@synkro-sh/cli 1.4.68 → 1.4.70

package/dist/bootstrap.js

@@ -364,20 +364,20 @@ function installCursorHooks(hooksJsonPath, config) {
     command: bunRunCmd(config.bashJudgeScriptPath),
     timeout: 15,
     failClosed: false,
-    matcher: "Shell|Bash|Read|Grep|Glob",
+    matcher: "Shell|Bash|Read|ReadFile|Grep|Glob|terminal|run_terminal_cmd|execute_command|read_file|grep_search|file_search|list_dir|codebase_search|delete_file",
     [SYNKRO_MARKER2]: true
   });
   pushCcHook(h, "preToolUse", config.editPrecheckScriptPath, {
     timeout: 15,
-    matcher: "Write|Edit|StrReplace|MultiEdit|NotebookEdit"
+    matcher: "Write|Edit|StrReplace|MultiEdit|NotebookEdit|edit_file|reapply|edit_notebook"
   });
   pushCcHook(h, "preToolUse", config.cwePrecheckScriptPath, {
     timeout: 15,
-    matcher: "Write|Edit|StrReplace|MultiEdit|NotebookEdit"
+    matcher: "Write|Edit|StrReplace|MultiEdit|NotebookEdit|edit_file|reapply|edit_notebook"
   });
   pushCcHook(h, "preToolUse", config.cvePrecheckScriptPath, {
     timeout: 10,
-    matcher: "Write|Edit|StrReplace|MultiEdit|NotebookEdit"
+    matcher: "Write|Edit|StrReplace|MultiEdit|NotebookEdit|edit_file|reapply|edit_notebook"
   });
   pushCcHook(h, "preToolUse", config.agentJudgeScriptPath, {
     timeout: 15,
@@ -396,7 +396,7 @@ function installCursorHooks(hooksJsonPath, config) {
   });
   pushCcHook(h, "postToolUse", config.bashFollowupScriptPath, {
     timeout: 10,
-    matcher: "Shell|Bash"
+    matcher: "Shell|Bash|terminal|run_terminal_cmd|execute_command|delete_file"
   });
   writeHooksFileAtomic(hooksJsonPath, file);
 }
@@ -589,13 +589,76 @@ function inspectMcpConfig() {
   }
   return { installed: true, configPath: CC_CONFIG_PATH, url: entry.url };
 }
-var SYNKRO_MARKER3, SYNKRO_SERVER_NAME, CC_CONFIG_PATH;
+function readCursorMcpJson() {
+  if (!existsSync3(CURSOR_MCP_PATH)) return {};
+  try {
+    const raw = readFileSync3(CURSOR_MCP_PATH, "utf-8");
+    return JSON.parse(raw);
+  } catch (err) {
+    throw new Error(`Failed to parse ${CURSOR_MCP_PATH}: ${err.message}`);
+  }
+}
+function writeCursorMcpJsonAtomic(config) {
+  mkdirSync3(dirname3(CURSOR_MCP_PATH), { recursive: true });
+  const tmpPath = `${CURSOR_MCP_PATH}.synkro.tmp`;
+  writeFileSync3(tmpPath, JSON.stringify(config, null, 2) + "\n", "utf-8");
+  renameSync3(tmpPath, CURSOR_MCP_PATH);
+}
+function installCursorMcpConfig(opts) {
+  const config = readCursorMcpJson();
+  config.mcpServers = config.mcpServers ?? {};
+  for (const [name, entry] of Object.entries(config.mcpServers)) {
+    if (entry?.[SYNKRO_MARKER3] === true) delete config.mcpServers[name];
+  }
+  if (opts.local) {
+    const url2 = "http://127.0.0.1:8931/";
+    const tokenPath = join2(homedir3(), ".synkro", ".mcp-local-token");
+    let localToken = "";
+    try {
+      localToken = readFileSync3(tokenPath, "utf-8").trim();
+    } catch {
+    }
+    config.mcpServers[SYNKRO_SERVER_NAME] = {
+      url: url2,
+      ...localToken ? { headers: { Authorization: `Bearer ${localToken}` } } : {},
+      [SYNKRO_MARKER3]: true
+    };
+    writeCursorMcpJsonAtomic(config);
+    return { path: CURSOR_MCP_PATH, url: url2 };
+  }
+  const url = `${opts.gatewayUrl.replace(/\/$/, "")}/api/v1/mcp/guardrails`;
+  config.mcpServers[SYNKRO_SERVER_NAME] = {
+    url,
+    headers: { Authorization: `Bearer ${opts.bearerToken}` },
+    [SYNKRO_MARKER3]: true
+  };
+  writeCursorMcpJsonAtomic(config);
+  return { path: CURSOR_MCP_PATH, url };
+}
+function uninstallCursorMcpConfig() {
+  if (!existsSync3(CURSOR_MCP_PATH)) return false;
+  const config = readCursorMcpJson();
+  if (!config.mcpServers || Object.keys(config.mcpServers).length === 0) return false;
+  let removed = false;
+  for (const [name, entry] of Object.entries(config.mcpServers)) {
+    if (entry?.[SYNKRO_MARKER3] === true) {
+      delete config.mcpServers[name];
+      removed = true;
+    }
+  }
+  if (!removed) return false;
+  if (Object.keys(config.mcpServers).length === 0) delete config.mcpServers;
+  writeCursorMcpJsonAtomic(config);
+  return true;
+}
+var SYNKRO_MARKER3, SYNKRO_SERVER_NAME, CC_CONFIG_PATH, CURSOR_MCP_PATH;
 var init_mcpConfig = __esm({
   "cli/installer/mcpConfig.ts"() {
     "use strict";
     SYNKRO_MARKER3 = "__synkro_managed__";
     SYNKRO_SERVER_NAME = "synkro-guardrails";
     CC_CONFIG_PATH = join2(homedir3(), ".claude.json");
+    CURSOR_MCP_PATH = join2(homedir3(), ".cursor", "mcp.json");
   }
 });
 
@@ -1778,6 +1841,17 @@ function cursorHookExit(): never {
 
 export function outputJson(obj: any): void {
   if (isCursorHookFormat()) {
+    if (obj?.permission === 'allow') {
+      const u = typeof obj.user_message === 'string' ? obj.user_message : '';
+      const a = typeof obj.agent_message === 'string' ? obj.agent_message : u;
+      if (u || a) {
+        if (!cursorHookExited) {
+          cursorHookExited = true;
+          process.stdout.write(JSON.stringify({ permission: 'allow' }) + '\\n');
+        }
+        cursorHookExit();
+      }
+    }
     const hso = obj?.hookSpecificOutput;
     const sys = typeof obj?.systemMessage === 'string' ? obj.systemMessage : '';
     if (hso?.permissionDecision === 'deny') {
@@ -1792,11 +1866,12 @@ export function outputJson(obj: any): void {
       }
       cursorHookExit();
     }
-    const ctx = sys || hso?.additionalContext;
+    const addCtx = typeof hso?.additionalContext === 'string' ? hso.additionalContext : '';
+    const ctx = sys || addCtx;
     if (ctx) {
       if (!cursorHookExited) {
         cursorHookExited = true;
-        process.stdout.write(JSON.stringify({ additional_context: ctx }) + '\\n');
+        process.stdout.write(JSON.stringify({ permission: 'allow' }) + '\\n');
       }
       cursorHookExit();
     }
@@ -1913,7 +1988,7 @@ async function main() {
       try {
         gradeResp = await localGrade('edit', graderPrompt);
       } catch {
-        outputEmpty();
+        outputJson({ systemMessage: tagStr + ' editGuard ' + fileShort + ' \\u2192 local grader unavailable, skipped' });
         return;
       }
 
@@ -1947,7 +2022,7 @@ async function main() {
             rulesChecked: config.rules, violatedRules,
             ccModel: transcript.ccModel,
           });
-        outputJson({ systemMessage: tagStr + ' editGuard ' + fileShort + ' \\u2192 warning: ' + guardReason });
+        outputJson({ systemMessage: tagStr + ' editGuard ' + fileShort + ' \\u2192 warning: ' + guardReason, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: 'Synkro local edit judge (audit). ' + guardReason } });
         return;
       }
 
@@ -1958,7 +2033,8 @@ async function main() {
           rulesChecked: config.rules, violatedRules: [],
           ccModel: transcript.ccModel,
         });
-      outputJson({ systemMessage: tagStr + ' editGuard ' + fileShort + ' \\u2192 pass: ' + (verdict.reason || 'no policy violations detected') });
+      const passLine = tagStr + ' editGuard ' + fileShort + ' \\u2192 pass: ' + (verdict.reason || 'no policy violations detected');
+      outputJson({ systemMessage: passLine, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: 'Synkro local edit judge. ' + (verdict.reason || 'no policy violations detected') } });
       return;
     }
 
@@ -2195,6 +2271,13 @@ async function main() {
           }, config.captureDepth);
         }
 
+        dispatchCapture(jwt, 'cwe', 'block', verdict.severity || 'high', verdict.category || 'security',
+          toolName, gitRepo, sessionId, config.captureDepth, {
+            command: 'edit ' + filePath,
+            reasoning: denyDetail,
+            violatedRules: activeCweIds,
+          });
+
         outputJson({
           systemMessage: cweMsg,
           hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: ctx, additionalContext: ctx },
@@ -2210,7 +2293,14 @@ async function main() {
         status: 'resolved',
       }, config.captureDepth);
 
-      outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \\u2192 clean' });
+      dispatchCapture(jwt, 'cwe', 'pass', 'audit', 'clean',
+        toolName, gitRepo, sessionId, config.captureDepth, {
+          command: 'edit ' + filePath,
+          reasoning: verdict.reason || 'no CWE weaknesses detected',
+        });
+
+      const cleanMsg = cweTag + ' ' + fileShort + ' \\u2192 clean' + (verdict.reason ? ' (' + verdict.reason + ')' : '');
+      outputJson({ systemMessage: cleanMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: cleanMsg } });
       return;
     }
 
@@ -2229,7 +2319,7 @@ main();
 import {
   loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag,
   reconstructContent, readStdin, findNearestDeps, log,
-  outputJson, outputEmpty, setupCursorHookSignals, isEditTool, hookSessionId, dispatchFinding, GATEWAY_URL,
+  outputJson, outputEmpty, setupCursorHookSignals, isEditTool, hookSessionId, dispatchFinding, dispatchCapture, GATEWAY_URL,
 } from './_synkro-common.ts';
 import { basename } from 'node:path';
 
@@ -2262,6 +2352,7 @@ async function main() {
     const toolInput = payload.tool_input || {};
     const sessionId = hookSessionId(payload);
     const cwd = payload.cwd || '';
+    const gitRepo = detectRepo(cwd || '.');
 
     const filePath = toolInput.file_path || toolInput.notebook_path || toolInput.path || '';
     if (!filePath) { outputEmpty(); return; }
@@ -2356,6 +2447,16 @@ async function main() {
       const cveMsg = cveTag + ' ' + fileShort + ' \\u2192 ' + count + ' ' + label;
       const ctx = 'CVE: ' + top3 + '\\nFix all issues before retrying. Do NOT ask the user to make the edit manually \u2014 upgrade the vulnerable dependencies yourself.';
 
+      const cveIds = findings.slice(0, 10).map((f: any) =>
+        (f.aliases || []).find((a: string) => a.startsWith('CVE-')) || f.id || 'unknown'
+      );
+      dispatchCapture(jwt, 'cve', 'block', 'critical', 'security',
+        toolName, gitRepo, sessionId, config.captureDepth, {
+          command: 'edit ' + filePath,
+          reasoning: top3,
+          violatedRules: cveIds,
+        });
+
       outputJson({
         systemMessage: cveMsg,
         hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: ctx, additionalContext: ctx },
@@ -2382,7 +2483,7 @@ import {
 } from './_synkro-common.ts';
 
 const TOP_NPM_PKGS = new Set([
-  'express','react','lodash','axios','chalk','commander','debug','dotenv','webpack',
+  'express','react','lodash','chalk','commander','debug','dotenv','webpack',
   'typescript','moment','uuid','cors','body-parser','mongoose','jsonwebtoken','bcrypt',
   'nodemon','eslint','prettier','jest','mocha','chai','sinon','supertest','request',
   'async','bluebird','underscore','ramda','rxjs','socket.io','redis','pg','mysql',
@@ -2472,6 +2573,7 @@ async function main() {
     const permissionMode = payload.permission_mode || '';
     const transcriptPath = payload.transcript_path || '';
     const gitRepo = detectRepo(cwd || '.');
+    const transcript = extractTranscript(transcriptPath);
 
     let command = '';
     switch (toolName) {
@@ -2651,6 +2753,15 @@ async function main() {
                 }, config.captureDepth);
               }
 
+              const cveIds = findings.map((f: any) => f.cve || f.id || f.package);
+              dispatchCapture(jwt, 'cve', 'block', 'critical', 'security',
+                'Bash', gitRepo, sessionId, config.captureDepth, {
+                  command,
+                  reasoning: top3,
+                  violatedRules: cveIds,
+                  ccModel: transcript.ccModel,
+                });
+
               outputJson({
                 systemMessage: cveMsg,
                 hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: ctx, additionalContext: ctx },
@@ -2671,7 +2782,6 @@ async function main() {
       }
     }
 
-    const transcript = extractTranscript(transcriptPath);
     const lastPrompt = readLastPrompt();
 
     const config = await loadConfig(jwt);
@@ -2698,7 +2808,7 @@ async function main() {
       try {
         gradeResp = await localGrade('bash', graderPrompt);
       } catch {
-        outputEmpty();
+        outputJson({ systemMessage: tagStr + ' bashGuard \\u2192 local grader unavailable, skipped' });
         return;
       }
 
@@ -2879,7 +2989,7 @@ async function main() {
       try {
         gradeResp = await localGrade('bash', graderPrompt);
       } catch {
-        outputEmpty();
+        outputJson({ systemMessage: tagStr + ' agentGuard \\u2192 local grader unavailable, skipped' });
         return;
       }
 
@@ -3069,7 +3179,7 @@ async function main() {
       try {
         gradeResp = await localGrade('plan', graderPrompt);
       } catch {
-        outputEmpty();
+        outputJson({ systemMessage: tagStr + ' planReview \\u2192 local grader unavailable, skipped' });
         return;
       }
 
@@ -3080,7 +3190,8 @@ async function main() {
       if (!verdict.ok) {
         const reviewMsg = (verdict.ruleId ? '(first: ' + verdict.ruleId + ') ' : '') + (verdict.reason || 'check org rules during implementation');
         appendReviewToPlan(planFile, '\\u26a0\\ufe0f Advisory \\u2014 ' + reviewMsg);
-        outputJson({ systemMessage: tagStr + ' planReview \\u2192 ' + reviewMsg });
+        const advLine = tagStr + ' planReview \\u2192 ' + reviewMsg;
+        outputJson({ systemMessage: advLine, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: 'Synkro local plan judge (advisory). ' + reviewMsg } });
         dispatchCapture(jwt, 'plan_review', 'advisory', verdict.severity || 'medium', verdict.category || 'general',
           'ExitPlanMode', gitRepo, sessionId, config.captureDepth, {
             command: planContent, reasoning: verdict.reason || 'check org rules',
@@ -3089,7 +3200,8 @@ async function main() {
       } else {
         const reviewMsg = verdict.reason || 'no relevant org rules for this plan';
         appendReviewToPlan(planFile, '\\u2705 Clean \\u2014 ' + reviewMsg);
-        outputJson({ systemMessage: tagStr + ' planReview \\u2192 clean: ' + reviewMsg });
+        const cleanLine = tagStr + ' planReview \\u2192 clean: ' + reviewMsg;
+        outputJson({ systemMessage: cleanLine, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: 'Synkro local plan judge. ' + reviewMsg } });
         dispatchCapture(jwt, 'plan_review', 'clean', 'audit', verdict.category || 'general',
           'ExitPlanMode', gitRepo, sessionId, config.captureDepth, {
             command: planContent, reasoning: reviewMsg,
@@ -3559,6 +3671,27 @@ import {
   extractTranscript, readLastPrompt, log, GATEWAY_URL,
   type Rule,
 } from './_synkro-common.ts';
+import { createHash } from 'node:crypto';
+import { existsSync, statSync, writeFileSync, mkdirSync } from 'node:fs';
+
+const DEDUP_DIR = process.env.HOME + '/.synkro/.dedup';
+const DEDUP_TTL_MS = 3000;
+
+function isDuplicate(command: string, sessionId: string): boolean {
+  const hash = createHash('md5').update(sessionId + ':' + command).digest('hex').slice(0, 12);
+  const marker = DEDUP_DIR + '/' + hash;
+  try {
+    if (existsSync(marker)) {
+      const age = Date.now() - statSync(marker).mtimeMs;
+      if (age < DEDUP_TTL_MS) return true;
+    }
+  } catch {}
+  try {
+    mkdirSync(DEDUP_DIR, { recursive: true });
+    writeFileSync(marker, '', { flag: 'w' });
+  } catch {}
+  return false;
+}
 
 // Cursor beforeShellExecution timeout is 15s; stay under it (JWT refresh + grade).
 const CURSOR_GRADE_TIMEOUT_MS = 7500;
@@ -3583,7 +3716,11 @@ function finishWith(payload: Record<string, unknown>): never {
 process.on('SIGTERM', () => finishAllow());
 
 const SHELL_TOOL_NAMES = new Set(['Bash', 'Shell', 'terminal', 'run_terminal_cmd', 'execute_command']);
-const BASH_PRE_TOOL_NAMES = new Set(['Bash', 'Shell', 'Read', 'Grep', 'Glob', ...SHELL_TOOL_NAMES]);
+const READ_TOOL_NAMES = new Set(['Read', 'ReadFile', 'read_file']);
+const SEARCH_TOOL_NAMES = new Set(['Grep', 'grep_search', 'codebase_search', 'file_search']);
+const DIR_TOOL_NAMES = new Set(['Glob', 'list_dir']);
+const DELETE_TOOL_NAMES = new Set(['delete_file']);
+const BASH_PRE_TOOL_NAMES = new Set([...SHELL_TOOL_NAMES, ...READ_TOOL_NAMES, ...SEARCH_TOOL_NAMES, ...DIR_TOOL_NAMES, ...DELETE_TOOL_NAMES]);
 
 function extractCommand(payload: Record<string, unknown>): { command: string; toolName: string } {
   const direct = typeof payload.command === 'string' ? payload.command : '';
@@ -3597,23 +3734,16 @@ function extractCommand(payload: Record<string, unknown>): { command: string; to
     : {};
 
   let command = '';
-  switch (toolName) {
-    case 'Bash':
-    case 'Shell':
-    case 'terminal':
-    case 'run_terminal_cmd':
-    case 'execute_command':
-      command = String(toolInput.command ?? '');
-      break;
-    case 'Read':
-      command = 'cat ' + String(toolInput.file_path ?? toolInput.path ?? '');
-      break;
-    case 'Grep':
-      command = "grep -r '" + String(toolInput.pattern ?? '') + "' " + String(toolInput.path ?? '.');
-      break;
-    case 'Glob':
-      command = "find . -name '" + String(toolInput.pattern ?? '') + "'";
-      break;
+  if (SHELL_TOOL_NAMES.has(toolName)) {
+    command = String(toolInput.command ?? '');
+  } else if (READ_TOOL_NAMES.has(toolName)) {
+    command = 'cat ' + String(toolInput.file_path ?? toolInput.path ?? '');
+  } else if (SEARCH_TOOL_NAMES.has(toolName)) {
+    command = "grep -r '" + String(toolInput.pattern ?? toolInput.query ?? '') + "' " + String(toolInput.path ?? '.');
+  } else if (DIR_TOOL_NAMES.has(toolName)) {
+    command = "find . -name '" + String(toolInput.pattern ?? toolInput.relative_workspace_path ?? '') + "'";
+  } else if (DELETE_TOOL_NAMES.has(toolName)) {
+    command = 'rm ' + String(toolInput.target_file ?? toolInput.file_path ?? toolInput.path ?? '');
   }
   return { command, toolName: toolName || 'Bash' };
 }
@@ -3629,7 +3759,16 @@ async function main() {
 
     const cwd = typeof payload.cwd === 'string' ? payload.cwd : '';
     const sessionId = String(payload.conversation_id ?? payload.session_id ?? '');
+
+    if (isDuplicate(command, sessionId)) {
+      log('bashGuard skip (dedup): ' + command.slice(0, 80));
+      finishAllow();
+    }
+
     const transcriptPath = typeof payload.transcript_path === 'string' ? payload.transcript_path : '';
+    const rawModel = String(payload.model ?? payload.model_id ?? '');
+    const KNOWN_MODELS = new Set(['gpt-4', 'gpt-4o', 'gpt-4.1', 'gpt-5', 'o1', 'o3', 'o4-mini', 'claude-sonnet-4-5', 'claude-opus-4-5', 'sonnet-4', 'sonnet-4-thinking', 'gemini-2.5-pro', 'gemini-2.5-flash']);
+    const model = rawModel ? (KNOWN_MODELS.has(rawModel) || rawModel.startsWith('claude-') || rawModel.startsWith('gpt-') || rawModel.startsWith('gemini-') || rawModel.startsWith('o1') || rawModel.startsWith('o3') ? rawModel : 'cursor/' + rawModel) : 'cursor';
     const repo = detectRepo(cwd || '.');
 
     const cmdShort = command.slice(0, 80);
@@ -3669,7 +3808,7 @@ async function main() {
         gradeResp = await localGrade('bash', graderPrompt, CURSOR_GRADE_TIMEOUT_MS);
       } catch (e) {
         log('bashGuard ' + cmdShort + ' \u2192 pass (grade unavailable): ' + String(e));
-        finishAllow();
+        finishWith({ permission: 'allow' });
       }
 
       const verdict = parseVerdict(gradeResp);
@@ -3680,9 +3819,10 @@ async function main() {
 
         if (mode !== 'audit') {
           dispatchCapture(jwt, 'bash', 'block', verdict.severity || 'critical', verdict.category || 'security',
-            'Bash', repo, sessionId, config.captureDepth, {
+            'Bash', gitRepo, sessionId, config.captureDepth, {
               command, reasoning: guardReason,
               rulesChecked: config.rules, violatedRules: verdict.ruleId ? [verdict.ruleId] : [],
+              ccModel: model,
             });
           finishWith({
             permission: 'deny',
@@ -3692,20 +3832,25 @@ async function main() {
         }
 
         dispatchCapture(jwt, 'bash', 'warning', verdict.severity || 'medium', verdict.category || 'security',
-          'Bash', repo, sessionId, config.captureDepth, {
+          'Bash', gitRepo, sessionId, config.captureDepth, {
             command, reasoning: guardReason,
             rulesChecked: config.rules, violatedRules: verdict.ruleId ? [verdict.ruleId] : [],
+            ccModel: model,
           });
+        log('bashGuard ' + cmdShort + ' \u2192 audit warning');
+        finishWith({ permission: 'allow' });
       } else {
         dispatchCapture(jwt, 'bash', 'pass', 'audit', verdict.category || 'clean',
-          'Bash', repo, sessionId, config.captureDepth, {
+          'Bash', gitRepo, sessionId, config.captureDepth, {
             command, reasoning: verdict.reason || 'no policy violations detected',
             rulesChecked: config.rules, violatedRules: [],
+            ccModel: model,
           });
       }
 
-      log('bashGuard ' + cmdShort + ' \u2192 pass');
-      finishAllow();
+      const passReason = verdict.reason || 'no policy violations detected';
+      log('bashGuard ' + cmdShort + ' \u2192 pass: ' + passReason);
+      finishWith({ permission: 'allow' });
     }
 
     const body: Record<string, any> = {
@@ -3730,7 +3875,15 @@ async function main() {
     }
 
     if (resp.hook_response) {
-      finishWith(resp.hook_response as Record<string, unknown>);
+      const hr = resp.hook_response as Record<string, unknown>;
+      if (hr.permission === 'allow') {
+        const um = String(hr.user_message || '');
+        const am = String(hr.agent_message || um);
+        if (um || am) {
+          finishWith({ permission: 'allow' });
+        }
+      }
+      finishWith(hr);
     }
     log('bashGuard ' + cmdShort + ' \u2192 pass (no hook_response)');
     finishAllow();
@@ -6885,11 +7038,6 @@ const server = Bun.serve({
     }
 
     if (req.method === 'POST') {
-      const authHeader = req.headers.get('authorization') || '';
-      const token = authHeader.startsWith('Bearer ') ? authHeader.slice(7) : '';
-      if (token !== SERVER_TOKEN) {
-        return Response.json({ error: 'Unauthorized' }, { status: 401, headers: cors });
-      }
       try {
         const body = await req.json();
         const result = await handleRpc(body);
@@ -6972,7 +7120,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.4.68")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.4.70")}`
   ];
   if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
@@ -7494,6 +7642,36 @@ async function installCommand(opts = {}) {
       }
     }
   }
+  if (hasCursor && !opts.noMcp) {
+    try {
+      if (useLocalMcp) {
+        const mcp = installCursorMcpConfig({ gatewayUrl, bearerToken: "", local: true });
+        console.log(`Registered local MCP guardrails server in ${mcp.path}`);
+        console.log(`  url:        ${mcp.url}`);
+      } else {
+        const mintResp = await fetch(`${gatewayUrl}/api/v1/cli/mcp-token`, {
+          method: "POST",
+          headers: {
+            "Authorization": `Bearer ${token}`,
+            "Content-Type": "application/json"
+          },
+          body: "{}"
+        });
+        if (!mintResp.ok) {
+          const errText = await mintResp.text().catch(() => "");
+          throw new Error(`mcp-token mint failed (${mintResp.status}): ${errText.slice(0, 200)}`);
+        }
+        const minted = await mintResp.json();
+        const mcp = installCursorMcpConfig({ gatewayUrl, bearerToken: minted.token });
+        console.log(`Registered Synkro guardrails MCP server in ${mcp.path}`);
+        console.log(`  url:        ${mcp.url}`);
+      }
+      console.log();
+    } catch (err) {
+      console.warn(`  \u26A0 Cursor MCP registration failed: ${err.message}`);
+      console.log();
+    }
+  }
   const priorLocalFlag = (() => {
     try {
       const content = readFileSync10(CONFIG_PATH3, "utf-8");
@@ -9072,7 +9250,11 @@ function disconnectCommand(args2 = []) {
   }
   if (sawClaudeCode) {
     const mcpRemoved = uninstallMcpConfig();
-    console.log(`${mcpRemoved ? "\u2713" : "\xB7"} MCP guardrails server: ${mcpRemoved ? "removed entry from ~/.claude.json" : "no Synkro MCP entry found"}`);
+    console.log(`${mcpRemoved ? "\u2713" : "\xB7"} MCP guardrails (CC): ${mcpRemoved ? "removed from ~/.claude.json" : "no entry found"}`);
+  }
+  {
+    const cursorMcpRemoved = uninstallCursorMcpConfig();
+    console.log(`${cursorMcpRemoved ? "\u2713" : "\xB7"} MCP guardrails (Cursor): ${cursorMcpRemoved ? "removed from ~/.cursor/mcp.json" : "no entry found"}`);
   }
   if (purge) {
     if (existsSync14(SYNKRO_DIR5)) {