npm - @yeaft/webchat-agent - Versions diffs - 0.0.81 → 0.0.83 - Mend

@yeaft/webchat-agent 0.0.81 → 0.0.83

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/index.js +44 -7
package/package.json +1 -1

package/index.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import 'dotenv/config';
-import { platform } from 'os';
+import { platform, homedir } from 'os';
 import { existsSync, readFileSync, writeFileSync } from 'fs';
 import { join, dirname } from 'path';
 import { exec } from 'child_process';
@@ -62,14 +62,51 @@ const CONFIG = {
   workDir: process.env.WORK_DIR || fileConfig.workDir,
   reconnectInterval: fileConfig.reconnectInterval,
   agentSecret: process.env.AGENT_SECRET || fileConfig.agentSecret,
-  // 禁用的工具列表（逗号分隔），如 "mcp__github,mcp__sentry"
-  // 默认禁用所有 MCP 工具（避免超过 Claude API 128 工具限制）
-  // 设置 DISALLOWED_TOOLS=none 可取消默认禁用
+  // MCP 白名单：只允许这些 MCP 服务器的工具，其余自动禁用
+  // 通过 ALLOWED_MCP_SERVERS 环境变量（逗号分隔）或配置文件 allowedMcpServers 指定
+  // 默认只允许 playwright
   disallowedTools: (() => {
+    // 解析显式禁用列表
     const raw = process.env.DISALLOWED_TOOLS || fileConfig.disallowedTools || '';
-    if (raw === 'none') return [];
-    const list = raw.split(',').map(s => s.trim()).filter(Boolean);
-    return list.length > 0 ? list : ['mcp__*'];
+    const explicit = raw === 'none' ? [] : raw.split(',').map(s => s.trim()).filter(Boolean);
+    // 解析 MCP 白名单
+    const allowedRaw = process.env.ALLOWED_MCP_SERVERS || fileConfig.allowedMcpServers || 'playwright';
+    const allowedMcpServers = allowedRaw.split(',').map(s => s.trim()).filter(Boolean);
+    // 读取 ~/.claude.json 中所有配置的 MCP 服务器名
+    const claudeConfigPath = join(homedir(), '.claude.json');
+    const mcpDisallowed = [];
+    try {
+      if (existsSync(claudeConfigPath)) {
+        const claudeConfig = JSON.parse(readFileSync(claudeConfigPath, 'utf-8'));
+        const allMcpNames = new Set();
+        // 收集所有项目中配置的 MCP 服务器名
+        for (const [, projCfg] of Object.entries(claudeConfig.projects || {})) {
+          for (const name of Object.keys(projCfg.mcpServers || {})) {
+            allMcpNames.add(name);
+          }
+        }
+        // 顶层 mcpServers
+        for (const name of Object.keys(claudeConfig.mcpServers || {})) {
+          allMcpNames.add(name);
+        }
+        // 不在白名单中的 MCP 服务器 → 禁用
+        for (const name of allMcpNames) {
+          if (!allowedMcpServers.includes(name)) {
+            mcpDisallowed.push(`mcp__${name}`);
+          }
+        }
+        if (mcpDisallowed.length > 0) {
+          console.log(`[MCP] Allowed: ${allowedMcpServers.join(', ')}`);
+          console.log(`[MCP] Disallowed: ${mcpDisallowed.join(', ')}`);
+        }
+      }
+    } catch (e) {
+      console.warn('[MCP] Failed to read ~/.claude.json:', e.message);
+    }
+    return [...explicit, ...mcpDisallowed];
   })()
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@yeaft/webchat-agent",
-  "version": "0.0.81",
+  "version": "0.0.83",
   "description": "Remote agent for Yeaft WebChat — connects worker machines to the central server",
   "main": "index.js",
   "type": "module",