@paybond/kit 0.9.8 → 0.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (368) hide show
  1. package/completion-presets/catalog.json +1187 -0
  2. package/completion-presets/catalog.sha256 +1 -0
  3. package/dev/trace-ui/dashboard.html +617 -0
  4. package/dist/agent/adapter.d.ts +51 -0
  5. package/dist/agent/adapter.js +66 -0
  6. package/dist/agent/attach-bundle.d.ts +37 -0
  7. package/dist/agent/attach-bundle.js +118 -0
  8. package/dist/agent/authorization-cache.d.ts +22 -0
  9. package/dist/agent/authorization-cache.js +36 -0
  10. package/dist/agent/deferred-tools.d.ts +11 -0
  11. package/dist/agent/deferred-tools.js +62 -0
  12. package/dist/agent/discover.d.ts +41 -0
  13. package/dist/agent/discover.js +147 -0
  14. package/dist/agent/evidence.d.ts +9 -0
  15. package/dist/agent/evidence.js +28 -0
  16. package/dist/agent/facade.d.ts +48 -0
  17. package/dist/agent/facade.js +112 -0
  18. package/dist/agent/gateway-trace-reporter.d.ts +28 -0
  19. package/dist/agent/gateway-trace-reporter.js +49 -0
  20. package/dist/agent/generic-runner.d.ts +14 -0
  21. package/dist/agent/generic-runner.js +49 -0
  22. package/dist/agent/generic-sandbox-demo.d.ts +36 -0
  23. package/dist/agent/generic-sandbox-demo.js +82 -0
  24. package/dist/agent/guarded-agent.d.ts +49 -0
  25. package/dist/agent/guarded-agent.js +100 -0
  26. package/dist/agent/index.d.ts +13 -0
  27. package/dist/agent/index.js +13 -0
  28. package/dist/agent/instrument.d.ts +156 -0
  29. package/dist/agent/instrument.js +442 -0
  30. package/dist/agent/interceptor.d.ts +24 -0
  31. package/dist/agent/interceptor.js +440 -0
  32. package/dist/agent/lazy-context-tools.d.ts +15 -0
  33. package/dist/agent/lazy-context-tools.js +81 -0
  34. package/dist/agent/registry-file.d.ts +39 -0
  35. package/dist/agent/registry-file.js +219 -0
  36. package/dist/agent/registry.d.ts +37 -0
  37. package/dist/agent/registry.js +128 -0
  38. package/dist/agent/run.d.ts +124 -0
  39. package/dist/agent/run.js +301 -0
  40. package/dist/agent/types.d.ts +318 -0
  41. package/dist/agent/types.js +42 -0
  42. package/dist/agent-recognition.d.ts +72 -0
  43. package/dist/agent-recognition.js +165 -0
  44. package/dist/bincode-wire.d.ts +18 -0
  45. package/dist/bincode-wire.js +93 -0
  46. package/dist/claude-agents/config.d.ts +21 -0
  47. package/dist/claude-agents/config.js +145 -0
  48. package/dist/claude-agents/index.d.ts +2 -0
  49. package/dist/claude-agents/index.js +2 -0
  50. package/dist/claude-agents/sandbox-demo.d.ts +30 -0
  51. package/dist/claude-agents/sandbox-demo.js +91 -0
  52. package/dist/cli/agent/env-quote.d.ts +1 -0
  53. package/dist/cli/agent/env-quote.js +6 -0
  54. package/dist/cli/agent/env-write.d.ts +8 -0
  55. package/dist/cli/agent/env-write.js +47 -0
  56. package/dist/cli/agent/paybond.d.ts +16 -0
  57. package/dist/cli/agent/paybond.js +55 -0
  58. package/dist/cli/agent/policy-file.d.ts +29 -0
  59. package/dist/cli/agent/policy-file.js +61 -0
  60. package/dist/cli/agent/production-evidence.d.ts +24 -0
  61. package/dist/cli/agent/production-evidence.js +98 -0
  62. package/dist/cli/agent/run-store.d.ts +30 -0
  63. package/dist/cli/agent/run-store.js +42 -0
  64. package/dist/cli/agent/run-trace-store.d.ts +39 -0
  65. package/dist/cli/agent/run-trace-store.js +143 -0
  66. package/dist/cli/agent-run-trace-table.d.ts +9 -0
  67. package/dist/cli/agent-run-trace-table.js +24 -0
  68. package/dist/cli/agent-sandbox-smoke-checklist.d.ts +9 -0
  69. package/dist/cli/agent-sandbox-smoke-checklist.js +50 -0
  70. package/dist/cli/audit-export.d.ts +7 -0
  71. package/dist/cli/audit-export.js +120 -0
  72. package/dist/cli/automation.d.ts +25 -0
  73. package/dist/cli/automation.js +297 -0
  74. package/dist/cli/body.d.ts +7 -0
  75. package/dist/cli/body.js +22 -0
  76. package/dist/cli/color.d.ts +15 -0
  77. package/dist/cli/color.js +39 -0
  78. package/dist/cli/command-spec.d.ts +13 -0
  79. package/dist/cli/command-spec.js +611 -0
  80. package/dist/cli/commands/agent.d.ts +16 -0
  81. package/dist/cli/commands/agent.js +1135 -0
  82. package/dist/cli/commands/dev.d.ts +7 -0
  83. package/dist/cli/commands/dev.js +348 -0
  84. package/dist/cli/commands/discovery.d.ts +8 -0
  85. package/dist/cli/commands/discovery.js +194 -0
  86. package/dist/cli/commands/policy.d.ts +13 -0
  87. package/dist/cli/commands/policy.js +769 -0
  88. package/dist/cli/commands/setup.d.ts +18 -0
  89. package/dist/cli/commands/setup.js +513 -0
  90. package/dist/cli/commands/workflows.d.ts +7 -0
  91. package/dist/cli/commands/workflows.js +214 -0
  92. package/dist/cli/config.d.ts +16 -0
  93. package/dist/cli/config.js +98 -0
  94. package/dist/cli/context.d.ts +22 -0
  95. package/dist/cli/context.js +110 -0
  96. package/dist/cli/credentials.d.ts +21 -0
  97. package/dist/cli/credentials.js +141 -0
  98. package/dist/cli/doctor-agent-middleware.d.ts +5 -0
  99. package/dist/cli/doctor-agent-middleware.js +49 -0
  100. package/dist/cli/doctor-agent.d.ts +15 -0
  101. package/dist/cli/doctor-agent.js +311 -0
  102. package/dist/cli/envelope.d.ts +14 -0
  103. package/dist/cli/envelope.js +46 -0
  104. package/dist/cli/globals.d.ts +23 -0
  105. package/dist/cli/globals.js +248 -0
  106. package/dist/cli/help.d.ts +3 -0
  107. package/dist/cli/help.js +83 -0
  108. package/dist/cli/mcp-install.d.ts +41 -0
  109. package/dist/cli/mcp-install.js +95 -0
  110. package/dist/cli/mcp-policy.d.ts +26 -0
  111. package/dist/cli/mcp-policy.js +110 -0
  112. package/dist/cli/mcp-verify-config.d.ts +37 -0
  113. package/dist/cli/mcp-verify-config.js +172 -0
  114. package/dist/cli/redact.d.ts +4 -0
  115. package/dist/cli/redact.js +88 -0
  116. package/dist/cli/request-id.d.ts +2 -0
  117. package/dist/cli/request-id.js +5 -0
  118. package/dist/cli/router.d.ts +2 -0
  119. package/dist/cli/router.js +378 -0
  120. package/dist/cli/smoke-deep-links.d.ts +15 -0
  121. package/dist/cli/smoke-deep-links.js +63 -0
  122. package/dist/cli/suggest.d.ts +4 -0
  123. package/dist/cli/suggest.js +58 -0
  124. package/dist/cli/support-diagnostics.d.ts +19 -0
  125. package/dist/cli/support-diagnostics.js +47 -0
  126. package/dist/cli/telemetry.d.ts +17 -0
  127. package/dist/cli/telemetry.js +94 -0
  128. package/dist/cli/types.d.ts +72 -0
  129. package/dist/cli/types.js +60 -0
  130. package/dist/cli/ux.d.ts +8 -0
  131. package/dist/cli/ux.js +164 -0
  132. package/dist/cli.d.ts +2 -0
  133. package/dist/cli.js +38 -0
  134. package/dist/completion-catalog-digest.d.ts +2 -0
  135. package/dist/completion-catalog-digest.js +2 -0
  136. package/dist/completion-catalog-integrity.d.ts +2 -0
  137. package/dist/completion-catalog-integrity.js +17 -0
  138. package/dist/completion-catalog.d.ts +49 -0
  139. package/dist/completion-catalog.js +62 -0
  140. package/dist/completion-contract-digest.d.ts +37 -0
  141. package/dist/completion-contract-digest.js +73 -0
  142. package/dist/completion-forbidden-fields.d.ts +5 -0
  143. package/dist/completion-forbidden-fields.js +26 -0
  144. package/dist/completion-init.d.ts +8 -0
  145. package/dist/completion-init.js +334 -0
  146. package/dist/completion-resolve.d.ts +21 -0
  147. package/dist/completion-resolve.js +86 -0
  148. package/dist/completion-validate-evidence.d.ts +24 -0
  149. package/dist/completion-validate-evidence.js +145 -0
  150. package/dist/dev/offline-gateway.d.ts +24 -0
  151. package/dist/dev/offline-gateway.js +102 -0
  152. package/dist/dev/trace-buffer.d.ts +61 -0
  153. package/dist/dev/trace-buffer.js +330 -0
  154. package/dist/dev/trace-security-headers.d.ts +11 -0
  155. package/dist/dev/trace-security-headers.js +16 -0
  156. package/dist/dev/trace-server.d.ts +8 -0
  157. package/dist/dev/trace-server.js +38 -0
  158. package/dist/dev/trace-ui.d.ts +4 -0
  159. package/dist/dev/trace-ui.js +25 -0
  160. package/dist/dev/wiremock-up.d.ts +15 -0
  161. package/dist/dev/wiremock-up.js +118 -0
  162. package/dist/doctor-completion.d.ts +17 -0
  163. package/dist/doctor-completion.js +428 -0
  164. package/dist/gateway-url.d.ts +7 -0
  165. package/dist/gateway-url.js +69 -0
  166. package/dist/index.d.ts +119 -2
  167. package/dist/index.js +267 -6
  168. package/dist/init.js +380 -68
  169. package/dist/langgraph/awrap-tool-call.d.ts +25 -0
  170. package/dist/langgraph/awrap-tool-call.js +81 -0
  171. package/dist/langgraph/config.d.ts +13 -0
  172. package/dist/langgraph/config.js +11 -0
  173. package/dist/langgraph/index.d.ts +4 -0
  174. package/dist/langgraph/index.js +4 -0
  175. package/dist/langgraph/sandbox-demo.d.ts +40 -0
  176. package/dist/langgraph/sandbox-demo.js +96 -0
  177. package/dist/langgraph/tool-node.d.ts +10 -0
  178. package/dist/langgraph/tool-node.js +38 -0
  179. package/dist/login.d.ts +14 -1
  180. package/dist/login.js +130 -63
  181. package/dist/mcp/index.d.ts +1 -0
  182. package/dist/mcp/index.js +1 -0
  183. package/dist/mcp/tool-surface.d.ts +25 -0
  184. package/dist/mcp/tool-surface.js +17 -0
  185. package/dist/mcp-capability-token-cache.d.ts +24 -0
  186. package/dist/mcp-capability-token-cache.js +101 -0
  187. package/dist/mcp-evidence-policy.d.ts +48 -0
  188. package/dist/mcp-evidence-policy.js +117 -0
  189. package/dist/mcp-policy-reload.d.ts +79 -0
  190. package/dist/mcp-policy-reload.js +200 -0
  191. package/dist/mcp-sep2828-evidence.d.ts +36 -0
  192. package/dist/mcp-sep2828-evidence.js +65 -0
  193. package/dist/mcp-server.d.ts +10 -0
  194. package/dist/mcp-server.js +423 -115
  195. package/dist/openai-agents/index.d.ts +40 -0
  196. package/dist/openai-agents/index.js +151 -0
  197. package/dist/openai-agents/sandbox-demo.d.ts +34 -0
  198. package/dist/openai-agents/sandbox-demo.js +118 -0
  199. package/dist/payee-evidence.js +2 -29
  200. package/dist/policy/catalog.d.ts +31 -0
  201. package/dist/policy/catalog.js +48 -0
  202. package/dist/policy/compose-utils.d.ts +3 -0
  203. package/dist/policy/compose-utils.js +4 -0
  204. package/dist/policy/compose.d.ts +20 -0
  205. package/dist/policy/compose.js +240 -0
  206. package/dist/policy/digest.d.ts +7 -0
  207. package/dist/policy/digest.js +75 -0
  208. package/dist/policy/domain.d.ts +15 -0
  209. package/dist/policy/domain.js +28 -0
  210. package/dist/policy/guardrail-spec.d.ts +17 -0
  211. package/dist/policy/guardrail-spec.js +140 -0
  212. package/dist/policy/guardrails.d.ts +48 -0
  213. package/dist/policy/guardrails.js +72 -0
  214. package/dist/policy/index.d.ts +21 -0
  215. package/dist/policy/index.js +21 -0
  216. package/dist/policy/init.d.ts +102 -0
  217. package/dist/policy/init.js +351 -0
  218. package/dist/policy/intent-spec.d.ts +52 -0
  219. package/dist/policy/intent-spec.js +176 -0
  220. package/dist/policy/json-path.d.ts +4 -0
  221. package/dist/policy/json-path.js +23 -0
  222. package/dist/policy/layers-io.d.ts +7 -0
  223. package/dist/policy/layers-io.js +28 -0
  224. package/dist/policy/load-effective.d.ts +22 -0
  225. package/dist/policy/load-effective.js +77 -0
  226. package/dist/policy/load.d.ts +85 -0
  227. package/dist/policy/load.js +164 -0
  228. package/dist/policy/merge.d.ts +29 -0
  229. package/dist/policy/merge.js +297 -0
  230. package/dist/policy/parse-text.d.ts +2 -0
  231. package/dist/policy/parse-text.js +126 -0
  232. package/dist/policy/policy-api.d.ts +45 -0
  233. package/dist/policy/policy-api.js +61 -0
  234. package/dist/policy/presets.d.ts +19 -0
  235. package/dist/policy/presets.js +66 -0
  236. package/dist/policy/registry.d.ts +7 -0
  237. package/dist/policy/registry.js +33 -0
  238. package/dist/policy/reload.d.ts +86 -0
  239. package/dist/policy/reload.js +233 -0
  240. package/dist/policy/render-yaml.d.ts +3 -0
  241. package/dist/policy/render-yaml.js +69 -0
  242. package/dist/policy/sandbox-bootstrap.d.ts +19 -0
  243. package/dist/policy/sandbox-bootstrap.js +66 -0
  244. package/dist/policy/schema.d.ts +204 -0
  245. package/dist/policy/schema.js +255 -0
  246. package/dist/policy/snapshot.d.ts +33 -0
  247. package/dist/policy/snapshot.js +23 -0
  248. package/dist/policy/validate-remote.d.ts +43 -0
  249. package/dist/policy/validate-remote.js +104 -0
  250. package/dist/policy/validate.d.ts +36 -0
  251. package/dist/policy/validate.js +150 -0
  252. package/dist/policy/watcher.d.ts +29 -0
  253. package/dist/policy/watcher.js +112 -0
  254. package/dist/principal-intent.d.ts +52 -0
  255. package/dist/principal-intent.js +193 -37
  256. package/dist/project-init.d.ts +34 -0
  257. package/dist/project-init.js +898 -0
  258. package/dist/sep2828-signature.d.ts +10 -0
  259. package/dist/sep2828-signature.js +134 -0
  260. package/dist/solutions/api.d.ts +22 -0
  261. package/dist/solutions/api.js +40 -0
  262. package/dist/solutions/catalog.d.ts +34 -0
  263. package/dist/solutions/catalog.js +129 -0
  264. package/dist/solutions/index.d.ts +2 -0
  265. package/dist/solutions/index.js +2 -0
  266. package/dist/template-init.d.ts +54 -0
  267. package/dist/template-init.js +203 -0
  268. package/dist/vercel-ai/config.d.ts +15 -0
  269. package/dist/vercel-ai/config.js +13 -0
  270. package/dist/vercel-ai/index.d.ts +4 -0
  271. package/dist/vercel-ai/index.js +4 -0
  272. package/dist/vercel-ai/sandbox-demo.d.ts +44 -0
  273. package/dist/vercel-ai/sandbox-demo.js +153 -0
  274. package/dist/vercel-ai/tool-approval.d.ts +16 -0
  275. package/dist/vercel-ai/tool-approval.js +41 -0
  276. package/dist/vercel-ai/wrap-tools.d.ts +9 -0
  277. package/dist/vercel-ai/wrap-tools.js +40 -0
  278. package/dist/x402-receipt-evidence.d.ts +29 -0
  279. package/dist/x402-receipt-evidence.js +97 -0
  280. package/dist/x402-receipt-signature.d.ts +12 -0
  281. package/dist/x402-receipt-signature.js +211 -0
  282. package/package.json +79 -4
  283. package/solutions/aws.json +17 -0
  284. package/solutions/saas.json +17 -0
  285. package/solutions/shopping.json +17 -0
  286. package/solutions/travel.json +18 -0
  287. package/templates/manifest.json +169 -0
  288. package/templates/openai-shopping-agent/.env.example +3 -0
  289. package/templates/openai-shopping-agent/.github/workflows/smoke.yml +20 -0
  290. package/templates/openai-shopping-agent/LICENSE +201 -0
  291. package/templates/openai-shopping-agent/README.md +29 -0
  292. package/templates/openai-shopping-agent/package.json +22 -0
  293. package/templates/openai-shopping-agent/paybond.policy.yaml +22 -0
  294. package/templates/openai-shopping-agent/src/index.ts +22 -0
  295. package/templates/openai-shopping-agent/src/paybond.config.ts +51 -0
  296. package/templates/openai-shopping-agent/tsconfig.json +13 -0
  297. package/templates/paybond-aws-operator/.env.example +3 -0
  298. package/templates/paybond-aws-operator/.github/workflows/smoke.yml +20 -0
  299. package/templates/paybond-aws-operator/LICENSE +201 -0
  300. package/templates/paybond-aws-operator/README.md +29 -0
  301. package/templates/paybond-aws-operator/package.json +20 -0
  302. package/templates/paybond-aws-operator/paybond.policy.yaml +22 -0
  303. package/templates/paybond-aws-operator/src/index.ts +54 -0
  304. package/templates/paybond-aws-operator/src/paybond.config.ts +51 -0
  305. package/templates/paybond-aws-operator/tsconfig.json +13 -0
  306. package/templates/paybond-claude-agents-demo/.env.example +3 -0
  307. package/templates/paybond-claude-agents-demo/.github/workflows/smoke.yml +20 -0
  308. package/templates/paybond-claude-agents-demo/LICENSE +201 -0
  309. package/templates/paybond-claude-agents-demo/README.md +29 -0
  310. package/templates/paybond-claude-agents-demo/package.json +22 -0
  311. package/templates/paybond-claude-agents-demo/paybond.policy.yaml +22 -0
  312. package/templates/paybond-claude-agents-demo/src/index.ts +22 -0
  313. package/templates/paybond-claude-agents-demo/src/paybond.config.ts +51 -0
  314. package/templates/paybond-claude-agents-demo/tsconfig.json +13 -0
  315. package/templates/paybond-invoice-agent/.env.example +3 -0
  316. package/templates/paybond-invoice-agent/.github/workflows/smoke.yml +19 -0
  317. package/templates/paybond-invoice-agent/LICENSE +201 -0
  318. package/templates/paybond-invoice-agent/README.md +29 -0
  319. package/templates/paybond-invoice-agent/app.py +27 -0
  320. package/templates/paybond-invoice-agent/package.json +6 -0
  321. package/templates/paybond-invoice-agent/paybond.policy.yaml +22 -0
  322. package/templates/paybond-invoice-agent/paybond_config.py +45 -0
  323. package/templates/paybond-invoice-agent/requirements.txt +2 -0
  324. package/templates/paybond-mcp-coding-agent/.env.example +3 -0
  325. package/templates/paybond-mcp-coding-agent/.github/workflows/smoke.yml +20 -0
  326. package/templates/paybond-mcp-coding-agent/LICENSE +201 -0
  327. package/templates/paybond-mcp-coding-agent/README.md +39 -0
  328. package/templates/paybond-mcp-coding-agent/package.json +20 -0
  329. package/templates/paybond-mcp-coding-agent/paybond.policy.yaml +25 -0
  330. package/templates/paybond-mcp-coding-agent/src/index.ts +40 -0
  331. package/templates/paybond-mcp-coding-agent/src/paybond.config.ts +51 -0
  332. package/templates/paybond-mcp-coding-agent/tsconfig.json +13 -0
  333. package/templates/paybond-openai-agents-demo/.env.example +3 -0
  334. package/templates/paybond-openai-agents-demo/.github/workflows/smoke.yml +20 -0
  335. package/templates/paybond-openai-agents-demo/LICENSE +201 -0
  336. package/templates/paybond-openai-agents-demo/README.md +29 -0
  337. package/templates/paybond-openai-agents-demo/package.json +22 -0
  338. package/templates/paybond-openai-agents-demo/paybond.policy.yaml +22 -0
  339. package/templates/paybond-openai-agents-demo/src/index.ts +22 -0
  340. package/templates/paybond-openai-agents-demo/src/paybond.config.ts +51 -0
  341. package/templates/paybond-openai-agents-demo/tsconfig.json +13 -0
  342. package/templates/paybond-procurement-agent/.env.example +3 -0
  343. package/templates/paybond-procurement-agent/.github/workflows/smoke.yml +20 -0
  344. package/templates/paybond-procurement-agent/LICENSE +201 -0
  345. package/templates/paybond-procurement-agent/README.md +29 -0
  346. package/templates/paybond-procurement-agent/package.json +20 -0
  347. package/templates/paybond-procurement-agent/paybond.policy.yaml +25 -0
  348. package/templates/paybond-procurement-agent/src/index.ts +54 -0
  349. package/templates/paybond-procurement-agent/src/paybond.config.ts +51 -0
  350. package/templates/paybond-procurement-agent/tsconfig.json +13 -0
  351. package/templates/paybond-travel-agent/.env.example +3 -0
  352. package/templates/paybond-travel-agent/.github/workflows/smoke.yml +20 -0
  353. package/templates/paybond-travel-agent/LICENSE +201 -0
  354. package/templates/paybond-travel-agent/README.md +29 -0
  355. package/templates/paybond-travel-agent/package.json +23 -0
  356. package/templates/paybond-travel-agent/paybond.policy.yaml +22 -0
  357. package/templates/paybond-travel-agent/src/index.ts +22 -0
  358. package/templates/paybond-travel-agent/src/paybond.config.ts +51 -0
  359. package/templates/paybond-travel-agent/tsconfig.json +13 -0
  360. package/templates/paybond-vercel-shopping-agent/.env.example +3 -0
  361. package/templates/paybond-vercel-shopping-agent/.github/workflows/smoke.yml +20 -0
  362. package/templates/paybond-vercel-shopping-agent/LICENSE +201 -0
  363. package/templates/paybond-vercel-shopping-agent/README.md +29 -0
  364. package/templates/paybond-vercel-shopping-agent/package.json +22 -0
  365. package/templates/paybond-vercel-shopping-agent/paybond.policy.yaml +22 -0
  366. package/templates/paybond-vercel-shopping-agent/src/index.ts +22 -0
  367. package/templates/paybond-vercel-shopping-agent/src/paybond.config.ts +51 -0
  368. package/templates/paybond-vercel-shopping-agent/tsconfig.json +13 -0
@@ -0,0 +1,110 @@
1
+ export const MCP_TOOL_POLICY_ENV = "PAYBOND_MCP_TOOL_POLICY";
2
+ export const MCP_TOOL_ALLOWLIST_ENV = "PAYBOND_MCP_TOOL_ALLOWLIST";
3
+ export const DEFAULT_MCP_TOOL_POLICY = "spend-write";
4
+ export const LIVE_MONEY_TOOL_NAMES = new Set([
5
+ "paybond_fund_intent",
6
+ "paybond_confirm_settlement",
7
+ ]);
8
+ export function defaultMcpToolPolicyConfig() {
9
+ return { policy: DEFAULT_MCP_TOOL_POLICY, allowlist: [] };
10
+ }
11
+ export function resolveMcpToolPolicy(config) {
12
+ if (config.policy !== null) {
13
+ return config;
14
+ }
15
+ return defaultMcpToolPolicyConfig();
16
+ }
17
+ export function parseMcpToolPolicy(raw) {
18
+ const value = (raw ?? "").trim().toLowerCase();
19
+ if (!value) {
20
+ return { policy: null, allowlist: [] };
21
+ }
22
+ if (value === "readonly" || value === "spend-write" || value === "allowlist") {
23
+ return { policy: value, allowlist: [] };
24
+ }
25
+ throw new Error("invalid --tool-policy (expected readonly|spend-write|allowlist)");
26
+ }
27
+ export function parseMcpToolAllowlist(raw) {
28
+ if (!raw?.trim()) {
29
+ return [];
30
+ }
31
+ const items = raw
32
+ .split(",")
33
+ .map((part) => part.trim())
34
+ .filter(Boolean);
35
+ if (items.length === 0) {
36
+ throw new Error("invalid --tool-allowlist (expected comma-separated tool names)");
37
+ }
38
+ return items;
39
+ }
40
+ export function mergeMcpToolPolicy(policy, allowlist) {
41
+ const mergedAllowlist = allowlist ?? policy.allowlist;
42
+ if (policy.policy === "allowlist" && mergedAllowlist.length === 0) {
43
+ throw new Error("--tool-allowlist is required when --tool-policy allowlist");
44
+ }
45
+ if (policy.policy !== "allowlist" && mergedAllowlist.length > 0) {
46
+ throw new Error("--tool-allowlist is only valid with --tool-policy allowlist");
47
+ }
48
+ return { policy: policy.policy, allowlist: [...mergedAllowlist] };
49
+ }
50
+ export function mcpToolPolicyEnv(config) {
51
+ const resolved = resolveMcpToolPolicy(config);
52
+ const env = {
53
+ [MCP_TOOL_POLICY_ENV]: resolved.policy ?? DEFAULT_MCP_TOOL_POLICY,
54
+ };
55
+ if (resolved.policy === "allowlist") {
56
+ env[MCP_TOOL_ALLOWLIST_ENV] = resolved.allowlist.join(",");
57
+ }
58
+ return env;
59
+ }
60
+ export function toolAnnotationsFlags(annotations) {
61
+ return {
62
+ readOnly: annotations?.readOnlyHint === true,
63
+ destructive: annotations?.destructiveHint === true,
64
+ };
65
+ }
66
+ export function toolAllowedByPolicy(name, annotations, config) {
67
+ const resolved = resolveMcpToolPolicy(config);
68
+ const { readOnly, destructive } = toolAnnotationsFlags(annotations);
69
+ if (resolved.policy === "readonly") {
70
+ return readOnly;
71
+ }
72
+ if (resolved.policy === "spend-write") {
73
+ return !isLiveMoneyTool(name, annotations);
74
+ }
75
+ if (resolved.policy === "allowlist") {
76
+ return new Set(resolved.allowlist).has(name);
77
+ }
78
+ return true;
79
+ }
80
+ export function validateMcpToolSchema(tool) {
81
+ const errors = [];
82
+ const name = typeof tool.name === "string" ? tool.name : "";
83
+ if (!name.trim()) {
84
+ errors.push("tool missing non-empty name");
85
+ }
86
+ const description = tool.description;
87
+ if (typeof description !== "string" || !description.trim()) {
88
+ errors.push(`${name || "<unknown>"}: missing description`);
89
+ }
90
+ const inputSchema = tool.inputSchema;
91
+ if (!inputSchema || typeof inputSchema !== "object" || Array.isArray(inputSchema)) {
92
+ errors.push(`${name || "<unknown>"}: inputSchema must be an object`);
93
+ }
94
+ else if (inputSchema.type !== "object") {
95
+ errors.push(`${name || "<unknown>"}: inputSchema.type must be object`);
96
+ }
97
+ const outputSchema = tool.outputSchema;
98
+ if (outputSchema !== undefined && (typeof outputSchema !== "object" || Array.isArray(outputSchema))) {
99
+ errors.push(`${name || "<unknown>"}: outputSchema must be an object when present`);
100
+ }
101
+ const annotations = tool.annotations;
102
+ if (annotations !== undefined && (typeof annotations !== "object" || Array.isArray(annotations))) {
103
+ errors.push(`${name || "<unknown>"}: annotations must be an object when present`);
104
+ }
105
+ return errors;
106
+ }
107
+ export function isLiveMoneyTool(name, annotations) {
108
+ const { destructive } = toolAnnotationsFlags(annotations);
109
+ return destructive || LIVE_MONEY_TOOL_NAMES.has(name);
110
+ }
@@ -0,0 +1,37 @@
1
+ import { type McpInstallFormat, type McpInstallHost, type McpInstallScope, type McpServerEntry } from "./mcp-install.js";
2
+ import { type McpToolPolicyConfig } from "./mcp-policy.js";
3
+ export type McpConfigSource = "generated" | "file";
4
+ export type McpConfigValidationIssue = {
5
+ field: string;
6
+ message: string;
7
+ };
8
+ export type McpConfigValidationResult = {
9
+ ok: boolean;
10
+ host: string;
11
+ source: McpConfigSource;
12
+ configPath: string | null;
13
+ issues: McpConfigValidationIssue[];
14
+ entry?: McpServerEntry;
15
+ toolPolicy?: McpToolPolicyConfig;
16
+ message: string;
17
+ };
18
+ export declare function parseMcpHostEntry(payload: string, format: McpInstallFormat): McpServerEntry;
19
+ export declare function validateMcpHostConfig(input: {
20
+ host: McpInstallHost;
21
+ format: McpInstallFormat;
22
+ payload: string;
23
+ cwd: string;
24
+ expectedEnvFile?: string;
25
+ source?: McpConfigSource;
26
+ configPath?: string | null;
27
+ }): McpConfigValidationResult;
28
+ export declare function verifyMcpInstallPlan(input: {
29
+ host: McpInstallHost;
30
+ scope?: McpInstallScope;
31
+ format: McpInstallFormat;
32
+ envFile: string;
33
+ cwd: string;
34
+ home: string;
35
+ configPath?: string;
36
+ toolPolicy?: McpToolPolicyConfig;
37
+ }): Promise<McpConfigValidationResult>;
@@ -0,0 +1,172 @@
1
+ import { existsSync } from "node:fs";
2
+ import { readFile } from "node:fs/promises";
3
+ import path from "node:path";
4
+ import { defaultMcpServerCommand, planMcpInstall, } from "./mcp-install.js";
5
+ import { MCP_TOOL_ALLOWLIST_ENV, MCP_TOOL_POLICY_ENV, mergeMcpToolPolicy, parseMcpToolAllowlist, parseMcpToolPolicy, resolveMcpToolPolicy, } from "./mcp-policy.js";
6
+ function validationMessage(ok, issues) {
7
+ if (ok) {
8
+ return "MCP host config is valid";
9
+ }
10
+ return issues[0]?.message ?? "invalid MCP config";
11
+ }
12
+ function parseTomlPaybondEntry(payload) {
13
+ const section = "[mcp_servers.paybond]";
14
+ if (!payload.includes(section)) {
15
+ throw new Error("missing [mcp_servers.paybond] section");
16
+ }
17
+ const afterSection = payload.split(section, 1)[1] ?? "";
18
+ const envSection = "[mcp_servers.paybond.env]";
19
+ const [block, envBlock = ""] = afterSection.includes(envSection)
20
+ ? afterSection.split(envSection)
21
+ : [afterSection, ""];
22
+ const commandMatch = /command\s*=\s*(.+)/.exec(block);
23
+ const argsMatch = /args\s*=\s*(\[[\s\S]*?\])/.exec(block);
24
+ if (!commandMatch?.[1]) {
25
+ throw new Error("missing paybond command");
26
+ }
27
+ const command = JSON.parse(commandMatch[1].trim());
28
+ const args = argsMatch?.[1] ? JSON.parse(argsMatch[1]) : [];
29
+ const env = {};
30
+ for (const line of envBlock.split("\n")) {
31
+ const stripped = line.trim();
32
+ if (!stripped || stripped.startsWith("#") || !stripped.includes("=")) {
33
+ continue;
34
+ }
35
+ const [key, value] = stripped.split("=", 2);
36
+ env[key.trim()] = JSON.parse(value.trim());
37
+ }
38
+ return { command, args, env };
39
+ }
40
+ export function parseMcpHostEntry(payload, format) {
41
+ const parsed = format === "toml"
42
+ ? parseTomlPaybondEntry(payload)
43
+ : (() => {
44
+ const body = JSON.parse(payload);
45
+ const servers = body.mcpServers;
46
+ if (!servers || typeof servers !== "object" || Array.isArray(servers)) {
47
+ throw new Error("missing mcpServers object");
48
+ }
49
+ const paybond = servers.paybond;
50
+ if (!paybond || typeof paybond !== "object" || Array.isArray(paybond)) {
51
+ throw new Error("missing mcpServers.paybond entry");
52
+ }
53
+ return paybond;
54
+ })();
55
+ const command = parsed.command;
56
+ if (typeof command !== "string" || !command.trim()) {
57
+ throw new Error("missing paybond command");
58
+ }
59
+ const args = parsed.args;
60
+ if (!Array.isArray(args) || !args.every((item) => typeof item === "string")) {
61
+ throw new Error("paybond args must be a string array");
62
+ }
63
+ const envRaw = parsed.env;
64
+ if (envRaw !== undefined && (typeof envRaw !== "object" || Array.isArray(envRaw))) {
65
+ throw new Error("paybond env must be an object");
66
+ }
67
+ const env = {};
68
+ for (const [key, value] of Object.entries(envRaw ?? {})) {
69
+ env[key] = String(value);
70
+ }
71
+ return {
72
+ command,
73
+ args: [...args],
74
+ env,
75
+ };
76
+ }
77
+ function validateEntry(entry, cwd, expectedEnvFile) {
78
+ const issues = [];
79
+ if ("PAYBOND_API_KEY" in entry.env) {
80
+ issues.push({ field: "env", message: "config must reference PAYBOND_ENV_FILE, not PAYBOND_API_KEY" });
81
+ }
82
+ const envFile = entry.env.PAYBOND_ENV_FILE?.trim() ?? "";
83
+ if (!envFile) {
84
+ issues.push({ field: "env", message: "missing PAYBOND_ENV_FILE" });
85
+ }
86
+ else if (expectedEnvFile && envFile !== expectedEnvFile) {
87
+ issues.push({
88
+ field: "env",
89
+ message: `PAYBOND_ENV_FILE mismatch: config=${JSON.stringify(envFile)} expected=${JSON.stringify(expectedEnvFile)}`,
90
+ });
91
+ }
92
+ const resolvedEnv = path.isAbsolute(envFile) ? path.resolve(envFile) : path.resolve(cwd, envFile);
93
+ if (envFile && !existsSync(resolvedEnv)) {
94
+ issues.push({ field: "env", message: `env file not found: ${resolvedEnv}` });
95
+ }
96
+ if (!entry.command.trim()) {
97
+ issues.push({ field: "command", message: "missing MCP server command" });
98
+ }
99
+ let toolPolicy;
100
+ const rawPolicy = entry.env[MCP_TOOL_POLICY_ENV]?.trim() ?? "";
101
+ const rawAllowlist = entry.env[MCP_TOOL_ALLOWLIST_ENV]?.trim() ?? "";
102
+ try {
103
+ toolPolicy = resolveMcpToolPolicy(mergeMcpToolPolicy(parseMcpToolPolicy(rawPolicy || undefined), parseMcpToolAllowlist(rawAllowlist || undefined)));
104
+ }
105
+ catch (err) {
106
+ issues.push({
107
+ field: "tool_policy",
108
+ message: err instanceof Error ? err.message : String(err),
109
+ });
110
+ }
111
+ return { issues, toolPolicy };
112
+ }
113
+ export function validateMcpHostConfig(input) {
114
+ try {
115
+ const entry = parseMcpHostEntry(input.payload, input.format);
116
+ const { issues, toolPolicy } = validateEntry(entry, input.cwd, input.expectedEnvFile);
117
+ const ok = issues.length === 0;
118
+ return {
119
+ ok,
120
+ host: input.host,
121
+ source: input.source ?? "generated",
122
+ configPath: input.configPath ?? null,
123
+ issues,
124
+ entry,
125
+ toolPolicy,
126
+ message: validationMessage(ok, issues),
127
+ };
128
+ }
129
+ catch (err) {
130
+ const issues = [{ field: "config", message: err instanceof Error ? err.message : String(err) }];
131
+ return {
132
+ ok: false,
133
+ host: input.host,
134
+ source: input.source ?? "generated",
135
+ configPath: input.configPath ?? null,
136
+ issues,
137
+ message: validationMessage(false, issues),
138
+ };
139
+ }
140
+ }
141
+ export async function verifyMcpInstallPlan(input) {
142
+ let payload;
143
+ let source = "generated";
144
+ let configPath = input.configPath ?? null;
145
+ if (input.configPath) {
146
+ payload = await readFile(input.configPath, "utf8");
147
+ source = "file";
148
+ }
149
+ else {
150
+ const plan = planMcpInstall({
151
+ host: input.host,
152
+ scope: input.scope ?? "local",
153
+ format: input.format,
154
+ envFile: input.envFile,
155
+ cwd: input.cwd,
156
+ home: input.home,
157
+ serverCommand: defaultMcpServerCommand(),
158
+ toolPolicy: input.toolPolicy,
159
+ });
160
+ payload = plan.payload;
161
+ configPath = plan.configPath;
162
+ }
163
+ return validateMcpHostConfig({
164
+ host: input.host,
165
+ format: input.format,
166
+ payload,
167
+ cwd: input.cwd,
168
+ expectedEnvFile: input.envFile,
169
+ source,
170
+ configPath,
171
+ });
172
+ }
@@ -0,0 +1,4 @@
1
+ export declare function maskApiKey(rawKey: string): string;
2
+ export declare function redactSensitiveFields(value: unknown): unknown;
3
+ export declare function isSensitiveConfigKey(key: string): boolean;
4
+ export declare function redactConfigValue(key: string, value: string): string;
@@ -0,0 +1,88 @@
1
+ const SENSITIVE_SEED_EXACT_FIELDS = new Set(["payee_signing_seed", "agent_recognition_signing_seed"]);
2
+ function isSensitiveSeedKey(key) {
3
+ const lowered = key.toLowerCase();
4
+ if (SENSITIVE_SEED_EXACT_FIELDS.has(lowered)) {
5
+ return true;
6
+ }
7
+ return lowered.endsWith("_seed") || lowered.endsWith("_seed_hex");
8
+ }
9
+ function hasRedactableScalarContent(value) {
10
+ if (typeof value === "string") {
11
+ return value.trim().length > 0;
12
+ }
13
+ if (value instanceof Uint8Array) {
14
+ return value.length > 0;
15
+ }
16
+ return false;
17
+ }
18
+ export function maskApiKey(rawKey) {
19
+ const trimmed = rawKey.trim();
20
+ const parts = trimmed.split("_");
21
+ if (parts.length >= 5 && parts[0] === "paybond" && parts[1] === "sk") {
22
+ const environment = parts[2];
23
+ const keyId = parts[3];
24
+ const redactedKeyId = keyId.length > 12 ? `${keyId.slice(0, 8)}...${keyId.slice(-4)}` : "redacted";
25
+ return `paybond_sk_${environment}_${redactedKeyId}`;
26
+ }
27
+ return "paybond_sk_...";
28
+ }
29
+ export function redactSensitiveFields(value) {
30
+ if (Array.isArray(value)) {
31
+ return value.map((item) => redactSensitiveFields(item));
32
+ }
33
+ if (value && typeof value === "object") {
34
+ const out = {};
35
+ for (const [key, child] of Object.entries(value)) {
36
+ const lowered = key.toLowerCase();
37
+ if (lowered === "capability_token" ||
38
+ lowered === "access_token" ||
39
+ lowered === "refresh_token" ||
40
+ (lowered.endsWith("_token") && lowered !== "token_type")) {
41
+ out[key] = hasRedactableScalarContent(child) ? "[redacted]" : child;
42
+ continue;
43
+ }
44
+ if (lowered === "api_key" || lowered.endsWith("_api_key")) {
45
+ out[key] = typeof child === "string" ? maskApiKey(child) : child;
46
+ continue;
47
+ }
48
+ if (isSensitiveSeedKey(key)) {
49
+ out[key] = hasRedactableScalarContent(child) ? "[redacted]" : child;
50
+ continue;
51
+ }
52
+ if (child && typeof child === "object") {
53
+ out[key] = redactSensitiveFields(child);
54
+ continue;
55
+ }
56
+ out[key] = child;
57
+ }
58
+ return out;
59
+ }
60
+ return value;
61
+ }
62
+ const SENSITIVE_CONFIG_KEY_EXACT = new Set([
63
+ "api_key",
64
+ "paybond_api_key",
65
+ "secret",
66
+ "client_secret",
67
+ "password",
68
+ ]);
69
+ const SENSITIVE_CONFIG_KEY_TOKEN_ALLOWLIST = new Set(["token_type", "token_endpoint"]);
70
+ export function isSensitiveConfigKey(key) {
71
+ const lowered = key.toLowerCase();
72
+ if (SENSITIVE_CONFIG_KEY_EXACT.has(lowered)) {
73
+ return true;
74
+ }
75
+ if (lowered.endsWith("_token") && !SENSITIVE_CONFIG_KEY_TOKEN_ALLOWLIST.has(lowered)) {
76
+ return true;
77
+ }
78
+ if (lowered.endsWith("_api_key") || lowered.endsWith("_secret") || lowered.endsWith("_password")) {
79
+ return true;
80
+ }
81
+ return false;
82
+ }
83
+ export function redactConfigValue(key, value) {
84
+ if (!isSensitiveConfigKey(key)) {
85
+ return value;
86
+ }
87
+ return value.trim() ? maskApiKey(value) : "";
88
+ }
@@ -0,0 +1,2 @@
1
+ /** Generate a correlation id suitable for Gateway request headers and JSON envelopes. */
2
+ export declare function generateRequestId(): string;
@@ -0,0 +1,5 @@
1
+ import { v4 as uuidv4 } from "uuid";
2
+ /** Generate a correlation id suitable for Gateway request headers and JSON envelopes. */
3
+ export function generateRequestId() {
4
+ return `01${uuidv4().replace(/-/g, "").slice(0, 24).toUpperCase()}`;
5
+ }
@@ -0,0 +1,2 @@
1
+ import { type CliDependencies } from "./types.js";
2
+ export declare function runCli(argv: string[], deps?: CliDependencies): Promise<number>;