@sellable/mcp 0.1.108 → 0.1.109

package/dist/server.js

@@ -29,6 +29,7 @@ import { getSender, listSenders, senderToolDefinitions, } from "./tools/senders.
 import { attachRecommendedSequence, attachSequence, createWorkflowTable, sequencerToolDefinitions, } from "./tools/sequencer.js";
 import { listTables, tableToolDefinitions } from "./tools/tables.js";
 import { handleVerifyTableRow, verifyRowToolDefinitions, } from "./tools/verify-row.js";
+import { sanitizeWatchUrlsForMcpResult } from "./tools/watch-url-security.js";
 import { addTeammate, createWorkspace, getActiveWorkspace, listWorkspaces, setActiveWorkspace, workspaceToolDefinitions, } from "./tools/workspaces.js";
 import { checkForUpdates, logUpdateNotice } from "./update-check.js";
 const server = new Server({
@@ -473,11 +474,12 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
             default:
                 throw new Error(`Unknown tool: ${name}`);
         }
+        const safeResult = sanitizeWatchUrlsForMcpResult(result);
         return {
             content: [
                 {
                     type: "text",
-                    text: JSON.stringify(result),
+                    text: JSON.stringify(safeResult),
                 },
             ],
         };

package/dist/tools/campaigns.d.ts

@@ -1,3 +1,4 @@
+import { getConfig } from "../auth.js";
 import { type InteractionMode } from "./interaction-mode.js";
 import type { CampaignOfferNavigation } from "./navigation.js";
 declare const LEAD_SOURCE_PROVIDERS: {
@@ -7,6 +8,7 @@ declare const LEAD_SOURCE_PROVIDERS: {
     readonly SIGNAL_DISCOVERY: "signal-discovery";
 };
 type LeadSourceProvider = (typeof LEAD_SOURCE_PROVIDERS)[keyof typeof LEAD_SOURCE_PROVIDERS];
+export declare function buildWatchUrl(config: Pick<ReturnType<typeof getConfig>, "apiUrl" | "activeWorkspaceId" | "workspaceId">, path: string): string;
 export interface Campaign {
     id: string;
     name: string;

package/dist/tools/campaigns.js

@@ -19,12 +19,12 @@ function normalizeLeadSourceProvider(input) {
         ? input
         : null;
 }
-function buildWatchUrl(config, redirect) {
+export function buildWatchUrl(config, path) {
     const workspaceId = config.activeWorkspaceId || config.workspaceId;
     const workspaceParam = workspaceId
-        ? `&workspaceId=${encodeURIComponent(workspaceId)}`
+        ? `${path.includes("?") ? "&" : "?"}workspaceId=${encodeURIComponent(workspaceId)}`
         : "";
-    return `${config.apiUrl}/auth/continue?token=${config.token}&redirect=${redirect}${workspaceParam}`;
+    return `${config.apiUrl}${path}${workspaceParam}`;
 }
 function isLinkedInProfileUrl(input) {
     try {
@@ -334,9 +334,7 @@ export async function getCampaign(campaignId) {
         api.get(`/api/v3/mcp/campaigns/${campaignId}`),
         fetchCampaignRubrics(campaignId).catch(() => null),
     ]);
-    // Build watch URL with auto-auth token
-    const redirect = encodeURIComponent(`/campaign-builder/${campaignId}?mode=claude`);
-    const watchUrl = buildWatchUrl(config, redirect);
+    const watchUrl = buildWatchUrl(config, `/campaign-builder/${campaignId}?mode=claude`);
     // Merge rubrics into campaignOffer
     const rubrics = (rubricsResult?.rubrics || []).map((r) => ({
         id: r.id || "",
@@ -591,8 +589,7 @@ export async function createCampaign(input) {
     // Idempotent resume path
     if (input.campaignId) {
         const existing = await api.get(`/api/v2/campaign-offers/${input.campaignId}`);
-        const redirect = encodeURIComponent(`/campaign-builder/${existing.id}?mode=claude`);
-        const watchUrl = buildWatchUrl(config, redirect);
+        const watchUrl = buildWatchUrl(config, `/campaign-builder/${existing.id}?mode=claude`);
         const hasCreateFields = input.name ||
             input.clientProspectId ||
             input.offerPositioning !== undefined ||
@@ -710,9 +707,7 @@ export async function createCampaign(input) {
         },
     };
     const result = await api.post(`/api/v2/campaign-offers`, formattedInput);
-    // Build watch URL for Claude Code to share with user
-    const redirect = encodeURIComponent(`/campaign-builder/${result.id}?mode=claude`);
-    const watchUrl = buildWatchUrl(config, redirect);
+    const watchUrl = buildWatchUrl(config, `/campaign-builder/${result.id}?mode=claude`);
     // Serialize to only essential fields for context efficiency
     return {
         id: result.id,

package/dist/tools/watch-url-security.d.ts

@@ -0,0 +1 @@
+export declare function sanitizeWatchUrlsForMcpResult<T>(value: T): T;

package/dist/tools/watch-url-security.js

@@ -0,0 +1,36 @@
+function sanitizeWatchUrlValue(value) {
+    try {
+        const url = new URL(value);
+        if (url.pathname !== "/auth/continue")
+            return value;
+        const redirect = url.searchParams.get("redirect");
+        if (!redirect || !redirect.startsWith("/campaign-builder/")) {
+            return value;
+        }
+        const safeUrl = new URL(redirect, url.origin);
+        const workspaceId = url.searchParams.get("workspaceId");
+        if (workspaceId && !safeUrl.searchParams.has("workspaceId")) {
+            safeUrl.searchParams.set("workspaceId", workspaceId);
+        }
+        return safeUrl.toString();
+    }
+    catch {
+        return value;
+    }
+}
+export function sanitizeWatchUrlsForMcpResult(value) {
+    if (!value || typeof value !== "object")
+        return value;
+    if (Array.isArray(value)) {
+        return value.map((item) => sanitizeWatchUrlsForMcpResult(item));
+    }
+    const input = value;
+    const output = {};
+    for (const [key, nestedValue] of Object.entries(input)) {
+        output[key] =
+            key === "watchUrl" && typeof nestedValue === "string"
+                ? sanitizeWatchUrlValue(nestedValue)
+                : sanitizeWatchUrlsForMcpResult(nestedValue);
+    }
+    return output;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sellable/mcp",
-  "version": "0.1.108",
+  "version": "0.1.109",
   "type": "module",
   "description": "Sellable MCP server for Claude Code and Codex campaign workflows",
   "main": "dist/index.js",

package/skills/create-campaign-v2/references/watch-link-handoff.md

@@ -11,11 +11,12 @@ gating, and handoff read campaign state first.
 
 ## Plumbing Reuse
 
-`create_campaign` already returns a signed `watchUrl` on the response
+`create_campaign` already returns a safe app `watchUrl` on the response
 (`CampaignDetail.watchUrl` in `mcp/sellable/src/tools/campaigns.ts`). V2 does
 NOT mint a new token, does NOT call a different route, and does NOT construct
 the URL locally. Capture whatever `watchUrl` the existing tool returns and
-surface it verbatim.
+surface it verbatim. The URL must never include a raw API token, `auth/continue`
+token exchange URL, magic-link secret, or other bearer credential.
 
 ## Shell-First Link
 
@@ -80,18 +81,20 @@ Do not spam the link between internal tool calls.
 On resume:
 
 1. Load the `CampaignOffer` for the campaign being resumed.
-2. Recover the signed link through the existing resume path
+2. Recover the safe app link through the existing resume path
    (`create_campaign({ campaignId })` when available).
 3. Inspect `currentStep` and print a short orientation for where the user will
    land now.
 4. Print the recovered `watchUrl`.
 
-The re-surface must use the signed `watchUrl` from the tool response, not a
+The re-surface must use the safe `watchUrl` from the tool response, not a
 cached or reconstructed URL.
 
 ## Hard Rules
 
 - Never fabricate or reconstruct the URL locally.
+- Never print a URL containing `token=`, `/auth/continue`, a magic-link secret,
+  or any other bearer credential.
 - Missing `watchUrl` is an error, not a silent skip.
 - The first watch link must be shown only after the v1 brief is on the campaign.
 - A watch link is not approval to import, attach sequence, or start.