@seldonframe/mcp 1.27.6 → 1.27.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +3 -1
  2. package/src/welcome.js +2 -2
package/package.json CHANGED
@@ -1,6 +1,8 @@
1
1
  {
2
2
  "name": "@seldonframe/mcp",
3
- "version": "1.27.6",
3
+ "version": "1.27.8",
4
+ "description": "MCP server for SeldonFrame — AI-native Business OS platform. v1.27.8: RESCHEDULE/CANCEL TOOLS + ANTI-HALLUCINATION RULE (CRM-side; MCP package version bumped for SemVer hygiene). PROBLEM: real-world dogfood reschedule conversation went perfectly UX-wise — agent asked the right questions, resolved 'next Monday at 2pm', confirmed, said 'Perfect! Your appointment has been rescheduled to Monday, May 12 at 2:00 PM. You'll receive a confirmation email at dresslikeag@gmail.com.' But the database wasn't actually updated. Customer's contact-detail page in the operator's CRM still showed the OLD May 21 booking. The agent had hallucinated success. WHY: the website-chatbot archetype's default capabilities were [look_up_availability, book_appointment, find_my_existing_appointment, escalate_to_human, provide_faq_answer]. There was NO reschedule_appointment OR cancel_appointment tool. The agent, when asked to reschedule, found the booking via find_my_existing_appointment, then had no actual mutation path — but rather than escalate, it confidently fabricated the completion. ARCHITECTURAL FIX (two layers): the missing tools AND the missing constraint. WHAT SHIPS: (1) reschedule_appointment TOOL. New agent tool that ACTUALLY mutates bookings.startsAt + endsAt + updatedAt, atomic UPDATE WHERE id=booking_id AND orgId=ctx.orgId AND email=customer_email. The customer_email arg is a security check — a hallucinated bookingId from a different workspace can't slip through because the email won't match. Preserves duration (computes newEndsAt = newStartsAt + (oldEndsAt - oldStartsAt)). Returns { ok, bookingId, newStartsAt } on success, { ok: false, reason } on email mismatch / missing booking / invalid date. (2) cancel_appointment TOOL. New agent tool. UPDATE bookings SET status='cancelled' WHERE same triple-match (id, orgId, email). Same security model. (3) UPDATED DEFAULT CAPABILITIES. DEFAULT_CAPABILITIES_BY_ARCHETYPE in store.ts adds reschedule_appointment + cancel_appointment to website-chatbot, voice-receptionist, and sms-followup-bot. New agents created from v1.27.8 onwards include them automatically. (4) SETTINGS UI EXPOSES NEW CAPS. ALL_CAPABILITIES in /agents/[id]/settings/page.tsx adds the two new toggles. Existing agents (created pre-v1.27.8) need their operator to check the new boxes + Save to enable the tools — auto-mutation of existing blueprints is intentionally avoided. (5) ANTI-HALLUCINATION SYSTEM PROMPT RULE. The 'Be smart by default' section in composeSystemPrompt gains a new rule #6: 'NEVER claim an action you didn't actually take.' Explicit list: 'I rescheduled it' / 'Done, you're booked' / 'I cancelled it' / 'I let the team know' all REQUIRE the corresponding tool call (reschedule_appointment / book_appointment / cancel_appointment / escalate_to_human) with ok=true returned BEFORE the agent confirms to the visitor. Operator never authors this — platform owns it. As Claude gets better at avoiding action hallucinations, this rule becomes a hint instead of a crutch; architecture stable. NO migrations, NO new env vars. Backend redeploy required. EXISTING-AGENT MIGRATION: operators of pre-v1.27.8 agents need ONE manual step — open /agents/<id>/settings, tick the two new capability boxes (reschedule_appointment + cancel_appointment), Save. Or call update_agent_blueprint from Claude Code with the full new capabilities array. EXPECTED IMPACT on the conversation that triggered this fix: agent calls reschedule_appointment(booking_id=..., new_starts_at_iso='2026-05-12T14:00:00Z', customer_email='dresslikeag@gmail.com'), gets ok=true, THEN tells the visitor 'Done — you're now booked for Monday, May 12 at 2:00 PM.' The booking row actually moves. Operator's CRM contact-detail page reflects the new time.",
5
+ "description": "MCP server for SeldonFrame — AI-native Business OS platform. v1.27.7: AGENT INTELLIGENCE BASELINE (CRM-side; MCP package version bumped for SemVer hygiene). PROBLEM: real-world dogfood showed three baseline-intelligence failures every agent inherits regardless of blueprint quality. (a) Asked 'what date is this Friday?' — agent had no temporal grounding. The system prompt didn't tell it today's date or timezone, so 'this Friday', 'tomorrow', 'next week' couldn't be resolved. (b) Asked customer to re-confirm name + phone after find_my_existing_appointment matched the booking by email — the tool returned only the booking, not the linked contact, so the agent had to re-ask for info already on file. (c) End of turn asked 'what's the best email to reach you at?' even though the customer's email was the FIRST thing they typed three turns earlier — no_pii_leak validator over-fired (flagged the customer's own phone-number echo as a leak), runtime replaced with safe fallback that asks for email, infinite-loop UX. These are PLATFORM debt, not operator debt — operators shouldn't have to write 'agent should know what today is' in their FAQ. PHILOSOPHY (Karpathy / antifragile / thin-harness-fat-skill): every smart-by-default behavior belongs in the system-prompt composer (the FAT SKILL layer) or in tool data enrichment (the runtime data layer). Don't add tools, don't add validators, don't add wrappers. Add CONTEXT. As Claude gets better, richer context lifts more weight. WHAT SHIPS: (1) TEMPORAL GROUNDING. composeSystemPrompt accepts new {now, timezone} params. Runtime passes new Date() + organizations.timezone (the workspace's IANA timezone, defaulting to UTC). System prompt now starts with a '## Right now' section: 'Today is Thursday, May 7, 2026 (10:11 AM America/New_York). When the visitor says today / tomorrow / this Friday / next week, resolve them to a CONCRETE date using this anchor. Default to most natural interpretation: this Friday = next upcoming Friday; tomorrow = next calendar day; next week = same weekday 7 days out.' (2) BE-SMART-BY-DEFAULT BEHAVIORAL GUIDANCE. New '## Be smart by default' section in the composed prompt with 6 platform-owned rules: don't ask for info you already have; use linked-contact data when a tool returns it; echoing customer-provided data isn't a leak; default to optimistic interpretation; confirm before destructive actions; stay concise. Operator never authors these. As Claude gets better OR new failure modes surface, we expand THIS prose. Architecture stable. (3) find_my_existing_appointment NOW RETURNS LINKED CONTACT. The tool's return shape changes from Array<booking> to { appointments: Array<booking>, contact: { id, fullName, email, phone } | null }. Tool description updated to instruct the LLM to use the contact field instead of re-asking. The contact lookup is a JOIN on contacts.email matching the email argument; null when no contact record exists. (4) no_pii_leak VALIDATOR ACCEPTS conversationContext. ValidatorContext gains an optional conversationContext field — full conversation history's user messages + tool-result blobs concatenated. Runtime passes it on every validator run. The validator now treats this 'trusted source' as the allowlist for emails/phones — anything in the response that's NOT in the trusted set is flagged. Customer's own data echoed back, or contact's phone surfaced by find_my_existing_appointment then echoed in the response, are both fine — no false-positive leak flags. NO migrations (organizations.timezone column shipped earlier). NO new env vars. NO new MCP tool changes — but the underlying find_my_existing_appointment tool's return shape evolved. Backend redeploy required. EXPECTED IMPACT on the conversation that triggered this fix: agent resolves 'this Friday' to May 8 without asking; uses 'Maxime Houle (450-516-1803)' from the contact lookup without asking; doesn't ask for email a second time at end-of-conversation. Same blueprint, smarter agent.",
4
6
  "description": "MCP server for SeldonFrame — AI-native Business OS platform. v1.27.6: IN-DASHBOARD LLM KEY UI (CRM-side; MCP package contents unchanged from 1.27.5 but version bumped for SemVer hygiene). PROBLEM: v1.27.5 added a clean pre-flight banner to the agent sandbox saying 'No Anthropic API key configured', but the only fix path it suggested was 'Configure a key from Claude Code: configure_llm_provider({ ... })'. SF clients had NO in-dashboard UI to add their LLM key — they had to leave the dashboard, open Claude Code, find the SeldonFrame MCP, call the tool. Friction. WHAT SHIPS: (1) NEW PAGE /settings/integrations/llm. Two cards (Anthropic + OpenAI), each shows: configured/not-configured pill, last-saved hint (sk-ant-...XXXX masked) + savedAt timestamp when present, password-input field for paste-and-replace, Save key button, Remove key button. Form-action server actions (saveLlmKeyAction, removeLlmKeyAction) live in lib/integrations/llm/actions.ts. Same encryption + storage path as the MCP configure_llm_provider tool — both write to organizations.integrations[provider].apiKey with the v1. prefix; the agent runtime decrypts uniformly via lib/ai/client.getAIClient regardless of source. (2) PROVIDER-SPECIFIC KEY-SHAPE VALIDATION. Anthropic keys must start with sk-ant-, OpenAI keys with sk-. Catches the most common paste mistakes (wrong provider for the field, leading whitespace, etc.) before encryption. (3) DEEP-LINK FROM SANDBOX BANNER. The /agents/[id]/test pre-flight 'No Anthropic API key configured' banner now includes an 'Add key' button linking directly to /settings/integrations/llm. Two-click fix from sandbox to working agent. (4) DISCOVERABILITY CARD on /settings/integrations index. New 'AI / LLM Providers' card at the top of the integrations list with 'Manage keys →' button. Operators browsing integrations naturally find the LLM section first. NO migrations, NO new env vars (ENCRYPTION_KEY already required). NO MCP tool changes — MCP configure_llm_provider keeps working in parallel; same column, same encryption. Backend redeploy required. EXPECTED IMPACT: SF clients hitting the 'No key' banner can now resolve in 2 clicks (button → paste → Save) instead of switching tools. The MCP path stays for Claude Code users; the dashboard path stays for browser users; both write to the same encrypted column.",
5
7
  "description": "MCP server for SeldonFrame — AI-native Business OS platform. v1.27.5: SANDBOX DIAGNOSTIC UX (CRM-side; MCP package contents unchanged from 1.27.4 but version bumped for SemVer hygiene). PROBLEM: real-world dogfood showed that when an SF client tested their agent in /agents/[id]/test sandbox and the runtime errored (e.g. Anthropic credit balance too low), the sandbox surfaced the customer-facing fallback 'I'm having a hiccup. Can I have someone follow up with you? What's your email?' — which is intentionally vague for end customers but USELESS for the SF client trying to debug. Worse, it LOOPED: every subsequent turn re-fired the same fallback, asking for the email again. The real diagnostic ('Your credit balance is too low to access the Anthropic API') was buried in Vercel server logs only. WHAT SHIPS: (1) ANTHROPIC ERROR CLASSIFIER. New classifyAnthropicError() in runtime.ts maps raw Anthropic error strings to stable reason codes + operator-friendly hints: llm_credit_exhausted (→ 'Add credits at console.anthropic.com/settings/billing'), llm_invalid_key (→ 'Update via configure_llm_provider with a fresh sk-ant-... key'), llm_rate_limited (→ 'Wait ~60s or raise your tier'), llm_model_unavailable (→ 'Contact SF support'), llm_overloaded (→ 'Try again in a moment'), llm_timeout (→ 'Check outbound connectivity'), llm_error (→ generic). (2) TEST-MODE-AWARE FALLBACK. runtime.ts fallbackMessage now branches on conv.status: status='test' → returns the real diagnostic ('[runtime error: llm_credit_exhausted] Anthropic account has no credits left...'), status='active'/'live' → keeps the customer-facing 'hiccup' fallback. Same code path; different audience treatment. (3) PRE-FLIGHT DIAGNOSTIC BANNERS at /agents/[id]/test. Server component checks BEFORE rendering the chat: agent status (must be test or live), Anthropic key presence in organizations.integrations, daily token budget remaining. Each fail surfaces a colored banner with title + actionable message + (when applicable) a quick-link button to the right fix surface. Block-level fails (no key, budget exhausted, draft status) hide the chat entirely so the operator can't waste a turn discovering the issue. Warning-level (>80% budget) shows the chat with a non-blocking banner. (4) SANDBOX HALT-AND-RETRY. test-client.tsx now tracks halted state. When the runtime returns degraded=true (in non-streaming JSON branch) or sends an SSE 'done' event with degraded:true, the sandbox: tags the assistant message as degraded with a red border + 'Runtime error · <reason>' label; disables the input box ('Resolve the error above to continue'); shows a 'Reset & retry' button that clears the conversation and starts fresh. No more infinite-loop-of-hiccup-prompts. NO migrations, NO new env vars, NO MCP tool changes. Backend redeploy required (the runtime + server-component changes ship with the next Vercel deploy of main).",
6
8
  "description": "MCP server for SeldonFrame — AI-native Business OS platform. v1.27.4: UNIFIED SIGN-OUT HOTFIX (CRM-side; MCP package contents unchanged from 1.27.3 but version bumped for SemVer hygiene). PROBLEM: dashboard-topbar 'Log out' called next-auth's signOut() which only clears the NextAuth session-token cookie. SF has THREE simultaneous auth sources since v1.25.0: NextAuth + operator-portal cookie (sf_operator_session) + admin-token Bearer header. Per v1.25.2 precedence, the operator portal cookie resolves FIRST in lib/auth/helpers.ts. So signing out via NextAuth left sf_operator_session intact → next request resolved as operator portal → user appears stuck in operator-portal mode (trimmed sidebar: Customers / Jobs / Booking only) and can't see the full admin dashboard with Agents / Pages / Email / etc. SYMPTOM: Acme AI agency operator builds an agent for Cypress Pine HVAC via Claude Code, opens https://app.seldonframe.com/dashboard, sees the operator-trimmed view (their agency dashboard hidden), clicks Log out → POST /api/auth/signout returns 200 + redirect /login → next request still resolves the same operator portal user via the surviving sf_operator_session cookie. Loop. Diagnostic logs showed 'userId: __sf_operator_portal__:fa5ba418-... ' even after the signout response. FIX: new lib/auth/actions.signOutAllSessionsAction server action that clears BOTH cookies in one call (operator portal first since it precedes NextAuth in resolution order, then NextAuth via signOut({redirect:false}), then redirect to /login). Admin-token doesn't need clearing — it's a stateless server-side credential, never stored in cookies. Wired into dashboard-topbar.tsx replacing the next-auth/react signOut() call with a form action — works without JavaScript, no client-side state to manage. NO migrations, NO new env vars. Backend redeploy required (the topbar component change ships with the next Vercel deploy of main).",
package/src/welcome.js CHANGED
@@ -8,7 +8,7 @@
8
8
  // stripped. `create_full_workspace` is the only workspace-creation
9
9
  // path mentioned anywhere in this briefing.
10
10
 
11
- export const VERSION = "1.27.6";
11
+ export const VERSION = "1.27.8";
12
12
 
13
13
  export const WELCOME_MARKDOWN = `# SeldonFrame — create a real Business OS in one conversation
14
14
 
@@ -402,4 +402,4 @@ admin dashboard. Pre-fills their email automatically.
402
402
  <https://seldonframe.com> · **Discord:** <https://discord.gg/sbVUu976NW>
403
403
  `;
404
404
 
405
- export const FIRST_CALL_BANNER = `🚀 SeldonFrame v1.27.6 is connected. CAPABILITY MAP — pick the right primitive BEFORE exploring tools: (a) "build me a website" → WORKSPACE → create_workspace_v2 + block tools. (b) "add a chatbot to my website / landing page" → AGENT (web chat) → create_agent({archetype:"website-chatbot"}) → embed.js script. CRITICAL ANTI-PATTERN: chat widgets are NOT blocks. Don't search list_blocks for chat — chat agents are a separate primitive (v1.26+). (c) "auto-reply to inbound SMS/email" → CONVERSATION → send_conversation_turn (one-shot Soul-aware reply, not a website widget). (d) "add hero/services/faq/cta section" → BLOCK → get_block_skill + persist_block. (e) "send campaign email/sms" → MESSAGING. (f) CRM ops → list_contacts/create_deal/etc. CHATBOT CANONICAL FLOW (5 calls): configure_llm_provider (BYOK Anthropic, skip if already set) → create_agent (faq + pricing_facts + greeting) → publish_agent({status:"test"}) → operator sandbox-tests at /agents/[id]/test → publish_agent({status:"live"}) auto-runs 8-scenario eval gate (≥87.5% pass required). Observability tools after publish: list_agents, tail_agent_conversations, get_agent_conversation, get_agent_metrics, run_agent_evals, replay_conversation. Dashboard surfaces /agents, /agents/[id]/test, /agents/[id]/settings, /agents/[id]/evals, /agents/[id]/conversations let operators iterate without leaving the browser. WORKSPACE FLOW (legacy reference): create_workspace_v2 → IN PARALLEL for all 7 recommended_blocks (hero, services, about, faq, cta, booking, intake): get_block_skill + persist_block → complete_workspace_v2 → finalize_workspace({workspace_id, email}). Run blocks in PARALLEL (Promise.all) — sequential takes 60+ seconds. v1.10+ CUSTOMIZE: regenerate_block, upload_workspace_image (image_url preferred over base64). v1.11+ STRUCTURAL: get_landing_structure, move_section, delete_section. v1.12+ COMPOSITES: add_composite_section / update_composite_section — manifest ANY block from 12 low-level primitives. Skipping finalize_workspace leaves the operator with no admin login. Every URL is real. NEVER create local files.`;
405
+ export const FIRST_CALL_BANNER = `🚀 SeldonFrame v1.27.8 is connected. CAPABILITY MAP — pick the right primitive BEFORE exploring tools: (a) "build me a website" → WORKSPACE → create_workspace_v2 + block tools. (b) "add a chatbot to my website / landing page" → AGENT (web chat) → create_agent({archetype:"website-chatbot"}) → embed.js script. CRITICAL ANTI-PATTERN: chat widgets are NOT blocks. Don't search list_blocks for chat — chat agents are a separate primitive (v1.26+). (c) "auto-reply to inbound SMS/email" → CONVERSATION → send_conversation_turn (one-shot Soul-aware reply, not a website widget). (d) "add hero/services/faq/cta section" → BLOCK → get_block_skill + persist_block. (e) "send campaign email/sms" → MESSAGING. (f) CRM ops → list_contacts/create_deal/etc. CHATBOT CANONICAL FLOW (5 calls): configure_llm_provider (BYOK Anthropic, skip if already set) → create_agent (faq + pricing_facts + greeting) → publish_agent({status:"test"}) → operator sandbox-tests at /agents/[id]/test → publish_agent({status:"live"}) auto-runs 8-scenario eval gate (≥87.5% pass required). Observability tools after publish: list_agents, tail_agent_conversations, get_agent_conversation, get_agent_metrics, run_agent_evals, replay_conversation. Dashboard surfaces /agents, /agents/[id]/test, /agents/[id]/settings, /agents/[id]/evals, /agents/[id]/conversations let operators iterate without leaving the browser. WORKSPACE FLOW (legacy reference): create_workspace_v2 → IN PARALLEL for all 7 recommended_blocks (hero, services, about, faq, cta, booking, intake): get_block_skill + persist_block → complete_workspace_v2 → finalize_workspace({workspace_id, email}). Run blocks in PARALLEL (Promise.all) — sequential takes 60+ seconds. v1.10+ CUSTOMIZE: regenerate_block, upload_workspace_image (image_url preferred over base64). v1.11+ STRUCTURAL: get_landing_structure, move_section, delete_section. v1.12+ COMPOSITES: add_composite_section / update_composite_section — manifest ANY block from 12 low-level primitives. Skipping finalize_workspace leaves the operator with no admin login. Every URL is real. NEVER create local files.`;