@synapsor/runner 0.1.0-alpha.4 → 0.1.0-alpha.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +211 -43
- package/dist/cli.d.ts.map +1 -1
- package/dist/runner.mjs +912 -90
- package/docs/README.md +32 -54
- package/docs/getting-started-own-database.md +68 -36
- package/docs/http-mcp.md +200 -0
- package/docs/local-mode.md +71 -35
- package/docs/mcp-audit.md +11 -15
- package/docs/mcp-client-setup.md +48 -9
- package/docs/recipes.md +6 -6
- package/docs/security-boundary.md +1 -1
- package/docs/troubleshooting-first-run.md +6 -6
- package/docs/writeback-executors.md +1 -1
- package/examples/openai-agents-http/README.md +55 -0
- package/examples/openai-agents-http/agent.py +90 -0
- package/examples/openai-agents-http/requirements.txt +1 -0
- package/examples/openai-agents-stdio/README.md +62 -0
- package/examples/openai-agents-stdio/agent.py +70 -0
- package/examples/openai-agents-stdio/requirements.txt +1 -0
- package/examples/reference-support-billing-app/README.md +17 -17
- package/package.json +3 -2
- package/docs/MCP_RUNNER_IMPLEMENTATION_PLAN.md +0 -187
- package/docs/architecture.md +0 -65
- package/docs/capability-config.md +0 -180
- package/docs/cloud-mode.md +0 -140
- package/docs/config-migrations.md +0 -67
- package/docs/demo-transcript.md +0 -161
- package/docs/dependency-license-inventory.md +0 -35
- package/docs/first-10-minutes.md +0 -172
- package/docs/licensing.md +0 -38
- package/docs/local-ui.md +0 -163
- package/docs/mcp-efficiency-benchmark.md +0 -84
- package/docs/open-source-feature-inventory.md +0 -254
- package/docs/operations.md +0 -38
- package/docs/own-db-20-minutes.md +0 -185
- package/docs/production-readiness.md +0 -39
- package/docs/protocol.md +0 -90
- package/docs/roadmap.md +0 -13
- package/docs/schema-inspection.md +0 -88
- package/docs/shadow-mode.md +0 -67
- package/docs/telemetry.md +0 -28
- package/docs/threat-model.md +0 -25
- package/docs/trusted-context.md +0 -70
package/docs/local-mode.md
CHANGED
|
@@ -6,17 +6,26 @@ Command model:
|
|
|
6
6
|
|
|
7
7
|
- `./scripts/demo-docker.sh` runs the no-install Docker demo.
|
|
8
8
|
- `synapsor <command>` is the public CLI surface.
|
|
9
|
-
- From a source checkout, use `./bin/synapsor <command>` if the global binary is
|
|
9
|
+
- From a source checkout, use `./bin/synapsor-runner <command>` if the global binary is
|
|
10
10
|
not linked yet.
|
|
11
11
|
|
|
12
|
+
`synapsor-runner demo --quick` creates a fixture ledger for learning and CLI
|
|
13
|
+
verification. In a terminal it walks through the safety model step by step; in
|
|
14
|
+
CI or piped output it prints a short summary and exits without waiting for
|
|
15
|
+
Enter. It does not read or write external Postgres/MySQL. Local mode with
|
|
16
|
+
`synapsor-runner mcp serve`, `synapsor-runner demo`, or an own generated config is the real
|
|
17
|
+
Postgres/MySQL path. Use `synapsor-runner demo inspect` to print the follow-up
|
|
18
|
+
commands for the quick-demo fixture.
|
|
19
|
+
|
|
12
20
|
Current local-mode foundation:
|
|
13
21
|
|
|
14
22
|
- strict JSON capability config validation in `packages/config`;
|
|
15
23
|
- local SQLite proposal/event/evidence/query-audit/writeback/replay store in `packages/proposal-store`;
|
|
16
24
|
- local proposal review CLI in `apps/runner`;
|
|
17
|
-
- local localhost proposal review UI through `synapsor ui`;
|
|
18
|
-
- static MCP database risk review with `synapsor audit`;
|
|
25
|
+
- local localhost proposal review UI through `synapsor-runner ui`;
|
|
26
|
+
- static MCP database risk review with `synapsor-runner audit`;
|
|
19
27
|
- local stdio MCP server with semantic read/proposal tools;
|
|
28
|
+
- authenticated HTTP MCP server for app/server agents;
|
|
20
29
|
- MCP resource reads for `synapsor://proposals/*`, `synapsor://evidence/*`, and `synapsor://replay/*`;
|
|
21
30
|
- local approved proposal to `synapsor.writeback-job.v1` job generation;
|
|
22
31
|
- guarded Postgres/MySQL writeback adapters for approved structured jobs.
|
|
@@ -29,22 +38,18 @@ engine requirement and the CLI exits early with a clear message on older Node
|
|
|
29
38
|
versions. The Docker-backed demo remains the recommended path when you do not
|
|
30
39
|
want to change your host Node version.
|
|
31
40
|
|
|
32
|
-
Commands in this page that use local ledger search/export or `synapsor store`
|
|
33
|
-
require this checkout or package version `0.1.0-alpha.4` or newer while npm
|
|
34
|
-
`@alpha` still points to an older alpha.
|
|
35
|
-
|
|
36
41
|
## Initialize a config
|
|
37
42
|
|
|
38
43
|
Create a starter config without putting credentials in the file:
|
|
39
44
|
|
|
40
45
|
```bash
|
|
41
|
-
npx -y -p @synapsor/runner@alpha synapsor init --engine postgres --mode review
|
|
46
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner init --engine postgres --mode review
|
|
42
47
|
```
|
|
43
48
|
|
|
44
49
|
For MySQL:
|
|
45
50
|
|
|
46
51
|
```bash
|
|
47
|
-
npx -y -p @synapsor/runner@alpha synapsor init --engine mysql --mode review --output synapsor.mysql.runner.json
|
|
52
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner init --engine mysql --mode review --output synapsor.mysql.runner.json
|
|
48
53
|
```
|
|
49
54
|
|
|
50
55
|
The generated config uses environment-variable names for read/write URLs and trusted context. Edit the table, column, and capability names before serving tools.
|
|
@@ -57,14 +62,39 @@ persisted into proposals, evidence, query audit, runner state, or replay.
|
|
|
57
62
|
For a reviewed own-database setup generated from explicit selections, use:
|
|
58
63
|
|
|
59
64
|
```bash
|
|
60
|
-
npx -y -p @synapsor/runner@alpha synapsor init --spec onboarding-selection.json --non-interactive
|
|
61
|
-
npx -y -p @synapsor/runner@alpha synapsor doctor --config synapsor.runner.json
|
|
65
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner init --spec onboarding-selection.json --non-interactive
|
|
66
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner doctor --config synapsor.runner.json
|
|
62
67
|
```
|
|
63
68
|
|
|
64
69
|
`doctor --config` checks config validation, required environment variables,
|
|
65
70
|
read/write credential separation, metadata visibility for configured targets,
|
|
66
71
|
and the semantic MCP tool boundary without printing credential values.
|
|
67
72
|
|
|
73
|
+
## Stdio Vs HTTP MCP
|
|
74
|
+
|
|
75
|
+
Use stdio for local MCP clients that launch Synapsor Runner:
|
|
76
|
+
|
|
77
|
+
```bash
|
|
78
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve \
|
|
79
|
+
--config ./synapsor.runner.json \
|
|
80
|
+
--store ./.synapsor/local.db
|
|
81
|
+
```
|
|
82
|
+
|
|
83
|
+
Use HTTP when your app/server agent connects to a long-running Runner process:
|
|
84
|
+
|
|
85
|
+
```bash
|
|
86
|
+
export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
|
|
87
|
+
|
|
88
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
|
|
89
|
+
--config ./synapsor.runner.json \
|
|
90
|
+
--store ./.synapsor/local.db \
|
|
91
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
|
|
92
|
+
```
|
|
93
|
+
|
|
94
|
+
HTTP defaults to `127.0.0.1:8765`, requires bearer auth by default, and should
|
|
95
|
+
run behind private networking/TLS before production-like exposure. Details:
|
|
96
|
+
[HTTP MCP](http-mcp.md).
|
|
97
|
+
|
|
68
98
|
## Local safety modes
|
|
69
99
|
|
|
70
100
|
The local runner modes are intentionally narrow:
|
|
@@ -95,19 +125,19 @@ If neither is set, the CLI uses:
|
|
|
95
125
|
List proposals:
|
|
96
126
|
|
|
97
127
|
```bash
|
|
98
|
-
npx -y -p @synapsor/runner@alpha synapsor proposals list --store ./.synapsor/local.db
|
|
128
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner proposals list --store ./.synapsor/local.db
|
|
99
129
|
```
|
|
100
130
|
|
|
101
131
|
Show a proposal:
|
|
102
132
|
|
|
103
133
|
```bash
|
|
104
|
-
npx -y -p @synapsor/runner@alpha synapsor proposals show wrp_123 --store ./.synapsor/local.db
|
|
134
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner proposals show wrp_123 --store ./.synapsor/local.db
|
|
105
135
|
```
|
|
106
136
|
|
|
107
137
|
Approve:
|
|
108
138
|
|
|
109
139
|
```bash
|
|
110
|
-
npx -y -p @synapsor/runner@alpha synapsor proposals approve wrp_123 \
|
|
140
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner proposals approve wrp_123 \
|
|
111
141
|
--store ./.synapsor/local.db \
|
|
112
142
|
--actor local_reviewer \
|
|
113
143
|
--yes
|
|
@@ -118,7 +148,7 @@ Before approval, the CLI prints the reviewer-critical proposal details: trusted
|
|
|
118
148
|
Create a guarded writeback job from an approved proposal:
|
|
119
149
|
|
|
120
150
|
```bash
|
|
121
|
-
npx -y -p @synapsor/runner@alpha synapsor proposals writeback-job wrp_123 \
|
|
151
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner proposals writeback-job wrp_123 \
|
|
122
152
|
--store ./.synapsor/local.db \
|
|
123
153
|
--project local \
|
|
124
154
|
--runner local_runner \
|
|
@@ -130,7 +160,7 @@ The generated job uses the public `synapsor.writeback-job.v1` protocol and can b
|
|
|
130
160
|
```bash
|
|
131
161
|
SYNAPSOR_ENGINE=postgres \
|
|
132
162
|
SYNAPSOR_DATABASE_URL="postgresql://writer:<password>@localhost:5432/app" \
|
|
133
|
-
npx -y -p @synapsor/runner@alpha synapsor apply --job job.json --config synapsor.runner.json --store ./.synapsor/local.db
|
|
163
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner apply --job job.json --config synapsor.runner.json --store ./.synapsor/local.db
|
|
134
164
|
```
|
|
135
165
|
|
|
136
166
|
Passing `--store` records the terminal `synapsor.execution-receipt.v1` locally. Replay then links the proposal, approval, writeback job, applied/conflict/failed receipt, evidence, and query audit.
|
|
@@ -138,7 +168,7 @@ Passing `--store` records the terminal `synapsor.execution-receipt.v1` locally.
|
|
|
138
168
|
Reject:
|
|
139
169
|
|
|
140
170
|
```bash
|
|
141
|
-
npx -y -p @synapsor/runner@alpha synapsor proposals reject wrp_123 \
|
|
171
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner proposals reject wrp_123 \
|
|
142
172
|
--store ./.synapsor/local.db \
|
|
143
173
|
--reason "policy evidence is incomplete" \
|
|
144
174
|
--yes
|
|
@@ -155,7 +185,7 @@ Shadow-mode proposals are inspectable through `proposals show` and `replay show`
|
|
|
155
185
|
Start a localhost-only review UI:
|
|
156
186
|
|
|
157
187
|
```bash
|
|
158
|
-
npx -y -p @synapsor/runner@alpha synapsor ui --config synapsor.runner.json --store ./.synapsor/local.db
|
|
188
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner ui --config synapsor.runner.json --store ./.synapsor/local.db
|
|
159
189
|
```
|
|
160
190
|
|
|
161
191
|
The UI shows setup summary, semantic tools, proposal states, exact diffs,
|
|
@@ -171,50 +201,56 @@ tools, MCP commit tools, or controls that widen configured tables/columns.
|
|
|
171
201
|
Show replay:
|
|
172
202
|
|
|
173
203
|
```bash
|
|
174
|
-
npx -y -p @synapsor/runner@alpha synapsor replay show wrp_123 --store ./.synapsor/local.db
|
|
175
|
-
npx -y -p @synapsor/runner@alpha synapsor replay show --proposal wrp_123 --store ./.synapsor/local.db
|
|
176
|
-
npx -y -p @synapsor/runner@alpha synapsor replay show --replay replay_wrp_123 --store ./.synapsor/local.db
|
|
177
|
-
npx -y -p @synapsor/runner@alpha synapsor replay show --evidence ev_123 --store ./.synapsor/local.db
|
|
204
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner replay show wrp_123 --store ./.synapsor/local.db
|
|
205
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner replay show --proposal wrp_123 --store ./.synapsor/local.db
|
|
206
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner replay show --replay replay_wrp_123 --store ./.synapsor/local.db
|
|
207
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner replay show --evidence ev_123 --store ./.synapsor/local.db
|
|
178
208
|
```
|
|
179
209
|
|
|
180
210
|
Export replay:
|
|
181
211
|
|
|
182
212
|
```bash
|
|
183
|
-
npx -y -p @synapsor/runner@alpha synapsor replay export wrp_123 \
|
|
213
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner replay export wrp_123 \
|
|
184
214
|
--store ./.synapsor/local.db \
|
|
185
215
|
--output replay.json
|
|
186
216
|
|
|
187
|
-
npx -y -p @synapsor/runner@alpha synapsor replay export --proposal wrp_123 \
|
|
217
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner replay export --proposal wrp_123 \
|
|
188
218
|
--format markdown \
|
|
189
219
|
--store ./.synapsor/local.db \
|
|
190
220
|
--output replay.md
|
|
191
221
|
```
|
|
192
222
|
|
|
193
223
|
Replay records include proposal metadata, before/after diff, events, writeback receipts, evidence summaries, and query audit rows currently stored for the proposal.
|
|
224
|
+
Human output is concise by default. Use `--details` for reviewer metadata or
|
|
225
|
+
`--json` for complete machine-readable records.
|
|
194
226
|
|
|
195
227
|
## Local evidence, query audit, and receipts
|
|
196
228
|
|
|
197
229
|
The local SQLite store is also searchable without relying on `latest`:
|
|
198
230
|
|
|
199
231
|
```bash
|
|
200
|
-
synapsor activity search \
|
|
232
|
+
synapsor-runner activity search \
|
|
201
233
|
--tenant acme \
|
|
202
234
|
--object invoice:INV-3001 \
|
|
203
235
|
--store ./.synapsor/local.db
|
|
204
236
|
|
|
205
|
-
synapsor evidence list \
|
|
237
|
+
synapsor-runner evidence list \
|
|
206
238
|
--tenant acme \
|
|
207
239
|
--capability billing.inspect_invoice \
|
|
208
240
|
--source app_postgres \
|
|
209
241
|
--table invoices \
|
|
210
242
|
--store ./.synapsor/local.db
|
|
211
243
|
|
|
212
|
-
synapsor evidence show ev_123 --store ./.synapsor/local.db
|
|
213
|
-
synapsor query-audit list --evidence ev_123 --store ./.synapsor/local.db
|
|
214
|
-
synapsor receipts list --proposal wrp_123 --store ./.synapsor/local.db
|
|
215
|
-
synapsor receipts show <receipt_id> --store ./.synapsor/local.db
|
|
244
|
+
synapsor-runner evidence show ev_123 --store ./.synapsor/local.db
|
|
245
|
+
synapsor-runner query-audit list --evidence ev_123 --store ./.synapsor/local.db
|
|
246
|
+
synapsor-runner receipts list --proposal wrp_123 --store ./.synapsor/local.db
|
|
247
|
+
synapsor-runner receipts show <receipt_id> --store ./.synapsor/local.db
|
|
216
248
|
```
|
|
217
249
|
|
|
250
|
+
Default inspection output is intentionally short. Add `--details` when you need
|
|
251
|
+
target URIs, primary keys, proposal hash/version, conflict guards, query
|
|
252
|
+
fingerprints, event timestamps, or receipt internals.
|
|
253
|
+
|
|
218
254
|
Read-only MCP tools record evidence bundles and query-audit rows and return an
|
|
219
255
|
evidence handle. Use `evidence show`, `evidence list`, and `query-audit list`
|
|
220
256
|
to inspect those captured rows and fingerprints later without rerunning the
|
|
@@ -230,10 +266,10 @@ The local ledger is a developer/staging SQLite file. You can inspect, compact,
|
|
|
230
266
|
or prune it without touching your source Postgres/MySQL database:
|
|
231
267
|
|
|
232
268
|
```bash
|
|
233
|
-
synapsor store stats --store ./.synapsor/local.db
|
|
234
|
-
synapsor store vacuum --store ./.synapsor/local.db
|
|
235
|
-
synapsor store prune --store ./.synapsor/local.db --older-than 30d --dry-run
|
|
236
|
-
synapsor store prune --store ./.synapsor/local.db --older-than 30d --yes
|
|
269
|
+
synapsor-runner store stats --store ./.synapsor/local.db
|
|
270
|
+
synapsor-runner store vacuum --store ./.synapsor/local.db
|
|
271
|
+
synapsor-runner store prune --store ./.synapsor/local.db --older-than 30d --dry-run
|
|
272
|
+
synapsor-runner store prune --store ./.synapsor/local.db --older-than 30d --yes
|
|
237
273
|
```
|
|
238
274
|
|
|
239
275
|
`store prune` defaults to dry-run. Use `--yes` only after reviewing the row
|
|
@@ -286,7 +322,7 @@ For CI or direct verification, use:
|
|
|
286
322
|
corepack pnpm test:mcp-local
|
|
287
323
|
```
|
|
288
324
|
|
|
289
|
-
It launches the official MCP stdio client transport against `synapsor mcp serve`, exercises the Postgres billing, Postgres support, and MySQL orders examples, checks that source rows are unchanged before approval, approves locally, generates versioned writeback jobs, applies them, retries idempotently, and then proves stale-row conflict:
|
|
325
|
+
It launches the official MCP stdio client transport against `synapsor-runner mcp serve`, exercises the Postgres billing, Postgres support, and MySQL orders examples, checks that source rows are unchanged before approval, approves locally, generates versioned writeback jobs, applies them, retries idempotently, and then proves stale-row conflict:
|
|
290
326
|
|
|
291
327
|
```text
|
|
292
328
|
The business state changed after the agent saw it, so Synapsor refused to commit.
|
package/docs/mcp-audit.md
CHANGED
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
# MCP database risk review
|
|
2
2
|
|
|
3
|
-
`npx -y -p @synapsor/runner@alpha synapsor audit <target>` performs a
|
|
3
|
+
`npx -y -p @synapsor/runner@alpha synapsor-runner audit <target>` performs a
|
|
4
4
|
static MCP database risk review over an exported tool manifest, a remote MCP
|
|
5
5
|
`tools/list` endpoint, or a stdio MCP server. The `mcp audit` subcommand is also
|
|
6
6
|
available for users who look for the command under the MCP namespace.
|
|
7
7
|
|
|
8
|
-
From a source checkout, use `./bin/synapsor ...` if the global binary is not
|
|
8
|
+
From a source checkout, use `./bin/synapsor-runner ...` if the global binary is not
|
|
9
9
|
linked yet.
|
|
10
10
|
|
|
11
11
|
It does not call business tools. It only inspects names, descriptions, input schemas, output schemas, annotations, and examples when those are present.
|
|
@@ -23,13 +23,9 @@ MCP annotations are treated as hints, not enforcement.
|
|
|
23
23
|
Built-in database MCP risk example:
|
|
24
24
|
|
|
25
25
|
```bash
|
|
26
|
-
npx -y -p @synapsor/runner@alpha synapsor audit --example dangerous-db-mcp
|
|
26
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner audit --example dangerous-db-mcp
|
|
27
27
|
```
|
|
28
28
|
|
|
29
|
-
Markdown output requires this checkout or package version `0.1.0-alpha.4` or
|
|
30
|
-
newer. Check `npm view @synapsor/runner@alpha version` before promoting npm
|
|
31
|
-
snippets publicly.
|
|
32
|
-
|
|
33
29
|
This bundled example does not require a source checkout or local examples file.
|
|
34
30
|
It audits a deliberately risky database MCP shape with `execute_sql`,
|
|
35
31
|
`run_query`, model-callable approval/update/delete tools, arbitrary
|
|
@@ -38,45 +34,45 @@ table/column inputs, and model-controlled tenant/principal fields.
|
|
|
38
34
|
Human-readable output:
|
|
39
35
|
|
|
40
36
|
```bash
|
|
41
|
-
npx -y -p @synapsor/runner@alpha synapsor audit ./tools-list.json
|
|
37
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner audit ./tools-list.json
|
|
42
38
|
```
|
|
43
39
|
|
|
44
40
|
Remote `tools/list` endpoint with a bearer token kept in the environment:
|
|
45
41
|
|
|
46
42
|
```bash
|
|
47
43
|
SYNAPSOR_MCP_AUDIT_BEARER="..." \
|
|
48
|
-
npx -y -p @synapsor/runner@alpha synapsor audit https://mcp.example.com --format json
|
|
44
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner audit https://mcp.example.com --format json
|
|
49
45
|
```
|
|
50
46
|
|
|
51
47
|
Remote endpoint with a custom bearer-token environment variable:
|
|
52
48
|
|
|
53
49
|
```bash
|
|
54
|
-
npx -y -p @synapsor/runner@alpha synapsor audit https://mcp.example.com --bearer-env MCP_AUDIT_TOKEN --format json
|
|
50
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner audit https://mcp.example.com --bearer-env MCP_AUDIT_TOKEN --format json
|
|
55
51
|
```
|
|
56
52
|
|
|
57
53
|
Stdio MCP server:
|
|
58
54
|
|
|
59
55
|
```bash
|
|
60
|
-
npx -y -p @synapsor/runner@alpha synapsor audit 'stdio:node ./server.mjs' --timeout-ms 5000
|
|
56
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner audit 'stdio:node ./server.mjs' --timeout-ms 5000
|
|
61
57
|
```
|
|
62
58
|
|
|
63
59
|
JSON output:
|
|
64
60
|
|
|
65
61
|
```bash
|
|
66
|
-
npx -y -p @synapsor/runner@alpha synapsor audit ./tools-list.json --format json
|
|
62
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner audit ./tools-list.json --format json
|
|
67
63
|
```
|
|
68
64
|
|
|
69
65
|
Markdown output for issues, PRs, or security review notes:
|
|
70
66
|
|
|
71
67
|
```bash
|
|
72
|
-
npx -y -p @synapsor/runner@alpha synapsor audit --example dangerous-db-mcp --format markdown
|
|
68
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner audit --example dangerous-db-mcp --format markdown
|
|
73
69
|
```
|
|
74
70
|
|
|
75
71
|
During local development, the repo-local wrapper can run the same command:
|
|
76
72
|
|
|
77
73
|
```bash
|
|
78
|
-
./bin/synapsor audit ./tools-list.json
|
|
79
|
-
./bin/synapsor audit ./tools-list.json --format json
|
|
74
|
+
./bin/synapsor-runner audit ./tools-list.json
|
|
75
|
+
./bin/synapsor-runner audit ./tools-list.json --format json
|
|
80
76
|
```
|
|
81
77
|
|
|
82
78
|
## Supported inputs
|
package/docs/mcp-client-setup.md
CHANGED
|
@@ -6,10 +6,13 @@ The primary local proof path is still the one-command Docker demo:
|
|
|
6
6
|
./scripts/demo-docker.sh
|
|
7
7
|
```
|
|
8
8
|
|
|
9
|
-
Use this page after that demo passes and you want to attach a local MCP client.
|
|
9
|
+
Use this page after that demo passes and you want to attach a local MCP client.
|
|
10
|
+
The tested local-client contract here is stdio. HTTP MCP is available for
|
|
11
|
+
app/server deployments where your agent connects to a long-running Runner
|
|
12
|
+
service.
|
|
10
13
|
|
|
11
14
|
Command examples use the published alpha package through `npx`. From a source
|
|
12
|
-
checkout, use `./bin/synapsor ...` only when you intentionally want the local
|
|
15
|
+
checkout, use `./bin/synapsor-runner ...` only when you intentionally want the local
|
|
13
16
|
source wrapper.
|
|
14
17
|
|
|
15
18
|
Checked examples live in:
|
|
@@ -24,12 +27,37 @@ Validate them with:
|
|
|
24
27
|
corepack pnpm test:mcp-client-configs
|
|
25
28
|
```
|
|
26
29
|
|
|
30
|
+
## Stdio Vs HTTP MCP
|
|
31
|
+
|
|
32
|
+
| Mode | Use when | Command |
|
|
33
|
+
| --- | --- | --- |
|
|
34
|
+
| stdio | Claude Desktop, Cursor, VS Code, or another local MCP client can launch Synapsor Runner | `synapsor-runner mcp serve` |
|
|
35
|
+
| HTTP | Your app/server, Python agent, Node service, or container connects to a long-running Runner service | `synapsor-runner mcp serve-http` |
|
|
36
|
+
|
|
37
|
+
Stdio keeps the MCP protocol on process stdin/stdout and is the simplest local
|
|
38
|
+
developer path. HTTP uses JSON-RPC over an authenticated `/mcp` endpoint and is
|
|
39
|
+
better for app/server deployments.
|
|
40
|
+
|
|
41
|
+
HTTP requires bearer auth by default:
|
|
42
|
+
|
|
43
|
+
```bash
|
|
44
|
+
export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
|
|
45
|
+
|
|
46
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
|
|
47
|
+
--config ./synapsor.runner.json \
|
|
48
|
+
--store ./.synapsor/local.db \
|
|
49
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
Use private networking/TLS before exposing HTTP MCP beyond localhost. Details:
|
|
53
|
+
[HTTP MCP](http-mcp.md).
|
|
54
|
+
|
|
27
55
|
## Generate A Client Snippet
|
|
28
56
|
|
|
29
57
|
Print a snippet without modifying any client files:
|
|
30
58
|
|
|
31
59
|
```bash
|
|
32
|
-
npx -y -p @synapsor/runner@alpha synapsor mcp config claude-desktop \
|
|
60
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp config claude-desktop \
|
|
33
61
|
--config ./synapsor.runner.json \
|
|
34
62
|
--store ./.synapsor/local.db
|
|
35
63
|
```
|
|
@@ -47,13 +75,13 @@ vscode
|
|
|
47
75
|
The older form is still supported:
|
|
48
76
|
|
|
49
77
|
```bash
|
|
50
|
-
npx -y -p @synapsor/runner@alpha synapsor mcp configure --client claude-desktop --config ./synapsor.runner.json --store ./.synapsor/local.db
|
|
78
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp configure --client claude-desktop --config ./synapsor.runner.json --store ./.synapsor/local.db
|
|
51
79
|
```
|
|
52
80
|
|
|
53
81
|
Write is opt-in and requires an explicit destination:
|
|
54
82
|
|
|
55
83
|
```bash
|
|
56
|
-
npx -y -p @synapsor/runner@alpha synapsor mcp configure \
|
|
84
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp configure \
|
|
57
85
|
--client cursor \
|
|
58
86
|
--config ./synapsor.runner.json \
|
|
59
87
|
--store ./.synapsor/local.db \
|
|
@@ -72,17 +100,28 @@ database URLs or passwords into the client config.
|
|
|
72
100
|
From the runner repository:
|
|
73
101
|
|
|
74
102
|
```bash
|
|
75
|
-
npx -y -p @synapsor/runner@alpha synapsor mcp serve --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
|
|
103
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
|
|
76
104
|
```
|
|
77
105
|
|
|
78
106
|
For the alpha package, keep the package tag explicit in client configuration.
|
|
79
107
|
|
|
108
|
+
For app/server HTTP mode:
|
|
109
|
+
|
|
110
|
+
```bash
|
|
111
|
+
export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
|
|
112
|
+
|
|
113
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
|
|
114
|
+
--config ./examples/mcp-postgres-billing/synapsor.runner.json \
|
|
115
|
+
--store ./.synapsor/local.db \
|
|
116
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
|
|
117
|
+
```
|
|
118
|
+
|
|
80
119
|
## Generic stdio Client
|
|
81
120
|
|
|
82
121
|
```json
|
|
83
122
|
{
|
|
84
123
|
"mcpServers": {
|
|
85
|
-
"synapsor": {
|
|
124
|
+
"synapsor-runner": {
|
|
86
125
|
"command": "npx",
|
|
87
126
|
"args": [
|
|
88
127
|
"-y",
|
|
@@ -148,8 +187,8 @@ Before documenting a client UI as officially tested, verify:
|
|
|
148
187
|
## Troubleshooting
|
|
149
188
|
|
|
150
189
|
- Server not listed: check the command path, working directory, and config path.
|
|
151
|
-
- Tool schema mismatch: run `synapsor audit <exported-tools.json>`.
|
|
190
|
+
- Tool schema mismatch: run `synapsor-runner audit <exported-tools.json>`.
|
|
152
191
|
- Missing trusted context: set `SYNAPSOR_TENANT_ID` and `SYNAPSOR_PRINCIPAL`, or use the environment variables configured in `trusted_context.values`.
|
|
153
192
|
- Database unavailable: verify the read credential and host access.
|
|
154
|
-
- Proposal waiting review: approve outside the model with `synapsor proposals approve`.
|
|
193
|
+
- Proposal waiting review: approve outside the model with `synapsor-runner proposals approve`.
|
|
155
194
|
- Stale-row conflict: inspect replay; the source row changed after the proposal was created, so the guarded worker refused to commit.
|
package/docs/recipes.md
CHANGED
|
@@ -9,20 +9,20 @@ tenant key, conflict column, and business limits.
|
|
|
9
9
|
List recipes:
|
|
10
10
|
|
|
11
11
|
```bash
|
|
12
|
-
npx -y -p @synapsor/runner@alpha synapsor recipes list
|
|
12
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner recipes list
|
|
13
13
|
```
|
|
14
14
|
|
|
15
15
|
Inspect one:
|
|
16
16
|
|
|
17
17
|
```bash
|
|
18
|
-
npx -y -p @synapsor/runner@alpha synapsor recipes show billing.late_fee_waiver
|
|
18
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner recipes show billing.late_fee_waiver
|
|
19
19
|
```
|
|
20
20
|
|
|
21
21
|
Initialize a starter config:
|
|
22
22
|
|
|
23
23
|
```bash
|
|
24
|
-
npx -y -p @synapsor/runner@alpha synapsor recipes init billing.late_fee_waiver --output synapsor.runner.json
|
|
25
|
-
npx -y -p @synapsor/runner@alpha synapsor config validate --config synapsor.runner.json
|
|
24
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner recipes init billing.late_fee_waiver --output synapsor.runner.json
|
|
25
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner config validate --config synapsor.runner.json
|
|
26
26
|
```
|
|
27
27
|
|
|
28
28
|
Built-in recipes are JSON files under `recipes/`. They are starter data, not
|
|
@@ -31,8 +31,8 @@ domain, and initialize from your file:
|
|
|
31
31
|
|
|
32
32
|
```bash
|
|
33
33
|
cp recipes/billing.late_fee_waiver.json my-recipe.json
|
|
34
|
-
npx -y -p @synapsor/runner@alpha synapsor recipes show ./my-recipe.json
|
|
35
|
-
npx -y -p @synapsor/runner@alpha synapsor recipes init ./my-recipe.json --output synapsor.runner.json
|
|
34
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner recipes show ./my-recipe.json
|
|
35
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner recipes init ./my-recipe.json --output synapsor.runner.json
|
|
36
36
|
```
|
|
37
37
|
|
|
38
38
|
Available recipes:
|
|
@@ -76,7 +76,7 @@ database identifiers such as `../private`, `id/../../tenant_id`, or
|
|
|
76
76
|
`status; DROP TABLE tickets` before adapter execution. Local CLI file paths
|
|
77
77
|
remain explicit user-provided paths; they are not model-facing authority.
|
|
78
78
|
|
|
79
|
-
Local review can happen through the CLI or `synapsor ui`. The UI is a localhost
|
|
79
|
+
Local review can happen through the CLI or `synapsor-runner ui`. The UI is a localhost
|
|
80
80
|
review surface with a per-run session token and CSRF protection for
|
|
81
81
|
approve/reject actions. It does not expose raw SQL, database URLs, write
|
|
82
82
|
credentials, approval tools, commit tools, or controls that widen reviewed
|
|
@@ -3,13 +3,13 @@
|
|
|
3
3
|
Run the friendly doctor first:
|
|
4
4
|
|
|
5
5
|
```bash
|
|
6
|
-
npx -y -p @synapsor/runner@alpha synapsor doctor --first-run
|
|
6
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner doctor --first-run
|
|
7
7
|
```
|
|
8
8
|
|
|
9
9
|
Use JSON for automation:
|
|
10
10
|
|
|
11
11
|
```bash
|
|
12
|
-
npx -y -p @synapsor/runner@alpha synapsor doctor --first-run --json
|
|
12
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner doctor --first-run --json
|
|
13
13
|
```
|
|
14
14
|
|
|
15
15
|
## Docker Missing
|
|
@@ -128,13 +128,13 @@ Own-database MCP setup needs a reviewed config before serving tools.
|
|
|
128
128
|
Fix:
|
|
129
129
|
|
|
130
130
|
```bash
|
|
131
|
-
npx -y -p @synapsor/runner@alpha synapsor init --from-env DATABASE_URL --mode review --wizard
|
|
131
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner init --from-env DATABASE_URL --mode review --wizard
|
|
132
132
|
```
|
|
133
133
|
|
|
134
134
|
Or pass an example config:
|
|
135
135
|
|
|
136
136
|
```bash
|
|
137
|
-
npx -y -p @synapsor/runner@alpha synapsor tools preview --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
|
|
137
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner tools preview --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
|
|
138
138
|
```
|
|
139
139
|
|
|
140
140
|
## SQLite Store Missing
|
|
@@ -180,7 +180,7 @@ Fix:
|
|
|
180
180
|
|
|
181
181
|
```bash
|
|
182
182
|
export SYNAPSOR_DATABASE_READ_URL="<read-only-url>"
|
|
183
|
-
npx -y -p @synapsor/runner@alpha synapsor doctor --config synapsor.runner.json
|
|
183
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner doctor --config synapsor.runner.json
|
|
184
184
|
```
|
|
185
185
|
|
|
186
186
|
## Read/Write Credential Split Failed
|
|
@@ -216,7 +216,7 @@ Fix:
|
|
|
216
216
|
Regenerate the snippet:
|
|
217
217
|
|
|
218
218
|
```bash
|
|
219
|
-
npx -y -p @synapsor/runner@alpha synapsor mcp config claude-desktop \
|
|
219
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp config claude-desktop \
|
|
220
220
|
--absolute-paths \
|
|
221
221
|
--config ./synapsor.runner.json \
|
|
222
222
|
--store ./.synapsor/local.db
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
# OpenAI Agents SDK + Synapsor Runner over HTTP
|
|
2
|
+
|
|
3
|
+
This example shows an OpenAI Agents SDK app calling a long-running Synapsor
|
|
4
|
+
Runner HTTP MCP service.
|
|
5
|
+
|
|
6
|
+
Use HTTP when your agent runs as an app/server and should connect to Runner
|
|
7
|
+
over a local/private network endpoint instead of launching a stdio child
|
|
8
|
+
process.
|
|
9
|
+
|
|
10
|
+
Native HTTP MCP client support can vary by SDK version. This example is honest
|
|
11
|
+
about that: it uses the OpenAI Agents SDK for the agent and wraps Synapsor's
|
|
12
|
+
HTTP MCP JSON-RPC endpoint as an OpenAI function tool.
|
|
13
|
+
|
|
14
|
+
The model still sees a semantic action. It does not receive raw SQL, database
|
|
15
|
+
URLs, write credentials, approval tools, or commit tools.
|
|
16
|
+
|
|
17
|
+
## Terminal 1: Start Synapsor Runner HTTP MCP
|
|
18
|
+
|
|
19
|
+
```bash
|
|
20
|
+
export DATABASE_URL="<postgres-or-mysql-read-url>"
|
|
21
|
+
export SYNAPSOR_TENANT_ID="acme"
|
|
22
|
+
export SYNAPSOR_PRINCIPAL="openai_agent_demo"
|
|
23
|
+
export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-token"
|
|
24
|
+
|
|
25
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
|
|
26
|
+
--config ./synapsor.runner.json \
|
|
27
|
+
--store ./.synapsor/local.db \
|
|
28
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
|
|
29
|
+
```
|
|
30
|
+
|
|
31
|
+
## Terminal 2: Run The Agent
|
|
32
|
+
|
|
33
|
+
```bash
|
|
34
|
+
python -m venv .venv
|
|
35
|
+
. .venv/bin/activate
|
|
36
|
+
pip install -r requirements.txt
|
|
37
|
+
|
|
38
|
+
export OPENAI_API_KEY="..."
|
|
39
|
+
export SYNAPSOR_RUNNER_HTTP_URL="http://127.0.0.1:8765/mcp"
|
|
40
|
+
export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-token"
|
|
41
|
+
export SYNAPSOR_INVOICE_ID="INV-3001"
|
|
42
|
+
|
|
43
|
+
python agent.py
|
|
44
|
+
```
|
|
45
|
+
|
|
46
|
+
Expected behavior:
|
|
47
|
+
|
|
48
|
+
- the agent calls `billing.inspect_invoice` through Synapsor HTTP MCP;
|
|
49
|
+
- Synapsor applies trusted tenant/principal context from the server process;
|
|
50
|
+
- the response includes scoped data and evidence handles;
|
|
51
|
+
- no SQL/write/approval tool is exposed to the model;
|
|
52
|
+
- evidence/query audit are saved in the local Runner store.
|
|
53
|
+
|
|
54
|
+
For production-like deployment, keep HTTP MCP behind private networking/TLS,
|
|
55
|
+
bearer auth, and rate limits. See [HTTP MCP](../../docs/http-mcp.md).
|