@veertu/anka-mcp 0.1.0

package/dist/log.js

@@ -0,0 +1,254 @@
+import { AsyncLocalStorage } from "node:async_hooks";
+import { appendFileSync } from "node:fs";
+import { config } from "./config.js";
+const requestContext = new AsyncLocalStorage();
+const SENSITIVE_KEYS = new Set(["password", "private_key", "authorization", "token"]);
+function timestamp() {
+    return new Date().toISOString();
+}
+function write(line) {
+    process.stderr.write(`anka-mcp: ${line}\n`);
+    if (config.auditLogPath) {
+        appendFileSync(config.auditLogPath, `anka-mcp: ${line}\n`, { encoding: "utf8" });
+    }
+}
+/** Log an auth failure (always written when logging is enabled). */
+export function logAuthFailure(source, route, reason = "invalid token") {
+    if (!config.logEnabled)
+        return;
+    write(`${timestamp()} [${source}] auth failure ${route} (${reason})`);
+}
+function formatActor(actor) {
+    const parts = [];
+    if (actor.source)
+        parts.push(`source=${actor.source}`);
+    else if (actor.ip)
+        parts.push(`ip=${actor.ip}`);
+    if (actor.credentialId)
+        parts.push(`credential_id=${actor.credentialId}`);
+    if (actor.credentialLabel)
+        parts.push(`credential_label=${actor.credentialLabel}`);
+    return parts.length > 0 ? parts.join(" ") : "unknown";
+}
+/** Build actor fields from an Express request (includes credential when auth ran). */
+export function limitActorFromRequest(req) {
+    return {
+        source: clientSourceFromRequest(req),
+        ip: req.ip || req.socket.remoteAddress || "unknown",
+        credentialId: req.mcpCredential?.credentialId,
+        credentialLabel: req.mcpCredential?.credentialLabel
+    };
+}
+/** Build actor fields from the current async request context. */
+export function limitActorFromContext() {
+    const ctx = getRequestContext();
+    if (!ctx)
+        return {};
+    return {
+        source: ctx.source,
+        ip: ctx.ip,
+        credentialId: ctx.credentialId,
+        credentialLabel: ctx.credentialLabel
+    };
+}
+/**
+ * Log that a configured limit was hit. Format:
+ * `LIMIT REACHED MCP_RATE_LIMIT_RPM=120 by source=… credential_id=… route=/mcp …`
+ */
+export function logLimitReached(opts) {
+    if (!config.logEnabled)
+        return;
+    const route = opts.route ? ` route=${opts.route}` : "";
+    const detail = opts.detail ? ` ${opts.detail}` : "";
+    write(`${timestamp()} LIMIT REACHED ${opts.limit}=${opts.configured} by ${formatActor(opts.actor ?? {})}${route}${detail}`);
+}
+/** Log MCP session lifecycle events. */
+export function logSessionEvent(event, sessionId, actor) {
+    if (!config.logEnabled)
+        return;
+    const who = actor ? ` by ${formatActor(actor)}` : ` [${getRequestSource()}]`;
+    write(`${timestamp()} session ${event} session_id=${sessionId}${who}`);
+}
+/** Log admin token lifecycle events (never logs plaintext secrets). */
+export function logAdminEvent(event, detail) {
+    if (!config.logEnabled)
+        return;
+    const label = detail.label ? ` label=${detail.label}` : "";
+    write(`${timestamp()} admin ${event} id=${detail.id}${label}`);
+}
+/** Run `fn` with request-scoped logging context (client source). */
+export function runWithRequestContext(context, fn) {
+    return requestContext.run(context, fn);
+}
+/** Run async `fn` with request-scoped logging context. */
+export async function runWithRequestContextAsync(context, fn) {
+    return requestContext.run(context, fn);
+}
+export function getRequestSource() {
+    return requestContext.getStore()?.source ?? "unknown";
+}
+export function getRequestContext() {
+    return requestContext.getStore();
+}
+const MAX_CONTROLLER_EXTERNAL_ID_LENGTH = 512;
+function sanitizeExternalIdPart(value) {
+    return value.replace(/[\r\n\t\0]/g, " ").replace(/\s+/g, " ").trim();
+}
+/**
+ * Build a controller `external_id` that identifies the MCP caller for admins.
+ * Always includes client/IP/session context; an optional caller `ref` is appended.
+ */
+export function buildControllerExternalId(callerExternalId) {
+    const ctx = requestContext.getStore();
+    const parts = ["anka-mcp"];
+    if (ctx?.mcpClientName) {
+        const client = ctx.mcpClientVersion
+            ? `${ctx.mcpClientName}/${ctx.mcpClientVersion}`
+            : ctx.mcpClientName;
+        parts.push(`client=${sanitizeExternalIdPart(client)}`);
+    }
+    if (ctx?.ip) {
+        parts.push(`ip=${sanitizeExternalIdPart(ctx.ip.replace(/^::ffff:/, ""))}`);
+    }
+    if (ctx?.userAgent) {
+        parts.push(`ua=${sanitizeExternalIdPart(ctx.userAgent)}`);
+    }
+    if (ctx?.sessionId) {
+        parts.push(`session=${ctx.sessionId}`);
+    }
+    if (ctx?.credentialId) {
+        parts.push(`credential_id=${sanitizeExternalIdPart(ctx.credentialId)}`);
+    }
+    if (callerExternalId?.trim()) {
+        parts.push(`ref=${sanitizeExternalIdPart(callerExternalId.trim())}`);
+    }
+    const externalId = parts.join(" ");
+    if (externalId.length <= MAX_CONTROLLER_EXTERNAL_ID_LENGTH)
+        return externalId;
+    return `${externalId.slice(0, MAX_CONTROLLER_EXTERNAL_ID_LENGTH - 1)}…`;
+}
+/** Build request-scoped context from an HTTP request and optional MCP client info. */
+export function buildRequestContext(req, clientInfo, sessionId) {
+    const ip = req.ip || req.socket.remoteAddress || "unknown";
+    const userAgent = typeof req.headers["user-agent"] === "string" ? req.headers["user-agent"] : undefined;
+    const resolvedSessionId = sessionId ??
+        (typeof req.headers["mcp-session-id"] === "string" ? req.headers["mcp-session-id"] : undefined);
+    return {
+        source: clientSourceFromRequest(req),
+        ip,
+        userAgent,
+        sessionId: resolvedSessionId,
+        mcpClientName: clientInfo?.name,
+        mcpClientVersion: clientInfo?.version,
+        credentialId: req.mcpCredential?.credentialId,
+        credentialLabel: req.mcpCredential?.credentialLabel
+    };
+}
+/** Extract MCP clientInfo from an initialize JSON-RPC body. */
+export function mcpClientInfoFromBody(body) {
+    const messages = Array.isArray(body) ? body : [body];
+    for (const message of messages) {
+        if (!message || typeof message !== "object" || message.method !== "initialize") {
+            continue;
+        }
+        const clientInfo = message.params?.clientInfo;
+        if (!clientInfo || typeof clientInfo !== "object")
+            continue;
+        return {
+            name: typeof clientInfo.name === "string"
+                ? clientInfo.name
+                : undefined,
+            version: typeof clientInfo.version === "string"
+                ? clientInfo.version
+                : undefined
+        };
+    }
+    return undefined;
+}
+/** Build a compact client label from an Express request. */
+export function clientSourceFromRequest(req) {
+    const ip = req.ip || req.socket.remoteAddress || "unknown";
+    const userAgent = req.headers["user-agent"];
+    if (typeof userAgent === "string" && userAgent.length > 0) {
+        return `${ip} (${userAgent})`;
+    }
+    return ip;
+}
+/** Redact known secret fields before logging structured data. */
+export function sanitizeForLog(value) {
+    if (value === null || value === undefined)
+        return value;
+    if (Array.isArray(value))
+        return value.map(sanitizeForLog);
+    if (typeof value === "object") {
+        const out = {};
+        for (const [key, nested] of Object.entries(value)) {
+            out[key] = SENSITIVE_KEYS.has(key.toLowerCase()) ? "[redacted]" : sanitizeForLog(nested);
+        }
+        return out;
+    }
+    return value;
+}
+function formatPayload(value, maxLength = 800) {
+    const text = typeof value === "string" ? value : JSON.stringify(sanitizeForLog(value), null, 0) ?? "undefined";
+    if (text.length <= maxLength)
+        return text;
+    return `${text.slice(0, maxLength)}…`;
+}
+function parseToolResultPayload(result) {
+    const block = result.content?.[0];
+    if (!block || block.type !== "text")
+        return { isError: result.isError };
+    try {
+        return JSON.parse(block.text);
+    }
+    catch {
+        return { isError: result.isError, text: block.text };
+    }
+}
+/** Extract JSON-RPC method name(s) from an MCP POST body. */
+export function mcpMethodsFromBody(body) {
+    if (!body)
+        return [];
+    const messages = Array.isArray(body) ? body : [body];
+    return messages
+        .map((message) => message && typeof message === "object" && "method" in message
+        ? String(message.method)
+        : undefined)
+        .filter((method) => Boolean(method));
+}
+export function logMcpRequest(method, detail) {
+    if (!config.logEnabled)
+        return;
+    const suffix = detail ? ` ${formatPayload(detail)}` : "";
+    write(`${timestamp()} [${getRequestSource()}] mcp ${method}${suffix}`);
+}
+export function logToolCall(name, args, result) {
+    if (!config.logEnabled)
+        return;
+    const payload = parseToolResultPayload(result);
+    write(`${timestamp()} [${getRequestSource()}] tool ${name} args=${formatPayload(args)} -> ${formatPayload(payload)}`);
+}
+export function logToolError(name, args, error) {
+    if (!config.logEnabled)
+        return;
+    write(`${timestamp()} [${getRequestSource()}] tool ${name} args=${formatPayload(args)} -> error ${String(error)}`);
+}
+export function logAnkaCommand(args, outcome) {
+    if (!config.logEnabled)
+        return;
+    const cmd = [config.ankaBin, ...args].join(" ");
+    const status = outcome.ok ? "ok" : `failed${outcome.message ? `: ${outcome.message}` : ""}`;
+    write(`${timestamp()} [${getRequestSource()}] anka ${cmd} -> ${status}`);
+}
+export function logControllerRequest(method, path, outcome) {
+    if (!config.logEnabled)
+        return;
+    const status = outcome.ok ? "ok" : `failed${outcome.detail ? `: ${outcome.detail}` : ""}`;
+    write(`${timestamp()} [${getRequestSource()}] controller ${method} ${path} -> ${status}`);
+}
+/** Log the tool names registered at startup (always written, like the listen banner). */
+export function logStartupTools(toolNames) {
+    process.stderr.write(`anka-mcp: tools: ${toolNames.join(", ") || "(none)"}\n`);
+}
+//# sourceMappingURL=log.js.map

package/dist/log.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"log.js","sourceRoot":"","sources":["../src/log.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAEzC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAmBrC,MAAM,cAAc,GAAG,IAAI,iBAAiB,EAAkB,CAAC;AAE/D,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,aAAa,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC,CAAC;AAEtF,SAAS,SAAS;IAChB,OAAO,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;AAClC,CAAC;AAED,SAAS,KAAK,CAAC,IAAY;IACzB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,aAAa,IAAI,IAAI,CAAC,CAAC;IAC5C,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,cAAc,CAAC,MAAM,CAAC,YAAY,EAAE,aAAa,IAAI,IAAI,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;IACnF,CAAC;AACH,CAAC;AAED,oEAAoE;AACpE,MAAM,UAAU,cAAc,CAAC,MAAc,EAAE,KAAa,EAAE,MAAM,GAAG,eAAe;IACpF,IAAI,CAAC,MAAM,CAAC,UAAU;QAAE,OAAO;IAC/B,KAAK,CAAC,GAAG,SAAS,EAAE,KAAK,MAAM,kBAAkB,KAAK,KAAK,MAAM,GAAG,CAAC,CAAC;AACxE,CAAC;AAUD,SAAS,WAAW,CAAC,KAAiB;IACpC,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,KAAK,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,UAAU,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;SAClD,IAAI,KAAK,CAAC,EAAE;QAAE,KAAK,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAChD,IAAI,KAAK,CAAC,YAAY;QAAE,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC;IAC1E,IAAI,KAAK,CAAC,eAAe;QAAE,KAAK,CAAC,IAAI,CAAC,oBAAoB,KAAK,CAAC,eAAe,EAAE,CAAC,CAAC;IACnF,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AACxD,CAAC;AAED,sFAAsF;AACtF,MAAM,UAAU,qBAAqB,CAAC,GAKrC;IACC,OAAO;QACL,MAAM,EAAE,uBAAuB,CAAC,GAAG,CAAC;QACpC,EAAE,EAAE,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,SAAS;QACnD,YAAY,EAAE,GAAG,CAAC,aAAa,EAAE,YAAY;QAC7C,eAAe,EAAE,GAAG,CAAC,aAAa,EAAE,eAAe;KACpD,CAAC;AACJ,CAAC;AAED,iEAAiE;AACjE,MAAM,UAAU,qBAAqB;IACnC,MAAM,GAAG,GAAG,iBAAiB,EAAE,CAAC;IAChC,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IACpB,OAAO;QACL,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,EAAE,EAAE,GAAG,CAAC,EAAE;QACV,YAAY,EAAE,GAAG,CAAC,YAAY;QAC9B,eAAe,EAAE,GAAG,CAAC,eAAe;KACrC,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,IAM/B;IACC,IAAI,CAAC,MAAM,CAAC,UAAU;QAAE,OAAO;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACvD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACpD,KAAK,CACH,GAAG,SAAS,EAAE,kBAAkB,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,UAAU,OAAO,WAAW,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,GAAG,KAAK,GAAG,MAAM,EAAE,CACrH,CAAC;AACJ,CAAC;AAED,wCAAwC;AACxC,MAAM,UAAU,eAAe,CAC7B,KAA2B,EAC3B,SAAiB,EACjB,KAAkB;IAElB,IAAI,CAAC,MAAM,CAAC,UAAU;QAAE,OAAO;IAC/B,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,OAAO,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,gBAAgB,EAAE,GAAG,CAAC;IAC7E,KAAK,CAAC,GAAG,SAAS,EAAE,YAAY,KAAK,eAAe,SAAS,GAAG,GAAG,EAAE,CAAC,CAAC;AACzE,CAAC;AAED,uEAAuE;AACvE,MAAM,UAAU,aAAa,CAC3B,KAAwC,EACxC,MAAsC;IAEtC,IAAI,CAAC,MAAM,CAAC,UAAU;QAAE,OAAO;IAC/B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3D,KAAK,CAAC,GAAG,SAAS,EAAE,UAAU,KAAK,OAAO,MAAM,CAAC,EAAE,GAAG,KAAK,EAAE,CAAC,CAAC;AACjE,CAAC;AAED,oEAAoE;AACpE,MAAM,UAAU,qBAAqB,CAAI,OAAuB,EAAE,EAAW;IAC3E,OAAO,cAAc,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;AACzC,CAAC;AAED,0DAA0D;AAC1D,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,OAAuB,EACvB,EAAoB;IAEpB,OAAO,cAAc,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;AACzC,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,OAAO,cAAc,CAAC,QAAQ,EAAE,EAAE,MAAM,IAAI,SAAS,CAAC;AACxD,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,cAAc,CAAC,QAAQ,EAAE,CAAC;AACnC,CAAC;AAED,MAAM,iCAAiC,GAAG,GAAG,CAAC;AAE9C,SAAS,sBAAsB,CAAC,KAAa;IAC3C,OAAO,KAAK,CAAC,OAAO,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;AACvE,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,yBAAyB,CAAC,gBAAyB;IACjE,MAAM,GAAG,GAAG,cAAc,CAAC,QAAQ,EAAE,CAAC;IACtC,MAAM,KAAK,GAAG,CAAC,UAAU,CAAC,CAAC;IAE3B,IAAI,GAAG,EAAE,aAAa,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,GAAG,CAAC,gBAAgB;YACjC,CAAC,CAAC,GAAG,GAAG,CAAC,aAAa,IAAI,GAAG,CAAC,gBAAgB,EAAE;YAChD,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC;QACtB,KAAK,CAAC,IAAI,CAAC,UAAU,sBAAsB,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACzD,CAAC;IACD,IAAI,GAAG,EAAE,EAAE,EAAE,CAAC;QACZ,KAAK,CAAC,IAAI,CAAC,MAAM,sBAAsB,CAAC,GAAG,CAAC,EAAE,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;IAC7E,CAAC;IACD,IAAI,GAAG,EAAE,SAAS,EAAE,CAAC;QACnB,KAAK,CAAC,IAAI,CAAC,MAAM,sBAAsB,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;IAC5D,CAAC;IACD,IAAI,GAAG,EAAE,SAAS,EAAE,CAAC;QACnB,KAAK,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC;IACzC,CAAC;IACD,IAAI,GAAG,EAAE,YAAY,EAAE,CAAC;QACtB,KAAK,CAAC,IAAI,CAAC,iBAAiB,sBAAsB,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,IAAI,gBAAgB,EAAE,IAAI,EAAE,EAAE,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,OAAO,sBAAsB,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,UAAU,CAAC,MAAM,IAAI,iCAAiC;QAAE,OAAO,UAAU,CAAC;IAC9E,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,iCAAiC,GAAG,CAAC,CAAC,GAAG,CAAC;AAC1E,CAAC;AAED,sFAAsF;AACtF,MAAM,UAAU,mBAAmB,CACjC,GAKC,EACD,UAA0B,EAC1B,SAAkB;IAElB,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,SAAS,CAAC;IAC3D,MAAM,SAAS,GACb,OAAO,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACxF,MAAM,iBAAiB,GACrB,SAAS;QACT,CAAC,OAAO,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAElG,OAAO;QACL,MAAM,EAAE,uBAAuB,CAAC,GAAG,CAAC;QACpC,EAAE;QACF,SAAS;QACT,SAAS,EAAE,iBAAiB;QAC5B,aAAa,EAAE,UAAU,EAAE,IAAI;QAC/B,gBAAgB,EAAE,UAAU,EAAE,OAAO;QACrC,YAAY,EAAE,GAAG,CAAC,aAAa,EAAE,YAAY;QAC7C,eAAe,EAAE,GAAG,CAAC,aAAa,EAAE,eAAe;KACpD,CAAC;AACJ,CAAC;AAED,+DAA+D;AAC/D,MAAM,UAAU,qBAAqB,CAAC,IAAa;IACjD,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACrD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAK,OAA+B,CAAC,MAAM,KAAK,YAAY,EAAE,CAAC;YACxG,SAAS;QACX,CAAC;QACD,MAAM,UAAU,GAAI,OAAiD,CAAC,MAAM,EAAE,UAAU,CAAC;QACzF,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ;YAAE,SAAS;QAC5D,OAAO;YACL,IAAI,EAAE,OAAQ,UAAiC,CAAC,IAAI,KAAK,QAAQ;gBAC/D,CAAC,CAAE,UAA+B,CAAC,IAAI;gBACvC,CAAC,CAAC,SAAS;YACb,OAAO,EAAE,OAAQ,UAAoC,CAAC,OAAO,KAAK,QAAQ;gBACxE,CAAC,CAAE,UAAkC,CAAC,OAAO;gBAC7C,CAAC,CAAC,SAAS;SACd,CAAC;IACJ,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,4DAA4D;AAC5D,MAAM,UAAU,uBAAuB,CAAC,GAIvC;IACC,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,SAAS,CAAC;IAC3D,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IAC5C,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1D,OAAO,GAAG,EAAE,KAAK,SAAS,GAAG,CAAC;IAChC,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,iEAAiE;AACjE,MAAM,UAAU,cAAc,CAAC,KAAc;IAC3C,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IACxD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAC3D,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,GAAG,GAA4B,EAAE,CAAC;QACxC,KAAK,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAgC,CAAC,EAAE,CAAC;YAC7E,GAAG,CAAC,GAAG,CAAC,GAAG,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAC3F,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,aAAa,CAAC,KAAc,EAAE,SAAS,GAAG,GAAG;IACpD,MAAM,IAAI,GACR,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,WAAW,CAAC;IACpG,IAAI,IAAI,CAAC,MAAM,IAAI,SAAS;QAAE,OAAO,IAAI,CAAC;IAC1C,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,GAAG,CAAC;AACxC,CAAC;AAED,SAAS,sBAAsB,CAAC,MAAsB;IACpD,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;IAClC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,MAAM;QAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC;IACxE,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC;IACvD,CAAC;AACH,CAAC;AAED,6DAA6D;AAC7D,MAAM,UAAU,kBAAkB,CAAC,IAAa;IAC9C,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,CAAC;IACrB,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACrD,OAAO,QAAQ;SACZ,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CACf,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,QAAQ,IAAI,OAAO;QAC3D,CAAC,CAAC,MAAM,CAAE,OAA+B,CAAC,MAAM,CAAC;QACjD,CAAC,CAAC,SAAS,CACd;SACA,MAAM,CAAC,CAAC,MAAM,EAAoB,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,MAAc,EAAE,MAAgC;IAC5E,IAAI,CAAC,MAAM,CAAC,UAAU;QAAE,OAAO;IAC/B,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACzD,KAAK,CAAC,GAAG,SAAS,EAAE,KAAK,gBAAgB,EAAE,SAAS,MAAM,GAAG,MAAM,EAAE,CAAC,CAAC;AACzE,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,IAAY,EAAE,IAAa,EAAE,MAAsB;IAC7E,IAAI,CAAC,MAAM,CAAC,UAAU;QAAE,OAAO;IAC/B,MAAM,OAAO,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;IAC/C,KAAK,CACH,GAAG,SAAS,EAAE,KAAK,gBAAgB,EAAE,UAAU,IAAI,SAAS,aAAa,CAAC,IAAI,CAAC,OAAO,aAAa,CAAC,OAAO,CAAC,EAAE,CAC/G,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,IAAY,EAAE,IAAa,EAAE,KAAc;IACtE,IAAI,CAAC,MAAM,CAAC,UAAU;QAAE,OAAO;IAC/B,KAAK,CACH,GAAG,SAAS,EAAE,KAAK,gBAAgB,EAAE,UAAU,IAAI,SAAS,aAAa,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,KAAK,CAAC,EAAE,CAC5G,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,IAAc,EAAE,OAA0C;IACvF,IAAI,CAAC,MAAM,CAAC,UAAU;QAAE,OAAO;IAC/B,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAC5F,KAAK,CAAC,GAAG,SAAS,EAAE,KAAK,gBAAgB,EAAE,UAAU,GAAG,OAAO,MAAM,EAAE,CAAC,CAAC;AAC3E,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,MAAc,EACd,IAAY,EACZ,OAAyC;IAEzC,IAAI,CAAC,MAAM,CAAC,UAAU;QAAE,OAAO;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAC1F,KAAK,CAAC,GAAG,SAAS,EAAE,KAAK,gBAAgB,EAAE,gBAAgB,MAAM,IAAI,IAAI,OAAO,MAAM,EAAE,CAAC,CAAC;AAC5F,CAAC;AAED,yFAAyF;AACzF,MAAM,UAAU,eAAe,CAAC,SAAmB;IACjD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,oBAAoB,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,QAAQ,IAAI,CAAC,CAAC;AACjF,CAAC"}

package/dist/security/host.d.ts

@@ -0,0 +1,2 @@
+/** True when the bind address is loopback-only (localhost / ::1). */
+export declare function isLoopbackHost(host: string): boolean;

package/dist/security/host.js

@@ -0,0 +1,9 @@
+/** True when the bind address is loopback-only (localhost / ::1). */
+export function isLoopbackHost(host) {
+    const normalized = host.trim().toLowerCase();
+    return (normalized === "127.0.0.1" ||
+        normalized === "localhost" ||
+        normalized === "::1" ||
+        normalized === "[::1]");
+}
+//# sourceMappingURL=host.js.map

package/dist/security/host.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"host.js","sourceRoot":"","sources":["../../src/security/host.ts"],"names":[],"mappings":"AAAA,qEAAqE;AACrE,MAAM,UAAU,cAAc,CAAC,IAAY;IACzC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC7C,OAAO,CACL,UAAU,KAAK,WAAW;QAC1B,UAAU,KAAK,WAAW;QAC1B,UAAU,KAAK,KAAK;QACpB,UAAU,KAAK,OAAO,CACvB,CAAC;AACJ,CAAC"}

package/dist/security/rate-limit.d.ts

@@ -0,0 +1,18 @@
+import type { NextFunction, Request, Response } from "express";
+/** In-memory sliding-window rate limiter keyed by client identifier (typically IP). */
+export declare class SlidingWindowRateLimiter {
+    private readonly windowMs;
+    private readonly maxRequests;
+    private readonly hits;
+    constructor(maxRequestsPerMinute: number);
+    /** Returns whether the request is allowed and the current window count after the decision. */
+    allow(key: string): {
+        allowed: boolean;
+        count: number;
+    };
+    get maxPerWindow(): number;
+    /** Drop stale entries (call periodically to limit memory growth). */
+    prune(): void;
+}
+/** Express middleware that enforces per-IP RPM when `MCP_RATE_LIMIT_RPM` > 0. */
+export declare function rateLimitMiddleware(limiter: SlidingWindowRateLimiter): (req: Request, res: Response, next: NextFunction) => void;

package/dist/security/rate-limit.js

@@ -0,0 +1,71 @@
+import { config } from "../config.js";
+import { limitActorFromRequest, logLimitReached } from "../log.js";
+/** In-memory sliding-window rate limiter keyed by client identifier (typically IP). */
+export class SlidingWindowRateLimiter {
+    windowMs;
+    maxRequests;
+    hits = new Map();
+    constructor(maxRequestsPerMinute) {
+        this.windowMs = 60_000;
+        this.maxRequests = maxRequestsPerMinute;
+    }
+    /** Returns whether the request is allowed and the current window count after the decision. */
+    allow(key) {
+        const now = Date.now();
+        const windowStart = now - this.windowMs;
+        const timestamps = (this.hits.get(key) ?? []).filter((t) => t > windowStart);
+        if (timestamps.length >= this.maxRequests) {
+            this.hits.set(key, timestamps);
+            return { allowed: false, count: timestamps.length };
+        }
+        timestamps.push(now);
+        this.hits.set(key, timestamps);
+        return { allowed: true, count: timestamps.length };
+    }
+    get maxPerWindow() {
+        return this.maxRequests;
+    }
+    /** Drop stale entries (call periodically to limit memory growth). */
+    prune() {
+        const windowStart = Date.now() - this.windowMs;
+        for (const [key, timestamps] of this.hits) {
+            const fresh = timestamps.filter((t) => t > windowStart);
+            if (fresh.length === 0)
+                this.hits.delete(key);
+            else
+                this.hits.set(key, fresh);
+        }
+    }
+}
+/** Express middleware that enforces per-IP RPM when `MCP_RATE_LIMIT_RPM` > 0. */
+export function rateLimitMiddleware(limiter) {
+    return (req, res, next) => {
+        if (config.rateLimitRpm <= 0) {
+            next();
+            return;
+        }
+        const key = req.ip || req.socket.remoteAddress || "unknown";
+        const { allowed, count } = limiter.allow(key);
+        if (allowed) {
+            next();
+            return;
+        }
+        logLimitReached({
+            limit: "MCP_RATE_LIMIT_RPM",
+            configured: String(config.rateLimitRpm),
+            route: req.originalUrl,
+            actor: limitActorFromRequest(req),
+            detail: `requests_in_window=${count}`
+        });
+        if (req.originalUrl.startsWith("/admin")) {
+            res.status(429).json({ ok: false, error: "Too many requests" });
+            return;
+        }
+        res.status(429).json({
+            jsonrpc: "2.0",
+            error: { code: -32003, message: "Too many requests" },
+            id: null
+        });
+    };
+}
+//# sourceMappingURL=rate-limit.js.map

package/dist/security/rate-limit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limit.js","sourceRoot":"","sources":["../../src/security/rate-limit.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AACtC,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAEnE,uFAAuF;AACvF,MAAM,OAAO,wBAAwB;IAClB,QAAQ,CAAS;IACjB,WAAW,CAAS;IACpB,IAAI,GAAG,IAAI,GAAG,EAAoB,CAAC;IAEpD,YAAY,oBAA4B;QACtC,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC;QACvB,IAAI,CAAC,WAAW,GAAG,oBAAoB,CAAC;IAC1C,CAAC;IAED,8FAA8F;IAC9F,KAAK,CAAC,GAAW;QACf,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,WAAW,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QACxC,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC;QAC7E,IAAI,UAAU,CAAC,MAAM,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YAC1C,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;YAC/B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC;QACtD,CAAC;QACD,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACrB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;QAC/B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC;IACrD,CAAC;IAED,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,qEAAqE;IACrE,KAAK;QACH,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC/C,KAAK,MAAM,CAAC,GAAG,EAAE,UAAU,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YAC1C,MAAM,KAAK,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;gBAAE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;;gBACzC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACjC,CAAC;IACH,CAAC;CACF;AAED,iFAAiF;AACjF,MAAM,UAAU,mBAAmB,CAAC,OAAiC;IACnE,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;QAC/D,IAAI,MAAM,CAAC,YAAY,IAAI,CAAC,EAAE,CAAC;YAC7B,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QACD,MAAM,GAAG,GAAG,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,SAAS,CAAC;QAC5D,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC9C,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QACD,eAAe,CAAC;YACd,KAAK,EAAE,oBAAoB;YAC3B,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC;YACvC,KAAK,EAAE,GAAG,CAAC,WAAW;YACtB,KAAK,EAAE,qBAAqB,CAAC,GAAG,CAAC;YACjC,MAAM,EAAE,sBAAsB,KAAK,EAAE;SACtC,CAAC,CAAC;QACH,IAAI,GAAG,CAAC,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;YAChE,OAAO;QACT,CAAC;QACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,mBAAmB,EAAE;YACrD,EAAE,EAAE,IAAI;SACT,CAAC,CAAC;IACL,CAAC,CAAC;AACJ,CAAC"}

package/dist/security/sanitize.d.ts

@@ -0,0 +1,6 @@
+/** Strip file paths and URLs from CLI stderr before returning to agents. */
+export declare function sanitizeCliError(text: string): string;
+/** Map internal controller errors to agent-safe messages (no URLs or raw HTTP bodies). */
+export declare function sanitizeControllerError(message: string): string;
+/** Normalize unknown thrown values into a safe error string. */
+export declare function sanitizeUnknownError(error: unknown): string;

package/dist/security/sanitize.js

@@ -0,0 +1,33 @@
+const MAX_ERROR_LENGTH = 200;
+const PATH_PATTERN = /(?:\/[\w.-]+)+/g;
+const URL_PATTERN = /https?:\/\/[^\s]+/gi;
+/** Strip file paths and URLs from CLI stderr before returning to agents. */
+export function sanitizeCliError(text) {
+    let cleaned = text.replace(URL_PATTERN, "[url]").replace(PATH_PATTERN, "[path]");
+    cleaned = cleaned.replace(/\s+/g, " ").trim();
+    if (cleaned.length <= MAX_ERROR_LENGTH)
+        return cleaned;
+    return `${cleaned.slice(0, MAX_ERROR_LENGTH - 1)}…`;
+}
+/** Map internal controller errors to agent-safe messages (no URLs or raw HTTP bodies). */
+export function sanitizeControllerError(message) {
+    if (/failed to reach controller/i.test(message)) {
+        return "Could not reach the Anka controller";
+    }
+    if (/controller request failed/i.test(message)) {
+        const httpMatch = message.match(/HTTP (\d{3})/);
+        if (httpMatch) {
+            return `Controller rejected the request (HTTP ${httpMatch[1]})`;
+        }
+        return "Controller rejected the request";
+    }
+    return "Controller operation failed";
+}
+/** Normalize unknown thrown values into a safe error string. */
+export function sanitizeUnknownError(error) {
+    if (error instanceof Error) {
+        return sanitizeControllerError(error.message);
+    }
+    return "Operation failed";
+}
+//# sourceMappingURL=sanitize.js.map

package/dist/security/sanitize.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitize.js","sourceRoot":"","sources":["../../src/security/sanitize.ts"],"names":[],"mappings":"AAAA,MAAM,gBAAgB,GAAG,GAAG,CAAC;AAC7B,MAAM,YAAY,GAAG,iBAAiB,CAAC;AACvC,MAAM,WAAW,GAAG,qBAAqB,CAAC;AAE1C,4EAA4E;AAC5E,MAAM,UAAU,gBAAgB,CAAC,IAAY;IAC3C,IAAI,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IACjF,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9C,IAAI,OAAO,CAAC,MAAM,IAAI,gBAAgB;QAAE,OAAO,OAAO,CAAC;IACvD,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,gBAAgB,GAAG,CAAC,CAAC,GAAG,CAAC;AACtD,CAAC;AAED,0FAA0F;AAC1F,MAAM,UAAU,uBAAuB,CAAC,OAAe;IACrD,IAAI,6BAA6B,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAChD,OAAO,qCAAqC,CAAC;IAC/C,CAAC;IACD,IAAI,4BAA4B,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/C,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;QAChD,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,yCAAyC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC;QAClE,CAAC;QACD,OAAO,iCAAiC,CAAC;IAC3C,CAAC;IACD,OAAO,6BAA6B,CAAC;AACvC,CAAC;AAED,gEAAgE;AAChE,MAAM,UAAU,oBAAoB,CAAC,KAAc;IACjD,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;QAC3B,OAAO,uBAAuB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,kBAAkB,CAAC;AAC5B,CAAC"}

package/dist/security/schemas.d.ts

@@ -0,0 +1,9 @@
+import { z } from "zod";
+/** VM/template/name identifier: non-empty, bounded, must not start with "-". */
+export declare const boundedName: z.ZodString;
+/** Controller vmid, instance_id, tag, and similar opaque ids. */
+export declare const uuidLike: z.ZodString;
+/** Optional bounded label or external reference. */
+export declare const optionalBoundedString: z.ZodString;
+/** Local start_vm wait timeout in seconds. */
+export declare const timeoutSecondsSchema: z.ZodNumber;

package/dist/security/schemas.js

@@ -0,0 +1,20 @@
+import { z } from "zod";
+/** VM/template/name identifier: non-empty, bounded, must not start with "-". */
+export const boundedName = z
+    .string()
+    .trim()
+    .min(1)
+    .max(128)
+    .regex(/^[^-]/, 'must not start with "-"');
+/** Controller vmid, instance_id, tag, and similar opaque ids. */
+export const uuidLike = z
+    .string()
+    .trim()
+    .min(1)
+    .max(64)
+    .regex(/^[a-zA-Z0-9._-]+$/);
+/** Optional bounded label or external reference. */
+export const optionalBoundedString = z.string().trim().min(1).max(512);
+/** Local start_vm wait timeout in seconds. */
+export const timeoutSecondsSchema = z.number().positive().max(3600);
+//# sourceMappingURL=schemas.js.map

package/dist/security/schemas.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"schemas.js","sourceRoot":"","sources":["../../src/security/schemas.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,gFAAgF;AAChF,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC;KACzB,MAAM,EAAE;KACR,IAAI,EAAE;KACN,GAAG,CAAC,CAAC,CAAC;KACN,GAAG,CAAC,GAAG,CAAC;KACR,KAAK,CAAC,OAAO,EAAE,yBAAyB,CAAC,CAAC;AAE7C,iEAAiE;AACjE,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC;KACtB,MAAM,EAAE;KACR,IAAI,EAAE;KACN,GAAG,CAAC,CAAC,CAAC;KACN,GAAG,CAAC,EAAE,CAAC;KACP,KAAK,CAAC,mBAAmB,CAAC,CAAC;AAE9B,oDAAoD;AACpD,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;AAEvE,8CAA8C;AAC9C,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC"}

package/dist/server.d.ts

@@ -0,0 +1,3 @@
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+/** Build a fresh MCP server instance with all tools registered. */
+export declare function createServer(): McpServer;

package/dist/server.js

@@ -0,0 +1,13 @@
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { config } from "./config.js";
+import { registerTools } from "./tools/index.js";
+/** Build a fresh MCP server instance with all tools registered. */
+export function createServer() {
+    const server = new McpServer({
+        name: config.serverName,
+        version: config.serverVersion
+    });
+    registerTools(server);
+    return server;
+}
+//# sourceMappingURL=server.js.map

package/dist/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,mEAAmE;AACnE,MAAM,UAAU,YAAY;IAC1B,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;QAC3B,IAAI,EAAE,MAAM,CAAC,UAAU;QACvB,OAAO,EAAE,MAAM,CAAC,aAAa;KAC9B,CAAC,CAAC;IAEH,aAAa,CAAC,MAAM,CAAC,CAAC;IAEtB,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/ssh-key.d.ts

@@ -0,0 +1,23 @@
+export interface SshKeypair {
+    privateKeyPath: string;
+    publicKey: string;
+}
+/** Generate a throwaway ed25519 keypair in a temp dir. */
+export declare function generateSshKeypair(): Promise<SshKeypair>;
+/** Shell script that installs `publicKey` into ~/.ssh/authorized_keys. */
+export declare function buildAuthorizedKeysStartupScript(publicKey: string): string;
+/** Base64-encode a startup script for the controller API `startup_script` field. */
+export declare function encodeStartupScript(script: string): string;
+export declare function buildSshCommand(options: {
+    privateKeyPath: string;
+    host: string;
+    port: number;
+    user: string;
+}): string;
+/** Verify the MCP key can authenticate over the forwarded SSH port. */
+export declare function probeSshAuth(options: {
+    privateKeyPath: string;
+    host: string;
+    port: number;
+    user: string;
+}): Promise<boolean>;

package/dist/ssh-key.js

@@ -0,0 +1,73 @@
+import { execFile } from "node:child_process";
+import { mkdtemp, readFile } from "node:fs/promises";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { promisify } from "node:util";
+const execFileAsync = promisify(execFile);
+/** Generate a throwaway ed25519 keypair in a temp dir. */
+export async function generateSshKeypair() {
+    const dir = await mkdtemp(join(tmpdir(), "anka-mcp-ssh-"));
+    const privateKeyPath = join(dir, "id_ed25519");
+    await execFileAsync("ssh-keygen", [
+        "-t",
+        "ed25519",
+        "-N",
+        "",
+        "-C",
+        "anka-mcp",
+        "-f",
+        privateKeyPath,
+        "-q"
+    ]);
+    const publicKey = (await readFile(`${privateKeyPath}.pub`, "utf8")).trim();
+    return { privateKeyPath, publicKey };
+}
+/** Shell script that installs `publicKey` into ~/.ssh/authorized_keys. */
+export function buildAuthorizedKeysStartupScript(publicKey) {
+    const escaped = publicKey.replace(/\\/g, "\\\\").replace(/'/g, "'\\''");
+    return ("set -e; " +
+        "mkdir -p ~/.ssh; chmod 700 ~/.ssh; " +
+        `grep -qxF '${escaped}' ~/.ssh/authorized_keys 2>/dev/null || printf '%s\\n' '${escaped}' >> ~/.ssh/authorized_keys; ` +
+        "chmod 600 ~/.ssh/authorized_keys");
+}
+/** Base64-encode a startup script for the controller API `startup_script` field. */
+export function encodeStartupScript(script) {
+    return Buffer.from(script, "utf8").toString("base64");
+}
+export function buildSshCommand(options) {
+    return (`ssh -i ${options.privateKeyPath} -p ${options.port} ` +
+        `-o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ` +
+        `${options.user}@${options.host}`);
+}
+const SSH_PROBE_CONNECT_TIMEOUT_SECONDS = 5;
+/** Verify the MCP key can authenticate over the forwarded SSH port. */
+export async function probeSshAuth(options) {
+    try {
+        await execFileAsync("ssh", [
+            "-i",
+            options.privateKeyPath,
+            "-p",
+            String(options.port),
+            "-o",
+            "IdentitiesOnly=yes",
+            "-o",
+            "StrictHostKeyChecking=no",
+            "-o",
+            "UserKnownHostsFile=/dev/null",
+            "-o",
+            "BatchMode=yes",
+            "-o",
+            `ConnectTimeout=${SSH_PROBE_CONNECT_TIMEOUT_SECONDS}`,
+            `${options.user}@${options.host}`,
+            "true"
+        ], {
+            timeout: (SSH_PROBE_CONNECT_TIMEOUT_SECONDS + 5) * 1000,
+            env: { ...process.env, SSH_AUTH_SOCK: "" }
+        });
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+//# sourceMappingURL=ssh-key.js.map

package/dist/ssh-key.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ssh-key.js","sourceRoot":"","sources":["../src/ssh-key.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAEtC,MAAM,aAAa,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;AAO1C,0DAA0D;AAC1D,MAAM,CAAC,KAAK,UAAU,kBAAkB;IACtC,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,eAAe,CAAC,CAAC,CAAC;IAC3D,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;IAC/C,MAAM,aAAa,CAAC,YAAY,EAAE;QAChC,IAAI;QACJ,SAAS;QACT,IAAI;QACJ,EAAE;QACF,IAAI;QACJ,UAAU;QACV,IAAI;QACJ,cAAc;QACd,IAAI;KACL,CAAC,CAAC;IACH,MAAM,SAAS,GAAG,CAAC,MAAM,QAAQ,CAAC,GAAG,cAAc,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC3E,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,CAAC;AACvC,CAAC;AAED,0EAA0E;AAC1E,MAAM,UAAU,gCAAgC,CAAC,SAAiB;IAChE,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IACxE,OAAO,CACL,UAAU;QACV,qCAAqC;QACrC,cAAc,OAAO,2DAA2D,OAAO,+BAA+B;QACtH,kCAAkC,CACnC,CAAC;AACJ,CAAC;AAED,oFAAoF;AACpF,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACxD,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,OAK/B;IACC,OAAO,CACL,UAAU,OAAO,CAAC,cAAc,OAAO,OAAO,CAAC,IAAI,GAAG;QACtD,oFAAoF;QACpF,GAAG,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,IAAI,EAAE,CAClC,CAAC;AACJ,CAAC;AAED,MAAM,iCAAiC,GAAG,CAAC,CAAC;AAE5C,uEAAuE;AACvE,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAKlC;IACC,IAAI,CAAC;QACH,MAAM,aAAa,CACjB,KAAK,EACL;YACE,IAAI;YACJ,OAAO,CAAC,cAAc;YACtB,IAAI;YACJ,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC;YACpB,IAAI;YACJ,oBAAoB;YACpB,IAAI;YACJ,0BAA0B;YAC1B,IAAI;YACJ,8BAA8B;YAC9B,IAAI;YACJ,eAAe;YACf,IAAI;YACJ,kBAAkB,iCAAiC,EAAE;YACrD,GAAG,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,IAAI,EAAE;YACjC,MAAM;SACP,EACD;YACE,OAAO,EAAE,CAAC,iCAAiC,GAAG,CAAC,CAAC,GAAG,IAAI;YACvD,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,aAAa,EAAE,EAAE,EAAE;SAC3C,CACF,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/dist/tokens/cleanup.d.ts

@@ -0,0 +1,10 @@
+export interface CleanupResult {
+    terminated: string[];
+    failed: {
+        instance_id: string;
+        error: string;
+    }[];
+    skipped?: string;
+}
+/** Best-effort terminate all controller instances owned by a revoked credential. */
+export declare function cleanupCredentialInstances(credentialId: string, instanceIds: string[]): Promise<CleanupResult>;

package/dist/tokens/cleanup.js

@@ -0,0 +1,28 @@
+import { config } from "../config.js";
+import { controller } from "../controller.js";
+import { getTokenStore } from "./store.js";
+/** Best-effort terminate all controller instances owned by a revoked credential. */
+export async function cleanupCredentialInstances(credentialId, instanceIds) {
+    if (!config.revokeCleanupEnabled) {
+        return { terminated: [], failed: [] };
+    }
+    if (!config.controllerEnabled) {
+        getTokenStore().deleteInstancesForCredential(credentialId);
+        return { terminated: [], failed: [], skipped: "controller disabled" };
+    }
+    const terminated = [];
+    const failed = [];
+    const store = getTokenStore();
+    for (const instanceId of instanceIds) {
+        try {
+            await controller.terminateVm(instanceId);
+            store.releaseInstance(credentialId, instanceId);
+            terminated.push(instanceId);
+        }
+        catch (error) {
+            failed.push({ instance_id: instanceId, error: String(error) });
+        }
+    }
+    return { terminated, failed };
+}
+//# sourceMappingURL=cleanup.js.map

package/dist/tokens/cleanup.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cleanup.js","sourceRoot":"","sources":["../../src/tokens/cleanup.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAQ3C,oFAAoF;AACpF,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,YAAoB,EACpB,WAAqB;IAErB,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;QACjC,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;IACxC,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;QAC9B,aAAa,EAAE,CAAC,4BAA4B,CAAC,YAAY,CAAC,CAAC;QAC3D,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,qBAAqB,EAAE,CAAC;IACxE,CAAC;IAED,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,MAAM,MAAM,GAA6C,EAAE,CAAC;IAC5D,MAAM,KAAK,GAAG,aAAa,EAAE,CAAC;IAE9B,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;QACrC,IAAI,CAAC;YACH,MAAM,UAAU,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;YACzC,KAAK,CAAC,eAAe,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;YAChD,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,IAAI,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC;AAChC,CAAC"}