npm - @optimizeoverseas/lacrm-enforcement-wrapper - Versions diffs - 1.0.1 - Mend

@optimizeoverseas/lacrm-enforcement-wrapper 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/build/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ #!/usr/bin/env node
2	+ export {};

package/build/index.js ADDED Viewed

@@ -0,0 +1,131 @@
+#!/usr/bin/env node
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { Client } from '@modelcontextprotocol/sdk/client/index.js';
+import { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js';
+import { CallToolRequestSchema, ListToolsRequestSchema, } from '@modelcontextprotocol/sdk/types.js';
+// --- Configuration ---
+const MAX_UNIQUE_CONTACTS = 10;
+const MAX_TOTAL_OPERATIONS = 50;
+const DOWNSTREAM_COMMAND = 'node';
+const DOWNSTREAM_ARGS = ['/usr/local/lib/node_modules/@optimizeoverseas/lacrm-mcp/build/index.js'];
+// Tools whose names start with these prefixes are filtered out entirely
+const BLOCKED_PREFIXES = ['delete_'];
+// Tools that count toward the unique-contacts-modified budget.
+// For create_contact the contact ID comes from the response.
+// For all others, the contact ID comes from the `contact_id` argument.
+const CONTACT_MUTATING_TOOLS = new Set([
+    'create_contact',
+    'edit_contact',
+]);
+// --- Session state ---
+const modifiedContacts = new Set();
+let totalOperations = 0;
+// --- Helpers ---
+function isBlocked(toolName) {
+    return BLOCKED_PREFIXES.some((p) => toolName.startsWith(p));
+}
+function extractContactId(toolName, args) {
+    if (toolName === 'edit_contact') {
+        return args.contact_id;
+    }
+    // create_contact: ID comes from response, handled after forwarding
+    return undefined;
+}
+function checkBudgets(toolName, args) {
+    if (totalOperations >= MAX_TOTAL_OPERATIONS) {
+        return `Session operation limit reached (${MAX_TOTAL_OPERATIONS}). No more operations can be performed in this session.`;
+    }
+    if (CONTACT_MUTATING_TOOLS.has(toolName)) {
+        const contactId = extractContactId(toolName, args);
+        // For edit_contact, check if adding this contact would exceed the limit
+        if (contactId && !modifiedContacts.has(contactId) && modifiedContacts.size >= MAX_UNIQUE_CONTACTS) {
+            return `Unique contact modification limit reached (${MAX_UNIQUE_CONTACTS}). You have already modified ${MAX_UNIQUE_CONTACTS} distinct contacts in this session. You may still edit contacts you have already modified: ${[...modifiedContacts].join(', ')}`;
+        }
+        // For create_contact (no contactId yet), check if there's room for one more
+        if (!contactId && modifiedContacts.size >= MAX_UNIQUE_CONTACTS) {
+            return `Unique contact modification limit reached (${MAX_UNIQUE_CONTACTS}). Cannot create new contacts — you have already modified ${MAX_UNIQUE_CONTACTS} distinct contacts in this session.`;
+        }
+    }
+    return null;
+}
+function recordOperation(toolName, args, result) {
+    totalOperations++;
+    if (!CONTACT_MUTATING_TOOLS.has(toolName))
+        return;
+    // edit_contact: ID from args
+    const contactId = extractContactId(toolName, args);
+    if (contactId) {
+        modifiedContacts.add(contactId);
+        return;
+    }
+    // create_contact: try to extract ContactId from response text
+    if (toolName === 'create_contact' && result && typeof result === 'object') {
+        const content = result.content;
+        if (content?.[0]?.text) {
+            const match = content[0].text.match(/ContactId:\s*(\S+)/);
+            if (match) {
+                modifiedContacts.add(match[1]);
+            }
+        }
+    }
+}
+// --- Main ---
+async function main() {
+    // 1. Connect to downstream LACRM MCP as a client
+    const downstreamTransport = new StdioClientTransport({
+        command: DOWNSTREAM_COMMAND,
+        args: DOWNSTREAM_ARGS,
+        env: { ...process.env },
+    });
+    const downstream = new Client({ name: 'lacrm-enforcement-wrapper', version: '1.0.0' }, { capabilities: {} });
+    await downstream.connect(downstreamTransport);
+    // 2. Create upstream MCP server
+    const server = new Server({ name: 'lacrm-enforcement-wrapper', version: '1.0.0' }, { capabilities: { tools: {} } });
+    // 3. Handle tools/list — proxy from downstream, filter delete_*
+    server.setRequestHandler(ListToolsRequestSchema, async () => {
+        const response = await downstream.listTools();
+        const filtered = response.tools.filter((t) => !isBlocked(t.name));
+        return { tools: filtered };
+    });
+    // 4. Handle tools/call — enforce policies, then forward
+    server.setRequestHandler(CallToolRequestSchema, async (request) => {
+        const { name, arguments: args } = request.params;
+        // Block delete tools that somehow slip through
+        if (isBlocked(name)) {
+            return {
+                content: [{ type: 'text', text: `Operation "${name}" is not permitted. Delete operations are blocked.` }],
+                isError: true,
+            };
+        }
+        // Check session budgets
+        const budgetError = checkBudgets(name, (args ?? {}));
+        if (budgetError) {
+            return {
+                content: [{ type: 'text', text: budgetError }],
+                isError: true,
+            };
+        }
+        // Forward to downstream
+        let result;
+        try {
+            result = await downstream.callTool({ name, arguments: args });
+        }
+        catch (err) {
+            return {
+                content: [{ type: 'text', text: `Downstream error: ${err instanceof Error ? err.message : String(err)}` }],
+                isError: true,
+            };
+        }
+        // Record the operation for budget tracking
+        recordOperation(name, (args ?? {}), result);
+        return result;
+    });
+    // 5. Connect server to stdio (facing Allegiance AI)
+    const upstreamTransport = new StdioServerTransport();
+    await server.connect(upstreamTransport);
+}
+main().catch((err) => {
+    console.error('Wrapper MCP server failed to start:', err);
+    process.exit(1);
+});

package/package.json ADDED Viewed

@@ -0,0 +1,34 @@
+{
+  "name": "@optimizeoverseas/lacrm-enforcement-wrapper",
+  "version": "1.0.1",
+  "description": "MCP proxy wrapper enforcing session limits on LACRM MCP",
+  "type": "module",
+  "main": "build/index.js",
+  "bin": {
+    "lacrm-enforcement-wrapper": "build/index.js"
+  },
+  "files": [
+    "build"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepare": "npm run build",
+    "start": "node build/index.js"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.22.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22",
+    "typescript": "^5.3.3"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/optimize-overseas/lacrmenforcement-wrapper.git"
+  },
+  "author": "Optimize Overseas",
+  "license": "MIT",
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}