npm - @lindblad/complai-mcp - Versions diffs - 0.1.0 → 0.1.2 - Mend

@lindblad/complai-mcp 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/README.md +87 -232
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -1,227 +1,69 @@
 # COMPLAI MCP Server
-An MCP (Model Context Protocol) server that provides compliance overview data to AI assistants.
+An MCP (Model Context Protocol) server that provides COMPLAI compliance data to AI assistants like Cursor and Claude Desktop.
 **Package:** `@lindblad/complai-mcp`
-## Features
+## Quick Start
-- **Compliance overview**: `complai_compliance_brief` - Get organization-wide compliance status
-- **User authentication**: Log in with your COMPLAI credentials via browser (no secrets needed)
-- **M2M authentication**: Alternative machine-to-machine auth for automation
-- **AI-optimized responses**: Structured data with human-readable alerts
-- **Mock mode**: Test without API credentials
-- **Persistent sessions**: Login is saved locally - no need to re-authenticate
-## Installation
-### From npm (Recommended)
-```bash
-# Install globally
-npm install -g @lindblad/complai-mcp
-# Or run directly with npx
-npx @lindblad/complai-mcp
-```
-### From Source
-```bash
-git clone <repo-url>
-cd mcps/complai-brief
-npm install
-npm run build
-```
-## Quick Start with Cursor/Claude Desktop
-### Using npx (Easiest)
-Add to your MCP configuration (`.cursor/mcp.json` or `claude_desktop_config.json`):
+Add to your Cursor config (`.cursor/mcp.json`):
 ```json
 {
   "mcpServers": {
     "complai": {
       "command": "npx",
-      "args": ["@lindblad/complai-mcp"],
-      "env": {
-        "COMPLAI_API_URL": "https://api.complai.com",
-        "COMPLAI_AUTH0_DOMAIN": "lindcon.eu.auth0.com",
-        "COMPLAI_AUTH0_CLIENT_ID": "your-client-id",
-        "COMPLAI_AUTH0_AUDIENCE": "https://api.complai.com",
-        "COMPLAI_ORGANIZATION_ID": "org_xxxxx"
-      }
+      "args": ["-y", "@lindblad/complai-mcp"]
     }
   }
 }
 ```
-### Using Global Install
-```json
-{
-  "mcpServers": {
-    "complai": {
-      "command": "complai-mcp",
-      "env": {
-        "COMPLAI_API_URL": "https://api.complai.com",
-        "COMPLAI_AUTH0_DOMAIN": "lindcon.eu.auth0.com",
-        "COMPLAI_AUTH0_CLIENT_ID": "your-client-id",
-        "COMPLAI_AUTH0_AUDIENCE": "https://api.complai.com",
-        "COMPLAI_ORGANIZATION_ID": "org_xxxxx"
-      }
-    }
-  }
-}
-```
-## Authentication Modes
-### User Authentication (Recommended)
+That's it! No configuration needed.
-No client secret required. Users authenticate via browser using their COMPLAI credentials.
-1. Configure without `COMPLAI_AUTH0_CLIENT_SECRET`:
-```json
-{
-  "mcpServers": {
-    "complai": {
-      "command": "npx",
-      "args": ["@lindblad/complai-mcp"],
-      "env": {
-        "COMPLAI_API_URL": "https://api.complai.com",
-        "COMPLAI_AUTH0_DOMAIN": "lindcon.eu.auth0.com",
-        "COMPLAI_AUTH0_CLIENT_ID": "your-client-id",
-        "COMPLAI_AUTH0_AUDIENCE": "https://api.complai.com",
-        "COMPLAI_ORGANIZATION_ID": "org_xxxxx"
-      }
-    }
-  }
-}
-```
-2. When you first use a COMPLAI tool, use `complai_login`:
-   - You'll get a URL and code
-   - Open the URL in your browser
-   - Enter the code and log in with your COMPLAI credentials
-   - Done! Your session is saved to `~/.complai/`
-### M2M Authentication (For Automation)
-For scripts, CI/CD, or shared environments. Requires a client secret.
-```json
-{
-  "mcpServers": {
-    "complai": {
-      "command": "npx",
-      "args": ["@lindblad/complai-mcp"],
-      "env": {
-        "COMPLAI_API_URL": "https://api.complai.com",
-        "COMPLAI_AUTH0_DOMAIN": "lindcon.eu.auth0.com",
-        "COMPLAI_AUTH0_CLIENT_ID": "your-m2m-client-id",
-        "COMPLAI_AUTH0_CLIENT_SECRET": "your-m2m-client-secret",
-        "COMPLAI_AUTH0_AUDIENCE": "https://api.complai.com",
-        "COMPLAI_ORGANIZATION_ID": "org_xxxxx"
-      }
-    }
-  }
-}
-```
-### Mock Mode
-For testing without any API connection:
-```json
-{
-  "mcpServers": {
-    "complai": {
-      "command": "npx",
-      "args": ["@lindblad/complai-mcp"],
-      "env": {
-        "COMPLAI_MOCK_MODE": "true"
-      }
-    }
-  }
-}
-```
+## Available Tools
-## Authentication Flow
+| Tool | Description |
+|------|-------------|
+| `complai_login` | Authenticate with COMPLAI (opens browser) |
+| `complai_auth_status` | Check authentication status |
+| `complai_list_organizations` | List organizations you have access to |
+| `complai_compliance_brief` | Get compliance overview (risk, tasks, alerts) |
+| `complai_audit_rooms` | Get detailed audit room data with status |
-### First Time Setup (User Auth Mode)
+## Usage
-When you start the server for the first time, it will prompt for authentication:
+Just ask your AI assistant:
-```
-COMPLAI MCP Server v0.1.0
-─────────────────────────
-API:  https://api.test.complai.com
-Auth: User (Device Flow)
-Authentication required. Starting device authorization flow...
-┌─────────────────────────────────────────────────────────────┐
-│  Please complete authentication in your browser:            │
-│                                                             │
-│  1. Open:  https://complai-test.eu.auth0.com/activate       │
-│  2. Enter: ABCD-EFGH                                        │
-│                                                             │
-│  Waiting for authentication...                              │
-└─────────────────────────────────────────────────────────────┘
-✓ Authentication successful!
-Starting server...
-✓ Server ready
-```
+- *"What's my compliance status?"*
+- *"Show me all audit rooms with their risk ratings"*
+- *"Which audit rooms have overdue tasks?"*
+- *"Give me a compliance summary for my board meeting"*
-After logging in once, your session is saved to `~/.complai/` and you won't need to log in again.
+### First Time Authentication
-### Logging Out
+On first use, you'll need to authenticate:
-To log out, delete the stored credentials:
-```bash
-rm -rf ~/.complai/.credentials.enc
-```
+1. The AI will call `complai_login`
+2. A browser window opens for you to log in with your COMPLAI credentials
+3. Done! Your session is saved locally
-## Available Tools
-### `complai_list_organizations`
-List all COMPLAI organizations the user has access to.
+### Multi-Organization Support
-**Parameters:** None
-**Response:**
-```json
-{
-  "organizations": [
-    { "id": "org_xxx", "name": "Acme Corp" },
-    { "id": "org_yyy", "name": "Beta Inc" }
-  ],
-  "message": "User has access to 2 organizations. Ask which one to check."
-}
-```
+If you have access to multiple organizations:
-### `complai_compliance_brief`
+1. Call `complai_list_organizations` to see available orgs
+2. Call `complai_login` with the `organizationId` to switch orgs
+3. Then use `complai_compliance_brief` or `complai_audit_rooms`
-Get compliance status overview for a specific organization.
+## Example Output
-**Parameters:**
-| Parameter | Type | Required | Description |
-|-----------|------|----------|-------------|
-| `organizationId` | string | Yes | The organization ID (from `complai_list_organizations`) |
-| `workspaceId` | string | No | Filter results to a specific workspace |
+### Compliance Brief
-**Response:**
 ```json
 {
   "summary": {
-    "description": "Compliance overview as of 2026-01-15",
+    "description": "Compliance overview as of 2026-02-04",
     "dataRooms": 24,
     "assets": 156,
     "manufacturers": 42,
@@ -246,58 +88,71 @@ Get compliance status overview for a specific organization.
 }
 ```
-## Development
-### Testing with MCP Inspector
+### Audit Rooms
-```bash
-npm run inspector
+```json
+{
+  "pagination": { "page": 1, "pageSize": 20, "totalCount": 24 },
+  "rooms": [
+    {
+      "name": "Supplier ABC Audit",
+      "riskRating": "Medium",
+      "engagement": "In Progress",
+      "assetsCount": 5,
+      "manufacturer": "ABC Corp",
+      "taskCompletion": [
+        { "template": "ISO 27001", "status": "Completed" },
+        { "template": "GDPR", "status": "In Progress" }
+      ]
+    }
+  ]
+}
 ```
-### Project Structure
+## Configuration (Optional)
-```
-complai-brief/
-├── src/
-│   ├── index.ts              # MCP server entry point
-│   ├── types.ts              # TypeScript interfaces
-│   ├── tools/
-│   │   └── compliance-brief.ts   # Tool implementation
-│   ├── auth/
-│   │   ├── token-manager.ts      # Unified token management
-│   │   └── device-auth.ts        # Device authorization flow
-│   ├── api/
-│   │   └── complai-client.ts     # API client
-│   └── config/
-│       └── config-loader.ts      # Configuration loading
-├── package.json
-├── tsconfig.json
-└── README.md
-```
+Defaults connect to COMPLAI test environment. Override with environment variables:
-## Error Handling
+| Variable | Description |
+|----------|-------------|
+| `COMPLAI_API_URL` | API base URL |
+| `COMPLAI_AUTH0_DOMAIN` | Auth0 domain |
+| `COMPLAI_AUTH0_CLIENT_ID` | Auth0 client ID |
+| `COMPLAI_AUTH0_AUDIENCE` | Auth0 audience |
+| `COMPLAI_ORGANIZATION_ID` | Default organization ID |
-The server returns AI-friendly error messages:
+Example with custom config:
-| Error | Message |
-|-------|---------|
-| Authentication failed | "Authentication failed. Check your client credentials." |
-| Network error | "Cannot reach COMPLAI API. Check your network connection." |
-| Rate limited | "Rate limit exceeded. Try again in X seconds." |
-| Permission denied | "You don't have access to this organization." |
+```json
+{
+  "mcpServers": {
+    "complai": {
+      "command": "npx",
+      "args": ["-y", "@lindblad/complai-mcp"],
+      "env": {
+        "COMPLAI_API_URL": "https://api.complai.com",
+        "COMPLAI_AUTH0_DOMAIN": "login.complai.com"
+      }
+    }
+  }
+}
+```
 ## Security
-- **User auth mode**: Refresh tokens are stored encrypted in `~/.complai/` with AES-256-GCM
-- **M2M mode**: Client secrets should be stored securely (environment variables recommended)
-- Encryption keys are stored with restrictive permissions (600)
-- Access tokens are cached in memory only (not persisted)
+- Credentials are stored encrypted in `~/.complai/` (AES-256-GCM)
+- Access tokens are cached in memory only
 - All API calls use HTTPS
-- MCP respects the same permissions as the COMPLAI web UI
+- Permissions match the COMPLAI web UI
+## Troubleshooting
+**"Not authenticated"** - Run `complai_login` first
+**"No organizations found"** - Your COMPLAI account may not have any org memberships
+**"Access denied"** - You don't have permission for that organization
-### Stored Files (User Auth Mode)
+## License
-| File | Purpose |
-|------|---------|
-| `~/.complai/.credentials.enc` | Encrypted refresh token |
-| `~/.complai/.key` | Encryption key (600 permissions) |
+MIT

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lindblad/complai-mcp",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "MCP server providing COMPLAI compliance overview tools for AI assistants",
   "type": "module",
   "main": "dist/index.js",