@vorim/mcp-server 1.1.7 → 1.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/index.js +39 -12
- package/package.json +1 -1
package/build/index.js
CHANGED
|
@@ -35,6 +35,11 @@ import { z } from "zod";
|
|
|
35
35
|
// kills exactly one installation.
|
|
36
36
|
const API_KEY = process.env.VORIM_API_KEY || "";
|
|
37
37
|
const BASE_URL = (process.env.VORIM_BASE_URL || "https://api.vorim.ai").replace(/\/$/, "");
|
|
38
|
+
// The 7 canonical permission scopes (must match the API's VALID_SCOPES).
|
|
39
|
+
const SCOPE_ENUM = z.enum([
|
|
40
|
+
"agent:read", "agent:write", "agent:execute", "agent:transact",
|
|
41
|
+
"agent:communicate", "agent:delegate", "agent:elevate",
|
|
42
|
+
]);
|
|
38
43
|
if (!API_KEY) {
|
|
39
44
|
console.error("Error: VORIM_API_KEY environment variable is required");
|
|
40
45
|
process.exit(1);
|
|
@@ -55,7 +60,7 @@ if (!API_KEY) {
|
|
|
55
60
|
import { readFileSync } from "node:fs";
|
|
56
61
|
import { fileURLToPath } from "node:url";
|
|
57
62
|
import { dirname, join } from "node:path";
|
|
58
|
-
const MCP_VERSION_FALLBACK = "1.1.
|
|
63
|
+
const MCP_VERSION_FALLBACK = "1.1.9";
|
|
59
64
|
function readMcpVersion() {
|
|
60
65
|
try {
|
|
61
66
|
const here = dirname(fileURLToPath(import.meta.url));
|
|
@@ -132,6 +137,24 @@ async function vorimRequest(method, path, body) {
|
|
|
132
137
|
async function vorimGet(path) {
|
|
133
138
|
return vorimRequest("GET", path);
|
|
134
139
|
}
|
|
140
|
+
// List endpoints return { data, meta } and vorimRequest unwraps to data,
|
|
141
|
+
// dropping pagination meta. For list tools, fetch the full envelope so the
|
|
142
|
+
// caller can paginate (page/total/total_pages).
|
|
143
|
+
async function vorimGetEnvelope(path) {
|
|
144
|
+
const response = await fetch(`${BASE_URL}/v1${path}`, {
|
|
145
|
+
headers: {
|
|
146
|
+
"Authorization": `Bearer ${API_KEY}`,
|
|
147
|
+
"User-Agent": `vorim-mcp-server/${MCP_VERSION}`,
|
|
148
|
+
},
|
|
149
|
+
});
|
|
150
|
+
if (!response.ok) {
|
|
151
|
+
const j = await response.json().catch(() => ({}));
|
|
152
|
+
const err = j.error;
|
|
153
|
+
throw new Error(err?.message || `HTTP ${response.status}`);
|
|
154
|
+
}
|
|
155
|
+
const json = await response.json();
|
|
156
|
+
return { data: json.data, meta: json.meta };
|
|
157
|
+
}
|
|
135
158
|
async function vorimPost(path, body) {
|
|
136
159
|
return vorimRequest("POST", path, body);
|
|
137
160
|
}
|
|
@@ -208,17 +231,19 @@ server.registerTool("vorim_list_agents", {
|
|
|
208
231
|
if (status)
|
|
209
232
|
params.set("status", status);
|
|
210
233
|
const qs = params.toString();
|
|
211
|
-
const
|
|
212
|
-
return text(
|
|
234
|
+
const { data, meta } = await vorimGetEnvelope(`/agents${qs ? "?" + qs : ""}`);
|
|
235
|
+
return text({ agents: data, meta });
|
|
213
236
|
});
|
|
214
237
|
server.registerTool("vorim_update_agent", {
|
|
215
|
-
description: "Update an agent's metadata (name, description, status
|
|
238
|
+
description: "Update an agent's metadata (name, description, status).",
|
|
216
239
|
inputSchema: {
|
|
217
240
|
agent_id: z.string().describe("The agent identifier"),
|
|
218
241
|
name: z.string().optional().describe("New name"),
|
|
219
242
|
description: z.string().optional().describe("New description"),
|
|
220
|
-
status: z.
|
|
221
|
-
|
|
243
|
+
status: z.enum(["pending", "active", "suspended", "revoked", "expired"]).optional()
|
|
244
|
+
.describe("New status"),
|
|
245
|
+
// capabilities are set at registration only; the update API does not
|
|
246
|
+
// change them, so the field is intentionally omitted.
|
|
222
247
|
},
|
|
223
248
|
}, async ({ agent_id, ...updates }) => {
|
|
224
249
|
const body = Object.fromEntries(Object.entries(updates).filter(([, v]) => v !== undefined));
|
|
@@ -240,7 +265,7 @@ server.registerTool("vorim_check_permission", {
|
|
|
240
265
|
description: "Check if an agent has a specific permission scope. Returns allowed (boolean), reason if denied, and remaining quota. Sub-5ms via Redis cache.",
|
|
241
266
|
inputSchema: {
|
|
242
267
|
agent_id: z.string().describe("The agent identifier"),
|
|
243
|
-
scope:
|
|
268
|
+
scope: SCOPE_ENUM.describe("Permission scope to check"),
|
|
244
269
|
},
|
|
245
270
|
annotations: { readOnlyHint: true },
|
|
246
271
|
}, async ({ agent_id, scope }) => {
|
|
@@ -251,7 +276,7 @@ server.registerTool("vorim_grant_permission", {
|
|
|
251
276
|
description: "Grant a permission scope to an agent. Optionally set expiry and rate limits.",
|
|
252
277
|
inputSchema: {
|
|
253
278
|
agent_id: z.string().describe("The agent identifier"),
|
|
254
|
-
scope:
|
|
279
|
+
scope: SCOPE_ENUM.describe("Permission scope to grant"),
|
|
255
280
|
valid_until: z.string().optional().describe("Expiry timestamp (ISO 8601)"),
|
|
256
281
|
rate_limit_max: z.number().optional().describe("Maximum uses per window"),
|
|
257
282
|
rate_limit_window: z.string().optional().describe("Rate limit window: 1m, 1h, or 1d"),
|
|
@@ -280,7 +305,7 @@ server.registerTool("vorim_revoke_permission", {
|
|
|
280
305
|
description: "Revoke a specific permission scope from an agent.",
|
|
281
306
|
inputSchema: {
|
|
282
307
|
agent_id: z.string().describe("The agent identifier"),
|
|
283
|
-
scope:
|
|
308
|
+
scope: SCOPE_ENUM.describe("Permission scope to revoke"),
|
|
284
309
|
},
|
|
285
310
|
annotations: { destructiveHint: true, idempotentHint: true, readOnlyHint: false },
|
|
286
311
|
}, async ({ agent_id, scope }) => {
|
|
@@ -292,11 +317,13 @@ server.registerTool("vorim_emit_event", {
|
|
|
292
317
|
description: "Log an audit event for an agent action. Every agent action should be logged for compliance and traceability. NOTE: events emitted via the MCP server are sent unsigned because the MCP server does not hold the agent's private key. For tamper-evident audit trails sign client-side via @vorim/sdk before emit.",
|
|
293
318
|
inputSchema: {
|
|
294
319
|
agent_id: z.string().describe("The agent that performed the action"),
|
|
295
|
-
event_type: z.
|
|
320
|
+
event_type: z.enum(["tool_call", "api_request", "message_sent", "permission_change", "status_change", "key_rotation", "login", "export"])
|
|
321
|
+
.describe("Event category"),
|
|
296
322
|
action: z.string().describe("What the agent did (e.g. 'search_documents', 'send_email')"),
|
|
297
|
-
result: z.
|
|
323
|
+
result: z.enum(["success", "denied", "error"]).describe("Outcome"),
|
|
298
324
|
resource: z.string().optional().describe("Target resource identifier"),
|
|
299
|
-
permission: z.
|
|
325
|
+
permission: z.enum(["agent:read", "agent:write", "agent:execute", "agent:transact", "agent:communicate", "agent:delegate", "agent:elevate"])
|
|
326
|
+
.optional().describe("Permission scope used"),
|
|
300
327
|
latency_ms: z.number().optional().describe("Execution time in milliseconds"),
|
|
301
328
|
error_code: z.string().optional().describe("Error code if result is 'error'"),
|
|
302
329
|
},
|
package/package.json
CHANGED