@polpo-ai/tools 0.6.25 → 0.6.26

package/dist/__tests__/mcp-client.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=mcp-client.test.d.ts.map

package/dist/__tests__/mcp-client.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-client.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/mcp-client.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/mcp-client.test.js

@@ -0,0 +1,158 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+import { resolveAgentMcpTools } from "../mcp-client.js";
+/**
+ * These tests cover the wiring around the AI SDK MCP client (vault
+ * templating, host allowlist, namespacing, dispose) by mocking the
+ * client itself. We do NOT spin up a real MCP server here — that's
+ * an integration concern. The unit-level invariants we lock in are:
+ *
+ *  - `${vault:service:key}` is replaced with the resolved credential.
+ *  - A missing vault credential throws a clean, named error.
+ *  - Tools are namespaced `mcp__<server>__<tool>` so collisions across
+ *    servers are impossible.
+ *  - One bad server doesn't take down the whole resolve — the rest
+ *    of the agent's MCPs still come up.
+ *  - `dispose()` closes every transport that was successfully opened.
+ *  - `POLPO_MCP_ALLOWED_HOSTS` rejects off-list hosts before any
+ *    network I/O.
+ */
+const closeMock = vi.fn(async () => { });
+const toolsMock = vi.fn(async () => ({
+    ping: {
+        description: "ping the server",
+        inputSchema: { type: "object", properties: {} },
+        execute: vi.fn(async () => "pong"),
+    },
+    echo: {
+        description: "echo back",
+        inputSchema: { type: "object", properties: { msg: { type: "string" } } },
+        execute: vi.fn(async (args) => `echo:${args.msg}`),
+    },
+}));
+const createClientMock = vi.fn(async () => ({
+    tools: toolsMock,
+    close: closeMock,
+}));
+vi.mock("@ai-sdk/mcp", () => ({
+    createMCPClient: (arg) => createClientMock(arg),
+}));
+vi.mock("@ai-sdk/mcp/mcp-stdio", () => ({
+    Experimental_StdioMCPTransport: class {
+        spec;
+        constructor(spec) {
+            this.spec = spec;
+        }
+    },
+}));
+const fakeVault = {
+    getKey(service, key) {
+        if (service === "polpo" && key === "api_key")
+            return "secret-123";
+        return undefined;
+    },
+};
+describe("resolveAgentMcpTools", () => {
+    beforeEach(() => {
+        closeMock.mockClear();
+        toolsMock.mockClear();
+        createClientMock.mockClear();
+        delete process.env.POLPO_MCP_ALLOWED_HOSTS;
+    });
+    afterEach(() => {
+        delete process.env.POLPO_MCP_ALLOWED_HOSTS;
+    });
+    it("returns empty + no-op dispose when the agent declares no servers", async () => {
+        const result = await resolveAgentMcpTools("agent-1", undefined, undefined);
+        expect(result.tools).toEqual([]);
+        await expect(result.dispose()).resolves.toBeUndefined();
+        expect(createClientMock).not.toHaveBeenCalled();
+    });
+    it("namespaces tools as mcp__<server>__<tool>", async () => {
+        const servers = {
+            polpo: { type: "http", url: "https://api.polpo.sh/mcp" },
+        };
+        const result = await resolveAgentMcpTools("orchestrator", servers, undefined);
+        const names = result.tools.map((t) => t.name).sort();
+        expect(names).toEqual(["mcp__polpo__echo", "mcp__polpo__ping"]);
+    });
+    it("templates ${vault:service:key} into header values", async () => {
+        const servers = {
+            polpo: {
+                type: "http",
+                url: "https://api.polpo.sh/mcp",
+                headers: { Authorization: "Bearer ${vault:polpo:api_key}" },
+            },
+        };
+        await resolveAgentMcpTools("agent-1", servers, fakeVault);
+        const call = createClientMock.mock.calls[0]?.[0];
+        expect(call.transport.headers.Authorization).toBe("Bearer secret-123");
+    });
+    it("errors clearly when a vault placeholder cannot be resolved", async () => {
+        // We swallow per-server errors and log them, so the resolve still
+        // succeeds with an empty tool array — the agent simply doesn't get
+        // tools from the broken server.
+        const errSpy = vi.spyOn(console, "error").mockImplementation(() => { });
+        const servers = {
+            bad: {
+                type: "http",
+                url: "https://api.example.com/mcp",
+                headers: { Authorization: "Bearer ${vault:nonexistent:key}" },
+            },
+        };
+        const result = await resolveAgentMcpTools("agent-1", servers, fakeVault);
+        expect(result.tools).toEqual([]);
+        expect(errSpy.mock.calls[0]?.[1]).toContain('Vault credential "nonexistent:key"');
+        errSpy.mockRestore();
+    });
+    it("isolates failures — one broken server doesn't kill the rest", async () => {
+        const errSpy = vi.spyOn(console, "error").mockImplementation(() => { });
+        // First call throws, second succeeds.
+        createClientMock
+            .mockRejectedValueOnce(new Error("boom"))
+            .mockResolvedValueOnce({ tools: toolsMock, close: closeMock });
+        const servers = {
+            broken: { type: "http", url: "https://broken.example.com/mcp" },
+            working: { type: "http", url: "https://working.example.com/mcp" },
+        };
+        const result = await resolveAgentMcpTools("agent-1", servers, undefined);
+        expect(result.tools.map((t) => t.name)).toEqual([
+            "mcp__working__ping",
+            "mcp__working__echo",
+        ]);
+        errSpy.mockRestore();
+    });
+    it("dispose closes every successfully-opened transport", async () => {
+        const servers = {
+            a: { type: "http", url: "https://a.example.com/mcp" },
+            b: { type: "http", url: "https://b.example.com/mcp" },
+        };
+        const result = await resolveAgentMcpTools("agent-1", servers, undefined);
+        await result.dispose();
+        expect(closeMock).toHaveBeenCalledTimes(2);
+    });
+    it("rejects HTTP servers outside POLPO_MCP_ALLOWED_HOSTS", async () => {
+        const errSpy = vi.spyOn(console, "error").mockImplementation(() => { });
+        process.env.POLPO_MCP_ALLOWED_HOSTS = "*.polpo.sh,internal.example.com";
+        const servers = {
+            external: { type: "http", url: "https://attacker.example.com/mcp" },
+            ok: { type: "http", url: "https://api.polpo.sh/mcp" },
+        };
+        const result = await resolveAgentMcpTools("agent-1", servers, undefined);
+        expect(result.tools.map((t) => t.name)).toEqual([
+            "mcp__ok__ping",
+            "mcp__ok__echo",
+        ]);
+        expect(errSpy.mock.calls[0]?.[1]).toContain("not in POLPO_MCP_ALLOWED_HOSTS");
+        errSpy.mockRestore();
+    });
+    it("adapts MCP execute to Polpo's ToolResult shape (text content)", async () => {
+        const servers = {
+            polpo: { type: "http", url: "https://api.polpo.sh/mcp" },
+        };
+        const { tools } = await resolveAgentMcpTools("agent-1", servers, undefined);
+        const echo = tools.find((t) => t.name === "mcp__polpo__echo");
+        const result = await echo.execute("call-1", { msg: "hi" });
+        expect(result.content).toEqual([{ type: "text", text: "echo:hi" }]);
+    });
+});
+//# sourceMappingURL=mcp-client.test.js.map

package/dist/__tests__/mcp-client.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-client.test.js","sourceRoot":"","sources":["../../src/__tests__/mcp-client.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,EAAE,oBAAoB,EAAsB,MAAM,kBAAkB,CAAC;AAE5E;;;;;;;;;;;;;;;GAeG;AAEH,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,GAAE,CAAC,CAAC,CAAC;AACxC,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;IACnC,IAAI,EAAE;QACJ,WAAW,EAAE,iBAAiB;QAC9B,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,EAAE,EAAE;QAC/C,OAAO,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,MAAM,CAAC;KACnC;IACD,IAAI,EAAE;QACJ,WAAW,EAAE,WAAW;QACxB,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE;QACxE,OAAO,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,IAAS,EAAE,EAAE,CAAC,QAAQ,IAAI,CAAC,GAAG,EAAE,CAAC;KACxD;CACF,CAAC,CAAC,CAAC;AACJ,MAAM,gBAAgB,GAAQ,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;IAC/C,KAAK,EAAE,SAAS;IAChB,KAAK,EAAE,SAAS;CACjB,CAAC,CAAC,CAAC;AAEJ,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;IAC5B,eAAe,EAAE,CAAC,GAAY,EAAE,EAAE,CAAC,gBAAgB,CAAC,GAAG,CAAC;CACzD,CAAC,CAAC,CAAC;AACJ,EAAE,CAAC,IAAI,CAAC,uBAAuB,EAAE,GAAG,EAAE,CAAC,CAAC;IACtC,8BAA8B,EAAE;QACX;QAAnB,YAAmB,IAAa;YAAb,SAAI,GAAJ,IAAI,CAAS;QAAG,CAAC;KACrC;CACF,CAAC,CAAC,CAAC;AAEJ,MAAM,SAAS,GAAG;IAChB,MAAM,CAAC,OAAe,EAAE,GAAW;QACjC,IAAI,OAAO,KAAK,OAAO,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO,YAAY,CAAC;QAClE,OAAO,SAAS,CAAC;IACnB,CAAC;CACF,CAAC;AAEF,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,UAAU,CAAC,GAAG,EAAE;QACd,SAAS,CAAC,SAAS,EAAE,CAAC;QACtB,SAAS,CAAC,SAAS,EAAE,CAAC;QACtB,gBAAgB,CAAC,SAAS,EAAE,CAAC;QAC7B,OAAO,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;IAC7C,CAAC,CAAC,CAAC;IACH,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kEAAkE,EAAE,KAAK,IAAI,EAAE;QAChF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QAC3E,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;QACxD,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,KAAK,IAAI,EAAE;QACzD,MAAM,OAAO,GAAkC;YAC7C,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,0BAA0B,EAAE;SACzD,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,cAAc,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QAC9E,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC;QACrD,MAAM,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAC,kBAAkB,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,MAAM,OAAO,GAAkC;YAC7C,KAAK,EAAE;gBACL,IAAI,EAAE,MAAM;gBACZ,GAAG,EAAE,0BAA0B;gBAC/B,OAAO,EAAE,EAAE,aAAa,EAAE,+BAA+B,EAAE;aAC5D;SACF,CAAC;QACF,MAAM,oBAAoB,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QAC1D,MAAM,IAAI,GAAI,gBAAwB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAQ,CAAC;QACjE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACzE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4DAA4D,EAAE,KAAK,IAAI,EAAE;QAC1E,kEAAkE;QAClE,mEAAmE;QACnE,gCAAgC;QAChC,MAAM,MAAM,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACvE,MAAM,OAAO,GAAkC;YAC7C,GAAG,EAAE;gBACH,IAAI,EAAE,MAAM;gBACZ,GAAG,EAAE,6BAA6B;gBAClC,OAAO,EAAE,EAAE,aAAa,EAAE,iCAAiC,EAAE;aAC9D;SACF,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QACzE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,oCAAoC,CAAC,CAAC;QAClF,MAAM,CAAC,WAAW,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6DAA6D,EAAE,KAAK,IAAI,EAAE;QAC3E,MAAM,MAAM,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACvE,sCAAsC;QACtC,gBAAgB;aACb,qBAAqB,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC;aACxC,qBAAqB,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAS,CAAC,CAAC;QACxE,MAAM,OAAO,GAAkC;YAC7C,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,gCAAgC,EAAE;YAC/D,OAAO,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,iCAAiC,EAAE;SAClE,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QACzE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC;YAC9C,oBAAoB;YACpB,oBAAoB;SACrB,CAAC,CAAC;QACH,MAAM,CAAC,WAAW,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oDAAoD,EAAE,KAAK,IAAI,EAAE;QAClE,MAAM,OAAO,GAAkC;YAC7C,CAAC,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,2BAA2B,EAAE;YACrD,CAAC,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,2BAA2B,EAAE;SACtD,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QACzE,MAAM,MAAM,CAAC,OAAO,EAAE,CAAC;QACvB,MAAM,CAAC,SAAS,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;QACpE,MAAM,MAAM,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACvE,OAAO,CAAC,GAAG,CAAC,uBAAuB,GAAG,iCAAiC,CAAC;QACxE,MAAM,OAAO,GAAkC;YAC7C,QAAQ,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,kCAAkC,EAAE;YACnE,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,0BAA0B,EAAE;SACtD,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QACzE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC;YAC9C,eAAe;YACf,eAAe;SAChB,CAAC,CAAC;QACH,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,gCAAgC,CAAC,CAAC;QAC9E,MAAM,CAAC,WAAW,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+DAA+D,EAAE,KAAK,IAAI,EAAE;QAC7E,MAAM,OAAO,GAAkC;YAC7C,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,0BAA0B,EAAE;SACzD,CAAC;QACF,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,oBAAoB,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QAC5E,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAE,CAAC;QAC/D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;QAC3D,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/index.d.ts

@@ -15,6 +15,8 @@ export type { ExtendedToolName, CreateAllToolsOptions } from "./system-tools.js"
 export { createOutcomeTools } from "./outcome-tools.js";
 export { createHttpTools, ALL_HTTP_TOOL_NAMES } from "./http-tools.js";
 export { createVaultToolsCore, createVaultTools, ALL_VAULT_TOOL_NAMES } from "./vault-tools.js";
+export { resolveAgentMcpTools } from "./mcp-client.js";
+export type { McpServerSpec, ResolvedMcpTools, VaultLookup } from "./mcp-client.js";
 export { createBrowserTools, ALL_BROWSER_TOOL_NAMES, cleanupAgentBrowserSession } from "./browser-tools.js";
 export { createEmailTools, ALL_EMAIL_TOOL_NAMES } from "./email-tools.js";
 export { createExcelTools, ALL_EXCEL_TOOL_NAMES } from "./excel-tools.js";

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,IAAI,iBAAiB,EAAE,cAAc,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAC9K,YAAY,EAAE,gBAAgB,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAGjF,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAGhG,OAAO,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,0BAA0B,EAAE,MAAM,oBAAoB,CAAC;AAC5G,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAC7E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAGtD,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AAGrD,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAC1F,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAGnD,YAAY,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,IAAI,iBAAiB,EAAE,cAAc,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAC9K,YAAY,EAAE,gBAAgB,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAGjF,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAChG,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AACvD,YAAY,EAAE,aAAa,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAGpF,OAAO,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,0BAA0B,EAAE,MAAM,oBAAoB,CAAC;AAC5G,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAC7E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAGtD,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AAGrD,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAC1F,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAGnD,YAAY,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC"}

package/dist/index.js

@@ -16,6 +16,7 @@ export { createSystemTools, createSystemTools as createCodingTools, createAllToo
 export { createOutcomeTools } from "./outcome-tools.js";
 export { createHttpTools, ALL_HTTP_TOOL_NAMES } from "./http-tools.js";
 export { createVaultToolsCore, createVaultTools, ALL_VAULT_TOOL_NAMES } from "./vault-tools.js";
+export { resolveAgentMcpTools } from "./mcp-client.js";
 // Extended tool factories
 export { createBrowserTools, ALL_BROWSER_TOOL_NAMES, cleanupAgentBrowserSession } from "./browser-tools.js";
 export { createEmailTools, ALL_EMAIL_TOOL_NAMES } from "./email-tools.js";

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,oBAAoB;AACpB,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,IAAI,iBAAiB,EAAE,cAAc,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAG9K,qDAAqD;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAEhG,0BAA0B;AAC1B,OAAO,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,0BAA0B,EAAE,MAAM,oBAAoB,CAAC;AAC5G,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAC7E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD,8CAA8C;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AAErD,qBAAqB;AACrB,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAC1F,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,oBAAoB;AACpB,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,IAAI,iBAAiB,EAAE,cAAc,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAG9K,qDAAqD;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAChG,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAGvD,0BAA0B;AAC1B,OAAO,EAAE,kBAAkB,EAAE,sBAAsB,EAAE,0BAA0B,EAAE,MAAM,oBAAoB,CAAC;AAC5G,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAC7E,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD,8CAA8C;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AAErD,qBAAqB;AACrB,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAC1F,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/mcp-client.d.ts

@@ -0,0 +1,68 @@
+/**
+ * Resolve MCP-server-provided tools for a single agent and adapt them to
+ * Polpo's internal `PolpoTool` shape. This is the agent-side glue that
+ * lets a Polpo agent declare `mcpServers` and have the resulting tools
+ * appear next to its native ones (read/write/bash/...) with the same
+ * runtime contract.
+ *
+ * Tools are namespaced as `mcp__<serverName>__<toolName>` so two servers
+ * can both expose `read_file` (or whatever) without collision, mirroring
+ * Claude Code's convention. The LLM picks the right one because the
+ * server-prefixed name is unambiguous.
+ *
+ * Lifecycle: returns a `dispose()` that closes every opened transport.
+ * Callers must invoke it once the request finishes (typically wired into
+ * `streamText`'s `onFinish`). Skipping leaks file descriptors / open
+ * HTTP keep-alives.
+ *
+ * Auth: header values support the existing `${vault:KEY}` template
+ * syntax, resolved against the agent's vault entries. A missing vault
+ * key surfaces as an `Error` so the agent runtime fails fast and visibly
+ * — better than silently sending `Bearer ${vault:FOO}` to the server.
+ *
+ * Security: when an allowlist of hostnames is configured (env
+ * `POLPO_MCP_ALLOWED_HOSTS`, comma-separated, supports `*.foo.com`
+ * wildcards), HTTP/SSE servers outside the list are refused. Critical
+ * in cloud to block SSRF / metadata-IP pivots; in self-host the
+ * allowlist is unset and any host works.
+ */
+import type { PolpoTool } from "@polpo-ai/core";
+/** A single MCP server config — mirrors the type in `@polpo-ai/sdk`. */
+export type McpServerSpec = {
+    type?: "stdio";
+    command: string;
+    args?: string[];
+    env?: Record<string, string>;
+} | {
+    type: "sse";
+    url: string;
+    headers?: Record<string, string>;
+} | {
+    type: "http";
+    url: string;
+    headers?: Record<string, string>;
+};
+/**
+ * Minimal subset of the existing `ResolvedVault` interface we depend on.
+ * Decoupled to keep `@polpo-ai/tools` from importing the shell's vault
+ * resolver — callers pass in any object that conforms.
+ */
+export interface VaultLookup {
+    getKey(service: string, key: string): string | undefined;
+}
+export interface ResolvedMcpTools {
+    /** Polpo-format tools — drop straight into the agent's tool array. */
+    tools: PolpoTool<any>[];
+    /** Close every opened transport. Best-effort; idempotent. */
+    dispose: () => Promise<void>;
+}
+/**
+ * Open every MCP server declared on the agent config. Returns the
+ * aggregated Polpo tools + a single `dispose` that closes them all.
+ *
+ * Failures on individual servers are logged but don't abort the rest:
+ * an agent with one broken MCP and one good one still gets the good
+ * tools, with a console error pointing at the bad config.
+ */
+export declare function resolveAgentMcpTools(agentName: string, mcpServers: Record<string, McpServerSpec> | undefined, vault: VaultLookup | undefined): Promise<ResolvedMcpTools>;
+//# sourceMappingURL=mcp-client.d.ts.map

package/dist/mcp-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-client.d.ts","sourceRoot":"","sources":["../src/mcp-client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAc,MAAM,gBAAgB,CAAC;AAE5D,wEAAwE;AACxE,MAAM,MAAM,aAAa,GACrB;IACE,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC9B,GACD;IAAE,IAAI,EAAE,KAAK,CAAC;IAAC,GAAG,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAAE,GAC9D;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAAE,CAAC;AAEpE;;;;GAIG;AACH,MAAM,WAAW,WAAW;IAC1B,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CAC1D;AAED,MAAM,WAAW,gBAAgB;IAC/B,sEAAsE;IACtE,KAAK,EAAE,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC;IACxB,6DAA6D;IAC7D,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9B;AA2ID;;;;;;;GAOG;AACH,wBAAsB,oBAAoB,CACxC,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,GAAG,SAAS,EACrD,KAAK,EAAE,WAAW,GAAG,SAAS,GAC7B,OAAO,CAAC,gBAAgB,CAAC,CAoF3B"}

package/dist/mcp-client.js

@@ -0,0 +1,236 @@
+/**
+ * Resolve MCP-server-provided tools for a single agent and adapt them to
+ * Polpo's internal `PolpoTool` shape. This is the agent-side glue that
+ * lets a Polpo agent declare `mcpServers` and have the resulting tools
+ * appear next to its native ones (read/write/bash/...) with the same
+ * runtime contract.
+ *
+ * Tools are namespaced as `mcp__<serverName>__<toolName>` so two servers
+ * can both expose `read_file` (or whatever) without collision, mirroring
+ * Claude Code's convention. The LLM picks the right one because the
+ * server-prefixed name is unambiguous.
+ *
+ * Lifecycle: returns a `dispose()` that closes every opened transport.
+ * Callers must invoke it once the request finishes (typically wired into
+ * `streamText`'s `onFinish`). Skipping leaks file descriptors / open
+ * HTTP keep-alives.
+ *
+ * Auth: header values support the existing `${vault:KEY}` template
+ * syntax, resolved against the agent's vault entries. A missing vault
+ * key surfaces as an `Error` so the agent runtime fails fast and visibly
+ * — better than silently sending `Bearer ${vault:FOO}` to the server.
+ *
+ * Security: when an allowlist of hostnames is configured (env
+ * `POLPO_MCP_ALLOWED_HOSTS`, comma-separated, supports `*.foo.com`
+ * wildcards), HTTP/SSE servers outside the list are refused. Critical
+ * in cloud to block SSRF / metadata-IP pivots; in self-host the
+ * allowlist is unset and any host works.
+ */
+/**
+ * Replace `${vault:service:key}` placeholders in a string. Reuses the
+ * existing service/key-credential model — the MCP credentials live in
+ * the same vault as everything else (no parallel abstraction).
+ *
+ * Example: `Bearer ${vault:polpo:api_key}` resolves to the `api_key`
+ * credential of the `polpo` vault entry.
+ */
+function applyVault(input, vault) {
+    if (!vault)
+        return input;
+    return input.replace(/\$\{vault:([a-z0-9_-]+):([a-z0-9_-]+)\}/gi, (_, service, key) => {
+        const value = vault.getKey(service, key);
+        if (value === undefined) {
+            throw new Error(`Vault credential "${service}:${key}" not found — required by MCP server config`);
+        }
+        return value;
+    });
+}
+function resolveHeaders(headers, vault) {
+    if (!headers)
+        return undefined;
+    const out = {};
+    for (const [k, v] of Object.entries(headers)) {
+        out[k] = applyVault(v, vault);
+    }
+    return out;
+}
+function parseAllowedHosts() {
+    const raw = process.env.POLPO_MCP_ALLOWED_HOSTS;
+    if (!raw)
+        return null;
+    return raw
+        .split(",")
+        .map((s) => s.trim())
+        .filter(Boolean);
+}
+function hostAllowed(hostname, patterns) {
+    for (const p of patterns) {
+        if (p === hostname)
+            return true;
+        if (p.startsWith("*.") && hostname.endsWith(p.slice(1)))
+            return true;
+    }
+    return false;
+}
+/**
+ * Adapt an AI SDK `Tool` (from `mcpClient.tools()`) into a Polpo
+ * `PolpoTool`. The runtime contracts overlap on `description` + an input
+ * schema + an executor; the wrapper bridges the small differences:
+ *
+ *  - AI SDK execute takes `(args, ctx)` and returns the raw server output
+ *    (string, object, or `CallToolResult`). Polpo's executor returns
+ *    `{ content: [{ type: "text", text }], details }`.
+ *  - MCP can return image content; we pass it through verbatim when
+ *    present so vision-capable agents can consume it.
+ *  - Errors from the underlying transport bubble as `Error` text content
+ *    — the agent loop already knows how to display tool errors.
+ */
+function adaptMcpTool(serverName, toolName, aiTool) {
+    return {
+        name: `mcp__${serverName}__${toolName}`,
+        label: toolName,
+        description: aiTool.description ?? "",
+        // AI SDK wraps schemas in a Zod/JSON Schema container; Polpo passes
+        // the raw schema through to `jsonSchema()` downstream which accepts
+        // arbitrary JSON-Schema-shaped objects, so this works without a
+        // typebox conversion.
+        parameters: aiTool.inputSchema,
+        execute: async (toolCallId, params, signal) => {
+            try {
+                const raw = await aiTool.execute(params, {
+                    toolCallId,
+                    messages: [],
+                    abortSignal: signal,
+                });
+                return coerceMcpResult(raw);
+            }
+            catch (err) {
+                const message = err instanceof Error ? err.message : String(err);
+                return {
+                    content: [{ type: "text", text: `MCP tool error: ${message}` }],
+                    details: { error: message },
+                };
+            }
+        },
+    };
+}
+/**
+ * MCP servers can return: a plain string, a structured object, or a
+ * `CallToolResult` with a `content[]` array. Normalize into Polpo's
+ * `ToolResult`. Pass image content through; serialize unknown shapes
+ * as JSON so the LLM at least gets readable text.
+ */
+function coerceMcpResult(raw) {
+    if (raw == null) {
+        return { content: [{ type: "text", text: "" }], details: null };
+    }
+    if (typeof raw === "string") {
+        return { content: [{ type: "text", text: raw }], details: raw };
+    }
+    if (typeof raw === "object" && raw !== null && Array.isArray(raw.content)) {
+        const content = raw.content
+            .map((part) => {
+            if (part?.type === "text" && typeof part.text === "string") {
+                return { type: "text", text: part.text };
+            }
+            if (part?.type === "image" && typeof part.data === "string") {
+                return {
+                    type: "image",
+                    data: part.data,
+                    mimeType: part.mimeType ?? "image/png",
+                };
+            }
+            // Unknown content part — serialize so we don't lose information
+            return { type: "text", text: JSON.stringify(part) };
+        })
+            .filter(Boolean);
+        return { content, details: raw };
+    }
+    return {
+        content: [{ type: "text", text: JSON.stringify(raw) }],
+        details: raw,
+    };
+}
+/**
+ * Open every MCP server declared on the agent config. Returns the
+ * aggregated Polpo tools + a single `dispose` that closes them all.
+ *
+ * Failures on individual servers are logged but don't abort the rest:
+ * an agent with one broken MCP and one good one still gets the good
+ * tools, with a console error pointing at the bad config.
+ */
+export async function resolveAgentMcpTools(agentName, mcpServers, vault) {
+    if (!mcpServers || Object.keys(mcpServers).length === 0) {
+        return { tools: [], dispose: async () => { } };
+    }
+    // Lazy-loaded so projects that never use MCP don't pay the import cost
+    // (the SDK pulls in @modelcontextprotocol/sdk transitively which is
+    // non-trivial — a few hundred KB at module-init time).
+    // Cast through any: vitest's vi.mock substitutes a single-arg factory
+    // that doesn't match the published SDK's variadic typing. Runtime is
+    // identical.
+    const { createMCPClient } = (await import("@ai-sdk/mcp"));
+    const allowedHosts = parseAllowedHosts();
+    const closers = [];
+    const tools = [];
+    for (const [serverName, spec] of Object.entries(mcpServers)) {
+        try {
+            // Validate host upfront for HTTP/SSE — stdio is local-only and
+            // already gated by the sandbox boundary.
+            if (spec.type === "http" || spec.type === "sse") {
+                if (allowedHosts) {
+                    const url = new URL(spec.url);
+                    if (!hostAllowed(url.hostname, allowedHosts)) {
+                        throw new Error(`MCP host "${url.hostname}" not in POLPO_MCP_ALLOWED_HOSTS`);
+                    }
+                }
+            }
+            let transport;
+            if (spec.type === "sse") {
+                transport = {
+                    type: "sse",
+                    url: spec.url,
+                    headers: resolveHeaders(spec.headers, vault),
+                };
+            }
+            else if (spec.type === "stdio" || spec.command) {
+                const stdioSpec = spec;
+                const { Experimental_StdioMCPTransport } = await import("@ai-sdk/mcp/mcp-stdio");
+                transport = new Experimental_StdioMCPTransport({
+                    command: stdioSpec.command,
+                    args: stdioSpec.args,
+                    env: stdioSpec.env,
+                });
+            }
+            else {
+                // Default to HTTP — handles both `{ type: "http", url }` and the
+                // forgiving `{ url }` shorthand.
+                const httpSpec = spec;
+                transport = {
+                    type: "http",
+                    url: httpSpec.url,
+                    headers: resolveHeaders(httpSpec.headers, vault),
+                    // Defense-in-depth: refuse 3xx so an attacker can't bounce us
+                    // off-allowlist via a redirect.
+                    redirect: "error",
+                };
+            }
+            const client = await createMCPClient({ transport });
+            closers.push(() => client.close().catch(() => { }));
+            const serverTools = await client.tools();
+            for (const [toolName, aiTool] of Object.entries(serverTools)) {
+                tools.push(adaptMcpTool(serverName, toolName, aiTool));
+            }
+        }
+        catch (err) {
+            console.error(`[mcp] agent="${agentName}" server="${serverName}" failed:`, err instanceof Error ? err.message : err);
+        }
+    }
+    return {
+        tools,
+        dispose: async () => {
+            await Promise.all(closers.map((fn) => fn()));
+        },
+    };
+}
+//# sourceMappingURL=mcp-client.js.map

package/dist/mcp-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-client.js","sourceRoot":"","sources":["../src/mcp-client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AA+BH;;;;;;;GAOG;AACH,SAAS,UAAU,CAAC,KAAa,EAAE,KAA8B;IAC/D,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IACzB,OAAO,KAAK,CAAC,OAAO,CAClB,2CAA2C,EAC3C,CAAC,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE;QAClB,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QACzC,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,qBAAqB,OAAO,IAAI,GAAG,6CAA6C,CACjF,CAAC;QACJ,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CACF,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CACrB,OAA2C,EAC3C,KAA8B;IAE9B,IAAI,CAAC,OAAO;QAAE,OAAO,SAAS,CAAC;IAC/B,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7C,GAAG,CAAC,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAChC,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,iBAAiB;IACxB,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;IAChD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,OAAO,GAAG;SACP,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC,CAAC;AACrB,CAAC;AAED,SAAS,WAAW,CAAC,QAAgB,EAAE,QAAkB;IACvD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAChC,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;IACvE,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAS,YAAY,CACnB,UAAkB,EAClB,QAAgB,EAChB,MAAW;IAEX,OAAO;QACL,IAAI,EAAE,QAAQ,UAAU,KAAK,QAAQ,EAAE;QACvC,KAAK,EAAE,QAAQ;QACf,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,EAAE;QACrC,oEAAoE;QACpE,oEAAoE;QACpE,gEAAgE;QAChE,sBAAsB;QACtB,UAAU,EAAE,MAAM,CAAC,WAAkB;QACrC,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;YAC5C,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE;oBACvC,UAAU;oBACV,QAAQ,EAAE,EAAE;oBACZ,WAAW,EAAE,MAAM;iBACpB,CAAC,CAAC;gBACH,OAAO,eAAe,CAAC,GAAG,CAAC,CAAC;YAC9B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACjE,OAAO;oBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,mBAAmB,OAAO,EAAE,EAAE,CAAC;oBAC/D,OAAO,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE;iBACP,CAAC;YACzB,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAS,eAAe,CAAC,GAAY;IACnC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAChB,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAClE,CAAC;IACD,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;IAClE,CAAC;IACD,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,IAAI,KAAK,CAAC,OAAO,CAAE,GAAW,CAAC,OAAO,CAAC,EAAE,CAAC;QACnF,MAAM,OAAO,GAAK,GAAW,CAAC,OAAiB;aAC5C,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YACZ,IAAI,IAAI,EAAE,IAAI,KAAK,MAAM,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC3D,OAAO,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC;YACpD,CAAC;YACD,IAAI,IAAI,EAAE,IAAI,KAAK,OAAO,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC5D,OAAO;oBACL,IAAI,EAAE,OAAgB;oBACtB,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,WAAW;iBACvC,CAAC;YACJ,CAAC;YACD,gEAAgE;YAChE,OAAO,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/D,CAAC,CAAC;aACD,MAAM,CAAC,OAAO,CAAC,CAAC;QACnB,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;IACnC,CAAC;IACD,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC;QACtD,OAAO,EAAE,GAAG;KACb,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,SAAiB,EACjB,UAAqD,EACrD,KAA8B;IAE9B,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxD,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,IAAI,EAAE,GAAE,CAAC,EAAE,CAAC;IAChD,CAAC;IAED,uEAAuE;IACvE,oEAAoE;IACpE,uDAAuD;IACvD,sEAAsE;IACtE,qEAAqE;IACrE,aAAa;IACb,MAAM,EAAE,eAAe,EAAE,GAAG,CAAC,MAAM,MAAM,CAAC,aAAa,CAAC,CAAQ,CAAC;IAEjE,MAAM,YAAY,GAAG,iBAAiB,EAAE,CAAC;IACzC,MAAM,OAAO,GAA+B,EAAE,CAAC;IAC/C,MAAM,KAAK,GAAqB,EAAE,CAAC;IAEnC,KAAK,MAAM,CAAC,UAAU,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5D,IAAI,CAAC;YACH,+DAA+D;YAC/D,yCAAyC;YACzC,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBAChD,IAAI,YAAY,EAAE,CAAC;oBACjB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBAC9B,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,YAAY,CAAC,EAAE,CAAC;wBAC7C,MAAM,IAAI,KAAK,CACb,aAAa,GAAG,CAAC,QAAQ,kCAAkC,CAC5D,CAAC;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;YAED,IAAI,SAAc,CAAC;YACnB,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBACxB,SAAS,GAAG;oBACV,IAAI,EAAE,KAAc;oBACpB,GAAG,EAAE,IAAI,CAAC,GAAG;oBACb,OAAO,EAAE,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC;iBAC7C,CAAC;YACJ,CAAC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO,IAAK,IAAY,CAAC,OAAO,EAAE,CAAC;gBAC1D,MAAM,SAAS,GAAG,IAAmD,CAAC;gBACtE,MAAM,EAAE,8BAA8B,EAAE,GAAG,MAAM,MAAM,CACrD,uBAAuB,CACxB,CAAC;gBACF,SAAS,GAAG,IAAI,8BAA8B,CAAC;oBAC7C,OAAO,EAAE,SAAS,CAAC,OAAO;oBAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;oBACpB,GAAG,EAAE,SAAS,CAAC,GAAG;iBACnB,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,iEAAiE;gBACjE,iCAAiC;gBACjC,MAAM,QAAQ,GAAG,IAAgD,CAAC;gBAClE,SAAS,GAAG;oBACV,IAAI,EAAE,MAAe;oBACrB,GAAG,EAAE,QAAQ,CAAC,GAAG;oBACjB,OAAO,EAAE,cAAc,CAAC,QAAQ,CAAC,OAAO,EAAE,KAAK,CAAC;oBAChD,8DAA8D;oBAC9D,gCAAgC;oBAChC,QAAQ,EAAE,OAAgB;iBAC3B,CAAC;YACJ,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;YACpD,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC,CAAC;YAEnD,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;YACzC,KAAK,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC7D,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACX,gBAAgB,SAAS,aAAa,UAAU,WAAW,EAC3D,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK;QACL,OAAO,EAAE,KAAK,IAAI,EAAE;YAClB,MAAM,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAC/C,CAAC;KACF,CAAC;AACJ,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@polpo-ai/tools",
-  "version": "0.6.25",
+  "version": "0.6.26",
   "description": "Agent tools for Polpo — coding, browser, email, search, and more. Core tools work everywhere, extended tools are opt-in.",
   "type": "module",
   "main": "dist/index.js",
@@ -16,19 +16,21 @@
     "README.md"
   ],
   "dependencies": {
+    "@ai-sdk/mcp": "^1.0.36",
+    "@modelcontextprotocol/sdk": "^1.29.0",
     "@sinclair/typebox": "^0.34.0",
     "nanoid": "^5.0.0",
-    "@polpo-ai/core": "0.6.25"
+    "@polpo-ai/core": "0.6.26"
   },
   "optionalDependencies": {
+    "docx": "^9.5.0",
+    "exceljs": "^4.4.0",
     "execa": "^9.0.0",
-    "playwright-core": "^1.52.0",
-    "nodemailer": "^8.0.0",
     "imapflow": "^1.2.0",
-    "exceljs": "^4.4.0",
+    "mammoth": "^1.11.0",
+    "nodemailer": "^8.0.0",
     "pdf-lib": "^1.17.0",
-    "docx": "^9.5.0",
-    "mammoth": "^1.11.0"
+    "playwright-core": "^1.52.0"
   },
   "peerDependencies": {
     "zod": ">=3.0.0 || >=4.0.0"