@sassoftware/sas-score-mcp-serverjs 1.0.1-9 → 1.1.1

package/.skills/skills/score-program/SKILL.md

@@ -0,0 +1,59 @@
+---
+name: score-program
+description: >
+  Scoring workflow for SAS Program  and Macro model types.
+  Use when the user wants to score with a SAS program , or when the user references a SAS macro by name.
+  For CAS programs (casl) or CAS model tables, use score-cas instead.
+  No pre-verification step — programs are scored directly.
+  Handles both inline scenario scoring and table row scoring.
+---
+
+# Score SAS Program / Macro
+
+## When to use this skill
+- When the user wants to score a SAS program (`.sas`),
+- User references a SAS macro by name (Macro)
+
+  > For CAS programs (`.casl`) or CAS model tables, use the **score-cas** skill instead.
+
+## Tools
+
+| Type | Verify | Score |
+|---|---|---|
+| Program | *(no pre-check)* | `sas-score-program-score` |
+| Macro | *(no pre-check)* | `sas-score-macro-score` |
+
+## Inline Scenario Scoring
+
+**Program (`.sas`):**
+- Score directly: `sas-score-program-score({ src, scenario, folder, output, limit })`
+
+**Macro:**
+- Score directly: `sas-score-macro-score({ macro, scenario })`
+
+> No verification step for any program type — they are executed directly.
+
+## Table Row Scoring
+
+**Parsing row count:**
+
+| User says | start | limit |
+|---|---|---|
+| "score the first N rows from lib.table" | 1 | N |
+| "score N rows from lib.table" | 1 | N |
+| (count not specified) | 1 | 10 |
+
+**Flow:**
+1. Read table → use read-strategy skill
+2. Score each row — tools accept a single row; loop over rows calling the tool for each
+3. Return rows with predictions appended
+4. Cap batch at 10 rows by default; ask user before proceeding with larger batches
+
+## Error Handling
+
+| Error | Action |
+|---|---|
+| Program source not found | Confirm `src` path or folder with user |
+| Table not found | Confirm table name and library |
+| Empty table | Ask user to adjust filter or confirm criteria |
+| Scoring failure | Return tool error verbatim |

package/.skills/skills/score-strategy/SKILL.md

@@ -0,0 +1,39 @@
+---
+name: score-strategy
+description: >
+  Scoring router — classifies model type and delegates to the appropriate scoring skill.
+  Use this as the entry point for any scoring request.
+---
+
+# Score Strategy (Router)
+
+## Step 1 — Identify model type
+
+Use the `a.b` notation rule from request-routing:
+
+| Suffix `b` | Model type | Skill to use |
+|---|---|---|
+| `.mas` or *(no suffix — default)* | MAS | **score-mas-scr** |
+| `.scr` | SCR | **score-mas-scr** |
+| `.job` | Job | **score-job-jobdef** |
+| `.jobdef` | JobDef | **score-job-jobdef** |
+| `.sas` | SAS Program | **score-program** |
+| `.casl` | CAS Program (inline src) | **score-cas** |
+| CAS model table (`lib.table` form, no recognized suffix) + user says "cas model" | CAS Model | **score-cas** |
+| Macro name (no `.` suffix) | Macro | **score-program** |
+
+## Step 2 — Delegate
+
+Load the appropriate skill and follow its workflow:
+
+- **MAS / SCR** → `score-mas-scr` skill
+- **Job / JobDef** → `score-job-jobdef` skill
+- **SAS Program / Macro** → `score-program` skill
+- **CAS Program / CAS Model** → `score-cas` skill
+
+## Model Type from `a.b` Notation
+
+Short form: if `b ∈ {mas, job, jobdef, scr, sas, casl}` → model type suffix; anything else → table reference.
+Default (no suffix) → MAS.
+
+> **CAS disambiguation:** if the user explicitly says "cas model" or "casmodel" with a `lib.table` reference (no `.casl` suffix), route to **score-cas** with `casmodel` param instead of the MAS default.

package/README.md

@@ -1,5 +1,6 @@
 # sas-score-mcp-serverjs
-A Model Context Protocol (MCP) Server for Scoring with SAS Viya
+A Model Context Protocol (MCP) Server for Scoring with SAS Viya. 
+See [wiki](https://github.com/sassoftware/sas-score-mcp-serverjs/wiki) for the capabilities of the server.
 
 ## Major changes in release 1.0.0
 
@@ -8,6 +9,8 @@ A Model Context Protocol (MCP) Server for Scoring with SAS Viya
 
 - Agent - can be deployed as an agent
 
+- Docker image:  ghcr.io/sassoftware/sas-score-mcp-serverjs
+
 
 ## Overview
 This MCP server is designed for scoring with SAS Viya.
@@ -22,6 +25,33 @@ Some examples are:
   - job Definitions
   - jobs using SAS Studio or other interfaces
 
+## Start the mcp server
+
+If using stdio transport, most of the mcp clients will start the server automatically.
+But for http transport, the mcp server must be started. 
+
+If running locally
+```sh
+npx @sassoftware/sas-score-mcp-serverjs@latest
+```
+
+The mcp is also available as a docker image. Add or remove the env variables as needed.
+
+```sh
+docker run -p 8080:8080 --name sasscore -e VIYA_SERVER=<yourviyaserver> -e AUTHFLOW=oauth ghcr.io/sassoftware/sas-score-mcp-serverjs:latest
+```
+
+## Capabilities
+
+The tools can be grouped into these categories
+
+- Scoring with MAS models, job, jobdef and scr
+- Viewing and querying tables
+
+Supporting tools can be grouped into these categories
+- Listing of  MAS models, job, jobdef , tables
+- Describing MAS models, job, jobdef, scr and tables
+
 ## Target Audience
 This MCP server was developed for two types of SAS users.
 
@@ -44,88 +74,102 @@ Typically these are set either in the .env file or as environment variables or a
 
 ### Required Options
 
-VIYA_SERVER=<url for Viya server>
-MCPTYPE=http|stdio
-MCPHOST=<url for the mcp server = http://localhost:8080 or some remote mcp server>
+1. VIYA_SERVER=
+   <url for Viya server>. 
 
->Recommended authflow is oauth - the most secure of all the options since all oauth flow occurs in the server and the actual token is never sent to the client. Bearer authflow is useful when the mcp server is remote with its own authentication process
+### Options with defaults
 
-AUTHFLOW=oauth|oauthclient|bearer|sascli|token|password
+These can be customized
 
-> Options for oauth. The clientid must have a redirect of http://localhost:8080/callback,https://localhost:8080/callback
+1. AUTHFLOW=**oauth**|oauthclient|bearer|sascli|token|password 
+    - Authentication method. Default is oauth
 
-CLIENTID=<pkce clientid>
+2. CLIENTID=**vscodemcp** 
+     - Clientid for oauth and oauthclient AUTHFlOW. Must be PKCE clientid. 
+     
 
+3. MCPTYPE=**http**|stdio  
+    - The transport protocol for the mcp server. 
 
-> OauthClient Flow. Clientid with redirect appropriate for the client. Some examples are shown below. Note that the explicit port used by github copilot is not guaranteed. 
+4. MCPHOST=**http://localhost:8080**
+   - URL of the mcp server. If using remote mcp server, set this to remote MCP server
 
-- github copilot: http://127.0.0.1:33418/
-- claude: https://claude.ai/api/mcp/auth_callback,https://claude.ai/api/auth/callback
+5. PROFILE=**~/.sas**
+    - profile name used by sas-cli to store the tokens 
 
-> bearer - Use this when the remote mcp server sends the token in the header.
+6. PORT=**8080**
+    - set it to what fits your environment. 
 
+7. CASSERVER=**cas-shared-default** 
+    - Set to a valid cas server
 
-> sascli - Use sas-viya cli to create the token information. It is stored in ~/.sas folder by default
+8. COMPUTECONTEXT=**"SAS Job Execution compute context"**
+    - Use one that is appropriate
 
-```env
-PROFILE=<profile name used by sas-cli to store the tokens in ~/.sas> 
-```
+### Clientid specifications
 
-### Other options
+If using remote mcp server, change the url in redirect to the remote url
 
-```env
-PORT=<default is 8080>
-HTTPS=FALSE
-CASSERVER=CAS server name (default: cas-shared-default)
-COMPUTECONTEXT=Compute session name or context (default: SAS Job Execution compute context) 
+```js
+{
+  client_id: 'vscodemcp',
+  scope: [ 'openid' ],
+  resource_ids: [ 'none' ],
+  autoapprove: true,
+  authorized_grant_types: [ 'authorization_code' ],
+  access_token_validity: 86400,
+  allowpublic: true,
+  redirect_uri: [ 'http://localhost:8080/callback' ]
+}
 ```
 
-## Agent
+> OauthClient Flow. Clientid with redirect appropriate for the client. Some examples are shown below. Note that the explicit port used by github copilot is not guaranteed. 
+
+- github copilot: http://127.0.0.1:33418/
+- claude: https://claude.ai/api/mcp/auth_callback,https://claude.ai/api/auth/callback
 
-> The mcp server can be deployed as an agent in github copilot
-> The configuration files for claude can be installed locally. You have to move the files to the appriopiate place.
 
-Specify the following configuration values to enable agent mode
+## Agent and skills
 
-```env
-AGENT=TRUE
-MCPCLIENT=github|claude
-```
+> The mcp server can be deployed as an agent in github copilot
+> The configuration files for claude can be installed locally. You have to move the files to the appriopiate place.
 
-By default the agent information is installed in the user's home directory as .github or .claude} To install it where the mcp server is running do the following:
+To download the skills to your environment issue this command:
 
-```env
-MCPCLIENT=.github|.claude
+```sh
+npx @sassoftware/sas-score-mcp-serverjs --skills github|claude
 ```
+The skills and related files will be written to .github or .claude 
 
 
 ## Configure the mcp client for localhost
 
-The mcp configuration is show below
+The mcp configuration for oauth flow. For remote mcp, change the url to the
+remote url
 
 ```json
  "sasmcp": {
     "type": "http",
-    "url": "http://localhost:8080/mcp"``
+    "url": "http://localhost:8080/mcp"
     "oauth: {
-      "type": "oauth2"
+      "type": "oauth2",
+      "clientId: "vscodemcp"
     }
  }
 ```
 
-For remote mcp servers:
+For bearer authflow. 
 ```json
  "sasmcp": {
     "type": "http",
-    "url": "your remote mcp server`,
-    "oauth": {
-      "type": 'oauth2
-    }
+    "url": "http://localhost:8080/mcp`,
+    "headers" {
+      "Authorization": "bearer <tokenstring>"
+      }
  }
 ```
 
-For transport protocol stdio. For claude drop the type
-
+For stdio scenario
 ```json
 "sas-mcp-server": {
       "type: "stdio"
@@ -141,17 +185,7 @@ For transport protocol stdio. For claude drop the type
     }
 ```
 
-#### Step 2: Start the mcp server
 
-If using stdio transport, most of the mcp clients will start the server automatically.
-But this step is necessary of using http transport.
-
-
-```sh
-npx @sassoftware/sas-score-mcp-serverjs@latest
-```
-
-Make sure that the .env file is in the current working directory or specify the options in the command line
 
 
 ## Notes
@@ -196,7 +230,15 @@ NODE_EXTRA_CA_CERTS=c:\Users\<your_username>\AppData\Local\mkcert\rootCA.pem
 ```
 
 ## License
-This project is licensed under the [Apache 2.0 license](LICENSE).
+This project is licensed under the Apache License 2.0. See [LICENSE](LICENSE).
+
+The container image published from this repository also includes third-party software, each component under its own license:
+
+- The npm dependencies that ship with this project, along with their respective licenses, are listed in [LICENSES.json](LICENSES.json).
+- The container is built from the 25-alpine base image; license texts for its included software ship inside the image itself. License information for each Alpine package is available at [pkgs.alpinelinux.org](https://pkgs.alpinelinux.org/packages).
+
+As with any container image, direct and indirect dependencies are governed by their own licenses.
+Users of the published container image are responsible for ensuring that their use complies with all applicable licenses.
 
 ## Additional Resources
 

package/cli.js

@@ -9,8 +9,6 @@
 
 import coreSSE from './src/coreSSE.js';
 import expressMcpServer from './src/expressMcpServer.js';
-import hapiMcpServer from './src/hapiMcpServer.js';
-
 import createMcpServer from './src/createMcpServer.js';
 // import dotenvExpand from 'dotenv-expand';
 import fs from 'fs';
@@ -25,7 +23,8 @@ import setupSkills from './src/setupSkills.js';
 import { parseArgs } from "node:util";
 
 import NodeCache from 'node-cache';
-import { be } from 'zod/locales';
+//import { be } from 'zod/locales';
+//import { auth } from '@modelcontextprotocol/sdk/client/auth';
 //import getOpts from './src/toolHelpers/getOpts.js';
 
 const __dirname = dirname(fileURLToPath(import.meta.url));
@@ -140,6 +139,7 @@ Options:
   MCP server options:
     -t, --mcptype <type>           MCP server type: http or stdio (default: http)
     -m, --mcphost <host>           MCP server host - can be remote URL - (default: http://localhost:8080)
+    --agent                 Enable agent mode (default: false) with a pre-configured set of skills based on the client specified
   
   Authentication options:
     -c, --clientid <id>            Client ID for oauth authentication(pkce preferred. default: vscodemcp)
@@ -205,7 +205,7 @@ process.env.AUTHFLOW = args.values.authflow || process.env.AUTHFLOW || 'oauth';
 process.env.MCPCLIENT = args.values.client || process.env.MCPCLIENT || 'github';
 process.env.VIYA_SERVER = args.values.viya || process.env.VIYA_SERVER;
 process.env.CLIENTID = args.values.clientid || process.env.CLIENTID || 'vscodemcp';
-process.env.CLIENTSECRET = null;
+process.env.CLIENTSECRET = args.values.clientid || process.env.CLIENTID || null;
 process.env.SAS_CLI_PROFILE = args.values.profile || process.env.SAS_CLI_PROFILE || 'Default';
 process.env.SAS_CLI_CONFIG = args.values.config || process.env.SAS_CLI_CONFIG || os.homedir(); // default to user home directory
 process.env.CASSERVER = args.values.casserver || process.env.CASSERVER || 'cas-shared-default';
@@ -268,12 +268,15 @@ let mcpHost = process.env.MCPHOST;
 if (authFlow === 'oauth' || authFlow === 'oauthclient') {
   authFlow = 'bearer';
   authExternal = (authFlow === 'oauthclient') ? true : false;
+} else if (authFlow === 'bearer') {
+  authExternal = true; // in bearer token flow we assume the token is generated externally and passed in via env variable or token file, so we set authExternal to true to indicate that  
 }
-let autoLogon = process.env.AUTOLOGON != null ? process.env.AUTOLOGON.toUpperCase() : "FALSE";
+  let autoLogon = process.env.AUTOLOGON != null ? process.env.AUTOLOGON.toUpperCase() : "FALSE";
 const appEnvBase = {
   version: version,
   mcpType: mcpType,
   mcpClient: process.env.MCPCLIENT || 'github',
+  agent: (process.env.AGENT === 'TRUE') ? true : false,
   mcpHost: (process.env.MCPHOST == null) ? 'http://localhost:8080' : process.env.MCPHOST,
   brand: (process.env.BRAND == null) ? BRAND : process.env.BRAND,
   HTTPS: https,
@@ -437,6 +440,7 @@ Options:
     PORT                          ${appEnvBase.PORT}
     HTTPS                         ${appEnvBase.contexts.HTTPS}
     CLIENT                        ${appEnvBase.mcpClient}
+    AGENT                         ${appEnvBase.agent}
 
   Authentication options:
     AUTHFLOW                      ${process.env.AUTHFLOW}  
@@ -468,14 +472,8 @@ if (mcpType === 'stdio') {
 
 } else {
   console.error('[Note] Starting HTTP MCP server...');
-  if (useHapi === true) {
-    process.env.AUTHTYPE = null;
-    await hapiMcpServer(mcpServer, sessionCache, appEnvBase);
-    console.error('[Note] Using HAPI HTTP server...')
-  } else {
-    await expressMcpServer(mcpServer, sessionCache, appEnvBase);
-    console.error('[Note] MCP HTTP express server started on port ' + appEnvBase.PORT);
-  }
+  await expressMcpServer(mcpServer, sessionCache, appEnvBase);
+  console.error('[Note] MCP HTTP express server started on port ' + appEnvBase.PORT);
 }
 
 // custom reader for .env file to avoid dotenv logging to console

package/openApi.yaml

@@ -1,121 +1,121 @@
-swagger: "2.0"
-info:
-  title: SAS Viya Sample MCP Server API
-  version: "1.0.0"
-  description: API for interacting with the SAS Viya Sample MCP Server.
-host: localhost:8080
-basePath: /
-schemes:
-  - http
-  - https
-consumes:
-  - application/json
-produces:
-  - application/json
-paths:
-  /health:
-    get:
-      summary: Health check
-      description: Returns health and version information.
-      responses:
-        200:
-          description: Health information
-          schema:
-            type: object
-            properties:
-              name:
-                type: string
-              version:
-                type: string
-              description:
-                type: string
-              endpoints:
-                type: object
-              usage:
-                type: string
-  /apiMeta:
-    get:
-      summary: API metadata
-      description: Returns the OpenAPI specification for this server.
-      responses:
-        200:
-          description: OpenAPI document
-          schema:
-            type: object
-  /mcp:
-    options:
-      summary: CORS preflight
-      description: CORS preflight endpoint.
-      responses:
-        204:
-          description: No Content
-    post:
-      summary: MCP request
-      description: Handles MCP JSON-RPC requests.
-      parameters:
-        - name: body
-          in: body
-          required: true
-          schema:
-            type: object
-        - name: Authorization
-          in: header
-          required: false
-          type: string
-          description: Bearer token for authentication
-        - name: X-VIYA-SERVER
-          in: header
-          required: false
-          type: string
-          description: Override VIYA server
-        - name: X-REFRESH-TOKEN
-          in: header
-          required: false
-          type: string
-          description: Refresh token for authentication
-        - name: mcp-session-id
-          in: header
-          required: false
-          type: string
-          description: Session ID
-      responses:
-        200:
-          description: MCP response
-          schema:
-            type: object
-        500:
-          description: Server error
-          schema:
-            type: object
-    get:
-      summary: Get MCP session
-      description: Retrieves information for an MCP session.
-      parameters:
-        - name: mcp-session-id
-          in: header
-          required: true
-          type: string
-          description: Session ID
-      responses:
-        200:
-          description: Session information
-          schema:
-            type: object
-        400:
-          description: Invalid or missing session ID
-    delete:
-      summary: Delete MCP session
-      description: Deletes an MCP session.
-      parameters:
-        - name: mcp-session-id
-          in: header
-          required: true
-          type: string
-          description: Session ID
-      responses:
-        200:
-          description: Session deleted
-          schema:
-            type: object
-        400:
-          description: Invalid or missing session ID
+swagger: "2.0"
+info:
+  title: SAS Viya Sample MCP Server API
+  version: "1.0.0"
+  description: API for interacting with the SAS Viya Sample MCP Server.
+host: localhost:8080
+basePath: /
+schemes:
+  - http
+  - https
+consumes:
+  - application/json
+produces:
+  - application/json
+paths:
+  /health:
+    get:
+      summary: Health check
+      description: Returns health and version information.
+      responses:
+        200:
+          description: Health information
+          schema:
+            type: object
+            properties:
+              name:
+                type: string
+              version:
+                type: string
+              description:
+                type: string
+              endpoints:
+                type: object
+              usage:
+                type: string
+  /apiMeta:
+    get:
+      summary: API metadata
+      description: Returns the OpenAPI specification for this server.
+      responses:
+        200:
+          description: OpenAPI document
+          schema:
+            type: object
+  /mcp:
+    options:
+      summary: CORS preflight
+      description: CORS preflight endpoint.
+      responses:
+        204:
+          description: No Content
+    post:
+      summary: MCP request
+      description: Handles MCP JSON-RPC requests.
+      parameters:
+        - name: body
+          in: body
+          required: true
+          schema:
+            type: object
+        - name: Authorization
+          in: header
+          required: false
+          type: string
+          description: Bearer token for authentication
+        - name: X-VIYA-SERVER
+          in: header
+          required: false
+          type: string
+          description: Override VIYA server
+        - name: X-REFRESH-TOKEN
+          in: header
+          required: false
+          type: string
+          description: Refresh token for authentication
+        - name: mcp-session-id
+          in: header
+          required: false
+          type: string
+          description: Session ID
+      responses:
+        200:
+          description: MCP response
+          schema:
+            type: object
+        500:
+          description: Server error
+          schema:
+            type: object
+    get:
+      summary: Get MCP session
+      description: Retrieves information for an MCP session.
+      parameters:
+        - name: mcp-session-id
+          in: header
+          required: true
+          type: string
+          description: Session ID
+      responses:
+        200:
+          description: Session information
+          schema:
+            type: object
+        400:
+          description: Invalid or missing session ID
+    delete:
+      summary: Delete MCP session
+      description: Deletes an MCP session.
+      parameters:
+        - name: mcp-session-id
+          in: header
+          required: true
+          type: string
+          description: Session ID
+      responses:
+        200:
+          description: Session deleted
+          schema:
+            type: object
+        400:
+          description: Invalid or missing session ID