aai-gateway 0.3.1 → 0.3.4

package/README.md

@@ -1,121 +1,128 @@
 # AAI Gateway
 
-**One MCP to access all desktop and web applications.**
+## One MCP. All Apps. Zero Code Changes.
 
-A Model Context Protocol (MCP) server that bridges AI agents to desktop and web applications through the [AAI Protocol](https://github.com/gybob/aai-protocol).
+> A single MCP server that connects AI Agents to all Web and Desktop applications.
+> Apps conforming to the **[AAI Protocol](https://github.com/gybob/aai-protocol)** can be **seamlessly integrated** without developing any source code—just provide a descriptor.
 
-## The Innovation: Progressive Disclosure
+[![npm version](https://img.shields.io/npm/v/aai-gateway.svg)](https://www.npmjs.com/package/aai-gateway)
+[![License](https://img.shields.io/npm/l/aai-gateway.svg)](https://github.com/gybob/aai-gateway/blob/main/LICENSE)
 
-**Problem**: Traditional MCP servers load all tools upfront, causing context explosion.
+---
+
+## Why AAI Gateway?
+
+| Traditional Approach                        | AAI Gateway                                       |
+| ------------------------------------------- | ------------------------------------------------- |
+| One MCP Server per App                      | **One MCP for all applications**                  |
+| Requires modifying app code                 | **Zero-code integration, just a descriptor**      |
+| Loads all tools at once (context explosion) | **Progressive disclosure, load on-demand**        |
+| Platform-specific only                      | **Cross-platform: Web + macOS + Windows + Linux** |
+
+---
+
+## 🚀 Core Innovation: Progressive Disclosure
+
+Traditional MCP servers return all tools on `tools/list`, causing:
 
 ```
-Traditional: tools/list returns 1000+ tools from 50 apps
-→ Context window blown
-→ Agent confused
-→ Performance degraded
+50 apps × 20 tools per app = 1000+ tool entries
+→ Context window explosion
+→ Agent performance degradation
+→ Reduced response accuracy
 ```
 
-**Our Solution**: Guide-based progressive disclosure.
+**AAI Gateway's Solution**:
 
 ```
-AAI Gateway: tools/list returns 50 app entries + 2 universal tools
-→ O(apps + 2) instead of O(apps × tools)
-→ Agent calls app:<id> to get tool guide on-demand
-→ Context stays minimal
+tools/list returns only lightweight entries:
+├── web:discover         → Discover web apps and get their capabilities
+├── app:<desktop-app-id> → Discovered desktop apps (one entry per app)
+└── aai:exec             → Universal executor for all operations
+
+= 50 apps + 2 tools = 52 entries ✅
+
+Agent calls web:discover or app:<id> on-demand to get detailed operation guides
 ```
 
-This innovation enables agents to discover and use thousands of tools without overwhelming the context window.
+**Result**: **95% reduction** in context usage, faster and more accurate Agent responses.
+
+---
 
 ## How It Works
 
+### Web App Workflow
+
 ```
-┌─────────────────────────────────────────────────────────────────┐
-│                    Desktop App Workflow                         │
-├─────────────────────────────────────────────────────────────────┤
-│                                                                  │
-│  1. tools/list                                                   │
-│     └─→ Returns: ["app:com.apple.mail", "app:com.apple.calendar",
-│                   "web:discover", "aai:exec"]                    │
-│         Only 4 entries! (Not 50+ tools)                          │
-│                                                                  │
-│  2. User: "Send an email to John"                               │
-│     └─→ Agent matches "email" → calls app:com.apple.mail         │
-│                                                                  │
-│  3. tools/call("app:com.apple.mail")                            │
-│     └─→ Returns: Operation guide with available tools            │
-│         - sendEmail(to, subject, body)                           │
-│         - readInbox(folder, limit)                               │
-│         - ...                                                    │
-│                                                                  │
-│  4. tools/call("aai:exec", {app, tool: "sendEmail", args})       │
-│     └─→ Executes operation                                        │
-│                                                                  │
-└─────────────────────────────────────────────────────────────────┘
-
-┌─────────────────────────────────────────────────────────────────┐
-│                      Web App Workflow                            │
-├─────────────────────────────────────────────────────────────────┤
-│                                                                  │
-│  1. User: "Search my Notion workspace"                          │
-│     └─→ Agent matches "Notion" → calls web:discover              │
-│                                                                  │
-│  2. tools/call("web:discover", {url: "notion.com"})              │
-│     └─→ Returns: Operation guide with available tools            │
-│         - listDatabases(), queryDatabase(id), search(query)      │
-│         - ...                                                    │
-│                                                                  │
-│  3. tools/call("aai:exec", {app: "notion.com", tool, args})      │
-│     └─→ Executes operation                                        │
-│                                                                  │
-└─────────────────────────────────────────────────────────────────┘
+1. User: "Search my Notion workspace"
+2. Agent recognizes "Notion" as a web application
+   → Calls web:discover to fetch Notion's capabilities
+3. tools/call("web:discover", {url: "notion.com"})
+   → Returns operation guide: listDatabases(), queryDatabase(id), search(query)
+4. tools/call("aai:exec", {app: "notion.com", tool: "search", args: {...}})
+   → Executes and returns result
 ```
 
-**Context Efficiency**:
+### Desktop App Workflow
+
+```
+1. AAI Gateway scans system for AAI-enabled desktop apps
+   → Found apps appear as app:<id> entries in tools/list
+2. User: "Show my work tasks"
+   → Agent finds matching app:guanchen.worklens
+3. tools/call("app:guanchen.worklens")
+   → Returns operation guide: listTasks(), getTaskDetail(id), createTask()
+4. tools/call("aai:exec", {app: "guanchen.worklens", tool: "listTasks", args: {}})
+   → Executes and returns result
+```
 
-- Traditional: 50 apps × 20 tools = 1000 context entries
-- AAI Gateway: 50 apps + 2 = 52 context entries
+---
 
-## Features
+## 🔐 Security & Consent
 
-- **Progressive Disclosure**. Apps expose operation guides on-demand, preventing context explosion.
-- **Multi-language Support**. App names support multiple languages for better intent matching.
-- **Native Security**. Leverages OS-level consent (TCC, UAC, Polkit) and secure storage (Keychain).
-- **Cross-platform**. macOS today, Linux and Windows planned.
+AAI Gateway implements a **caller-aware consent mechanism** to protect user privacy and control:
 
-## Supported Apps
+### Per-Caller Authorization
 
-### Desktop Apps (AAI-enabled)
+- **Client Identification**: When an MCP client (Claude Desktop, Cursor, Windsurf, etc.) requests tool access, AAI Gateway identifies the caller from the MCP protocol metadata
+- **Isolated Consent**: Consent decisions are stored **per caller**, meaning authorization granted to Claude Desktop is NOT automatically granted to Cursor
+- **Clear Dialogs**: Consent dialogs clearly show which client is requesting access: "Claude Desktop wants to use: sendEmail"
+- **Re-authorization Required**: Different MCP clients must obtain their own authorization for the same tools
 
-Apps shipping `aai.json` descriptor:
+### Consent Flow
 
-| App             | Platform | Tools                                           |
-| --------------- | -------- | ----------------------------------------------- |
-| macOS Reminders | macOS    | createReminder, listReminders, completeReminder |
-| Your app here   | -        | -                                               |
+```
+1. MCP client (e.g., Cursor) calls a tool for the first time
+2. AAI Gateway checks: Has Cursor been authorized for this tool?
+3. If not → Show consent dialog: "Cursor wants to use: sendEmail"
+4. User decision is stored with caller identity: consents["Cursor"]["com.example.mail"]["sendEmail"]
+5. Next call from Cursor → No dialog (already authorized)
+6. Claude Desktop calls same tool → Consent dialog shown (different caller)
+```
 
-### Web Apps (Built-in Descriptors)
+This ensures that each MCP client has explicit user authorization, preventing cross-client authorization leakage.
 
-Pre-configured descriptors for cold-start scenarios when `.well-known/aai.json` is unavailable:
+> 💡 **Note**: Caller identity is informational and not a security boundary. The real security is enforced by the operating system (TCC on macOS, UAC on Windows, etc.).
+---
 
-| App               | Auth Type      | Description              |
-| ----------------- | -------------- | ------------------------ |
-| **Notion**        | API Key        | All-in-one workspace     |
-| **Yuque (语雀)**  | API Key        | Knowledge management     |
-| **Feishu (飞书)** | App Credential | Enterprise collaboration |
+## 📱 Supported Apps
 
-_More built-in descriptors being added. [Request one](https://github.com/gybob/aai-gateway/issues)_
+These apps have built-in descriptors and work out of the box:
 
-## Requirements
+| App               | Auth Type      | Tools | Description                                         |
+| ----------------- | -------------- | ----- | --------------------------------------------------- |
+| **Notion**        | API Key        | 11    | Notes, docs, knowledge base, project management     |
+| **Yuque (语雀)**  | API Key        | 7     | Alibaba Cloud knowledge management platform         |
+| **Feishu / Lark** | App Credential | 11    | Enterprise collaboration (docs, wiki, IM, calendar) |
+> 💡 Want to add your app? See [How to Integrate](#how-to-integrate) | [Upcoming Apps](#upcoming-apps)
 
-- Node.js 18 or newer
-- macOS (Linux and Windows support planned)
-- VS Code, Cursor, Windsurf, Claude Desktop, or any MCP client
+> ⚠️ **Note**: AAI Gateway is currently in active development. Bugs may exist. Contributions are welcome!
 
-## Getting Started
+---
 
-Add AAI Gateway to your MCP client configuration.
+## Installation
 
-**Standard config:**
+Add AAI Gateway to your MCP client configuration:
 
 ```json
 {
@@ -140,7 +147,7 @@ claude mcp add aai-gateway npx aai-gateway
 <details>
 <summary>Claude Desktop</summary>
 
-Follow the MCP install [guide](https://modelcontextprotocol.io/quickstart/user), use the standard config above. Config file location: `~/Library/Application Support/Claude/claude_desktop_config.json`
+Follow the [MCP installation guide](https://modelcontextprotocol.io/quickstart/user). Config: `~/Library/Application Support/Claude/claude_desktop_config.json`
 
 </details>
 
@@ -151,22 +158,18 @@ Follow the MCP install [guide](https://modelcontextprotocol.io/quickstart/user),
 code --add-mcp '{"name":"aai-gateway","command":"npx","args":["aai-gateway"]}'
 ```
 
-Or add manually to your MCP settings.
-
 </details>
 
 <details>
 <summary>Cursor</summary>
 
-Go to `Cursor Settings` -> `MCP` -> `Add new MCP Server`. Name: `aai-gateway`, type: `command`, command: `npx aai-gateway`.
+`Cursor Settings` → `MCP` → `Add new MCP Server`. Name: `aai-gateway`, Type: `command`, Command: `npx aai-gateway`
 
 </details>
 
 <details>
 <summary>OpenCode</summary>
 
-Add to `~/.config/opencode/opencode.json`:
-
 ```json
 {
   "$schema": "https://opencode.ai/config.json",
@@ -180,225 +183,224 @@ Add to `~/.config/opencode/opencode.json`:
 }
 ```
 
-With `--dev` flag:
-
-```json
-{
-  "$schema": "https://opencode.ai/config.json",
-  "mcp": {
-    "aai-gateway": {
-      "type": "local",
-      "command": ["npx", "aai-gateway", "--dev"],
-      "enabled": true
-    }
-  }
-}
-```
-
 </details>
 
-## Configuration
-
-| Option      | Description                                                                    |
-| ----------- | ------------------------------------------------------------------------------ |
-| `--dev`     | Enable development mode. Scans Xcode build directories for apps in development |
-| `--scan`    | Scan for AAI-enabled apps and exit (for debugging)                             |
-| `--version` | Show version                                                                   |
-| `--help`    | Show help                                                                      |
-
-**Development mode example:**
-
-```json
-{
-  "mcpServers": {
-    "aai-gateway": {
-      "command": "npx",
-      "args": ["aai-gateway", "--dev"]
-    }
-  }
-}
-```
-
-## MCP Interface
-
-AAI Gateway exposes **tools only** (no resources). This simplifies the agent workflow.
-
-### `tools/list`
-
-Returns discovered desktop apps plus universal tools:
-
-```json
-{
-  "tools": [
-    {
-      "name": "app:com.apple.reminders",
-      "description": "【Reminders|提醒事项|Rappels】macOS reminders app. Aliases: todo, 待办. Call to get guide.",
-      "inputSchema": { "type": "object", "properties": {} }
-    },
-    {
-      "name": "web:discover",
-      "description": "Discover web app guide. Use when user mentions a web service not in list.",
-      "inputSchema": {
-        "type": "object",
-        "properties": {
-          "url": { "type": "string", "description": "Web app URL, domain, or name" }
-        },
-        "required": ["url"]
-      }
-    },
-    {
-      "name": "aai:exec",
-      "description": "Execute app operation. Use after reading the operation guide.",
-      "inputSchema": {
-        "type": "object",
-        "properties": {
-          "app": { "type": "string", "description": "App ID or URL" },
-          "tool": { "type": "string", "description": "Operation name" },
-          "args": { "type": "object", "description": "Operation parameters" }
-        },
-        "required": ["app", "tool"]
-      }
-    }
-  ]
-}
-```
-
-### App Tool (`app:*`)
-
-Call `app:<app-id>` to get an operation guide:
-
-```json
-{
-  "name": "app:com.apple.reminders",
-  "arguments": {}
-}
-```
-
-Returns a guide with available operations, parameters, and usage examples.
-
-### Web Discovery (`web:discover`)
+---
 
-Discover web apps by URL, domain, or name:
+## CLI Options
 
-```json
-{
-  "name": "web:discover",
-  "arguments": { "url": "notion.com" }
-}
-```
+| Option      | Description                                     |
+| ----------- | ----------------------------------------------- |
+| `--dev`     | Development mode, scans Xcode build directories |
+| `--scan`    | Scan for AAI-enabled apps and exit              |
+| `--version` | Show version                                    |
+| `--help`    | Show help                                       |
 
-Returns the web app's operation guide.
+---
 
-### Tool Execution (`aai:exec`)
+## Appendix
 
-Execute operations after reading the guide:
+### How to Integrate
 
-```json
-{
-  "name": "aai:exec",
-  "arguments": {
-    "app": "com.apple.reminders",
-    "tool": "createReminder",
-    "args": {
-      "title": "Submit report",
-      "due": "2024-12-31 15:00"
-    }
-  }
-}
-```
+There are two ways to integrate an app with AAI Gateway:
 
-**Execution flow:**
+#### Method 1: Provide a Descriptor File
 
-1. Resolve app descriptor (local, built-in, or web fetch)
-2. Show native consent dialog — user approves/denies
-3. **Auth**:
-   - Desktop apps: Native IPC
-   - Web apps: OAuth 2.1 PKCE, API Key, App Credential, or Cookie
-4. Execute and return result
+Place an `aai.json` descriptor at the standard location:
 
-## Authentication Types
+| Platform    | Location                                     |
+| ----------- | -------------------------------------------- |
+| **Web**     | `https://<your-domain>/.well-known/aai.json` |
+| **macOS**   | `<App>.app/Contents/Resources/aai.json`      |
+| **Windows** | `<App>.exe directory/aai.json`               |
+| **Linux**   | `/usr/share/<app>/aai.json`                  |
 
-| Auth Type       | Use Case           | User Flow                          |
-| --------------- | ------------------ | ---------------------------------- |
-| `oauth2`        | User authorization | Browser-based OAuth 2.0 with PKCE  |
-| `apiKey`        | Static API tokens  | Dialog prompts for token           |
-| `appCredential` | Enterprise apps    | Dialog prompts for App ID + Secret |
-| `cookie`        | No official API    | Manual cookie extraction           |
+AAI Gateway will automatically discover and load the descriptor.
 
-## Platform Support
+#### Method 2: Contribute to Built-in Registry
 
-| Platform | Discovery                 | IPC Executor    | Consent Dialog    | Secure Storage        |
-| -------- | ------------------------- | --------------- | ----------------- | --------------------- |
-| macOS    | ✅                        | ✅ Apple Events | ✅ osascript      | ✅ Keychain           |
-| Linux    | ⚠️ XDG paths              | ⚠️ DBus        | ⚠️ zenity/kdialog | ⚠️ libsecret          |
-| Windows  | ⚠️ Program Files          | ⚠️ COM         | ⚠️ PowerShell     | ⚠️ Credential Manager |
-| Web      | ✅ `.well-known/aai.json` | ✅ HTTP + Auth  | —                 | ✅ (via platform)     |
+For web apps without a hosted descriptor, you can add a built-in descriptor to AAI Gateway:
 
-**Legend**: ✅ Fully implemented | ⚠️ Stub implementation (throws NOT_IMPLEMENTED) | 🔜 Planned
+1. Create `src/discovery/descriptors/<app>.ts` following existing patterns
+2. Register in `src/discovery/web-registry.ts`
+3. Submit a pull request
 
-## For App Developers
+This is useful for:
 
-To make your app discoverable by AAI Gateway, ship an `aai.json` descriptor:
+- Apps without official API documentation
+- Custom auth configurations
+- Cold-start scenarios
 
-**macOS:** `<App>.app/Contents/Resources/aai.json`
+#### Descriptor Format
 
-**Web:** `https://<your-domain>/.well-known/aai.json`
+The descriptor follows the **[AAI Protocol specification](https://github.com/gybob/aai-protocol/blob/main/spec/aai-json.md)**. Key points:
 
-**Example:**
+- All field names use **camelCase** (e.g., `schemaVersion`, `baseUrl`)
+- Supports **internationalized names** with language fallback
+- Auth types: `oauth2`, `apiKey`, `appCredential`, `cookie`
+- Tools defined with JSON Schema parameters
 
-```json
-{
-  "schemaVersion": "1.0",
-  "version": "1.0.0",
-  "platform": "web",
-  "app": {
-    "id": "com.example.api",
-    "name": {
-      "en": "Example App",
-      "zh-CN": "示例应用"
-    },
-    "defaultLang": "en",
-    "description": "Brief description",
-    "aliases": ["example", "示例"]
-  },
-  "auth": {
-    "type": "apiKey",
-    "apiKey": {
-      "location": "header",
-      "name": "Authorization",
-      "prefix": "Bearer",
-      "obtainUrl": "https://example.com/settings/tokens"
-    }
-  },
-  "tools": [...]
-}
-```
+For the complete spec, see **[aai.json Descriptor Spec](https://github.com/gybob/aai-protocol/blob/main/spec/aai-json.md)**.
 
-See the [AAI Protocol Spec](https://github.com/gybob/aai-protocol) for the full schema.
+#### Supported Auth Types
 
-## Debugging
+| Type            | Use Case           | User Flow                  |
+| --------------- | ------------------ | -------------------------- |
+| `oauth2`        | User authorization | Browser OAuth 2.0 + PKCE   |
+| `apiKey`        | Static API tokens  | Dialog prompts for token   |
+| `appCredential` | Enterprise apps    | Dialog for App ID + Secret |
+| `cookie`        | No official API    | Manual cookie extraction   |
 
-```bash
-# List discovered AAI-enabled apps
-npx aai-gateway --scan
+#### Platform Support
 
-# Include Xcode build products
-npx aai-gateway --scan --dev
-```
+| Platform    | Discovery              | IPC          | Consent   | Storage  |
+| ----------- | ---------------------- | ------------ | --------- | -------- |
+| **macOS**   | Supported              | Apple Events | osascript | Keychain |
+| **Linux**   | XDG paths              | DBus (gdbus)  | zenity/kdialog | libsecret |
+| **Windows** | Program Files          | COM (PowerShell) | PowerShell | CredMan  |
+| **Web**     | `.well-known/aai.json` | HTTP         | N/A       | Platform |
+
+> **Note**: Linux and Windows implementations are functional but may require additional testing and refinement. Contributions are welcome!
 
-## Development
+#### Windows Requirements
 
-```bash
-npm install
-npm run typecheck
-npm test
-npm run build
-```
+- **PowerShell 5.1+** (comes with Windows 10+)
+- **Execution Policy**: Must allow script execution
+  ```powershell
+  # Check current policy
+  Get-ExecutionPolicy
+  
+  # Set to allow local scripts (recommended)
+  Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
+  ```
+- **Credential Manager**: Built-in Windows feature, no additional setup needed
 
+#### Linux Requirements
+
+- **DBus**: Usually pre-installed on modern Linux distributions
+- **Dialog Tools**: Install one of the following:
+  ```bash
+  # Ubuntu/Debian
+  sudo apt install zenity  # or kdialog
+  
+  # Fedora
+  sudo dnf install zenity  # or kdialog
+  
+  # Arch Linux
+  sudo pacman -S zenity  # or kdialog
+  ```
+- **libsecret**: For secure credential storage
+  ```bash
+  # Ubuntu/Debian
+  sudo apt install libsecret-tools
+  
+  # Fedora
+  sudo dnf install libsecret
+  ```
+
+---
+
+### Upcoming Apps
+
+The following apps are planned for future integration, organized by priority:
+
+#### 🚀 Priority P0 - High Activity + Simple Integration
+
+| App | Auth Type | API Base | Description |
+|-----|-----------|----------|-------------|
+| **GitHub** | OAuth2 / API Key | `api.github.com` | Code hosting, repositories, issues, PRs |
+| **Linear** | API Key | `api.linear.app` | Modern project management |
+| **Stripe** | API Key | `api.stripe.com` | Payment processing |
+| **Slack** | OAuth2 / Bot Token | `slack.com/api` | Team messaging and channels |
+| **Jira** | OAuth2 / API Token | `api.atlassian.com` | Issue and project tracking |
+| **Gitee** | API Key | `gitee.com/api/v5` | Code hosting (China) |
+
+#### 🔥 Priority P1 - High Activity
+
+| App | Auth Type | API Base | Description |
+|-----|-----------|----------|-------------|
+| **Google Drive** | OAuth2 | `www.googleapis.com/drive` | Cloud storage and files |
+| **Google Calendar** | OAuth2 | `www.googleapis.com/calendar` | Calendar and scheduling |
+| **Airtable** | API Key / OAuth2 | `api.airtable.com` | Database and spreadsheets |
+| **Trello** | API Key + Token | `api.trello.com/1` | Kanban boards |
+| **Asana** | API Key / OAuth2 | `app.asana.com/api/1.0` | Project management |
+| **Discord** | Bot Token / OAuth2 | `discord.com/api/v10` | Community messaging |
+| **GitLab** | API Key / OAuth2 | `gitlab.com/api/v4` | DevOps platform |
+| **DingTalk (钉钉)** | App Credential | `api.dingtalk.com/v1.0` | Enterprise messaging (China) |
+| **WeCom (企业微信)** | App Credential | `qyapi.weixin.qq.com/cgi-bin` | Enterprise WeChat (China) |
+
+#### 📈 Priority P2 - Medium Activity
+
+**Project Management & Collaboration:**
+
+| App | Auth Type | Description |
+|-----|-----------|-------------|
+| Monday.com | API Key | Work management platform |
+| ClickUp | API Key | Productivity platform |
+| Basecamp | OAuth2 | Project collaboration |
+| Bitbucket | API Key / OAuth2 | Git repository hosting |
+
+**Communication & Email:**
+
+| App | Auth Type | Description |
+|-----|-----------|-------------|
+| Gmail | OAuth2 | Email by Google |
+| Microsoft Outlook | OAuth2 | Email by Microsoft |
+| SendGrid | API Key | Email delivery service |
+| Mailgun | API Key | Email API service |
+| Twilio | API Key | SMS and voice API |
+| Tencent Meeting | OAuth2 / App Credential | Video conferencing (China) |
+
+**Data & Storage:**
+
+| App | Auth Type | Description |
+|-----|-----------|-------------|
+| Supabase | API Key | Backend-as-a-Service |
+| PlanetScale | API Key | Serverless MySQL |
+| Neon | API Key | Serverless PostgreSQL |
+| Aliyun Drive | OAuth2 | Cloud storage (China) |
+| Baidu Netdisk | OAuth2 | Cloud storage (China) |
+
+**Payments & Commerce:**
+
+| App | Auth Type | Description |
+|-----|-----------|-------------|
+| PayPal | OAuth2 | Payment platform |
+| Square | API Key | Payment processing |
+| Shopify | API Key | E-commerce platform |
+| WeChat Pay | App Credential | Payment platform (China) |
+
+#### 🔍 Priority P3 - Search & AI
+
+| App | Auth Type | API Base | Description |
+|-----|-----------|----------|-------------|
+| Brave Search | API Key | `api.search.brave.com/res/v1` | Privacy-focused search |
+| Perplexity | API Key | `api.perplexity.ai` | AI search engine |
+| Exa | API Key | `api.exa.ai` | AI-powered search |
+| Tavily | API Key | `api.tavily.com` | Search API for AI |
+
+#### ❌ Not Suitable for AAI Gateway
+
+The following MCP server types are **NOT suitable** for AAI Gateway as they require local implementation:
+
+| Type | Examples | Reason |
+|------|----------|--------|
+| Local Filesystem | Filesystem, Memory | Requires local file access |
+| Version Control | Git | Requires local git commands |
+| Browser Automation | Playwright, Puppeteer | Requires browser instance |
+| Code Execution | E2B, Riza | Requires sandbox environment |
+| Database Drivers | PostgreSQL, MySQL, SQLite | Requires database drivers |
+| System Commands | Shell, Terminal | Requires local command execution |
+
+---
+
+Want to see your app prioritized? [Open an issue](https://github.com/gybob/aai-gateway/issues).
 ## Links
 
-- [AAI Protocol Spec](https://github.com/gybob/aai-protocol)
-- [Report Issues](https://github.com/gybob/aai-gateway/issues)
+- **[AAI Protocol Spec](https://github.com/gybob/aai-protocol)** - Protocol specification
+- [Report Issues](https://github.com/gybob/aai-gateway/issues) - Bug reports and feature requests
+
+---
 
 ## License
 

package/dist/cli.js

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { b as createDesktopDiscovery, d as createGatewayServer, l as logger } from "./server-B-dyXrfc.js";
+import { b as createDesktopDiscovery, d as createGatewayServer, l as logger } from "./server-BYtx5KIZ.js";
 import { readFileSync } from "fs";
 import { fileURLToPath } from "url";
 import { dirname, join } from "path";