npm - @vorim/mcp-server - Versions diffs - 1.0.0 → 1.1.1 - Mend

@vorim/mcp-server 1.0.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,206 @@
+# @vorim/mcp-server
+**MCP server for AI agent identity, permissions, and audit trails.**
+Gives Claude, Cursor, VS Code, Windsurf, and any MCP-compatible client 13 tools to manage AI agent identities through Vorim — register agents, check permissions, emit audit events, verify trust scores, and delegate credentials.
+[![npm version](https://img.shields.io/npm/v/@vorim/mcp-server.svg)](https://www.npmjs.com/package/@vorim/mcp-server)
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+> **[vorim.ai](https://vorim.ai)** — Create a free account and get your API key in 30 seconds.
+> **[Documentation](https://vorim.ai/docs)** — Full API reference and guides.
+---
+## Quick Start
+### Claude Desktop
+Add to your Claude Desktop config (`~/Library/Application Support/Claude/claude_desktop_config.json`):
+```json
+{
+  "mcpServers": {
+    "vorim": {
+      "command": "npx",
+      "args": ["@vorim/mcp-server"],
+      "env": {
+        "VORIM_API_KEY": "agid_sk_live_..."
+      }
+    }
+  }
+}
+```
+### Claude Code
+```bash
+claude mcp add vorim -- npx @vorim/mcp-server
+```
+Set the API key in your environment:
+```bash
+export VORIM_API_KEY=agid_sk_live_...
+```
+### Cursor
+Add to `.cursor/mcp.json`:
+```json
+{
+  "mcpServers": {
+    "vorim": {
+      "command": "npx",
+      "args": ["@vorim/mcp-server"],
+      "env": {
+        "VORIM_API_KEY": "agid_sk_live_..."
+      }
+    }
+  }
+}
+```
+### VS Code
+Add to `.vscode/mcp.json`:
+```json
+{
+  "servers": {
+    "vorim": {
+      "command": "npx",
+      "args": ["@vorim/mcp-server"],
+      "env": {
+        "VORIM_API_KEY": "agid_sk_live_..."
+      }
+    }
+  }
+}
+```
+### Windsurf
+Add to `~/.codeium/windsurf/mcp_config.json`:
+```json
+{
+  "mcpServers": {
+    "vorim": {
+      "command": "npx",
+      "args": ["@vorim/mcp-server"],
+      "env": {
+        "VORIM_API_KEY": "agid_sk_live_..."
+      }
+    }
+  }
+}
+```
+---
+## Tools
+The server exposes 13 tools across five categories:
+### Health
+| Tool | Description |
+|------|-------------|
+| `vorim_ping` | Check API health and connectivity |
+### Agent Identity
+| Tool | Description |
+|------|-------------|
+| `vorim_register_agent` | Register a new agent with an Ed25519 keypair |
+| `vorim_get_agent` | Get agent details by ID |
+| `vorim_list_agents` | List all agents (with pagination and status filter) |
+| `vorim_update_agent` | Update agent metadata |
+| `vorim_revoke_agent` | Permanently revoke an agent |
+### Permissions
+| Tool | Description |
+|------|-------------|
+| `vorim_check_permission` | Check if an agent has a permission (sub-5ms via Redis) |
+| `vorim_grant_permission` | Grant a scoped permission with optional expiry and rate limits |
+| `vorim_list_permissions` | List all active permissions for an agent |
+| `vorim_revoke_permission` | Revoke a permission from an agent |
+### Audit
+| Tool | Description |
+|------|-------------|
+| `vorim_emit_event` | Log a tamper-evident audit event |
+| `vorim_export_audit` | Export a signed audit bundle (SHA-256 manifest) |
+### Trust
+| Tool | Description |
+|------|-------------|
+| `vorim_verify_trust` | Verify an agent's identity and trust score (0-100) |
+### Credential Delegation
+| Tool | Description |
+|------|-------------|
+| `vorim_register_ephemeral` | Register a short-lived agent with `did:key` identity |
+| `vorim_delegate_credential` | Delegate a scoped credential to an agent |
+| `vorim_request_token` | Request a short-lived access token |
+| `vorim_list_delegations` | List credential delegations |
+---
+## Environment Variables
+| Variable | Description | Default |
+|----------|-------------|---------|
+| `VORIM_API_KEY` | Your Vorim API key (`agid_sk_...`) | **Required** |
+| `VORIM_BASE_URL` | API base URL | `https://api.vorim.ai` |
+---
+## Example Prompts
+Once the MCP server is connected, you can ask your AI assistant:
+- "Register a new agent called invoice-processor with read and execute permissions"
+- "Check if agent agid_acme_a1b2c3d4 has agent:execute permission"
+- "Show me the trust score for agent agid_acme_a1b2c3d4"
+- "List all active agents"
+- "Emit an audit event for agent agid_acme_a1b2c3d4 performing search_documents"
+- "Export audit logs from the last 7 days"
+- "Grant agent:transact permission to agid_acme_a1b2c3d4 with a rate limit of 100 per hour"
+- "Create an ephemeral agent with a 1-hour TTL for a one-off task"
+---
+## Running Standalone
+```bash
+VORIM_API_KEY=agid_sk_live_... npx @vorim/mcp-server
+```
+Or install globally:
+```bash
+npm install -g @vorim/mcp-server
+VORIM_API_KEY=agid_sk_live_... vorim-mcp-server
+```
+---
+## Related
+- [@vorim/sdk](https://www.npmjs.com/package/@vorim/sdk) — TypeScript SDK
+- [vorim (PyPI)](https://pypi.org/project/vorim/) — Python SDK
+- [@vorim/cli](https://www.npmjs.com/package/@vorim/cli) — CLI tool
+- [vorim.ai/docs](https://vorim.ai/docs) — Documentation
+---
+## License
+MIT

package/build/index.js CHANGED Viewed

@@ -239,6 +239,67 @@ server.registerTool("vorim_verify_trust", {
     const json = await response.json();
     return text(json.data || json);
 });
+// ─── Ephemeral Agents ────────────────────────────────────────────────────
+server.registerTool("vorim_register_ephemeral", {
+    description: "Register an ephemeral agent with a did:key identity. Short-lived agents that auto-expire. Returns agent_id, did:key, and keypair.",
+    inputSchema: {
+        capabilities: z.array(z.string()).describe("List of agent capabilities (e.g. ['search', 'write'])"),
+        scopes: z.array(z.string()).describe("Permission scopes to grant (e.g. ['agent:read', 'agent:execute'])"),
+        ttl_seconds: z.number().optional().describe("Time-to-live in seconds before the agent auto-expires"),
+    },
+}, async ({ capabilities, scopes, ttl_seconds }) => {
+    const body = { capabilities, scopes };
+    if (ttl_seconds)
+        body.ttl_seconds = ttl_seconds;
+    const result = await vorimPost("/agents/ephemeral", body);
+    return text(result);
+});
+// ─── Credential Delegation ──────────────────────────────────────────────
+server.registerTool("vorim_delegate_credential", {
+    description: "Delegate a credential to an agent. Creates a scoped delegation with optional rate limits and expiry.",
+    inputSchema: {
+        connection_id: z.string().describe("The connection or credential identifier to delegate"),
+        agent_id: z.string().describe("The agent receiving the delegation"),
+        scopes_delegated: z.array(z.string()).describe("Scopes to delegate (e.g. ['read', 'write'])"),
+        max_requests_per_hr: z.number().optional().describe("Maximum requests per hour for this delegation"),
+        valid_until: z.string().optional().describe("Expiry timestamp (ISO 8601)"),
+    },
+}, async ({ connection_id, agent_id, scopes_delegated, max_requests_per_hr, valid_until }) => {
+    const body = { connection_id, agent_id, scopes_delegated };
+    if (max_requests_per_hr)
+        body.max_requests_per_hr = max_requests_per_hr;
+    if (valid_until)
+        body.valid_until = valid_until;
+    const result = await vorimPost("/credentials/delegations", body);
+    return text(result);
+});
+server.registerTool("vorim_request_token", {
+    description: "Request a short-lived access token for an agent. Returns a scoped token for the specified provider.",
+    inputSchema: {
+        agent_id: z.string().describe("The agent requesting the token"),
+        scope: z.string().describe("Permission scope for the token"),
+        provider_id: z.string().optional().describe("Target provider identifier"),
+    },
+}, async ({ agent_id, scope, provider_id }) => {
+    const body = { agent_id, scope };
+    if (provider_id)
+        body.provider_id = provider_id;
+    const result = await vorimPost("/credentials/token", body);
+    return text(result);
+});
+server.registerTool("vorim_list_delegations", {
+    description: "List credential delegations. Optionally filter by agent_id to see delegations for a specific agent.",
+    inputSchema: {
+        agent_id: z.string().optional().describe("Filter delegations by agent identifier"),
+    },
+}, async ({ agent_id }) => {
+    const params = new URLSearchParams();
+    if (agent_id)
+        params.set("agent_id", agent_id);
+    const qs = params.toString();
+    const result = await vorimGet(`/credentials/delegations${qs ? "?" + qs : ""}`);
+    return text(result);
+});
 // ─── Start ────────────────────────────────────────────────────────────────
 async function main() {
     const transport = new StdioServerTransport();

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@vorim/mcp-server",
-  "version": "1.0.0",
+  "version": "1.1.1",
   "description": "MCP server for Vorim AI — AI agent identity, permissions, and audit trails",
   "type": "module",
   "bin": {