@wolpertingerlabs/drawlatch 1.0.0-alpha.1

package/dist/cli/generate-keys.d.ts

@@ -0,0 +1,15 @@
+#!/usr/bin/env node
+/**
+ * Key generation CLI.
+ *
+ * Generates Ed25519 (signing) + X25519 (key exchange) keypairs for either
+ * the local MCP proxy or the remote server, and saves them with correct
+ * file permissions (0600 for private keys, 0644 for public keys).
+ *
+ * Usage:
+ *   npx tsx src/cli/generate-keys.ts local    # Generate MCP proxy keys
+ *   npx tsx src/cli/generate-keys.ts remote   # Generate remote server keys
+ *   npx tsx src/cli/generate-keys.ts --dir /path/to/keys  # Custom directory
+ */
+export {};
+//# sourceMappingURL=generate-keys.d.ts.map

package/dist/cli/generate-keys.js

@@ -0,0 +1,107 @@
+#!/usr/bin/env node
+/**
+ * Key generation CLI.
+ *
+ * Generates Ed25519 (signing) + X25519 (key exchange) keypairs for either
+ * the local MCP proxy or the remote server, and saves them with correct
+ * file permissions (0600 for private keys, 0644 for public keys).
+ *
+ * Usage:
+ *   npx tsx src/cli/generate-keys.ts local    # Generate MCP proxy keys
+ *   npx tsx src/cli/generate-keys.ts remote   # Generate remote server keys
+ *   npx tsx src/cli/generate-keys.ts --dir /path/to/keys  # Custom directory
+ */
+import { generateKeyBundle, saveKeyBundle, loadKeyBundle, fingerprint, extractPublicKeys, } from '../shared/crypto/index.js';
+import { getLocalKeysDir, getRemoteKeysDir, getConfigDir } from '../shared/config.js';
+import fs from 'node:fs';
+import path from 'node:path';
+function usage() {
+    console.log(`
+Drawlatch key generation
+
+Usage:
+  generate-keys local [alias]   Generate MCP proxy (local) keypair
+                                Alias defaults to "default" if omitted.
+                                Keys are stored in keys/local/<alias>/
+  generate-keys remote          Generate remote server keypair
+  generate-keys --dir <path>    Generate keypair in a custom directory
+  generate-keys show <path>     Show fingerprint of an existing keypair
+
+Keys are saved as PEM files:
+  <dir>/signing.pub.pem       Ed25519 public key (safe to share)
+  <dir>/signing.key.pem       Ed25519 private key (keep secret!)
+  <dir>/exchange.pub.pem      X25519 public key (safe to share)
+  <dir>/exchange.key.pem      X25519 private key (keep secret!)
+`);
+}
+function generateAndSave(targetDir, label) {
+    // Check if keys already exist
+    if (fs.existsSync(path.join(targetDir, 'signing.key.pem'))) {
+        console.error(`\n⚠️  Keys already exist in ${targetDir}`);
+        console.error('   Delete them first if you want to regenerate.');
+        const existing = loadKeyBundle(targetDir);
+        const fp = fingerprint(extractPublicKeys(existing));
+        console.log(`\n   Existing fingerprint: ${fp}\n`);
+        process.exit(1);
+    }
+    console.log(`\nGenerating ${label} keypair...`);
+    const bundle = generateKeyBundle();
+    saveKeyBundle(bundle, targetDir);
+    const pub = extractPublicKeys(bundle);
+    const fp = fingerprint(pub);
+    console.log(`\n✓ Keys saved to: ${targetDir}`);
+    console.log(`  Fingerprint: ${fp}`);
+    console.log(`\n  Files:`);
+    console.log(`    ${path.join(targetDir, 'signing.pub.pem')}     (public, share this)`);
+    console.log(`    ${path.join(targetDir, 'signing.key.pem')}     (PRIVATE, protect this)`);
+    console.log(`    ${path.join(targetDir, 'exchange.pub.pem')}    (public, share this)`);
+    console.log(`    ${path.join(targetDir, 'exchange.key.pem')}    (PRIVATE, protect this)`);
+    console.log('');
+}
+function showFingerprint(dir) {
+    const bundle = loadKeyBundle(dir);
+    const pub = extractPublicKeys(bundle);
+    console.log(`Fingerprint: ${fingerprint(pub)}`);
+}
+// ── Main ───────────────────────────────────────────────────────────────────
+const args = process.argv.slice(2);
+if (args.length === 0 || args.includes('--help') || args.includes('-h')) {
+    usage();
+    process.exit(0);
+}
+// Ensure base config directory exists
+fs.mkdirSync(getConfigDir(), { recursive: true, mode: 0o700 });
+if (args[0] === 'local') {
+    const alias = args[1] && !args[1].startsWith('-') ? args[1] : 'default';
+    const localKeysDir = getLocalKeysDir();
+    const targetDir = path.join(localKeysDir, alias);
+    // Check for legacy flat key layout (PEM files directly in keys/local/)
+    const legacyKeyPath = path.join(localKeysDir, 'signing.key.pem');
+    if (fs.existsSync(legacyKeyPath)) {
+        console.error(`\n⚠️  Legacy key layout detected: PEM files found directly in ${localKeysDir}\n` +
+            `   Local keys are now stored per-alias: keys/local/<alias>/\n` +
+            `   To migrate, move your existing keys:\n\n` +
+            `     mkdir -p ${targetDir}\n` +
+            `     mv ${localKeysDir}/signing.* ${targetDir}/\n` +
+            `     mv ${localKeysDir}/exchange.* ${targetDir}/\n\n` +
+            `   Then update localKeysDir in your proxy.config.json to point to:\n` +
+            `     ${targetDir}\n`);
+        process.exit(1);
+    }
+    generateAndSave(targetDir, `MCP proxy (local) — alias "${alias}"`);
+}
+else if (args[0] === 'remote') {
+    generateAndSave(getRemoteKeysDir(), 'remote server');
+}
+else if (args[0] === '--dir' && args[1]) {
+    generateAndSave(args[1], 'custom');
+}
+else if (args[0] === 'show' && args[1]) {
+    showFingerprint(args[1]);
+}
+else {
+    console.error(`Unknown argument: ${args[0]}`);
+    usage();
+    process.exit(1);
+}
+//# sourceMappingURL=generate-keys.js.map

package/dist/connections/anthropic.json

@@ -0,0 +1,16 @@
+{
+  "name": "Anthropic API",
+  "description": "Anthropic Claude API — messages, models, and more. Auth is handled automatically via the ANTHROPIC_API_KEY environment variable. Uses x-api-key header (not Bearer token). The anthropic-version header is set to 2023-06-01.",
+  "docsUrl": "https://docs.anthropic.com/en/api",
+  "headers": {
+    "x-api-key": "${ANTHROPIC_API_KEY}",
+    "anthropic-version": "2023-06-01",
+    "Content-Type": "application/json"
+  },
+  "secrets": {
+    "ANTHROPIC_API_KEY": "${ANTHROPIC_API_KEY}"
+  },
+  "allowedEndpoints": [
+    "https://api.anthropic.com/**"
+  ]
+}

package/dist/connections/bluesky.json

@@ -0,0 +1,26 @@
+{
+  "name": "Bluesky API (AT Protocol)",
+  "description": "Bluesky API via the AT Protocol — posts, feeds, profiles, notifications, social graph, and more. Auth is handled automatically via the BLUESKY_ACCESS_TOKEN environment variable (JWT Bearer token). Obtain a token by POSTing to com.atproto.server.createSession with your handle and an App Password. Tokens expire after ~2 hours — rotate externally using the refresh token. Both bsky.social (authenticated PDS) and public.api.bsky.app (public read-only API) are allowlisted. For self-hosted PDS instances, override with a custom connector. Includes a poll ingestor that fetches notifications — use poll_events to retrieve them.",
+  "docsUrl": "https://docs.bsky.app/",
+  "headers": {
+    "Authorization": "Bearer ${BLUESKY_ACCESS_TOKEN}"
+  },
+  "secrets": {
+    "BLUESKY_ACCESS_TOKEN": "${BLUESKY_ACCESS_TOKEN}"
+  },
+  "allowedEndpoints": [
+    "https://bsky.social/xrpc/**",
+    "https://public.api.bsky.app/xrpc/**"
+  ],
+  "ingestor": {
+    "type": "poll",
+    "poll": {
+      "url": "https://bsky.social/xrpc/app.bsky.notification.listNotifications?limit=25",
+      "intervalMs": 60000,
+      "method": "GET",
+      "responsePath": "notifications",
+      "deduplicateBy": "uri",
+      "eventType": "notification"
+    }
+  }
+}

package/dist/connections/devin.json

@@ -0,0 +1,15 @@
+{
+  "name": "Devin API",
+  "description": "Devin AI API — sessions, knowledge, and machine management. Auth is handled automatically via the DEVIN_API_KEY environment variable.",
+  "docsUrl": "https://docs.devin.ai/api-reference/overview",
+  "headers": {
+    "Authorization": "Bearer ${DEVIN_API_KEY}",
+    "Content-Type": "application/json"
+  },
+  "secrets": {
+    "DEVIN_API_KEY": "${DEVIN_API_KEY}"
+  },
+  "allowedEndpoints": [
+    "https://api.devin.ai/**"
+  ]
+}

package/dist/connections/discord-bot.json

@@ -0,0 +1,24 @@
+{
+  "name": "Discord Bot API",
+  "description": "Discord Bot API (v10) — guilds, channels, messages, users, roles, and more. Auth is handled automatically via the DISCORD_BOT_TOKEN environment variable. Uses the 'Bot' authorization prefix. For OAuth2 user-scoped access, use the 'discord-oauth' connection instead. Includes a Gateway ingestor for real-time events (messages, reactions, etc.) — use poll_events to retrieve them.",
+  "docsUrl": "https://discord.com/developers/docs/intro",
+  "openApiUrl": "https://raw.githubusercontent.com/discord/discord-api-spec/main/specs/openapi.json",
+  "headers": {
+    "Authorization": "Bot ${DISCORD_BOT_TOKEN}",
+    "Content-Type": "application/json"
+  },
+  "secrets": {
+    "DISCORD_BOT_TOKEN": "${DISCORD_BOT_TOKEN}"
+  },
+  "allowedEndpoints": [
+    "https://discord.com/api/v10/**"
+  ],
+  "ingestor": {
+    "type": "websocket",
+    "websocket": {
+      "gatewayUrl": "wss://gateway.discord.gg/?v=10&encoding=json",
+      "protocol": "discord",
+      "intents": 3276799
+    }
+  }
+}

package/dist/connections/discord-oauth.json

@@ -0,0 +1,16 @@
+{
+  "name": "Discord OAuth2 API",
+  "description": "Discord OAuth2 API (v10) — user identity, guilds, connections, and other user-scoped data. Auth is handled automatically via the DISCORD_OAUTH_TOKEN environment variable (OAuth2 Bearer access token). Access is limited to the scopes the user authorized. For full bot access, use the 'discord-bot' connection instead.",
+  "docsUrl": "https://discord.com/developers/docs/topics/oauth2",
+  "openApiUrl": "https://raw.githubusercontent.com/discord/discord-api-spec/main/specs/openapi.json",
+  "headers": {
+    "Authorization": "Bearer ${DISCORD_OAUTH_TOKEN}",
+    "Content-Type": "application/json"
+  },
+  "secrets": {
+    "DISCORD_OAUTH_TOKEN": "${DISCORD_OAUTH_TOKEN}"
+  },
+  "allowedEndpoints": [
+    "https://discord.com/api/v10/**"
+  ]
+}

package/dist/connections/github.json

@@ -0,0 +1,25 @@
+{
+  "name": "GitHub API",
+  "description": "GitHub REST API — repositories, issues, pull requests, users, organizations, and more. Auth is handled automatically via the GITHUB_TOKEN environment variable. Includes a webhook ingestor for real-time events (push, pull_request, issues, etc.) — set GITHUB_WEBHOOK_SECRET and use poll_events to retrieve them.",
+  "docsUrl": "https://docs.github.com/en/rest",
+  "openApiUrl": "https://raw.githubusercontent.com/github/rest-api-description/main/descriptions/api.github.com/api.github.com.json",
+  "headers": {
+    "Authorization": "Bearer ${GITHUB_TOKEN}",
+    "Accept": "application/vnd.github+json",
+    "X-GitHub-Api-Version": "2022-11-28",
+    "User-Agent": "drawlatch"
+  },
+  "secrets": {
+    "GITHUB_TOKEN": "${GITHUB_TOKEN}",
+    "GITHUB_WEBHOOK_SECRET": "${GITHUB_WEBHOOK_SECRET}"
+  },
+  "allowedEndpoints": ["https://api.github.com/**"],
+  "ingestor": {
+    "type": "webhook",
+    "webhook": {
+      "path": "github",
+      "signatureHeader": "X-Hub-Signature-256",
+      "signatureSecret": "GITHUB_WEBHOOK_SECRET"
+    }
+  }
+}

package/dist/connections/google-ai.json

@@ -0,0 +1,15 @@
+{
+  "name": "Google AI (Gemini) API",
+  "description": "Google AI Gemini API — chat completions, embeddings, image generation, token counting, and more. Auth is handled automatically via the GOOGLE_AI_API_KEY environment variable. Uses x-goog-api-key header (not Bearer token). This is separate from the 'google' connection which covers Google Workspace APIs (Sheets, Drive, etc.).",
+  "docsUrl": "https://ai.google.dev/api",
+  "headers": {
+    "x-goog-api-key": "${GOOGLE_AI_API_KEY}",
+    "Content-Type": "application/json"
+  },
+  "secrets": {
+    "GOOGLE_AI_API_KEY": "${GOOGLE_AI_API_KEY}"
+  },
+  "allowedEndpoints": [
+    "https://generativelanguage.googleapis.com/**"
+  ]
+}

package/dist/connections/google.json

@@ -0,0 +1,28 @@
+{
+  "name": "Google APIs",
+  "description": "Google APIs — Sheets, Docs, Drive, Calendar, Gmail, and more. Auth is handled automatically via the GOOGLE_API_TOKEN environment variable (OAuth2 access token or service account token). Multiple Google API domains are allowlisted.",
+  "docsUrl": "https://developers.google.com/apis-explorer",
+  "headers": {
+    "Authorization": "Bearer ${GOOGLE_API_TOKEN}"
+  },
+  "secrets": {
+    "GOOGLE_API_TOKEN": "${GOOGLE_API_TOKEN}"
+  },
+  "allowedEndpoints": [
+    "https://www.googleapis.com/**",
+    "https://sheets.googleapis.com/**",
+    "https://docs.googleapis.com/**",
+    "https://drive.googleapis.com/**",
+    "https://calendar-json.googleapis.com/**",
+    "https://gmail.googleapis.com/**",
+    "https://slides.googleapis.com/**",
+    "https://people.googleapis.com/**",
+    "https://tasks.googleapis.com/**",
+    "https://admin.googleapis.com/**",
+    "https://chat.googleapis.com/**",
+    "https://forms.googleapis.com/**",
+    "https://youtube.googleapis.com/**",
+    "https://youtubeanalytics.googleapis.com/**",
+    "https://cloudresourcemanager.googleapis.com/**"
+  ]
+}

package/dist/connections/hex.json

@@ -0,0 +1,14 @@
+{
+  "name": "Hex API",
+  "description": "Hex API — projects, runs, users, groups, collections, and data connections. Auth is handled automatically via the HEX_TOKEN environment variable.",
+  "docsUrl": "https://learn.hex.tech/docs/api/api-overview",
+  "headers": {
+    "Authorization": "Bearer ${HEX_TOKEN}"
+  },
+  "secrets": {
+    "HEX_TOKEN": "${HEX_TOKEN}"
+  },
+  "allowedEndpoints": [
+    "https://app.hex.tech/api/**"
+  ]
+}

package/dist/connections/lichess.json

@@ -0,0 +1,15 @@
+{
+  "name": "Lichess API",
+  "description": "Lichess Opening Explorer, Cloud Evaluation, and authenticated API — query master and rated game statistics by opening move sequence, get cached Stockfish engine evaluations by FEN position, and access authenticated endpoints (account info, game history, player-specific opening analysis, etc.). Set LICHESS_API_TOKEN to a personal access token for authenticated routes; public endpoints (Opening Explorer, Cloud Eval) work without it.",
+  "docsUrl": "https://lichess.org/api",
+  "headers": {
+    "Authorization": "Bearer ${LICHESS_API_TOKEN}"
+  },
+  "secrets": {
+    "LICHESS_API_TOKEN": "${LICHESS_API_TOKEN}"
+  },
+  "allowedEndpoints": [
+    "https://explorer.lichess.ovh/**",
+    "https://lichess.org/api/**"
+  ]
+}

package/dist/connections/linear.json

@@ -0,0 +1,29 @@
+{
+  "name": "Linear API",
+  "description": "Linear GraphQL API — issues, projects, teams, cycles, and more. Auth is handled automatically via the LINEAR_API_KEY environment variable. All requests are GraphQL queries sent as POST to https://api.linear.app/graphql. Includes a poll ingestor that periodically fetches recently updated issues — use poll_events to retrieve them.",
+  "docsUrl": "https://developers.linear.app/docs/graphql/working-with-the-graphql-api",
+  "headers": {
+    "Authorization": "${LINEAR_API_KEY}",
+    "Content-Type": "application/json"
+  },
+  "secrets": {
+    "LINEAR_API_KEY": "${LINEAR_API_KEY}"
+  },
+  "allowedEndpoints": [
+    "https://api.linear.app/**"
+  ],
+  "ingestor": {
+    "type": "poll",
+    "poll": {
+      "url": "https://api.linear.app/graphql",
+      "intervalMs": 60000,
+      "method": "POST",
+      "body": {
+        "query": "{ issues(orderBy: updatedAt, first: 50) { nodes { id identifier title state { name } priority updatedAt createdAt assignee { name } } } }"
+      },
+      "responsePath": "data.issues.nodes",
+      "deduplicateBy": "id",
+      "eventType": "issue_updated"
+    }
+  }
+}

package/dist/connections/mastodon.json

@@ -0,0 +1,25 @@
+{
+  "name": "Mastodon API",
+  "description": "Mastodon API — statuses (toots), timelines, notifications, accounts, search, and more. Auth is handled automatically via the MASTODON_ACCESS_TOKEN environment variable (OAuth2 Bearer token from your instance's Development settings). This template targets mastodon.social — for other instances, override with a custom connector using the same auth pattern but different allowedEndpoints. Includes a poll ingestor that fetches the home timeline — use poll_events to retrieve them.",
+  "docsUrl": "https://docs.joinmastodon.org/api/",
+  "headers": {
+    "Authorization": "Bearer ${MASTODON_ACCESS_TOKEN}"
+  },
+  "secrets": {
+    "MASTODON_ACCESS_TOKEN": "${MASTODON_ACCESS_TOKEN}"
+  },
+  "allowedEndpoints": [
+    "https://mastodon.social/api/v1/**",
+    "https://mastodon.social/api/v2/**"
+  ],
+  "ingestor": {
+    "type": "poll",
+    "poll": {
+      "url": "https://mastodon.social/api/v1/timelines/home?limit=20",
+      "intervalMs": 60000,
+      "method": "GET",
+      "deduplicateBy": "id",
+      "eventType": "status"
+    }
+  }
+}

package/dist/connections/notion.json

@@ -0,0 +1,33 @@
+{
+  "name": "Notion API",
+  "description": "Notion API — pages, databases, blocks, users, search, and more. Auth is handled automatically via the NOTION_API_KEY environment variable (internal integration token). The Notion-Version header is set to 2022-06-28. Includes a poll ingestor that periodically searches for recently edited pages — use poll_events to retrieve them.",
+  "docsUrl": "https://developers.notion.com/reference",
+  "headers": {
+    "Authorization": "Bearer ${NOTION_API_KEY}",
+    "Notion-Version": "2022-06-28",
+    "Content-Type": "application/json"
+  },
+  "secrets": {
+    "NOTION_API_KEY": "${NOTION_API_KEY}"
+  },
+  "allowedEndpoints": [
+    "https://api.notion.com/**"
+  ],
+  "ingestor": {
+    "type": "poll",
+    "poll": {
+      "url": "https://api.notion.com/v1/search",
+      "intervalMs": 60000,
+      "method": "POST",
+      "body": {
+        "sort": {
+          "direction": "descending",
+          "timestamp": "last_edited_time"
+        }
+      },
+      "responsePath": "results",
+      "deduplicateBy": "id",
+      "eventType": "page_updated"
+    }
+  }
+}

package/dist/connections/openai.json

@@ -0,0 +1,16 @@
+{
+  "name": "OpenAI API",
+  "description": "OpenAI API — chat completions, embeddings, images, audio, files, fine-tuning, and more. Auth is handled automatically via the OPENAI_API_KEY environment variable.",
+  "docsUrl": "https://platform.openai.com/docs/api-reference",
+  "openApiUrl": "https://raw.githubusercontent.com/openai/openai-openapi/master/openapi.yaml",
+  "headers": {
+    "Authorization": "Bearer ${OPENAI_API_KEY}",
+    "Content-Type": "application/json"
+  },
+  "secrets": {
+    "OPENAI_API_KEY": "${OPENAI_API_KEY}"
+  },
+  "allowedEndpoints": [
+    "https://api.openai.com/**"
+  ]
+}

package/dist/connections/openrouter.json

@@ -0,0 +1,16 @@
+{
+  "name": "OpenRouter API",
+  "description": "OpenRouter unified LLM API — chat completions, models, generation stats, and more. Auth is handled automatically via the OPENROUTER_API_KEY environment variable.",
+  "docsUrl": "https://openrouter.ai/docs/api-reference",
+  "openApiUrl": "https://openrouter.ai/openapi.json",
+  "headers": {
+    "Authorization": "Bearer ${OPENROUTER_API_KEY}",
+    "Content-Type": "application/json"
+  },
+  "secrets": {
+    "OPENROUTER_API_KEY": "${OPENROUTER_API_KEY}"
+  },
+  "allowedEndpoints": [
+    "https://openrouter.ai/api/**"
+  ]
+}

package/dist/connections/reddit.json

@@ -0,0 +1,28 @@
+{
+  "name": "Reddit API",
+  "description": "Reddit API — subreddits, posts, comments, users, search, and more. Auth is handled automatically via the REDDIT_ACCESS_TOKEN environment variable (OAuth2 Bearer token). A User-Agent header is required by Reddit and set via REDDIT_USER_AGENT. Obtain an OAuth2 token by registering a 'script' app at https://www.reddit.com/prefs/apps and using the client credentials grant. Tokens expire after 1 hour — rotate externally. Includes a poll ingestor that fetches new posts from a configurable subreddit — set REDDIT_SUBREDDIT and use poll_events to retrieve them.",
+  "docsUrl": "https://www.reddit.com/dev/api/",
+  "headers": {
+    "Authorization": "Bearer ${REDDIT_ACCESS_TOKEN}",
+    "User-Agent": "${REDDIT_USER_AGENT}"
+  },
+  "secrets": {
+    "REDDIT_ACCESS_TOKEN": "${REDDIT_ACCESS_TOKEN}",
+    "REDDIT_USER_AGENT": "${REDDIT_USER_AGENT}",
+    "REDDIT_SUBREDDIT": "${REDDIT_SUBREDDIT}"
+  },
+  "allowedEndpoints": [
+    "https://oauth.reddit.com/**"
+  ],
+  "ingestor": {
+    "type": "poll",
+    "poll": {
+      "url": "https://oauth.reddit.com/r/${REDDIT_SUBREDDIT}/new?limit=25",
+      "intervalMs": 60000,
+      "method": "GET",
+      "responsePath": "data.children",
+      "deduplicateBy": "data.name",
+      "eventType": "new_post"
+    }
+  }
+}

package/dist/connections/slack.json

@@ -0,0 +1,23 @@
+{
+  "name": "Slack API",
+  "description": "Slack Web API — messages, channels, users, reactions, files, and more. Auth is handled automatically via the SLACK_BOT_TOKEN environment variable. Real-time events via Socket Mode require SLACK_APP_TOKEN.",
+  "docsUrl": "https://docs.slack.dev/apis/web-api",
+  "openApiUrl": "https://raw.githubusercontent.com/slackapi/slack-api-specs/master/web-api/slack_web_openapi_v2.json",
+  "headers": {
+    "Authorization": "Bearer ${SLACK_BOT_TOKEN}"
+  },
+  "secrets": {
+    "SLACK_BOT_TOKEN": "${SLACK_BOT_TOKEN}",
+    "SLACK_APP_TOKEN": "${SLACK_APP_TOKEN}"
+  },
+  "allowedEndpoints": [
+    "https://slack.com/api/**"
+  ],
+  "ingestor": {
+    "type": "websocket",
+    "websocket": {
+      "gatewayUrl": "https://slack.com/api/apps.connections.open",
+      "protocol": "slack"
+    }
+  }
+}

package/dist/connections/stripe.json

@@ -0,0 +1,25 @@
+{
+  "name": "Stripe API",
+  "description": "Stripe payments API — customers, charges, payment intents, subscriptions, invoices, and more. Auth is handled automatically via the STRIPE_SECRET_KEY environment variable. Includes a webhook ingestor for real-time events (payment_intent.succeeded, invoice.paid, etc.) — set STRIPE_WEBHOOK_SECRET and use poll_events to retrieve them. Note: Stripe uses application/x-www-form-urlencoded for request bodies, not JSON.",
+  "docsUrl": "https://docs.stripe.com/api",
+  "openApiUrl": "https://raw.githubusercontent.com/stripe/openapi/master/openapi/spec3.json",
+  "headers": {
+    "Authorization": "Bearer ${STRIPE_SECRET_KEY}"
+  },
+  "secrets": {
+    "STRIPE_SECRET_KEY": "${STRIPE_SECRET_KEY}",
+    "STRIPE_WEBHOOK_SECRET": "${STRIPE_WEBHOOK_SECRET}"
+  },
+  "allowedEndpoints": [
+    "https://api.stripe.com/**"
+  ],
+  "ingestor": {
+    "type": "webhook",
+    "webhook": {
+      "path": "stripe",
+      "protocol": "stripe",
+      "signatureHeader": "Stripe-Signature",
+      "signatureSecret": "STRIPE_WEBHOOK_SECRET"
+    }
+  }
+}

package/dist/connections/telegram.json

@@ -0,0 +1,26 @@
+{
+  "name": "Telegram Bot API",
+  "description": "Telegram Bot API — messages, chats, users, inline queries, payments, and more. Auth uses a bot token embedded in the URL path — include /bot${TELEGRAM_BOT_TOKEN}/ in your request URLs. The placeholder is resolved automatically from the route's secrets. Create a bot via @BotFather on Telegram to obtain a token. Includes a poll ingestor that fetches new updates via getUpdates — use poll_events to retrieve them.",
+  "docsUrl": "https://core.telegram.org/bots/api",
+  "headers": {
+    "Content-Type": "application/json"
+  },
+  "secrets": {
+    "TELEGRAM_BOT_TOKEN": "${TELEGRAM_BOT_TOKEN}"
+  },
+  "resolveSecretsInBody": true,
+  "allowedEndpoints": [
+    "https://api.telegram.org/**"
+  ],
+  "ingestor": {
+    "type": "poll",
+    "poll": {
+      "url": "https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/getUpdates?limit=25&timeout=0",
+      "intervalMs": 30000,
+      "method": "GET",
+      "responsePath": "result",
+      "deduplicateBy": "update_id",
+      "eventType": "update"
+    }
+  }
+}

package/dist/connections/trello.json

@@ -0,0 +1,25 @@
+{
+  "name": "Trello API",
+  "description": "Trello boards, lists, and cards API. Authentication uses query parameters — include ?key=${TRELLO_API_KEY}&token=${TRELLO_TOKEN} in your request URLs. The placeholders are resolved automatically from the route's secrets. Includes a webhook ingestor for real-time events (card updates, list changes, board activity, etc.) — set TRELLO_API_SECRET and TRELLO_CALLBACK_URL, then use poll_events to retrieve them.",
+  "docsUrl": "https://developer.atlassian.com/cloud/trello/rest/",
+  "headers": {},
+  "secrets": {
+    "TRELLO_API_KEY": "${TRELLO_API_KEY}",
+    "TRELLO_TOKEN": "${TRELLO_TOKEN}",
+    "TRELLO_API_SECRET": "${TRELLO_API_SECRET}",
+    "TRELLO_CALLBACK_URL": "${TRELLO_CALLBACK_URL}"
+  },
+  "allowedEndpoints": [
+    "https://api.trello.com/**"
+  ],
+  "ingestor": {
+    "type": "webhook",
+    "webhook": {
+      "path": "trello",
+      "protocol": "trello",
+      "signatureHeader": "X-Trello-Webhook",
+      "signatureSecret": "TRELLO_API_SECRET",
+      "callbackUrl": "${TRELLO_CALLBACK_URL}"
+    }
+  }
+}

package/dist/connections/twitch.json

@@ -0,0 +1,28 @@
+{
+  "name": "Twitch API",
+  "description": "Twitch Helix API — streams, users, channels, clips, videos, chat, and more. Auth requires both a Bearer token and Client-Id header, handled automatically via TWITCH_ACCESS_TOKEN and TWITCH_CLIENT_ID environment variables. Register an application at https://dev.twitch.tv/console/apps to obtain credentials. Includes a poll ingestor that fetches followed live streams — set TWITCH_USER_ID and use poll_events to retrieve them.",
+  "docsUrl": "https://dev.twitch.tv/docs/api/reference/",
+  "headers": {
+    "Authorization": "Bearer ${TWITCH_ACCESS_TOKEN}",
+    "Client-Id": "${TWITCH_CLIENT_ID}"
+  },
+  "secrets": {
+    "TWITCH_ACCESS_TOKEN": "${TWITCH_ACCESS_TOKEN}",
+    "TWITCH_CLIENT_ID": "${TWITCH_CLIENT_ID}",
+    "TWITCH_USER_ID": "${TWITCH_USER_ID}"
+  },
+  "allowedEndpoints": [
+    "https://api.twitch.tv/helix/**"
+  ],
+  "ingestor": {
+    "type": "poll",
+    "poll": {
+      "url": "https://api.twitch.tv/helix/streams/followed?user_id=${TWITCH_USER_ID}&first=20",
+      "intervalMs": 60000,
+      "method": "GET",
+      "responsePath": "data",
+      "deduplicateBy": "id",
+      "eventType": "stream_online"
+    }
+  }
+}