@synapsor/runner 0.1.0-alpha.4 → 0.1.0-alpha.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. package/README.md +193 -25
  2. package/dist/cli.d.ts.map +1 -1
  3. package/dist/runner.mjs +903 -80
  4. package/docs/README.md +32 -54
  5. package/docs/getting-started-own-database.md +40 -8
  6. package/docs/http-mcp.md +200 -0
  7. package/docs/local-mode.md +40 -4
  8. package/docs/mcp-audit.md +0 -4
  9. package/docs/mcp-client-setup.md +40 -1
  10. package/examples/openai-agents-http/README.md +55 -0
  11. package/examples/openai-agents-http/agent.py +90 -0
  12. package/examples/openai-agents-http/requirements.txt +1 -0
  13. package/examples/openai-agents-stdio/README.md +62 -0
  14. package/examples/openai-agents-stdio/agent.py +70 -0
  15. package/examples/openai-agents-stdio/requirements.txt +1 -0
  16. package/package.json +3 -1
  17. package/docs/MCP_RUNNER_IMPLEMENTATION_PLAN.md +0 -187
  18. package/docs/architecture.md +0 -65
  19. package/docs/capability-config.md +0 -180
  20. package/docs/cloud-mode.md +0 -140
  21. package/docs/config-migrations.md +0 -67
  22. package/docs/demo-transcript.md +0 -161
  23. package/docs/dependency-license-inventory.md +0 -35
  24. package/docs/first-10-minutes.md +0 -172
  25. package/docs/licensing.md +0 -38
  26. package/docs/local-ui.md +0 -163
  27. package/docs/mcp-efficiency-benchmark.md +0 -84
  28. package/docs/open-source-feature-inventory.md +0 -254
  29. package/docs/operations.md +0 -38
  30. package/docs/own-db-20-minutes.md +0 -185
  31. package/docs/production-readiness.md +0 -39
  32. package/docs/protocol.md +0 -90
  33. package/docs/roadmap.md +0 -13
  34. package/docs/schema-inspection.md +0 -88
  35. package/docs/shadow-mode.md +0 -67
  36. package/docs/telemetry.md +0 -28
  37. package/docs/threat-model.md +0 -25
  38. package/docs/trusted-context.md +0 -70
package/README.md CHANGED
@@ -7,46 +7,180 @@ Runner lets an MCP agent inspect scoped data and request database-backed
7
7
  business actions without receiving raw SQL, write credentials, approval tools,
8
8
  or commit tools.
9
9
 
10
- ## Run The Alpha
10
+ ```text
11
+ AI agent or MCP client
12
+ (Claude, Cursor, OpenAI Agents SDK, LangGraph)
13
+ |
14
+ | calls reviewed MCP tool
15
+ v
16
+ +--------------------------------+
17
+ | Synapsor Runner MCP |
18
+ | semantic capabilities only |
19
+ | trusted tenant/principal ctx |
20
+ | evidence + query audit |
21
+ +--------------------------------+
22
+ |
23
+ | scoped read / guarded proposal
24
+ v
25
+ +--------------------------------+
26
+ | Your Postgres or MySQL |
27
+ | source of truth |
28
+ +--------------------------------+
29
+
30
+ Local Runner store:
31
+ evidence · query audit · proposals · receipts · replay
32
+ ```
33
+
34
+ Your database stays the source of truth. Synapsor Runner owns the
35
+ model-facing boundary: what the agent can read, what it can propose, what
36
+ evidence is saved, and what can later be reviewed or replayed.
37
+
38
+ ## What Runner Does
39
+
40
+ When an agent uses Runner:
41
+
42
+ - the model gets reviewed capabilities, not raw database authority;
43
+ - reads produce evidence handles and query audit;
44
+ - writes become proposals, not direct mutations;
45
+ - approval and writeback happen outside the model-facing MCP surface;
46
+ - replay shows what the agent saw, proposed, and what was applied or blocked.
47
+
48
+ ## Start Here
49
+
50
+ Run the guided quick demo first. It does not require Docker, a database, a
51
+ config file, an MCP client, or a Synapsor Cloud account.
11
52
 
12
53
  ```bash
13
- npx -y -p @synapsor/runner@alpha synapsor --help
14
54
  npx -y -p @synapsor/runner@alpha synapsor demo --quick
15
- npx -y -p @synapsor/runner@alpha synapsor audit --example dangerous-db-mcp
16
55
  ```
17
56
 
18
- The local-ledger quick fixture, audit `--format markdown`, local evidence
19
- search, and store maintenance commands are in this checkout and package version
20
- `0.1.0-alpha.4`. If
21
- `npm view @synapsor/runner@alpha version` still reports an older alpha, use
22
- `./bin/synapsor ...` from this checkout or wait for the next alpha publish
23
- before relying on those npm examples.
57
+ In a terminal, it walks through the safety model step by step. In CI, piped
58
+ output, or other non-interactive mode, it prints a short summary and exits
59
+ without waiting for Enter.
24
60
 
25
- `synapsor` is the public command. `synapsor-runner` remains available as a
26
- backward-compatible alias for earlier alpha commands.
61
+ That command creates a local ledger fixture at `./.synapsor/quick-demo.db`.
62
+ It does not prove database connectivity. It shows the proposal, evidence, and
63
+ replay flow without giving the runner a database URL.
27
64
 
28
- `synapsor demo --quick` is fixture-only, does not require Docker, and writes an
29
- inspectable local ledger fixture to `./.synapsor/quick-demo.db`. Use
30
- `synapsor demo` for the disposable local Postgres-backed demo.
65
+ ```bash
66
+ npx -y -p @synapsor/runner@alpha synapsor demo inspect
67
+ ```
31
68
 
32
- Inspect the quick fixture:
69
+ Human output is concise by default. Use `--details` for reviewer metadata or
70
+ `--json` for complete machine-readable records.
71
+
72
+ Useful quick-demo modes:
33
73
 
34
74
  ```bash
35
- synapsor proposals show latest --store ./.synapsor/quick-demo.db
36
- synapsor activity search --object invoice:INV-3001 --store ./.synapsor/quick-demo.db
37
- synapsor replay show latest --store ./.synapsor/quick-demo.db
75
+ synapsor demo --quick --guided
76
+ synapsor demo --quick --no-interactive
77
+ synapsor demo --quick --details
78
+ synapsor demo inspect --npx
79
+ ```
80
+
81
+ Then choose one path:
82
+
83
+ ```text
84
+ Full disposable proof -> npx -y -p @synapsor/runner@alpha synapsor demo
85
+ Your own staging DB -> export DATABASE_URL=... then run the inspect command below
86
+ MCP risk review -> npx -y -p @synapsor/runner@alpha synapsor audit --example dangerous-db-mcp
38
87
  ```
39
88
 
40
- Use it with a local or staging database:
89
+ `synapsor` is the public command. `synapsor-runner` remains available as a
90
+ backward-compatible alias.
91
+
92
+ ## Connect Your Own Staging Database
93
+
94
+ Put a read-only connection string in the environment:
41
95
 
42
96
  ```bash
43
97
  export DATABASE_URL="postgresql://readonly_user:password@localhost:5432/app"
44
- synapsor inspect --engine auto --from-env DATABASE_URL --schema public
45
- synapsor init --wizard --engine auto --from-env DATABASE_URL --schema public
46
- synapsor tools preview
47
- synapsor mcp serve
48
98
  ```
49
99
 
100
+ For disposable dev RDS fixtures only, use `sslmode=no-verify` if your local
101
+ Node/Postgres TLS stack cannot verify the test certificate chain. For real
102
+ staging or production-like databases, keep certificate verification enabled.
103
+
104
+ Inspect metadata:
105
+
106
+ ```bash
107
+ npx -y -p @synapsor/runner@alpha synapsor inspect \
108
+ --engine auto \
109
+ --from-env DATABASE_URL \
110
+ --schema public
111
+ ```
112
+
113
+ Generate a reviewed read-only config first. The wizard creates this local
114
+ flow:
115
+
116
+ ```text
117
+ trusted context -> capability -> MCP tool
118
+ ```
119
+
120
+ It asks which table/view backs the context, which tenant/scope column and
121
+ backend session env vars are trusted, which fields are visible, and what
122
+ semantic capability name to expose.
123
+
124
+ ```bash
125
+ npx -y -p @synapsor/runner@alpha synapsor init \
126
+ --wizard \
127
+ --engine auto \
128
+ --from-env DATABASE_URL \
129
+ --schema public \
130
+ --mode read_only
131
+ ```
132
+
133
+ Preview and serve the semantic tools:
134
+
135
+ ```bash
136
+ npx -y -p @synapsor/runner@alpha synapsor tools preview \
137
+ --config ./synapsor.runner.json \
138
+ --store ./.synapsor/local.db
139
+
140
+ npx -y -p @synapsor/runner@alpha synapsor mcp serve \
141
+ --config ./synapsor.runner.json \
142
+ --store ./.synapsor/local.db
143
+ ```
144
+
145
+ ## Two Ways To Run MCP
146
+
147
+ Use stdio when the MCP client runs locally and can launch Synapsor Runner. Use
148
+ HTTP when your agent service runs as an app/server and connects to a
149
+ long-running Runner process.
150
+
151
+ Local MCP clients:
152
+
153
+ ```bash
154
+ synapsor mcp serve \
155
+ --config ./synapsor.runner.json \
156
+ --store ./.synapsor/local.db
157
+ ```
158
+
159
+ App/server deployments:
160
+
161
+ ```bash
162
+ export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
163
+
164
+ synapsor mcp serve-http \
165
+ --config ./synapsor.runner.json \
166
+ --store ./.synapsor/local.db \
167
+ --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
168
+ ```
169
+
170
+ HTTP defaults to `127.0.0.1:8765`, requires bearer auth by default, and should
171
+ use private networking, TLS, and rate limits before being exposed beyond a
172
+ local machine.
173
+
174
+ OpenAI Agents SDK examples:
175
+
176
+ ```text
177
+ examples/openai-agents-stdio/
178
+ examples/openai-agents-http/
179
+ ```
180
+
181
+ Use `--mode review` only when you are ready to create proposal tools and test
182
+ guarded writeback with a separate trusted write credential.
183
+
50
184
  The disposable reference app includes proposal-first write examples for:
51
185
 
52
186
  - `billing.propose_late_fee_waiver`
@@ -62,9 +196,10 @@ For a longer local session, you can install the alpha package explicitly:
62
196
  npm install -g @synapsor/runner@alpha
63
197
  ```
64
198
 
65
- ## What It Does
199
+ ## Runtime Flow
66
200
 
67
- The local runner implements a small Synapsor-style trust loop:
201
+ The local runner keeps the model-facing tool call separate from approval and
202
+ writeback:
68
203
 
69
204
  ```text
70
205
  MCP tool call
@@ -106,6 +241,35 @@ Use Synapsor Runner when you also want the agent-facing layer: semantic tools,
106
241
  trusted context, evidence handles, query audit, local inspection, and
107
242
  proposal-first writes.
108
243
 
244
+ ## Fixture Benchmark
245
+
246
+ Run the included MCP efficiency fixture:
247
+
248
+ ```bash
249
+ synapsor benchmark mcp-efficiency
250
+ ```
251
+
252
+ Current fixture result for the late-fee-waiver workflow:
253
+
254
+ ```text
255
+ Generic database MCP reference:
256
+ exposed tools: 4
257
+ scripted tool calls: 5
258
+ raw SQL exposed: yes
259
+ approval separated: no
260
+ stale-row conflict checked: no
261
+
262
+ Synapsor Runner semantic path:
263
+ exposed tools: 2
264
+ scripted tool calls: 2
265
+ raw SQL exposed: no
266
+ approval separated: yes
267
+ stale-row conflict checked: yes
268
+ ```
269
+
270
+ The fixture tokenizer is deterministic and repeatable for this package. It is
271
+ not a model billing tokenizer and not a universal token-savings claim.
272
+
109
273
  ## Find Evidence And Replay
110
274
 
111
275
  The commands in this section require this checkout or an alpha package that
@@ -125,6 +289,10 @@ synapsor replay show --proposal wrp_...
125
289
  synapsor replay show --replay replay_wrp_...
126
290
  ```
127
291
 
292
+ Default inspection output is meant for first-run clarity. Add `--details` for
293
+ target URIs, primary keys, proposal hash/version, conflict guards, query
294
+ fingerprints, event timestamps, and receipt internals.
295
+
128
296
  Export captured evidence or proposal replay:
129
297
 
130
298
  ```bash
package/dist/cli.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AA8BA,OAAO,EAOL,KAAK,gBAAgB,EAEtB,MAAM,mCAAmC,CAAC;AA4H3C,wBAAsB,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CA8C1D;AA0DD,KAAK,SAAS,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;AAE9E,wBAAsB,aAAa,CACjC,IAAI,EAAE,MAAM,EAAE,EACd,OAAO,GAAE;IACP,GAAG,CAAC,EAAE,SAAS,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC;IACxB,UAAU,CAAC,EAAE,gBAAgB,CAAC;IAC9B,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;CACvC,GACL,OAAO,CAAC,MAAM,CAAC,CA0KjB"}
1
+ {"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AA+BA,OAAO,EAOL,KAAK,gBAAgB,EAEtB,MAAM,mCAAmC,CAAC;AA4H3C,wBAAsB,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CA8C1D;AA0DD,KAAK,SAAS,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;AAE9E,wBAAsB,aAAa,CACjC,IAAI,EAAE,MAAM,EAAE,EACd,OAAO,GAAE;IACP,GAAG,CAAC,EAAE,SAAS,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC;IACxB,UAAU,CAAC,EAAE,gBAAgB,CAAC;IAC9B,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;CACvC,GACL,OAAO,CAAC,MAAM,CAAC,CAiLjB"}