@modeltoolsprotocol/mtpcli 0.2.3 → 0.3.1

package/README.md

@@ -6,26 +6,20 @@ The command-line interface for the [Model Tools Protocol](https://github.com/mod
 
 LLM agents need to discover and use tools. Right now there are two worlds:
 
-**CLI tools** are the backbone of software development. They're composable (`|`), scriptable, version-controlled, and work everywhere. But LLMs can't discover what a CLI does - they have to parse `--help` text, guess at arguments, and hope for the best.
+**CLI tools** are the backbone of software development. They're composable (`|`), scriptable, version-controlled, and work everywhere. But LLMs can't discover what a CLI does. They have to parse `--help` text, guess at arguments, and hope for the best.
 
-**MCP (Model Context Protocol)** solves discovery beautifully. Tools declare typed schemas, and LLM hosts discover them via a structured handshake. But MCP requires running a server process, speaking JSON-RPC over stdio/SSE, and building within the MCP ecosystem. Your existing CLI tools don't get any of this for free.
-
-These are both good ideas with real tradeoffs:
+**MCP (Model Context Protocol)** solves discovery beautifully. Tools declare typed schemas, and LLM hosts discover them via a structured handshake. But MCP tools aren't composable. Each invocation goes through the model. You can't pipe one MCP tool's output into another. You can't script them without an LLM in the loop.
 
 | | CLI tools | MCP tools |
 |---|---|---|
-| **Composability** | First-class. Pipes, shell scripts, xargs -50 years of Unix | Requires an orchestrator or agent framework |
+| **Composability** | First-class. Pipes, shell scripts, xargs. 50 years of Unix | Requires an orchestrator or agent framework |
 | **Discovery** | Poor. Parse `--help` and hope | Excellent. Typed schemas via handshake |
 | **Runtime** | Any shell, anywhere | Needs an MCP host (Claude Desktop, etc.) |
 | **Deployment** | `brew install`, `cargo install`, a binary in PATH | Run a server process, configure the host |
 | **Interop** | Pipes to anything | Talks to MCP clients only |
-| **Scriptable without an LLM** | Yes -that's the whole point of CLIs | Not really -designed for LLM interaction |
-| **Streaming / subscriptions** | Limited (stdout streaming) | Built-in (SSE, notifications) |
-| **Stateful interaction** | Stateless by design (each invocation is fresh) | Stateful sessions with context |
+| **Scriptable without an LLM** | Yes, that's the whole point of CLIs | Not really, designed for LLM interaction |
 | **Adoption cost** | One flag/decorator | New protocol, server scaffolding, SDK |
 
-MCP is the right choice when you need stateful sessions, streaming, or deep integration with an LLM host. CLIs are the right choice when you want composability, scriptability, and zero infrastructure.
-
 The gap is discovery. `mtpcli` fills it.
 
 ## Install
@@ -34,8 +28,52 @@ The gap is discovery. `mtpcli` fills it.
 npm install -g @modeltoolsprotocol/mtpcli
 ```
 
+## What it does
+
+**mtpcli** bridges the gap between CLI tools and MCP servers. It turns any `--describe` CLI into an MCP server, turns any MCP server into a composable CLI, and handles discovery, auth, and validation along the way.
+
 ## Usage
 
+### Serve CLI tools over MCP
+
+Any CLI that supports `--describe` becomes an MCP server:
+
+```bash
+$ mtpcli serve --tool atlasctl --tool mytool
+
+mtpcli serve: serving 6 tool(s) from 2 CLI tool(s)
+  - atlasctl__confluence page get
+  - atlasctl__config set
+  - atlasctl__config get
+  - mytool__convert
+  ...
+```
+
+Drop it into your Claude Desktop config and it works like any other MCP server. The bridge reads `--describe`, translates commands to MCP tools, and shells out to the real CLI when the host calls a tool.
+
+### Wrap an MCP server as a CLI
+
+Atlassian ships an MCP server at `mcp.atlassian.com`. With `mtpcli wrap`, it's a CLI:
+
+```bash
+# Discover what tools the server offers
+$ mtpcli wrap --url "https://mcp.atlassian.com/v1/mcp" --describe
+
+# Fetch a Confluence page
+$ mtpcli wrap --url "https://mcp.atlassian.com/v1/mcp" \
+    getConfluencePage -- --cloudId "$CLOUD_ID" --pageId 12345 --contentFormat markdown
+
+# Pipe it into jq, grep, or anything else
+$ mtpcli wrap --url "https://mcp.atlassian.com/v1/mcp" \
+    getConfluencePage -- --cloudId "$CLOUD_ID" --pageId 12345 --contentFormat markdown \
+    | jq -r '.body'
+
+# Works with stdio servers too
+$ mtpcli wrap --server "npx @mcp/server-github" --describe
+```
+
+The 2,500+ MCP servers people have built? They're all CLI tools now. Pipe their output, use them in scripts, compose them with other tools.
+
 ### Search for tools and commands
 
 ```bash
@@ -52,7 +90,7 @@ mtpcli search --scan-path "git commit"
 ### Authenticate with a tool
 
 ```bash
-# OAuth2 login
+# OAuth2 login (opens browser, handles callback)
 mtpcli auth login mytool
 
 # API key / bearer token login
@@ -68,22 +106,7 @@ eval $(mtpcli auth env mytool)
 mtpcli auth logout mytool
 ```
 
-### Serve tools over MCP
-
-```bash
-# Start an MCP server that bridges describe-compatible tools
-mtpcli serve --tool mytool --tool anothertool
-```
-
-### Wrap an MCP server as a CLI
-
-```bash
-# Describe an MCP server's tools
-mtpcli wrap --server "npx @mcp/server-github" --describe
-
-# Call a tool on an MCP server
-mtpcli wrap --server "npx @mcp/server-github" search_repos -- --query mtpcli
-```
+See [AUTH.md](AUTH.md) for details on token storage, usage patterns, and bridge integration.
 
 ### Validate a tool's --describe output
 
@@ -114,7 +137,7 @@ mtpcli completions fish mytool | source
 ### Describe self
 
 ```bash
-# Output mtpcli's own describe schema (JSON)
+# mtpcli is itself an MTP-compliant tool
 mtpcli --describe
 ```
 

package/dist/index.js

@@ -7341,6 +7341,31 @@ var init_search2 = __esm(() => {
 });
 
 // src/auth.ts
+var exports_auth = {};
+__export(exports_auth, {
+  storeToken: () => storeToken,
+  runToken: () => runToken,
+  runStatus: () => runStatus,
+  runRefresh: () => runRefresh,
+  runLogout: () => runLogout,
+  runLogin: () => runLogin,
+  runEnv: () => runEnv,
+  refreshAccessToken: () => refreshAccessToken,
+  oauth2Login: () => oauth2Login,
+  login: () => login,
+  loadToken: () => loadToken,
+  isTokenExpired: () => isTokenExpired,
+  getProvider: () => getProvider,
+  getEnvExport: () => getEnvExport,
+  getEnvDict: () => getEnvDict,
+  getAuthConfig: () => getAuthConfig,
+  generatePkce: () => generatePkce,
+  exchangeCode: () => exchangeCode,
+  ensureValidToken: () => ensureValidToken,
+  deleteToken: () => deleteToken,
+  authStatus: () => authStatus,
+  apiKeyLogin: () => apiKeyLogin
+});
 import { createHash, randomBytes } from "node:crypto";
 import {
   chmodSync,
@@ -7350,8 +7375,10 @@ import {
   unlinkSync,
   writeFileSync as writeFileSync2
 } from "node:fs";
+import { createServer } from "node:http";
 import { homedir as homedir2 } from "node:os";
 import { dirname, join as join2 } from "node:path";
+import { createInterface } from "node:readline";
 function tokensDir(baseDir) {
   return join2(baseDir ?? join2(homedir2(), ".mtpcli"), "tokens");
 }
@@ -7371,6 +7398,13 @@ function loadToken(toolName, providerId, baseDir) {
     return null;
   return JSON.parse(readFileSync2(path2, "utf-8"));
 }
+function deleteToken(toolName, providerId, baseDir) {
+  const path2 = tokenPath(toolName, providerId, baseDir);
+  if (!existsSync2(path2))
+    return false;
+  unlinkSync(path2);
+  return true;
+}
 function isTokenExpired(token) {
   if (!token.expires_at)
     return false;
@@ -7378,12 +7412,66 @@ function isTokenExpired(token) {
   const buffer = 5 * 60 * 1000;
   return exp.getTime() - buffer < Date.now();
 }
+async function getAuthConfig(toolName) {
+  const schema = await getToolSchema2(toolName);
+  return schema?.auth ?? null;
+}
+function getProvider(auth, providerId) {
+  if (providerId)
+    return auth.providers.find((p) => p.id === providerId);
+  return auth.providers[0];
+}
 function generatePkce() {
   const bytes = randomBytes(64);
   const verifier = bytes.toString("base64url").slice(0, 128);
   const challenge = createHash("sha256").update(verifier).digest("base64url");
   return { verifier, challenge };
 }
+function waitForCallback(port, timeoutSecs) {
+  return new Promise((resolve, reject) => {
+    const timer = setTimeout(() => {
+      server.close();
+      reject(new Error("OAuth callback timed out"));
+    }, timeoutSecs * 1000);
+    const server = createServer((req, res) => {
+      const url = new URL(req.url ?? "/", `http://127.0.0.1:${port}`);
+      const code = url.searchParams.get("code");
+      const error = url.searchParams.get("error");
+      if (code) {
+        const html = "<html><body><h2>Authentication successful!</h2>" + "<p>You can close this tab and return to your terminal.</p>" + "<script>window.close()</script></body></html>";
+        res.writeHead(200, {
+          "Content-Type": "text/html",
+          "Content-Length": Buffer.byteLength(html).toString()
+        });
+        res.end(html);
+        clearTimeout(timer);
+        server.close();
+        resolve({ code });
+        return;
+      }
+      if (error) {
+        const desc = url.searchParams.get("error_description") ?? "Unknown error";
+        const html = `<html><body><h2>Authentication failed</h2><p>${desc}</p></body></html>`;
+        res.writeHead(400, {
+          "Content-Type": "text/html",
+          "Content-Length": Buffer.byteLength(html).toString()
+        });
+        res.end(html);
+        clearTimeout(timer);
+        server.close();
+        resolve({ error });
+        return;
+      }
+      res.writeHead(404);
+      res.end();
+    });
+    server.listen(port, "127.0.0.1", () => {});
+    server.on("error", (e) => {
+      clearTimeout(timer);
+      reject(new Error(`failed to bind callback server: ${e.message}`));
+    });
+  });
+}
 async function exchangeCode(tokenUrl, code, clientId, redirectUri, codeVerifier, resource) {
   const params = new URLSearchParams({
     grant_type: "authorization_code",
@@ -7449,6 +7537,112 @@ function parseTokenResponse(text) {
     created_at: new Date().toISOString()
   };
 }
+async function oauth2Login(toolName, provider, port) {
+  if (!provider.authorizationUrl)
+    throw new Error("provider missing authorizationUrl");
+  if (!provider.tokenUrl)
+    throw new Error("provider missing tokenUrl");
+  if (!provider.clientId)
+    throw new Error("provider missing clientId");
+  const redirectUri = `http://127.0.0.1:${port}/callback`;
+  const state = randomBytes(32).toString("base64url");
+  const params = new URLSearchParams({
+    client_id: provider.clientId,
+    redirect_uri: redirectUri,
+    response_type: "code",
+    state
+  });
+  if (provider.scopes?.length) {
+    params.set("scope", provider.scopes.join(" "));
+  }
+  let codeVerifier;
+  if (provider.type === "oauth2-pkce") {
+    const pkce = generatePkce();
+    codeVerifier = pkce.verifier;
+    params.set("code_challenge", pkce.challenge);
+    params.set("code_challenge_method", "S256");
+  }
+  const fullUrl = `${provider.authorizationUrl}?${params.toString()}`;
+  const display = provider.displayName ?? provider.id;
+  process.stderr.write(`Opening browser for ${display} login...
+`);
+  process.stderr.write(`If the browser doesn't open, visit:
+${fullUrl}
+
+`);
+  open_default(fullUrl).catch(() => {});
+  process.stderr.write(`Waiting for authentication callback on port ${port}...
+`);
+  const result = await waitForCallback(port, 120);
+  if (result.error)
+    throw new Error(`OAuth error: ${result.error}`);
+  if (!result.code)
+    throw new Error("no authorization code received (timed out?)");
+  process.stderr.write(`Exchanging authorization code for tokens...
+`);
+  const token = await exchangeCode(provider.tokenUrl, result.code, provider.clientId, redirectUri, codeVerifier);
+  token.provider_id = provider.id;
+  storeToken(toolName, provider.id, token);
+  process.stderr.write(`Authenticated with ${display}
+`);
+  return token;
+}
+function apiKeyLogin(toolName, provider, tokenValue) {
+  return new Promise((resolve, reject) => {
+    const finish = (value) => {
+      if (!value) {
+        reject(new Error("no token provided"));
+        return;
+      }
+      const token = {
+        access_token: value,
+        token_type: provider.type,
+        refresh_token: undefined,
+        expires_at: undefined,
+        scopes: undefined,
+        provider_id: provider.id,
+        created_at: new Date().toISOString()
+      };
+      storeToken(toolName, provider.id, token);
+      const display = provider.displayName ?? provider.id;
+      process.stderr.write(`Token stored for ${display}
+`);
+      resolve(token);
+    };
+    if (tokenValue) {
+      finish(tokenValue);
+      return;
+    }
+    if (provider.registrationUrl) {
+      process.stderr.write(`Get your API key at: ${provider.registrationUrl}
+`);
+    }
+    if (provider.instructions) {
+      process.stderr.write(`${provider.instructions}
+`);
+    }
+    process.stderr.write("Enter your token/API key: ");
+    const rl = createInterface({ input: process.stdin, output: process.stderr });
+    rl.question("", (answer) => {
+      rl.close();
+      finish(answer.trim());
+    });
+  });
+}
+async function login(toolName, provider, token, port = 8914) {
+  switch (provider.type) {
+    case "oauth2":
+    case "oauth2-pkce":
+      if (token)
+        return apiKeyLogin(toolName, provider, token);
+      return oauth2Login(toolName, provider, port);
+    case "api-key":
+    case "bearer":
+      return apiKeyLogin(toolName, provider, token);
+    default:
+      throw new Error(`unknown auth type: ${provider.type}`);
+  }
+}
 async function ensureValidToken(toolName, auth) {
   const provider = auth.providers[0];
   if (!provider)
@@ -7482,7 +7676,121 @@ async function getEnvDict(toolName, auth) {
     return {};
   return { [auth.envVar]: token };
 }
+async function getEnvExport(toolName, auth) {
+  const env = await getEnvDict(toolName, auth);
+  if (Object.keys(env).length === 0) {
+    return "# No token available. Run: mtpcli auth login <tool>";
+  }
+  return Object.entries(env).map(([key, value]) => {
+    const escaped = value.replace(/'/g, "'\\''");
+    return `export ${key}='${escaped}'`;
+  }).join(`
+`);
+}
+async function authStatus(toolName, auth) {
+  const providers = [];
+  for (const provider of auth.providers) {
+    const token = loadToken(toolName, provider.id);
+    const status = {
+      id: provider.id,
+      type: provider.type,
+      display_name: provider.displayName ?? provider.id,
+      authenticated: token !== null
+    };
+    if (token) {
+      status.expired = isTokenExpired(token);
+      status.has_refresh = !!token.refresh_token;
+      if (token.expires_at)
+        status.expires_at = token.expires_at;
+      if (token.scopes)
+        status.scopes = token.scopes;
+    }
+    providers.push(status);
+  }
+  return {
+    tool: toolName,
+    env_var: auth.envVar,
+    required: auth.required,
+    providers
+  };
+}
+async function runLogin(toolName, providerId, token) {
+  const auth = await getAuthConfig(toolName);
+  if (!auth)
+    throw new Error(`tool '${toolName}' does not declare auth`);
+  const provider = getProvider(auth, providerId);
+  if (!provider)
+    throw new Error("no matching auth provider found");
+  await login(toolName, provider, token, 8914);
+}
+async function runLogout(toolName) {
+  const auth = await getAuthConfig(toolName);
+  if (!auth)
+    throw new Error(`tool '${toolName}' does not declare auth`);
+  let deleted = false;
+  for (const provider of auth.providers) {
+    if (deleteToken(toolName, provider.id)) {
+      const display = provider.displayName ?? provider.id;
+      process.stderr.write(`Logged out from ${display}
+`);
+      deleted = true;
+    }
+  }
+  if (!deleted)
+    process.stderr.write(`No tokens found for '${toolName}'
+`);
+}
+async function runStatus(toolName) {
+  const auth = await getAuthConfig(toolName);
+  if (!auth)
+    throw new Error(`tool '${toolName}' does not declare auth`);
+  const status = await authStatus(toolName, auth);
+  console.log(JSON.stringify(status, null, 2));
+}
+async function runToken(toolName) {
+  const auth = await getAuthConfig(toolName);
+  if (!auth)
+    throw new Error(`tool '${toolName}' does not declare auth`);
+  const t = await ensureValidToken(toolName, auth);
+  if (!t)
+    throw new Error(`no valid token for '${toolName}'. Run: mtpcli auth login ${toolName}`);
+  console.log(t);
+}
+async function runEnv(toolName) {
+  const auth = await getAuthConfig(toolName);
+  if (!auth)
+    throw new Error(`tool '${toolName}' does not declare auth`);
+  console.log(await getEnvExport(toolName, auth));
+}
+async function runRefresh(toolName) {
+  const authConfig = await getAuthConfig(toolName);
+  if (!authConfig)
+    throw new Error(`tool '${toolName}' does not declare auth`);
+  const provider = authConfig.providers[0];
+  if (!provider)
+    throw new Error("no auth provider configured");
+  const token = loadToken(toolName, provider.id);
+  if (!token) {
+    throw new Error(`no stored token for '${toolName}'. Run: mtpcli auth login ${toolName}`);
+  }
+  if (!token.refresh_token) {
+    throw new Error(`token for '${toolName}' has no refresh_token (provider type: ${provider.type})`);
+  }
+  if (!provider.tokenUrl || !provider.clientId) {
+    throw new Error("provider missing tokenUrl or clientId for refresh");
+  }
+  const newToken = await refreshAccessToken(provider.tokenUrl, token.refresh_token, provider.clientId);
+  if (!newToken.refresh_token) {
+    newToken.refresh_token = token.refresh_token;
+  }
+  newToken.provider_id = provider.id;
+  storeToken(toolName, provider.id, newToken);
+  const display = provider.displayName ?? provider.id;
+  process.stderr.write(`Token refreshed for ${display}
+`);
+}
 var init_auth = __esm(() => {
+  init_open();
   init_search2();
 });
 
@@ -7495,6 +7803,10 @@ __export(exports_mcp_oauth, {
   promptForClientId: () => promptForClientId,
   parseWwwAuthenticate: () => parseWwwAuthenticate,
   mcpOAuthFlow: () => mcpOAuthFlow,
+  mcpAuthToken: () => mcpAuthToken,
+  mcpAuthStatus: () => mcpAuthStatus,
+  mcpAuthRefresh: () => mcpAuthRefresh,
+  mcpAuthLogout: () => mcpAuthLogout,
   loadOrRefreshMcpToken: () => loadOrRefreshMcpToken,
   loadClientRegistration: () => loadClientRegistration,
   fetchResourceMetadata: () => fetchResourceMetadata,
@@ -7508,10 +7820,10 @@ import {
   writeFileSync as writeFileSync3,
   chmodSync as chmodSync2
 } from "node:fs";
-import { createServer } from "node:http";
+import { createServer as createServer2 } from "node:http";
 import { homedir as homedir3 } from "node:os";
 import { dirname as dirname2, join as join3 } from "node:path";
-import { createInterface } from "node:readline";
+import { createInterface as createInterface2 } from "node:readline";
 function serverStorageKey(url) {
   const u = new URL(url);
   return `mcp_${u.host}`;
@@ -7612,7 +7924,7 @@ function promptForClientId(serverUrl) {
 No dynamic registration available for ${serverUrl}.
 ` + `You need to register a client manually and provide the client_id.
 ` + `Enter client_id: `);
-    const rl = createInterface({ input: process.stdin, output: process.stderr });
+    const rl = createInterface2({ input: process.stdin, output: process.stderr });
     rl.question("", (answer) => {
       rl.close();
       const trimmed = answer.trim();
@@ -7660,7 +7972,7 @@ function startCallbackServer() {
       codeResolve = res;
       codeReject = rej;
     });
-    const server = createServer((req, res) => {
+    const server = createServer2((req, res) => {
       const url = new URL(req.url ?? "/", `http://127.0.0.1`);
       const code = url.searchParams.get("code");
       const error = url.searchParams.get("error");
@@ -7792,6 +8104,58 @@ ${authUrl}
 `);
   return token.access_token;
 }
+function mcpAuthStatus(serverUrl) {
+  const storageKey = serverStorageKey(serverUrl);
+  const origin = new URL(serverUrl).origin;
+  const token = loadToken(storageKey, "mcp-oauth");
+  const reg = loadClientRegistration(origin);
+  const result = {
+    url: serverUrl,
+    authenticated: token !== null
+  };
+  if (token) {
+    result.expired = isTokenExpired(token);
+    result.has_refresh = !!token.refresh_token;
+    if (token.expires_at)
+      result.expires_at = token.expires_at;
+    if (token.scopes)
+      result.scopes = token.scopes;
+  }
+  if (reg) {
+    result.client_id = reg.client.clientId;
+  }
+  return result;
+}
+function mcpAuthLogout(serverUrl) {
+  const storageKey = serverStorageKey(serverUrl);
+  return deleteToken(storageKey, "mcp-oauth");
+}
+async function mcpAuthToken(serverUrl) {
+  return loadOrRefreshMcpToken(serverUrl);
+}
+async function mcpAuthRefresh(serverUrl) {
+  const storageKey = serverStorageKey(serverUrl);
+  const origin = new URL(serverUrl).origin;
+  const token = loadToken(storageKey, "mcp-oauth");
+  if (!token) {
+    throw new Error(`no stored token for '${serverUrl}'. Run: mtpcli auth login --url ${serverUrl}`);
+  }
+  if (!token.refresh_token) {
+    throw new Error(`token for '${serverUrl}' has no refresh_token`);
+  }
+  const cached = loadClientRegistration(origin);
+  if (!cached) {
+    throw new Error(`no cached client registration for ${origin}. Run: mtpcli auth login --url ${serverUrl}`);
+  }
+  const newToken = await refreshAccessToken(cached.metadata.token_endpoint, token.refresh_token, cached.client.clientId);
+  if (!newToken.refresh_token) {
+    newToken.refresh_token = token.refresh_token;
+  }
+  newToken.provider_id = "mcp-oauth";
+  storeToken(storageKey, "mcp-oauth", newToken);
+  process.stderr.write(`Token refreshed for ${serverUrl}
+`);
+}
 async function loadOrRefreshMcpToken(serverUrl) {
   const storageKey = serverStorageKey(serverUrl);
   const token = loadToken(storageKey, "mcp-oauth");
@@ -7826,30 +8190,30 @@ var init_mcp_oauth = __esm(() => {
 });
 
 // src/auth.ts
-var exports_auth = {};
-__export(exports_auth, {
+var exports_auth2 = {};
+__export(exports_auth2, {
   storeToken: () => storeToken2,
-  runToken: () => runToken,
-  runStatus: () => runStatus,
-  runRefresh: () => runRefresh,
-  runLogout: () => runLogout,
-  runLogin: () => runLogin,
-  runEnv: () => runEnv,
+  runToken: () => runToken2,
+  runStatus: () => runStatus2,
+  runRefresh: () => runRefresh2,
+  runLogout: () => runLogout2,
+  runLogin: () => runLogin2,
+  runEnv: () => runEnv2,
   refreshAccessToken: () => refreshAccessToken2,
-  oauth2Login: () => oauth2Login,
-  login: () => login,
+  oauth2Login: () => oauth2Login2,
+  login: () => login2,
   loadToken: () => loadToken2,
   isTokenExpired: () => isTokenExpired2,
-  getProvider: () => getProvider,
-  getEnvExport: () => getEnvExport,
+  getProvider: () => getProvider2,
+  getEnvExport: () => getEnvExport2,
   getEnvDict: () => getEnvDict2,
-  getAuthConfig: () => getAuthConfig,
+  getAuthConfig: () => getAuthConfig2,
   generatePkce: () => generatePkce2,
   exchangeCode: () => exchangeCode2,
   ensureValidToken: () => ensureValidToken2,
-  deleteToken: () => deleteToken,
-  authStatus: () => authStatus,
-  apiKeyLogin: () => apiKeyLogin
+  deleteToken: () => deleteToken2,
+  authStatus: () => authStatus2,
+  apiKeyLogin: () => apiKeyLogin2
 });
 import { createHash as createHash2, randomBytes as randomBytes3 } from "node:crypto";
 import {
@@ -7860,10 +8224,10 @@ import {
   unlinkSync as unlinkSync2,
   writeFileSync as writeFileSync4
 } from "node:fs";
-import { createServer as createServer2 } from "node:http";
+import { createServer as createServer3 } from "node:http";
 import { homedir as homedir4 } from "node:os";
 import { dirname as dirname3, join as join4 } from "node:path";
-import { createInterface as createInterface2 } from "node:readline";
+import { createInterface as createInterface3 } from "node:readline";
 function tokensDir2(baseDir) {
   return join4(baseDir ?? join4(homedir4(), ".mtpcli"), "tokens");
 }
@@ -7883,7 +8247,7 @@ function loadToken2(toolName, providerId, baseDir) {
     return null;
   return JSON.parse(readFileSync4(path2, "utf-8"));
 }
-function deleteToken(toolName, providerId, baseDir) {
+function deleteToken2(toolName, providerId, baseDir) {
   const path2 = tokenPath2(toolName, providerId, baseDir);
   if (!existsSync4(path2))
     return false;
@@ -7897,11 +8261,11 @@ function isTokenExpired2(token) {
   const buffer = 5 * 60 * 1000;
   return exp.getTime() - buffer < Date.now();
 }
-async function getAuthConfig(toolName) {
+async function getAuthConfig2(toolName) {
   const schema = await getToolSchema2(toolName);
   return schema?.auth ?? null;
 }
-function getProvider(auth, providerId) {
+function getProvider2(auth, providerId) {
   if (providerId)
     return auth.providers.find((p) => p.id === providerId);
   return auth.providers[0];
@@ -7912,13 +8276,13 @@ function generatePkce2() {
   const challenge = createHash2("sha256").update(verifier).digest("base64url");
   return { verifier, challenge };
 }
-function waitForCallback(port, timeoutSecs) {
+function waitForCallback2(port, timeoutSecs) {
   return new Promise((resolve, reject) => {
     const timer = setTimeout(() => {
       server.close();
       reject(new Error("OAuth callback timed out"));
     }, timeoutSecs * 1000);
-    const server = createServer2((req, res) => {
+    const server = createServer3((req, res) => {
       const url = new URL(req.url ?? "/", `http://127.0.0.1:${port}`);
       const code = url.searchParams.get("code");
       const error = url.searchParams.get("error");
@@ -8022,7 +8386,7 @@ function parseTokenResponse2(text) {
     created_at: new Date().toISOString()
   };
 }
-async function oauth2Login(toolName, provider, port) {
+async function oauth2Login2(toolName, provider, port) {
   if (!provider.authorizationUrl)
     throw new Error("provider missing authorizationUrl");
   if (!provider.tokenUrl)
@@ -8058,7 +8422,7 @@ ${fullUrl}
   open_default(fullUrl).catch(() => {});
   process.stderr.write(`Waiting for authentication callback on port ${port}...
 `);
-  const result = await waitForCallback(port, 120);
+  const result = await waitForCallback2(port, 120);
   if (result.error)
     throw new Error(`OAuth error: ${result.error}`);
   if (!result.code)
@@ -8072,7 +8436,7 @@ ${fullUrl}
 `);
   return token;
 }
-function apiKeyLogin(toolName, provider, tokenValue) {
+function apiKeyLogin2(toolName, provider, tokenValue) {
   return new Promise((resolve, reject) => {
     const finish = (value) => {
       if (!value) {
@@ -8107,23 +8471,23 @@ function apiKeyLogin(toolName, provider, tokenValue) {
 `);
     }
     process.stderr.write("Enter your token/API key: ");
-    const rl = createInterface2({ input: process.stdin, output: process.stderr });
+    const rl = createInterface3({ input: process.stdin, output: process.stderr });
     rl.question("", (answer) => {
       rl.close();
       finish(answer.trim());
     });
   });
 }
-async function login(toolName, provider, token, port = 8914) {
+async function login2(toolName, provider, token, port = 8914) {
   switch (provider.type) {
     case "oauth2":
     case "oauth2-pkce":
       if (token)
-        return apiKeyLogin(toolName, provider, token);
-      return oauth2Login(toolName, provider, port);
+        return apiKeyLogin2(toolName, provider, token);
+      return oauth2Login2(toolName, provider, port);
     case "api-key":
     case "bearer":
-      return apiKeyLogin(toolName, provider, token);
+      return apiKeyLogin2(toolName, provider, token);
     default:
       throw new Error(`unknown auth type: ${provider.type}`);
   }
@@ -8161,7 +8525,7 @@ async function getEnvDict2(toolName, auth) {
     return {};
   return { [auth.envVar]: token };
 }
-async function getEnvExport(toolName, auth) {
+async function getEnvExport2(toolName, auth) {
   const env = await getEnvDict2(toolName, auth);
   if (Object.keys(env).length === 0) {
     return "# No token available. Run: mtpcli auth login <tool>";
@@ -8172,7 +8536,7 @@ async function getEnvExport(toolName, auth) {
   }).join(`
 `);
 }
-async function authStatus(toolName, auth) {
+async function authStatus2(toolName, auth) {
   const providers = [];
   for (const provider of auth.providers) {
     const token = loadToken2(toolName, provider.id);
@@ -8199,22 +8563,22 @@ async function authStatus(toolName, auth) {
     providers
   };
 }
-async function runLogin(toolName, providerId, token) {
-  const auth = await getAuthConfig(toolName);
+async function runLogin2(toolName, providerId, token) {
+  const auth = await getAuthConfig2(toolName);
   if (!auth)
     throw new Error(`tool '${toolName}' does not declare auth`);
-  const provider = getProvider(auth, providerId);
+  const provider = getProvider2(auth, providerId);
   if (!provider)
     throw new Error("no matching auth provider found");
-  await login(toolName, provider, token, 8914);
+  await login2(toolName, provider, token, 8914);
 }
-async function runLogout(toolName) {
-  const auth = await getAuthConfig(toolName);
+async function runLogout2(toolName) {
+  const auth = await getAuthConfig2(toolName);
   if (!auth)
     throw new Error(`tool '${toolName}' does not declare auth`);
   let deleted = false;
   for (const provider of auth.providers) {
-    if (deleteToken(toolName, provider.id)) {
+    if (deleteToken2(toolName, provider.id)) {
       const display = provider.displayName ?? provider.id;
       process.stderr.write(`Logged out from ${display}
 `);
@@ -8225,15 +8589,15 @@ async function runLogout(toolName) {
     process.stderr.write(`No tokens found for '${toolName}'
 `);
 }
-async function runStatus(toolName) {
-  const auth = await getAuthConfig(toolName);
+async function runStatus2(toolName) {
+  const auth = await getAuthConfig2(toolName);
   if (!auth)
     throw new Error(`tool '${toolName}' does not declare auth`);
-  const status = await authStatus(toolName, auth);
+  const status = await authStatus2(toolName, auth);
   console.log(JSON.stringify(status, null, 2));
 }
-async function runToken(toolName) {
-  const auth = await getAuthConfig(toolName);
+async function runToken2(toolName) {
+  const auth = await getAuthConfig2(toolName);
   if (!auth)
     throw new Error(`tool '${toolName}' does not declare auth`);
   const t = await ensureValidToken2(toolName, auth);
@@ -8241,14 +8605,14 @@ async function runToken(toolName) {
     throw new Error(`no valid token for '${toolName}'. Run: mtpcli auth login ${toolName}`);
   console.log(t);
 }
-async function runEnv(toolName) {
-  const auth = await getAuthConfig(toolName);
+async function runEnv2(toolName) {
+  const auth = await getAuthConfig2(toolName);
   if (!auth)
     throw new Error(`tool '${toolName}' does not declare auth`);
-  console.log(await getEnvExport(toolName, auth));
+  console.log(await getEnvExport2(toolName, auth));
 }
-async function runRefresh(toolName) {
-  const authConfig = await getAuthConfig(toolName);
+async function runRefresh2(toolName) {
+  const authConfig = await getAuthConfig2(toolName);
   if (!authConfig)
     throw new Error(`tool '${toolName}' does not declare auth`);
   const provider = authConfig.providers[0];
@@ -8340,7 +8704,7 @@ __export(exports_serve, {
   argToJsonSchema: () => argToJsonSchema
 });
 import { execFile as execFile9, spawn } from "node:child_process";
-import { createInterface as createInterface3 } from "node:readline";
+import { createInterface as createInterface4 } from "node:readline";
 import { promisify as promisify9 } from "node:util";
 function argToJsonSchema(arg) {
   const schema = {};
@@ -8563,7 +8927,7 @@ async function run(toolNames) {
     schemas: allSchemas,
     authConfigs: allAuth
   };
-  const rl = createInterface3({ input: process.stdin, crlfDelay: Infinity });
+  const rl = createInterface4({ input: process.stdin, crlfDelay: Infinity });
   for await (const line of rl) {
     const trimmed = line.trim();
     if (!trimmed)
@@ -8602,6 +8966,10 @@ __export(exports_mcp_oauth2, {
   promptForClientId: () => promptForClientId2,
   parseWwwAuthenticate: () => parseWwwAuthenticate2,
   mcpOAuthFlow: () => mcpOAuthFlow2,
+  mcpAuthToken: () => mcpAuthToken2,
+  mcpAuthStatus: () => mcpAuthStatus2,
+  mcpAuthRefresh: () => mcpAuthRefresh2,
+  mcpAuthLogout: () => mcpAuthLogout2,
   loadOrRefreshMcpToken: () => loadOrRefreshMcpToken2,
   loadClientRegistration: () => loadClientRegistration2,
   fetchResourceMetadata: () => fetchResourceMetadata2,
@@ -8615,10 +8983,10 @@ import {
   writeFileSync as writeFileSync5,
   chmodSync as chmodSync4
 } from "node:fs";
-import { createServer as createServer3 } from "node:http";
+import { createServer as createServer4 } from "node:http";
 import { homedir as homedir5 } from "node:os";
 import { dirname as dirname4, join as join5 } from "node:path";
-import { createInterface as createInterface4 } from "node:readline";
+import { createInterface as createInterface5 } from "node:readline";
 function serverStorageKey2(url) {
   const u = new URL(url);
   return `mcp_${u.host}`;
@@ -8719,7 +9087,7 @@ function promptForClientId2(serverUrl) {
 No dynamic registration available for ${serverUrl}.
 ` + `You need to register a client manually and provide the client_id.
 ` + `Enter client_id: `);
-    const rl = createInterface4({ input: process.stdin, output: process.stderr });
+    const rl = createInterface5({ input: process.stdin, output: process.stderr });
     rl.question("", (answer) => {
       rl.close();
       const trimmed = answer.trim();
@@ -8767,7 +9135,7 @@ function startCallbackServer2() {
       codeResolve = res;
       codeReject = rej;
     });
-    const server = createServer3((req, res) => {
+    const server = createServer4((req, res) => {
       const url = new URL(req.url ?? "/", `http://127.0.0.1`);
       const code = url.searchParams.get("code");
       const error = url.searchParams.get("error");
@@ -8899,6 +9267,58 @@ ${authUrl}
 `);
   return token.access_token;
 }
+function mcpAuthStatus2(serverUrl) {
+  const storageKey = serverStorageKey2(serverUrl);
+  const origin = new URL(serverUrl).origin;
+  const token = loadToken(storageKey, "mcp-oauth");
+  const reg = loadClientRegistration2(origin);
+  const result = {
+    url: serverUrl,
+    authenticated: token !== null
+  };
+  if (token) {
+    result.expired = isTokenExpired(token);
+    result.has_refresh = !!token.refresh_token;
+    if (token.expires_at)
+      result.expires_at = token.expires_at;
+    if (token.scopes)
+      result.scopes = token.scopes;
+  }
+  if (reg) {
+    result.client_id = reg.client.clientId;
+  }
+  return result;
+}
+function mcpAuthLogout2(serverUrl) {
+  const storageKey = serverStorageKey2(serverUrl);
+  return deleteToken(storageKey, "mcp-oauth");
+}
+async function mcpAuthToken2(serverUrl) {
+  return loadOrRefreshMcpToken2(serverUrl);
+}
+async function mcpAuthRefresh2(serverUrl) {
+  const storageKey = serverStorageKey2(serverUrl);
+  const origin = new URL(serverUrl).origin;
+  const token = loadToken(storageKey, "mcp-oauth");
+  if (!token) {
+    throw new Error(`no stored token for '${serverUrl}'. Run: mtpcli auth login --url ${serverUrl}`);
+  }
+  if (!token.refresh_token) {
+    throw new Error(`token for '${serverUrl}' has no refresh_token`);
+  }
+  const cached = loadClientRegistration2(origin);
+  if (!cached) {
+    throw new Error(`no cached client registration for ${origin}. Run: mtpcli auth login --url ${serverUrl}`);
+  }
+  const newToken = await refreshAccessToken(cached.metadata.token_endpoint, token.refresh_token, cached.client.clientId);
+  if (!newToken.refresh_token) {
+    newToken.refresh_token = token.refresh_token;
+  }
+  newToken.provider_id = "mcp-oauth";
+  storeToken(storageKey, "mcp-oauth", newToken);
+  process.stderr.write(`Token refreshed for ${serverUrl}
+`);
+}
 async function loadOrRefreshMcpToken2(serverUrl) {
   const storageKey = serverStorageKey2(serverUrl);
   const token = loadToken(storageKey, "mcp-oauth");
@@ -8944,7 +9364,7 @@ __export(exports_wrap, {
   HttpMcpClient: () => HttpMcpClient
 });
 import { spawn as spawn2 } from "node:child_process";
-import { createInterface as createInterface5 } from "node:readline";
+import { createInterface as createInterface6 } from "node:readline";
 function jsonSchemaToArg(name, prop, required) {
   let argType = "string";
   let values;
@@ -9096,7 +9516,7 @@ class McpClient {
     if (!child.stdout || !child.stdin) {
       throw new Error("failed to start MCP server");
     }
-    const rl = createInterface5({ input: child.stdout, crlfDelay: Infinity });
+    const rl = createInterface6({ input: child.stdout, crlfDelay: Infinity });
     const client = new McpClient(child, rl);
     client.sendRequest("initialize", {
       protocolVersion: "2024-11-05",
@@ -9226,6 +9646,16 @@ class HttpMcpClient {
       throw new Error(`HTTP 401 from ${this.url} (OAuth already attempted, not retrying)`);
     }
     this.oauthAttempted = true;
+    try {
+      const { mcpAuthRefresh: mcpAuthRefresh3, serverStorageKey: serverStorageKey3 } = await Promise.resolve().then(() => (init_mcp_oauth2(), exports_mcp_oauth2));
+      const { loadToken: loadToken3 } = await Promise.resolve().then(() => (init_auth(), exports_auth));
+      await mcpAuthRefresh3(this.url);
+      const token = loadToken3(serverStorageKey3(this.url), "mcp-oauth");
+      if (token) {
+        this.accessToken = token.access_token;
+        return;
+      }
+    } catch {}
     const wwwAuth = resp.headers.get("www-authenticate") ?? "";
     const { mcpOAuthFlow: mcpOAuthFlow3 } = await Promise.resolve().then(() => (init_mcp_oauth2(), exports_mcp_oauth2));
     this.accessToken = await mcpOAuthFlow3(this.url, wwwAuth, this.clientId);
@@ -10134,7 +10564,7 @@ function cleanJson(obj) {
 }
 
 // src/index.ts
-var VERSION3 = "0.2.3";
+var VERSION3 = "0.3.1";
 function selfDescribe() {
   const schema = {
     name: "mtpcli",
@@ -10234,11 +10664,21 @@ function selfDescribe() {
           {
             name: "tool",
             type: "string",
-            required: true,
-            description: "Tool name"
+            description: "Tool name (required unless --url is used)"
+          },
+          {
+            name: "--url",
+            type: "string",
+            description: "HTTP MCP server URL"
           }
         ],
-        examples: [{ command: "mtpcli auth logout gh-tool" }]
+        examples: [
+          { command: "mtpcli auth logout gh-tool" },
+          {
+            description: "Logout from HTTP MCP server",
+            command: "mtpcli auth logout --url https://mcp.example.com/v1/mcp"
+          }
+        ]
       },
       {
         name: "auth status",
@@ -10247,11 +10687,21 @@ function selfDescribe() {
           {
             name: "tool",
             type: "string",
-            required: true,
-            description: "Tool name"
+            description: "Tool name (required unless --url is used)"
+          },
+          {
+            name: "--url",
+            type: "string",
+            description: "HTTP MCP server URL"
           }
         ],
-        examples: [{ command: "mtpcli auth status gh-tool" }]
+        examples: [
+          { command: "mtpcli auth status gh-tool" },
+          {
+            description: "Status for HTTP MCP server",
+            command: "mtpcli auth status --url https://mcp.example.com/v1/mcp"
+          }
+        ]
       },
       {
         name: "auth token",
@@ -10260,11 +10710,21 @@ function selfDescribe() {
           {
             name: "tool",
             type: "string",
-            required: true,
-            description: "Tool name"
+            description: "Tool name (required unless --url is used)"
+          },
+          {
+            name: "--url",
+            type: "string",
+            description: "HTTP MCP server URL"
           }
         ],
-        examples: [{ command: "mtpcli auth token gh-tool" }]
+        examples: [
+          { command: "mtpcli auth token gh-tool" },
+          {
+            description: "Token for HTTP MCP server",
+            command: "mtpcli auth token --url https://mcp.example.com/v1/mcp"
+          }
+        ]
       },
       {
         name: "auth env",
@@ -10286,11 +10746,21 @@ function selfDescribe() {
           {
             name: "tool",
             type: "string",
-            required: true,
-            description: "Tool name"
+            description: "Tool name (required unless --url is used)"
+          },
+          {
+            name: "--url",
+            type: "string",
+            description: "HTTP MCP server URL"
           }
         ],
-        examples: [{ command: "mtpcli auth refresh gh-tool" }]
+        examples: [
+          { command: "mtpcli auth refresh gh-tool" },
+          {
+            description: "Refresh token for HTTP MCP server",
+            command: "mtpcli auth refresh --url https://mcp.example.com/v1/mcp"
+          }
+        ]
       },
       {
         name: "serve",
@@ -10489,28 +10959,79 @@ authCmd.command("login").description("Log in to a tool").argument("[tool]", "Too
 `);
     process.exit(1);
   }
-  const { runLogin: runLogin2 } = await Promise.resolve().then(() => (init_auth2(), exports_auth));
-  await runLogin2(tool, opts.provider, opts.token);
+  const { runLogin: runLogin3 } = await Promise.resolve().then(() => (init_auth2(), exports_auth2));
+  await runLogin3(tool, opts.provider, opts.token);
 });
-authCmd.command("logout").description("Log out from a tool").argument("<tool>", "Tool name").action(async (tool) => {
-  const { runLogout: runLogout2 } = await Promise.resolve().then(() => (init_auth2(), exports_auth));
-  await runLogout2(tool);
+authCmd.command("logout").description("Log out from a tool").argument("[tool]", "Tool name").option("--url <url>", "HTTP MCP server URL").action(async (tool, opts) => {
+  if (opts.url) {
+    const { mcpAuthLogout: mcpAuthLogout3 } = await Promise.resolve().then(() => (init_mcp_oauth(), exports_mcp_oauth));
+    const deleted = mcpAuthLogout3(opts.url);
+    if (deleted) {
+      process.stderr.write(`Logged out from ${opts.url}
+`);
+    } else {
+      process.stderr.write(`No tokens found for ${opts.url}
+`);
+    }
+    return;
+  }
+  if (!tool) {
+    process.stderr.write(`error: tool name is required (or use --url)
+`);
+    process.exit(1);
+  }
+  const { runLogout: runLogout3 } = await Promise.resolve().then(() => (init_auth2(), exports_auth2));
+  await runLogout3(tool);
 });
-authCmd.command("status").description("Show auth status for a tool").argument("<tool>", "Tool name").action(async (tool) => {
-  const { runStatus: runStatus2 } = await Promise.resolve().then(() => (init_auth2(), exports_auth));
-  await runStatus2(tool);
+authCmd.command("status").description("Show auth status for a tool").argument("[tool]", "Tool name").option("--url <url>", "HTTP MCP server URL").action(async (tool, opts) => {
+  if (opts.url) {
+    const { mcpAuthStatus: mcpAuthStatus3 } = await Promise.resolve().then(() => (init_mcp_oauth(), exports_mcp_oauth));
+    console.log(JSON.stringify(mcpAuthStatus3(opts.url), null, 2));
+    return;
+  }
+  if (!tool) {
+    process.stderr.write(`error: tool name is required (or use --url)
+`);
+    process.exit(1);
+  }
+  const { runStatus: runStatus3 } = await Promise.resolve().then(() => (init_auth2(), exports_auth2));
+  await runStatus3(tool);
 });
-authCmd.command("token").description("Print the access token for a tool").argument("<tool>", "Tool name").action(async (tool) => {
-  const { runToken: runToken2 } = await Promise.resolve().then(() => (init_auth2(), exports_auth));
-  await runToken2(tool);
+authCmd.command("token").description("Print the access token for a tool").argument("[tool]", "Tool name").option("--url <url>", "HTTP MCP server URL").action(async (tool, opts) => {
+  if (opts.url) {
+    const { mcpAuthToken: mcpAuthToken3 } = await Promise.resolve().then(() => (init_mcp_oauth(), exports_mcp_oauth));
+    const t = await mcpAuthToken3(opts.url);
+    if (!t) {
+      throw new Error(`no valid token for '${opts.url}'. Run: mtpcli auth login --url ${opts.url}`);
+    }
+    console.log(t);
+    return;
+  }
+  if (!tool) {
+    process.stderr.write(`error: tool name is required (or use --url)
+`);
+    process.exit(1);
+  }
+  const { runToken: runToken3 } = await Promise.resolve().then(() => (init_auth2(), exports_auth2));
+  await runToken3(tool);
 });
 authCmd.command("env").description("Print shell export statement for eval").argument("<tool>", "Tool name").action(async (tool) => {
-  const { runEnv: runEnv2 } = await Promise.resolve().then(() => (init_auth2(), exports_auth));
-  await runEnv2(tool);
+  const { runEnv: runEnv3 } = await Promise.resolve().then(() => (init_auth2(), exports_auth2));
+  await runEnv3(tool);
 });
-authCmd.command("refresh").description("Force-refresh the stored OAuth token for a tool").argument("<tool>", "Tool name").action(async (tool) => {
-  const { runRefresh: runRefresh2 } = await Promise.resolve().then(() => (init_auth2(), exports_auth));
-  await runRefresh2(tool);
+authCmd.command("refresh").description("Force-refresh the stored OAuth token for a tool").argument("[tool]", "Tool name").option("--url <url>", "HTTP MCP server URL").action(async (tool, opts) => {
+  if (opts.url) {
+    const { mcpAuthRefresh: mcpAuthRefresh3 } = await Promise.resolve().then(() => (init_mcp_oauth(), exports_mcp_oauth));
+    await mcpAuthRefresh3(opts.url);
+    return;
+  }
+  if (!tool) {
+    process.stderr.write(`error: tool name is required (or use --url)
+`);
+    process.exit(1);
+  }
+  const { runRefresh: runRefresh3 } = await Promise.resolve().then(() => (init_auth2(), exports_auth2));
+  await runRefresh3(tool);
 });
 program2.command("serve").description("Serve CLI tools as an MCP server (cli2mcp bridge)").requiredOption("--tool <names...>", "Tool(s) to serve").addHelpText("after", `
 This command is meant to be used as an MCP server, not run directly.
@@ -10551,7 +11072,7 @@ Multiple tools can be combined into a single MCP server:
   const { run: run5 } = await Promise.resolve().then(() => (init_serve(), exports_serve));
   await run5(opts.tool);
 });
-program2.command("wrap").description("Wrap an MCP server as a CLI tool (mcp2cli bridge)").option("--server <cmd>", "MCP server command to run (stdio transport)").option("--url <url>", "MCP server URL (Streamable HTTP transport)").option("-H, --header <header...>", "HTTP header(s) for --url (e.g. 'Authorization: Bearer tok')").option("--client-id <id>", "Pre-registered OAuth client ID (for --url)").option("--describe", "Output --describe JSON instead of invoking", false).argument("[tool_name]", "Tool name to invoke").argument("[args...]", "Arguments for the tool (after --)").action(async (toolName, args, opts) => {
+program2.command("wrap").description("Wrap an MCP server as a CLI tool (mcp2cli bridge)").option("--server <cmd>", "MCP server command to run (stdio transport)").option("--url <url>", "MCP server URL (Streamable HTTP / SSE transport)").option("-H, --header <header...>", "HTTP header(s) for --url (e.g. 'Authorization: Bearer tok')").option("--client-id <id>", "Pre-registered OAuth client ID (for --url)").option("--describe", "Output --describe JSON instead of invoking", false).argument("[tool_name]", "Tool name to invoke").argument("[args...]", "Arguments for the tool (after --)").action(async (toolName, args, opts) => {
   if (opts.server && opts.url) {
     process.stderr.write(`error: --server and --url are mutually exclusive
 `);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@modeltoolsprotocol/mtpcli",
-  "version": "0.2.3",
+  "version": "0.3.1",
   "license": "Apache-2.0",
   "type": "module",
   "bin": {