @@ function coerceCell(client, v, path) {
     return String(v);
   throw client.makeError("IMPORT_INVALID_CELL_TYPE", `Cell at ${path} is ${Array.isArray(v) ? "an array" : typeof v}, expected string|number|boolean|null`, `Convert the value to a string before passing.`, "POST /imports");
 }
+var LEAD_STATUSES = [
+  "DEFAULT",
+  "INBOUND",
+  "UNWANTED",
+  "WANTED",
+  "LOST",
+  "WON"
+];
+var LEAD_STATUS_SET = new Set(LEAD_STATUSES);
+function enforceLeadStatus(client, raw, path) {
+  const canonical = String(raw).trim().toUpperCase();
+  if (!LEAD_STATUS_SET.has(canonical)) {
+    throw client.makeError("IMPORT_INVALID_STATUS", `${path} ${JSON.stringify(raw)} is not a valid lead status`, `Use one of ${LEAD_STATUSES.join(", ")} (case-insensitive), or omit it.`, "POST /imports");
+  }
+  return canonical;
+}
 function prepareDomainsMode(client, inputs) {
   const validInputs = [];
   const malformedDomains = [];
@@ -11642,6 +11661,12 @@ function prepareRecordsMode(client, records, mappings, customFieldCatalog) {
     if (normDomain && !byDomain.has(normDomain))
       byDomain.set(normDomain, idx);
   });
+  const statuses = {};
+  for (const [cell, status] of Object.entries(mappings.statuses ?? {})) {
+    statuses[cell] = enforceLeadStatus(client, status, `mappings.statuses[${JSON.stringify(cell)}]`);
+  }
+  const rawDefault = mappings.default_status;
+  const default_status = rawDefault == null || String(rawDefault).trim() === "" ? null : enforceLeadStatus(client, rawDefault, "mappings.default_status");
   return {
     mode: "records",
     validInputs,
@@ -11651,8 +11676,8 @@ function prepareRecordsMode(client, records, mappings, customFieldCatalog) {
     header,
     mappings: {
       fields: { ...normalizedFields },
-      statuses: mappings.statuses ?? {},
-      default_status: mappings.default_status ?? null
+      statuses,
+      default_status
     }
   };
 }
@@ -12045,11 +12070,12 @@ var importLeads = {
           },
           statuses: {
             type: "object",
-            description: "Optional status string mapping (rarely needed). Defaults to {}."
+            description: `Optional map of raw CSV status-cell text \u2192 lead status (rarely needed). Keys are the verbatim cell strings; values must be one of ${LEAD_STATUSES.join(", ")} (case-insensitive). Defaults to {}.`
           },
           default_status: {
             type: ["string", "null"],
-            description: "Optional default status. Defaults to null."
+            enum: [...LEAD_STATUSES, null],
+            description: `Optional default lead status applied to rows without an explicit status. One of ${LEAD_STATUSES.join(", ")} (case-insensitive). Defaults to null.`
           }
         },
         required: ["fields"]
@@ -17624,8 +17650,15 @@ var importAndQualify = {
             type: "object",
             description: "Ergonomic shorthand: `{CsvColumn: <number-id>}` or `{CsvColumn: '<field-name>'}` for custom-field mappings. Resolved against /crm/custom_fields catalog."
           },
-          statuses: { type: "object", description: "Optional status string mapping." },
-          default_status: { type: ["string", "null"], description: "Optional default status." }
+          statuses: {
+            type: "object",
+            description: `Optional map of raw CSV status-cell text \u2192 lead status. Values must be one of ${LEAD_STATUSES.join(", ")} (case-insensitive); keys are the verbatim cell strings.`
+          },
+          default_status: {
+            type: ["string", "null"],
+            enum: [...LEAD_STATUSES, null],
+            description: `Optional default lead status. One of ${LEAD_STATUSES.join(", ")} (case-insensitive).`
+          }
         },
         // mappings has a closed shape (fields/custom_fields/statuses/default_status).
         // Inner objects (fields, custom_fields, statuses) keep open shapes
@@ -22424,6 +22457,25 @@ async function resolveClientFromToken(token, opts = {}) {
     };
   }
 }
+function regionAuthServer(region) {
+  return region === "fr" ? REGIONS.fr : REGIONS.us;
+}
+function protectedResourceMetadata(opts) {
+  return {
+    resource: opts.resourceUrl,
+    authorization_servers: [regionAuthServer(opts.region)],
+    bearer_methods_supported: ["header"]
+  };
+}
+function buildWwwAuthenticate(opts) {
+  const parts = ['Bearer realm="mcp"'];
+  if (opts.authState === "expired") {
+    parts.push('error="invalid_token"');
+    parts.push('error_description="The access token is invalid or has expired"');
+  }
+  parts.push(`resource_metadata="${opts.resourceMetadataUrl}"`);
+  return parts.join(", ");
+}
 
 // src/env.ts
 function parseWriteEnv(env = process.env) {
@@ -22439,7 +22491,7 @@ function parseWriteEnv(env = process.env) {
 }
 
 // src/http-server.ts
-var VERSION = true ? "0.20.1" : "0.0.0-dev";
+var VERSION = true ? "0.21.1" : "0.0.0-dev";
 var PORT = Number(process.env.PORT ?? 8080);
 var HOST = process.env.HOST ?? "0.0.0.0";
 var sseSessions = /* @__PURE__ */ new Map();
@@ -22461,29 +22513,76 @@ function extractBearer(authHeader) {
   const m = /^Bearer\s+(.+)$/i.exec(authHeader);
   return m ? m[1].trim() : void 0;
 }
-function extractRegion(headerValue) {
-  if (headerValue === "us" || headerValue === "fr") return headerValue;
-  return void 0;
-}
-async function buildServerForRequest(token, region) {
-  const resolved = await resolveClientFromToken(token, { region });
+function buildServerFromClient(client) {
   const includeWrite = parseWriteEnv();
   const includeAdvanced = process.env.LEADBAY_MCP_ADVANCED === "1";
-  return buildServer(resolved.client, {
-    version: VERSION,
-    includeWrite,
-    includeAdvanced
-  });
+  return buildServer(client, { version: VERSION, includeWrite, includeAdvanced });
+}
+var PRM_PREFIX = "/.well-known/oauth-protected-resource";
+var RESOURCE_PATHS = ["/mcp", "/fr/mcp", "/sse", "/fr/sse"];
+function regionForResourcePath(resourcePath) {
+  return /^\/fr(\/|$)/.test(resourcePath) ? "fr" : "us";
+}
+function requestOrigin(c) {
+  const url = new URL(c.req.url);
+  const proto = c.req.header("x-forwarded-proto") ?? url.protocol.replace(/:$/, "");
+  const host = c.req.header("host") ?? url.host;
+  return `${proto}://${host}`;
+}
+function applyCors(c) {
+  c.header("Access-Control-Allow-Origin", "*");
+  c.header("Access-Control-Expose-Headers", "WWW-Authenticate");
+}
+function servePrm(c, resourcePath) {
+  applyCors(c);
+  c.header("Cache-Control", "public, max-age=3600");
+  return c.json(
+    protectedResourceMetadata({
+      resourceUrl: `${requestOrigin(c)}${resourcePath}`,
+      region: regionForResourcePath(resourcePath)
+    })
+  );
+}
+function sendChallenge(c, resourcePath, authState) {
+  const resourceMetadataUrl = `${requestOrigin(c)}${PRM_PREFIX}${resourcePath}`;
+  applyCors(c);
+  c.header("WWW-Authenticate", buildWwwAuthenticate({ resourceMetadataUrl, authState }));
+  return c.json(
+    {
+      error: authState === "expired" ? "invalid_token" : "unauthorized",
+      error_description: authState === "expired" ? "Access token is invalid or expired. Sign in with Leadbay again." : "Authentication required. Sign in with Leadbay."
+    },
+    401
+  );
 }
 var app = new Hono();
 app.get("/healthz", (c) => c.json({ ok: true, version: VERSION }));
+app.get(PRM_PREFIX, (c) => servePrm(c, "/mcp"));
+app.get(`${PRM_PREFIX}/*`, (c) => {
+  const suffix = c.req.path.slice(PRM_PREFIX.length);
+  const resourcePath = RESOURCE_PATHS.includes(suffix) ? suffix : "/mcp";
+  return servePrm(c, resourcePath);
+});
+app.options("*", (c) => {
+  applyCors(c);
+  c.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
+  c.header(
+    "Access-Control-Allow-Headers",
+    "Authorization, Content-Type, Mcp-Protocol-Version, Mcp-Session-Id"
+  );
+  return c.body(null, 204);
+});
 var MCP_BODY_LIMIT = bodyLimit({ maxSize: 1 * 1024 * 1024 });
 app.use("/mcp", MCP_BODY_LIMIT);
+app.use("/fr/mcp", MCP_BODY_LIMIT);
 app.use("/messages", MCP_BODY_LIMIT);
-app.all("/mcp", async (c) => {
+async function handleStreamable(c, resourcePath) {
   const token = extractBearer(c.req.header("authorization"));
-  const region = extractRegion(c.req.header("x-leadbay-region"));
-  const server = await buildServerForRequest(token, region);
+  const resolved = await resolveClientFromToken(token);
+  if (resolved.authState === "missing" || resolved.authState === "expired") {
+    return sendChallenge(c, resourcePath, resolved.authState);
+  }
+  const server = buildServerFromClient(resolved.client);
   const transport = new StreamableHTTPServerTransport({
     sessionIdGenerator: void 0,
     // Return JSON responses instead of SSE so non-SSE clients (e.g. Codex) work.
@@ -22519,13 +22618,18 @@ app.all("/mcp", async (c) => {
     server.close().catch(() => {
     });
   }
-});
-app.get("/sse", async (c) => {
+}
+app.all("/mcp", (c) => handleStreamable(c, "/mcp"));
+app.all("/fr/mcp", (c) => handleStreamable(c, "/fr/mcp"));
+async function handleSse(c, resourcePath) {
   const token = extractBearer(c.req.header("authorization"));
-  const region = extractRegion(c.req.header("x-leadbay-region"));
+  const resolved = await resolveClientFromToken(token);
+  if (resolved.authState === "missing" || resolved.authState === "expired") {
+    return sendChallenge(c, resourcePath, resolved.authState);
+  }
   const env = c.env;
   const transport = new SSEServerTransport("/messages", env.outgoing);
-  const server = await buildServerForRequest(token, region);
+  const server = buildServerFromClient(resolved.client);
   await server.connect(transport);
   const sessionId = transport.sessionId;
   sseSessions.set(sessionId, { transport, server, createdAt: Date.now() });
@@ -22535,7 +22639,9 @@ app.get("/sse", async (c) => {
     });
   };
   return new Response(null, { headers: { "x-hono-already-sent": "1" } });
-});
+}
+app.get("/sse", (c) => handleSse(c, "/sse"));
+app.get("/fr/sse", (c) => handleSse(c, "/fr/sse"));
 app.post("/messages", async (c) => {
   const sessionId = c.req.query("sessionId");
   if (!sessionId) {
@@ -22550,10 +22656,26 @@ app.post("/messages", async (c) => {
   await session.transport.handlePostMessage(env.incoming, env.outgoing, body);
   return new Response(null, { headers: { "x-hono-already-sent": "1" } });
 });
-var _boot = randomUUID4();
-serve({ fetch: app.fetch, port: PORT, hostname: HOST }, (info) => {
-  process.stderr.write(
-    `leadbay-mcp-http ${VERSION} listening on http://${info.address}:${info.port} (boot=${_boot})
+var isEntrypoint = (() => {
+  try {
+    const entry = process.argv[1];
+    if (!entry) return false;
+    const entryName = basename(entry).toLowerCase();
+    if (entryName !== "http-server.js" && entryName !== "leadbay-mcp-http") return false;
+    return realpathSync(fileURLToPath(import.meta.url)) === realpathSync(entry);
+  } catch {
+    return false;
+  }
+})();
+if (isEntrypoint) {
+  const _boot = randomUUID4();
+  serve({ fetch: app.fetch, port: PORT, hostname: HOST }, (info) => {
+    process.stderr.write(
+      `leadbay-mcp-http ${VERSION} listening on http://${info.address}:${info.port} (boot=${_boot})
 `
-  );
-});
+    );
+  });
+}
+export {
+  app
+};

package/dist/installer-electron.js

@@ -1466,7 +1466,7 @@ var init_installer_gui = __esm({
     init_install_dxt();
     init_install_shared();
     init_oauth();
-    VERSION = "0.20.1";
+    VERSION = "0.21.1";
     PORT = Number(process.env.LEADBAY_INSTALLER_PORT ?? 0);
     sessions = /* @__PURE__ */ new Map();
     OAUTH_BASE_URLS = {

package/dist/installer-gui.js

@@ -873,7 +873,7 @@ async function oauthLogin(opts) {
 }
 
 // installer/installer-gui.ts
-var VERSION = "0.20.1";
+var VERSION = "0.21.1";
 var PORT = Number(process.env.LEADBAY_INSTALLER_PORT ?? 0);
 var sessions = /* @__PURE__ */ new Map();
 var OAUTH_BASE_URLS = {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@leadbay/mcp",
-  "version": "0.20.1",
+  "version": "0.21.1",
   "mcpName": "io.github.leadbay/leadbay-mcp",
   "description": "Model Context Protocol (MCP) server for Leadbay — AI lead discovery, qualification, and enrichment for Claude Desktop, Cursor, and Claude Code.",
   "type": "module",