@synapsor/runner 0.1.0-alpha.4 → 0.1.0-alpha.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. package/README.md +211 -43
  2. package/dist/cli.d.ts.map +1 -1
  3. package/dist/runner.mjs +912 -90
  4. package/docs/README.md +32 -54
  5. package/docs/getting-started-own-database.md +68 -36
  6. package/docs/http-mcp.md +200 -0
  7. package/docs/local-mode.md +71 -35
  8. package/docs/mcp-audit.md +11 -15
  9. package/docs/mcp-client-setup.md +48 -9
  10. package/docs/recipes.md +6 -6
  11. package/docs/security-boundary.md +1 -1
  12. package/docs/troubleshooting-first-run.md +6 -6
  13. package/docs/writeback-executors.md +1 -1
  14. package/examples/openai-agents-http/README.md +55 -0
  15. package/examples/openai-agents-http/agent.py +90 -0
  16. package/examples/openai-agents-http/requirements.txt +1 -0
  17. package/examples/openai-agents-stdio/README.md +62 -0
  18. package/examples/openai-agents-stdio/agent.py +70 -0
  19. package/examples/openai-agents-stdio/requirements.txt +1 -0
  20. package/examples/reference-support-billing-app/README.md +17 -17
  21. package/package.json +3 -2
  22. package/docs/MCP_RUNNER_IMPLEMENTATION_PLAN.md +0 -187
  23. package/docs/architecture.md +0 -65
  24. package/docs/capability-config.md +0 -180
  25. package/docs/cloud-mode.md +0 -140
  26. package/docs/config-migrations.md +0 -67
  27. package/docs/demo-transcript.md +0 -161
  28. package/docs/dependency-license-inventory.md +0 -35
  29. package/docs/first-10-minutes.md +0 -172
  30. package/docs/licensing.md +0 -38
  31. package/docs/local-ui.md +0 -163
  32. package/docs/mcp-efficiency-benchmark.md +0 -84
  33. package/docs/open-source-feature-inventory.md +0 -254
  34. package/docs/operations.md +0 -38
  35. package/docs/own-db-20-minutes.md +0 -185
  36. package/docs/production-readiness.md +0 -39
  37. package/docs/protocol.md +0 -90
  38. package/docs/roadmap.md +0 -13
  39. package/docs/schema-inspection.md +0 -88
  40. package/docs/shadow-mode.md +0 -67
  41. package/docs/telemetry.md +0 -28
  42. package/docs/threat-model.md +0 -25
  43. package/docs/trusted-context.md +0 -70
@@ -6,17 +6,26 @@ Command model:
6
6
 
7
7
  - `./scripts/demo-docker.sh` runs the no-install Docker demo.
8
8
  - `synapsor <command>` is the public CLI surface.
9
- - From a source checkout, use `./bin/synapsor <command>` if the global binary is
9
+ - From a source checkout, use `./bin/synapsor-runner <command>` if the global binary is
10
10
  not linked yet.
11
11
 
12
+ `synapsor-runner demo --quick` creates a fixture ledger for learning and CLI
13
+ verification. In a terminal it walks through the safety model step by step; in
14
+ CI or piped output it prints a short summary and exits without waiting for
15
+ Enter. It does not read or write external Postgres/MySQL. Local mode with
16
+ `synapsor-runner mcp serve`, `synapsor-runner demo`, or an own generated config is the real
17
+ Postgres/MySQL path. Use `synapsor-runner demo inspect` to print the follow-up
18
+ commands for the quick-demo fixture.
19
+
12
20
  Current local-mode foundation:
13
21
 
14
22
  - strict JSON capability config validation in `packages/config`;
15
23
  - local SQLite proposal/event/evidence/query-audit/writeback/replay store in `packages/proposal-store`;
16
24
  - local proposal review CLI in `apps/runner`;
17
- - local localhost proposal review UI through `synapsor ui`;
18
- - static MCP database risk review with `synapsor audit`;
25
+ - local localhost proposal review UI through `synapsor-runner ui`;
26
+ - static MCP database risk review with `synapsor-runner audit`;
19
27
  - local stdio MCP server with semantic read/proposal tools;
28
+ - authenticated HTTP MCP server for app/server agents;
20
29
  - MCP resource reads for `synapsor://proposals/*`, `synapsor://evidence/*`, and `synapsor://replay/*`;
21
30
  - local approved proposal to `synapsor.writeback-job.v1` job generation;
22
31
  - guarded Postgres/MySQL writeback adapters for approved structured jobs.
@@ -29,22 +38,18 @@ engine requirement and the CLI exits early with a clear message on older Node
29
38
  versions. The Docker-backed demo remains the recommended path when you do not
30
39
  want to change your host Node version.
31
40
 
32
- Commands in this page that use local ledger search/export or `synapsor store`
33
- require this checkout or package version `0.1.0-alpha.4` or newer while npm
34
- `@alpha` still points to an older alpha.
35
-
36
41
  ## Initialize a config
37
42
 
38
43
  Create a starter config without putting credentials in the file:
39
44
 
40
45
  ```bash
41
- npx -y -p @synapsor/runner@alpha synapsor init --engine postgres --mode review
46
+ npx -y -p @synapsor/runner@alpha synapsor-runner init --engine postgres --mode review
42
47
  ```
43
48
 
44
49
  For MySQL:
45
50
 
46
51
  ```bash
47
- npx -y -p @synapsor/runner@alpha synapsor init --engine mysql --mode review --output synapsor.mysql.runner.json
52
+ npx -y -p @synapsor/runner@alpha synapsor-runner init --engine mysql --mode review --output synapsor.mysql.runner.json
48
53
  ```
49
54
 
50
55
  The generated config uses environment-variable names for read/write URLs and trusted context. Edit the table, column, and capability names before serving tools.
@@ -57,14 +62,39 @@ persisted into proposals, evidence, query audit, runner state, or replay.
57
62
  For a reviewed own-database setup generated from explicit selections, use:
58
63
 
59
64
  ```bash
60
- npx -y -p @synapsor/runner@alpha synapsor init --spec onboarding-selection.json --non-interactive
61
- npx -y -p @synapsor/runner@alpha synapsor doctor --config synapsor.runner.json
65
+ npx -y -p @synapsor/runner@alpha synapsor-runner init --spec onboarding-selection.json --non-interactive
66
+ npx -y -p @synapsor/runner@alpha synapsor-runner doctor --config synapsor.runner.json
62
67
  ```
63
68
 
64
69
  `doctor --config` checks config validation, required environment variables,
65
70
  read/write credential separation, metadata visibility for configured targets,
66
71
  and the semantic MCP tool boundary without printing credential values.
67
72
 
73
+ ## Stdio Vs HTTP MCP
74
+
75
+ Use stdio for local MCP clients that launch Synapsor Runner:
76
+
77
+ ```bash
78
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve \
79
+ --config ./synapsor.runner.json \
80
+ --store ./.synapsor/local.db
81
+ ```
82
+
83
+ Use HTTP when your app/server agent connects to a long-running Runner process:
84
+
85
+ ```bash
86
+ export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
87
+
88
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
89
+ --config ./synapsor.runner.json \
90
+ --store ./.synapsor/local.db \
91
+ --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
92
+ ```
93
+
94
+ HTTP defaults to `127.0.0.1:8765`, requires bearer auth by default, and should
95
+ run behind private networking/TLS before production-like exposure. Details:
96
+ [HTTP MCP](http-mcp.md).
97
+
68
98
  ## Local safety modes
69
99
 
70
100
  The local runner modes are intentionally narrow:
@@ -95,19 +125,19 @@ If neither is set, the CLI uses:
95
125
  List proposals:
96
126
 
97
127
  ```bash
98
- npx -y -p @synapsor/runner@alpha synapsor proposals list --store ./.synapsor/local.db
128
+ npx -y -p @synapsor/runner@alpha synapsor-runner proposals list --store ./.synapsor/local.db
99
129
  ```
100
130
 
101
131
  Show a proposal:
102
132
 
103
133
  ```bash
104
- npx -y -p @synapsor/runner@alpha synapsor proposals show wrp_123 --store ./.synapsor/local.db
134
+ npx -y -p @synapsor/runner@alpha synapsor-runner proposals show wrp_123 --store ./.synapsor/local.db
105
135
  ```
106
136
 
107
137
  Approve:
108
138
 
109
139
  ```bash
110
- npx -y -p @synapsor/runner@alpha synapsor proposals approve wrp_123 \
140
+ npx -y -p @synapsor/runner@alpha synapsor-runner proposals approve wrp_123 \
111
141
  --store ./.synapsor/local.db \
112
142
  --actor local_reviewer \
113
143
  --yes
@@ -118,7 +148,7 @@ Before approval, the CLI prints the reviewer-critical proposal details: trusted
118
148
  Create a guarded writeback job from an approved proposal:
119
149
 
120
150
  ```bash
121
- npx -y -p @synapsor/runner@alpha synapsor proposals writeback-job wrp_123 \
151
+ npx -y -p @synapsor/runner@alpha synapsor-runner proposals writeback-job wrp_123 \
122
152
  --store ./.synapsor/local.db \
123
153
  --project local \
124
154
  --runner local_runner \
@@ -130,7 +160,7 @@ The generated job uses the public `synapsor.writeback-job.v1` protocol and can b
130
160
  ```bash
131
161
  SYNAPSOR_ENGINE=postgres \
132
162
  SYNAPSOR_DATABASE_URL="postgresql://writer:<password>@localhost:5432/app" \
133
- npx -y -p @synapsor/runner@alpha synapsor apply --job job.json --config synapsor.runner.json --store ./.synapsor/local.db
163
+ npx -y -p @synapsor/runner@alpha synapsor-runner apply --job job.json --config synapsor.runner.json --store ./.synapsor/local.db
134
164
  ```
135
165
 
136
166
  Passing `--store` records the terminal `synapsor.execution-receipt.v1` locally. Replay then links the proposal, approval, writeback job, applied/conflict/failed receipt, evidence, and query audit.
@@ -138,7 +168,7 @@ Passing `--store` records the terminal `synapsor.execution-receipt.v1` locally.
138
168
  Reject:
139
169
 
140
170
  ```bash
141
- npx -y -p @synapsor/runner@alpha synapsor proposals reject wrp_123 \
171
+ npx -y -p @synapsor/runner@alpha synapsor-runner proposals reject wrp_123 \
142
172
  --store ./.synapsor/local.db \
143
173
  --reason "policy evidence is incomplete" \
144
174
  --yes
@@ -155,7 +185,7 @@ Shadow-mode proposals are inspectable through `proposals show` and `replay show`
155
185
  Start a localhost-only review UI:
156
186
 
157
187
  ```bash
158
- npx -y -p @synapsor/runner@alpha synapsor ui --config synapsor.runner.json --store ./.synapsor/local.db
188
+ npx -y -p @synapsor/runner@alpha synapsor-runner ui --config synapsor.runner.json --store ./.synapsor/local.db
159
189
  ```
160
190
 
161
191
  The UI shows setup summary, semantic tools, proposal states, exact diffs,
@@ -171,50 +201,56 @@ tools, MCP commit tools, or controls that widen configured tables/columns.
171
201
  Show replay:
172
202
 
173
203
  ```bash
174
- npx -y -p @synapsor/runner@alpha synapsor replay show wrp_123 --store ./.synapsor/local.db
175
- npx -y -p @synapsor/runner@alpha synapsor replay show --proposal wrp_123 --store ./.synapsor/local.db
176
- npx -y -p @synapsor/runner@alpha synapsor replay show --replay replay_wrp_123 --store ./.synapsor/local.db
177
- npx -y -p @synapsor/runner@alpha synapsor replay show --evidence ev_123 --store ./.synapsor/local.db
204
+ npx -y -p @synapsor/runner@alpha synapsor-runner replay show wrp_123 --store ./.synapsor/local.db
205
+ npx -y -p @synapsor/runner@alpha synapsor-runner replay show --proposal wrp_123 --store ./.synapsor/local.db
206
+ npx -y -p @synapsor/runner@alpha synapsor-runner replay show --replay replay_wrp_123 --store ./.synapsor/local.db
207
+ npx -y -p @synapsor/runner@alpha synapsor-runner replay show --evidence ev_123 --store ./.synapsor/local.db
178
208
  ```
179
209
 
180
210
  Export replay:
181
211
 
182
212
  ```bash
183
- npx -y -p @synapsor/runner@alpha synapsor replay export wrp_123 \
213
+ npx -y -p @synapsor/runner@alpha synapsor-runner replay export wrp_123 \
184
214
  --store ./.synapsor/local.db \
185
215
  --output replay.json
186
216
 
187
- npx -y -p @synapsor/runner@alpha synapsor replay export --proposal wrp_123 \
217
+ npx -y -p @synapsor/runner@alpha synapsor-runner replay export --proposal wrp_123 \
188
218
  --format markdown \
189
219
  --store ./.synapsor/local.db \
190
220
  --output replay.md
191
221
  ```
192
222
 
193
223
  Replay records include proposal metadata, before/after diff, events, writeback receipts, evidence summaries, and query audit rows currently stored for the proposal.
224
+ Human output is concise by default. Use `--details` for reviewer metadata or
225
+ `--json` for complete machine-readable records.
194
226
 
195
227
  ## Local evidence, query audit, and receipts
196
228
 
197
229
  The local SQLite store is also searchable without relying on `latest`:
198
230
 
199
231
  ```bash
200
- synapsor activity search \
232
+ synapsor-runner activity search \
201
233
  --tenant acme \
202
234
  --object invoice:INV-3001 \
203
235
  --store ./.synapsor/local.db
204
236
 
205
- synapsor evidence list \
237
+ synapsor-runner evidence list \
206
238
  --tenant acme \
207
239
  --capability billing.inspect_invoice \
208
240
  --source app_postgres \
209
241
  --table invoices \
210
242
  --store ./.synapsor/local.db
211
243
 
212
- synapsor evidence show ev_123 --store ./.synapsor/local.db
213
- synapsor query-audit list --evidence ev_123 --store ./.synapsor/local.db
214
- synapsor receipts list --proposal wrp_123 --store ./.synapsor/local.db
215
- synapsor receipts show <receipt_id> --store ./.synapsor/local.db
244
+ synapsor-runner evidence show ev_123 --store ./.synapsor/local.db
245
+ synapsor-runner query-audit list --evidence ev_123 --store ./.synapsor/local.db
246
+ synapsor-runner receipts list --proposal wrp_123 --store ./.synapsor/local.db
247
+ synapsor-runner receipts show <receipt_id> --store ./.synapsor/local.db
216
248
  ```
217
249
 
250
+ Default inspection output is intentionally short. Add `--details` when you need
251
+ target URIs, primary keys, proposal hash/version, conflict guards, query
252
+ fingerprints, event timestamps, or receipt internals.
253
+
218
254
  Read-only MCP tools record evidence bundles and query-audit rows and return an
219
255
  evidence handle. Use `evidence show`, `evidence list`, and `query-audit list`
220
256
  to inspect those captured rows and fingerprints later without rerunning the
@@ -230,10 +266,10 @@ The local ledger is a developer/staging SQLite file. You can inspect, compact,
230
266
  or prune it without touching your source Postgres/MySQL database:
231
267
 
232
268
  ```bash
233
- synapsor store stats --store ./.synapsor/local.db
234
- synapsor store vacuum --store ./.synapsor/local.db
235
- synapsor store prune --store ./.synapsor/local.db --older-than 30d --dry-run
236
- synapsor store prune --store ./.synapsor/local.db --older-than 30d --yes
269
+ synapsor-runner store stats --store ./.synapsor/local.db
270
+ synapsor-runner store vacuum --store ./.synapsor/local.db
271
+ synapsor-runner store prune --store ./.synapsor/local.db --older-than 30d --dry-run
272
+ synapsor-runner store prune --store ./.synapsor/local.db --older-than 30d --yes
237
273
  ```
238
274
 
239
275
  `store prune` defaults to dry-run. Use `--yes` only after reviewing the row
@@ -286,7 +322,7 @@ For CI or direct verification, use:
286
322
  corepack pnpm test:mcp-local
287
323
  ```
288
324
 
289
- It launches the official MCP stdio client transport against `synapsor mcp serve`, exercises the Postgres billing, Postgres support, and MySQL orders examples, checks that source rows are unchanged before approval, approves locally, generates versioned writeback jobs, applies them, retries idempotently, and then proves stale-row conflict:
325
+ It launches the official MCP stdio client transport against `synapsor-runner mcp serve`, exercises the Postgres billing, Postgres support, and MySQL orders examples, checks that source rows are unchanged before approval, approves locally, generates versioned writeback jobs, applies them, retries idempotently, and then proves stale-row conflict:
290
326
 
291
327
  ```text
292
328
  The business state changed after the agent saw it, so Synapsor refused to commit.
package/docs/mcp-audit.md CHANGED
@@ -1,11 +1,11 @@
1
1
  # MCP database risk review
2
2
 
3
- `npx -y -p @synapsor/runner@alpha synapsor audit <target>` performs a
3
+ `npx -y -p @synapsor/runner@alpha synapsor-runner audit <target>` performs a
4
4
  static MCP database risk review over an exported tool manifest, a remote MCP
5
5
  `tools/list` endpoint, or a stdio MCP server. The `mcp audit` subcommand is also
6
6
  available for users who look for the command under the MCP namespace.
7
7
 
8
- From a source checkout, use `./bin/synapsor ...` if the global binary is not
8
+ From a source checkout, use `./bin/synapsor-runner ...` if the global binary is not
9
9
  linked yet.
10
10
 
11
11
  It does not call business tools. It only inspects names, descriptions, input schemas, output schemas, annotations, and examples when those are present.
@@ -23,13 +23,9 @@ MCP annotations are treated as hints, not enforcement.
23
23
  Built-in database MCP risk example:
24
24
 
25
25
  ```bash
26
- npx -y -p @synapsor/runner@alpha synapsor audit --example dangerous-db-mcp
26
+ npx -y -p @synapsor/runner@alpha synapsor-runner audit --example dangerous-db-mcp
27
27
  ```
28
28
 
29
- Markdown output requires this checkout or package version `0.1.0-alpha.4` or
30
- newer. Check `npm view @synapsor/runner@alpha version` before promoting npm
31
- snippets publicly.
32
-
33
29
  This bundled example does not require a source checkout or local examples file.
34
30
  It audits a deliberately risky database MCP shape with `execute_sql`,
35
31
  `run_query`, model-callable approval/update/delete tools, arbitrary
@@ -38,45 +34,45 @@ table/column inputs, and model-controlled tenant/principal fields.
38
34
  Human-readable output:
39
35
 
40
36
  ```bash
41
- npx -y -p @synapsor/runner@alpha synapsor audit ./tools-list.json
37
+ npx -y -p @synapsor/runner@alpha synapsor-runner audit ./tools-list.json
42
38
  ```
43
39
 
44
40
  Remote `tools/list` endpoint with a bearer token kept in the environment:
45
41
 
46
42
  ```bash
47
43
  SYNAPSOR_MCP_AUDIT_BEARER="..." \
48
- npx -y -p @synapsor/runner@alpha synapsor audit https://mcp.example.com --format json
44
+ npx -y -p @synapsor/runner@alpha synapsor-runner audit https://mcp.example.com --format json
49
45
  ```
50
46
 
51
47
  Remote endpoint with a custom bearer-token environment variable:
52
48
 
53
49
  ```bash
54
- npx -y -p @synapsor/runner@alpha synapsor audit https://mcp.example.com --bearer-env MCP_AUDIT_TOKEN --format json
50
+ npx -y -p @synapsor/runner@alpha synapsor-runner audit https://mcp.example.com --bearer-env MCP_AUDIT_TOKEN --format json
55
51
  ```
56
52
 
57
53
  Stdio MCP server:
58
54
 
59
55
  ```bash
60
- npx -y -p @synapsor/runner@alpha synapsor audit 'stdio:node ./server.mjs' --timeout-ms 5000
56
+ npx -y -p @synapsor/runner@alpha synapsor-runner audit 'stdio:node ./server.mjs' --timeout-ms 5000
61
57
  ```
62
58
 
63
59
  JSON output:
64
60
 
65
61
  ```bash
66
- npx -y -p @synapsor/runner@alpha synapsor audit ./tools-list.json --format json
62
+ npx -y -p @synapsor/runner@alpha synapsor-runner audit ./tools-list.json --format json
67
63
  ```
68
64
 
69
65
  Markdown output for issues, PRs, or security review notes:
70
66
 
71
67
  ```bash
72
- npx -y -p @synapsor/runner@alpha synapsor audit --example dangerous-db-mcp --format markdown
68
+ npx -y -p @synapsor/runner@alpha synapsor-runner audit --example dangerous-db-mcp --format markdown
73
69
  ```
74
70
 
75
71
  During local development, the repo-local wrapper can run the same command:
76
72
 
77
73
  ```bash
78
- ./bin/synapsor audit ./tools-list.json
79
- ./bin/synapsor audit ./tools-list.json --format json
74
+ ./bin/synapsor-runner audit ./tools-list.json
75
+ ./bin/synapsor-runner audit ./tools-list.json --format json
80
76
  ```
81
77
 
82
78
  ## Supported inputs
@@ -6,10 +6,13 @@ The primary local proof path is still the one-command Docker demo:
6
6
  ./scripts/demo-docker.sh
7
7
  ```
8
8
 
9
- Use this page after that demo passes and you want to attach a local MCP client. The tested integration contract here is stdio. Client-specific UIs change, so the checked-in examples verify config shape and `tools/list`, not every client screen.
9
+ Use this page after that demo passes and you want to attach a local MCP client.
10
+ The tested local-client contract here is stdio. HTTP MCP is available for
11
+ app/server deployments where your agent connects to a long-running Runner
12
+ service.
10
13
 
11
14
  Command examples use the published alpha package through `npx`. From a source
12
- checkout, use `./bin/synapsor ...` only when you intentionally want the local
15
+ checkout, use `./bin/synapsor-runner ...` only when you intentionally want the local
13
16
  source wrapper.
14
17
 
15
18
  Checked examples live in:
@@ -24,12 +27,37 @@ Validate them with:
24
27
  corepack pnpm test:mcp-client-configs
25
28
  ```
26
29
 
30
+ ## Stdio Vs HTTP MCP
31
+
32
+ | Mode | Use when | Command |
33
+ | --- | --- | --- |
34
+ | stdio | Claude Desktop, Cursor, VS Code, or another local MCP client can launch Synapsor Runner | `synapsor-runner mcp serve` |
35
+ | HTTP | Your app/server, Python agent, Node service, or container connects to a long-running Runner service | `synapsor-runner mcp serve-http` |
36
+
37
+ Stdio keeps the MCP protocol on process stdin/stdout and is the simplest local
38
+ developer path. HTTP uses JSON-RPC over an authenticated `/mcp` endpoint and is
39
+ better for app/server deployments.
40
+
41
+ HTTP requires bearer auth by default:
42
+
43
+ ```bash
44
+ export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
45
+
46
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
47
+ --config ./synapsor.runner.json \
48
+ --store ./.synapsor/local.db \
49
+ --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
50
+ ```
51
+
52
+ Use private networking/TLS before exposing HTTP MCP beyond localhost. Details:
53
+ [HTTP MCP](http-mcp.md).
54
+
27
55
  ## Generate A Client Snippet
28
56
 
29
57
  Print a snippet without modifying any client files:
30
58
 
31
59
  ```bash
32
- npx -y -p @synapsor/runner@alpha synapsor mcp config claude-desktop \
60
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp config claude-desktop \
33
61
  --config ./synapsor.runner.json \
34
62
  --store ./.synapsor/local.db
35
63
  ```
@@ -47,13 +75,13 @@ vscode
47
75
  The older form is still supported:
48
76
 
49
77
  ```bash
50
- npx -y -p @synapsor/runner@alpha synapsor mcp configure --client claude-desktop --config ./synapsor.runner.json --store ./.synapsor/local.db
78
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp configure --client claude-desktop --config ./synapsor.runner.json --store ./.synapsor/local.db
51
79
  ```
52
80
 
53
81
  Write is opt-in and requires an explicit destination:
54
82
 
55
83
  ```bash
56
- npx -y -p @synapsor/runner@alpha synapsor mcp configure \
84
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp configure \
57
85
  --client cursor \
58
86
  --config ./synapsor.runner.json \
59
87
  --store ./.synapsor/local.db \
@@ -72,17 +100,28 @@ database URLs or passwords into the client config.
72
100
  From the runner repository:
73
101
 
74
102
  ```bash
75
- npx -y -p @synapsor/runner@alpha synapsor mcp serve --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
103
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
76
104
  ```
77
105
 
78
106
  For the alpha package, keep the package tag explicit in client configuration.
79
107
 
108
+ For app/server HTTP mode:
109
+
110
+ ```bash
111
+ export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
112
+
113
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
114
+ --config ./examples/mcp-postgres-billing/synapsor.runner.json \
115
+ --store ./.synapsor/local.db \
116
+ --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
117
+ ```
118
+
80
119
  ## Generic stdio Client
81
120
 
82
121
  ```json
83
122
  {
84
123
  "mcpServers": {
85
- "synapsor": {
124
+ "synapsor-runner": {
86
125
  "command": "npx",
87
126
  "args": [
88
127
  "-y",
@@ -148,8 +187,8 @@ Before documenting a client UI as officially tested, verify:
148
187
  ## Troubleshooting
149
188
 
150
189
  - Server not listed: check the command path, working directory, and config path.
151
- - Tool schema mismatch: run `synapsor audit <exported-tools.json>`.
190
+ - Tool schema mismatch: run `synapsor-runner audit <exported-tools.json>`.
152
191
  - Missing trusted context: set `SYNAPSOR_TENANT_ID` and `SYNAPSOR_PRINCIPAL`, or use the environment variables configured in `trusted_context.values`.
153
192
  - Database unavailable: verify the read credential and host access.
154
- - Proposal waiting review: approve outside the model with `synapsor proposals approve`.
193
+ - Proposal waiting review: approve outside the model with `synapsor-runner proposals approve`.
155
194
  - Stale-row conflict: inspect replay; the source row changed after the proposal was created, so the guarded worker refused to commit.
package/docs/recipes.md CHANGED
@@ -9,20 +9,20 @@ tenant key, conflict column, and business limits.
9
9
  List recipes:
10
10
 
11
11
  ```bash
12
- npx -y -p @synapsor/runner@alpha synapsor recipes list
12
+ npx -y -p @synapsor/runner@alpha synapsor-runner recipes list
13
13
  ```
14
14
 
15
15
  Inspect one:
16
16
 
17
17
  ```bash
18
- npx -y -p @synapsor/runner@alpha synapsor recipes show billing.late_fee_waiver
18
+ npx -y -p @synapsor/runner@alpha synapsor-runner recipes show billing.late_fee_waiver
19
19
  ```
20
20
 
21
21
  Initialize a starter config:
22
22
 
23
23
  ```bash
24
- npx -y -p @synapsor/runner@alpha synapsor recipes init billing.late_fee_waiver --output synapsor.runner.json
25
- npx -y -p @synapsor/runner@alpha synapsor config validate --config synapsor.runner.json
24
+ npx -y -p @synapsor/runner@alpha synapsor-runner recipes init billing.late_fee_waiver --output synapsor.runner.json
25
+ npx -y -p @synapsor/runner@alpha synapsor-runner config validate --config synapsor.runner.json
26
26
  ```
27
27
 
28
28
  Built-in recipes are JSON files under `recipes/`. They are starter data, not
@@ -31,8 +31,8 @@ domain, and initialize from your file:
31
31
 
32
32
  ```bash
33
33
  cp recipes/billing.late_fee_waiver.json my-recipe.json
34
- npx -y -p @synapsor/runner@alpha synapsor recipes show ./my-recipe.json
35
- npx -y -p @synapsor/runner@alpha synapsor recipes init ./my-recipe.json --output synapsor.runner.json
34
+ npx -y -p @synapsor/runner@alpha synapsor-runner recipes show ./my-recipe.json
35
+ npx -y -p @synapsor/runner@alpha synapsor-runner recipes init ./my-recipe.json --output synapsor.runner.json
36
36
  ```
37
37
 
38
38
  Available recipes:
@@ -76,7 +76,7 @@ database identifiers such as `../private`, `id/../../tenant_id`, or
76
76
  `status; DROP TABLE tickets` before adapter execution. Local CLI file paths
77
77
  remain explicit user-provided paths; they are not model-facing authority.
78
78
 
79
- Local review can happen through the CLI or `synapsor ui`. The UI is a localhost
79
+ Local review can happen through the CLI or `synapsor-runner ui`. The UI is a localhost
80
80
  review surface with a per-run session token and CSRF protection for
81
81
  approve/reject actions. It does not expose raw SQL, database URLs, write
82
82
  credentials, approval tools, commit tools, or controls that widen reviewed
@@ -3,13 +3,13 @@
3
3
  Run the friendly doctor first:
4
4
 
5
5
  ```bash
6
- npx -y -p @synapsor/runner@alpha synapsor doctor --first-run
6
+ npx -y -p @synapsor/runner@alpha synapsor-runner doctor --first-run
7
7
  ```
8
8
 
9
9
  Use JSON for automation:
10
10
 
11
11
  ```bash
12
- npx -y -p @synapsor/runner@alpha synapsor doctor --first-run --json
12
+ npx -y -p @synapsor/runner@alpha synapsor-runner doctor --first-run --json
13
13
  ```
14
14
 
15
15
  ## Docker Missing
@@ -128,13 +128,13 @@ Own-database MCP setup needs a reviewed config before serving tools.
128
128
  Fix:
129
129
 
130
130
  ```bash
131
- npx -y -p @synapsor/runner@alpha synapsor init --from-env DATABASE_URL --mode review --wizard
131
+ npx -y -p @synapsor/runner@alpha synapsor-runner init --from-env DATABASE_URL --mode review --wizard
132
132
  ```
133
133
 
134
134
  Or pass an example config:
135
135
 
136
136
  ```bash
137
- npx -y -p @synapsor/runner@alpha synapsor tools preview --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
137
+ npx -y -p @synapsor/runner@alpha synapsor-runner tools preview --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
138
138
  ```
139
139
 
140
140
  ## SQLite Store Missing
@@ -180,7 +180,7 @@ Fix:
180
180
 
181
181
  ```bash
182
182
  export SYNAPSOR_DATABASE_READ_URL="<read-only-url>"
183
- npx -y -p @synapsor/runner@alpha synapsor doctor --config synapsor.runner.json
183
+ npx -y -p @synapsor/runner@alpha synapsor-runner doctor --config synapsor.runner.json
184
184
  ```
185
185
 
186
186
  ## Read/Write Credential Split Failed
@@ -216,7 +216,7 @@ Fix:
216
216
  Regenerate the snippet:
217
217
 
218
218
  ```bash
219
- npx -y -p @synapsor/runner@alpha synapsor mcp config claude-desktop \
219
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp config claude-desktop \
220
220
  --absolute-paths \
221
221
  --config ./synapsor.runner.json \
222
222
  --store ./.synapsor/local.db
@@ -59,7 +59,7 @@ literal values.
59
59
  Run after approval:
60
60
 
61
61
  ```bash
62
- npx -y -p @synapsor/runner@alpha synapsor apply \
62
+ npx -y -p @synapsor/runner@alpha synapsor-runner apply \
63
63
  --proposal wrp_123 \
64
64
  --config ./synapsor.runner.json \
65
65
  --store ./.synapsor/local.db
@@ -0,0 +1,55 @@
1
+ # OpenAI Agents SDK + Synapsor Runner over HTTP
2
+
3
+ This example shows an OpenAI Agents SDK app calling a long-running Synapsor
4
+ Runner HTTP MCP service.
5
+
6
+ Use HTTP when your agent runs as an app/server and should connect to Runner
7
+ over a local/private network endpoint instead of launching a stdio child
8
+ process.
9
+
10
+ Native HTTP MCP client support can vary by SDK version. This example is honest
11
+ about that: it uses the OpenAI Agents SDK for the agent and wraps Synapsor's
12
+ HTTP MCP JSON-RPC endpoint as an OpenAI function tool.
13
+
14
+ The model still sees a semantic action. It does not receive raw SQL, database
15
+ URLs, write credentials, approval tools, or commit tools.
16
+
17
+ ## Terminal 1: Start Synapsor Runner HTTP MCP
18
+
19
+ ```bash
20
+ export DATABASE_URL="<postgres-or-mysql-read-url>"
21
+ export SYNAPSOR_TENANT_ID="acme"
22
+ export SYNAPSOR_PRINCIPAL="openai_agent_demo"
23
+ export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-token"
24
+
25
+ npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
26
+ --config ./synapsor.runner.json \
27
+ --store ./.synapsor/local.db \
28
+ --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
29
+ ```
30
+
31
+ ## Terminal 2: Run The Agent
32
+
33
+ ```bash
34
+ python -m venv .venv
35
+ . .venv/bin/activate
36
+ pip install -r requirements.txt
37
+
38
+ export OPENAI_API_KEY="..."
39
+ export SYNAPSOR_RUNNER_HTTP_URL="http://127.0.0.1:8765/mcp"
40
+ export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-token"
41
+ export SYNAPSOR_INVOICE_ID="INV-3001"
42
+
43
+ python agent.py
44
+ ```
45
+
46
+ Expected behavior:
47
+
48
+ - the agent calls `billing.inspect_invoice` through Synapsor HTTP MCP;
49
+ - Synapsor applies trusted tenant/principal context from the server process;
50
+ - the response includes scoped data and evidence handles;
51
+ - no SQL/write/approval tool is exposed to the model;
52
+ - evidence/query audit are saved in the local Runner store.
53
+
54
+ For production-like deployment, keep HTTP MCP behind private networking/TLS,
55
+ bearer auth, and rate limits. See [HTTP MCP](../../docs/http-mcp.md).