@polygraphso/litmus 0.2.0 → 0.2.1

package/dist/mcp.js

@@ -17,14 +17,12 @@ import {
 
 // src/mcp.ts
 import { realpathSync } from "fs";
-import { fileURLToPath as fileURLToPath2 } from "url";
+import { fileURLToPath } from "url";
 import { McpServer as McpServer2 } from "@modelcontextprotocol/sdk/server/mcp.js";
-import { StdioServerTransport as StdioServerTransport2 } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 
 // ../mcp/src/index.ts
-import { fileURLToPath } from "url";
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
-import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 
 // ../mcp/src/tools/verify-attestation.ts
 import { z } from "zod";
@@ -100,58 +98,8 @@ async function resolveUid(serverRef) {
   }
 }
 
-// ../mcp/src/index.ts
-function buildServer() {
-  const server = new McpServer(
-    { name: "polygraph", version: "0.0.0" },
-    {
-      instructions: [
-        "polygraph issues behavioral litmus grades for MCP servers, published",
-        "onchain. Use `verify_attestation` to read a server's grade before",
-        "recommending, installing, or paying it. A server with no attestation is",
-        "unevaluated \u2014 neither safe nor unsafe; say so."
-      ].join("\n")
-    }
-  );
-  server.registerTool(
-    VERIFY_TOOL_NAME,
-    {
-      title: VERIFY_TOOL_TITLE,
-      description: VERIFY_TOOL_DESCRIPTION,
-      inputSchema: verifyInputShape,
-      annotations: {
-        title: VERIFY_TOOL_TITLE,
-        readOnlyHint: true,
-        destructiveHint: false,
-        idempotentHint: true,
-        openWorldHint: true
-      }
-    },
-    handleVerify
-  );
-  return server;
-}
-async function main() {
-  const server = buildServer();
-  await server.connect(new StdioServerTransport());
-}
-var invokedDirectly = (() => {
-  try {
-    return process.argv[1] === fileURLToPath(import.meta.url);
-  } catch {
-    return false;
-  }
-})();
-if (invokedDirectly) {
-  main().catch((err) => {
-    process.stderr.write(`polygraph-mcp: fatal: ${err instanceof Error ? err.message : String(err)}
-`);
-    process.exit(1);
-  });
-}
-
 // src/mcp.ts
-function buildServer2() {
+function buildServer() {
   const server = new McpServer2(
     { name: "polygraph-litmus", version: "0.1.0" },
     {
@@ -208,23 +156,23 @@ function buildServer2() {
   );
   return server;
 }
-async function main2() {
-  await buildServer2().connect(new StdioServerTransport2());
+async function main() {
+  await buildServer().connect(new StdioServerTransport());
 }
-var invokedDirectly2 = (() => {
+var invokedDirectly = (() => {
   try {
-    return realpathSync(process.argv[1] ?? "") === fileURLToPath2(import.meta.url);
+    return realpathSync(process.argv[1] ?? "") === fileURLToPath(import.meta.url);
   } catch {
     return false;
   }
 })();
-if (invokedDirectly2) {
-  main2().catch((err) => {
+if (invokedDirectly) {
+  main().catch((err) => {
     process.stderr.write(`polygraphso-litmus-mcp: fatal: ${err instanceof Error ? err.message : String(err)}
 `);
     process.exit(1);
   });
 }
 export {
-  buildServer2 as buildServer
+  buildServer
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@polygraphso/litmus",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "Behavioral litmus harness for MCP servers — grade a server A–F (tool-output injection, egress, sensitive-data), then hand off to mint an onchain attestation. Ships a CLI and an MCP server with a run_litmus tool for AI agents.",
   "license": "Apache-2.0",
   "homepage": "https://polygraph.so",
@@ -59,8 +59,8 @@
     "vitest": "^2.1.0",
     "@polygraph/core": "0.0.0",
     "@polygraph/probes": "0.0.0",
-    "@polygraph/onchain": "0.0.0",
     "@polygraph/agent": "0.0.0",
+    "@polygraph/onchain": "0.0.0",
     "@polygraph/mcp": "0.0.0",
     "@polygraph/cli": "0.0.0"
   },