agent-mcp-guard 0.1.0

package/LICENSE

@@ -0,0 +1,177 @@
+Apache License
+Version 2.0, January 2004
+http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+"License" shall mean the terms and conditions for use, reproduction,
+and distribution as defined by Sections 1 through 9 of this document.
+
+"Licensor" shall mean the copyright owner or entity authorized by
+the copyright owner that is granting the License.
+
+"Legal Entity" shall mean the union of the acting entity and all
+other entities that control, are controlled by, or are under common
+control with that entity. For the purposes of this definition,
+"control" means (i) the power, direct or indirect, to cause the
+direction or management of such entity, whether by contract or
+otherwise, or (ii) ownership of fifty percent (50%) or more of the
+outstanding shares, or (iii) beneficial ownership of such entity.
+
+"You" (or "Your") shall mean an individual or Legal Entity
+exercising permissions granted by this License.
+
+"Source" form shall mean the preferred form for making modifications,
+including but not limited to software source code, documentation
+source, and configuration files.
+
+"Object" form shall mean any form resulting from mechanical
+transformation or translation of a Source form, including but
+not limited to compiled object code, generated documentation,
+and conversions to other media types.
+
+"Work" shall mean the work of authorship, whether in Source or
+Object form, made available under the License, as indicated by a
+copyright notice that is included in or attached to the work
+(an example is provided in the Appendix below).
+
+"Derivative Works" shall mean any work, whether in Source or Object
+form, that is based on (or derived from) the Work and for which the
+editorial revisions, annotations, elaborations, or other modifications
+represent, as a whole, an original work of authorship. For the purposes
+of this License, Derivative Works shall not include works that remain
+separable from, or merely link (or bind by name) to the interfaces of,
+the Work and Derivative Works thereof.
+
+"Contribution" shall mean any work of authorship, including
+the original version of the Work and any modifications or additions
+to that Work or Derivative Works thereof, that is intentionally
+submitted to Licensor for inclusion in the Work by the copyright owner
+or by an individual or Legal Entity authorized to submit on behalf of
+the copyright owner. For the purposes of this definition, "submitted"
+means any form of electronic, verbal, or written communication sent
+to the Licensor or its representatives, including but not limited to
+communication on electronic mailing lists, source code control systems,
+and issue tracking systems that are managed by, or on behalf of, the
+Licensor for the purpose of discussing and improving the Work, but
+excluding communication that is conspicuously marked or otherwise
+designated in writing by the copyright owner as "Not a Contribution."
+
+"Contributor" shall mean Licensor and any individual or Legal Entity
+on behalf of whom a Contribution has been received by Licensor and
+subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+this License, each Contributor hereby grants to You a perpetual,
+worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+copyright license to reproduce, prepare Derivative Works of,
+publicly display, publicly perform, sublicense, and distribute the
+Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+this License, each Contributor hereby grants to You a perpetual,
+worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+(except as stated in this section) patent license to make, have made,
+use, offer to sell, sell, import, and otherwise transfer the Work,
+where such license applies only to those patent claims licensable
+by such Contributor that are necessarily infringed by their
+Contribution(s) alone or by combination of their Contribution(s)
+with the Work to which such Contribution(s) was submitted. If You
+institute patent litigation against any entity (including a
+cross-claim or counterclaim in a lawsuit) alleging that the Work
+or a Contribution incorporated within the Work constitutes direct
+or contributory patent infringement, then any patent licenses
+granted to You under this License for that Work shall terminate
+as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+Work or Derivative Works thereof in any medium, with or without
+modifications, and in Source or Object form, provided that You
+meet the following conditions:
+
+(a) You must give any other recipients of the Work or Derivative
+Works a copy of this License; and
+
+(b) You must cause any modified files to carry prominent notices
+stating that You changed the files; and
+
+(c) You must retain, in the Source form of any Derivative Works
+that You distribute, all copyright, patent, trademark, and
+attribution notices from the Source form of the Work, excluding
+those notices that do not pertain to any part of the Derivative
+Works; and
+
+(d) If the Work includes a "NOTICE" text file as part of its
+distribution, then any Derivative Works that You distribute must
+include a readable copy of the attribution notices contained
+within such NOTICE file, excluding those notices that do not
+pertain to any part of the Derivative Works, in at least one
+of the following places: within a NOTICE text file distributed
+as part of the Derivative Works; within the Source form or
+documentation, if provided along with the Derivative Works; or,
+within a display generated by the Derivative Works, if and
+wherever such third-party notices normally appear. The contents
+of the NOTICE file are for informational purposes only and
+do not modify the License. You may add Your own attribution
+notices within Derivative Works that You distribute, alongside
+or as an addendum to the NOTICE text from the Work, provided
+that such additional attribution notices cannot be construed
+as modifying the License.
+
+You may add Your own copyright statement to Your modifications and
+may provide additional or different license terms and conditions
+for use, reproduction, or distribution of Your modifications, or
+for any such Derivative Works as a whole, provided Your use,
+reproduction, and distribution of the Work otherwise complies with
+the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+any Contribution intentionally submitted for inclusion in the Work
+by You to the Licensor shall be under the terms and conditions of
+this License, without any additional terms or conditions.
+Notwithstanding the above, nothing herein shall supersede or modify
+the terms of any separate license agreement you may have executed
+with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+names, trademarks, service marks, or product names of the Licensor,
+except as required for reasonable and customary use in describing the
+origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+agreed to in writing, Licensor provides the Work (and each
+Contributor provides its Contributions) on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+implied, including, without limitation, any warranties or conditions
+of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+PARTICULAR PURPOSE. You are solely responsible for determining the
+appropriateness of using or redistributing the Work and assume any
+risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+whether in tort (including negligence), contract, or otherwise,
+unless required by applicable law (such as deliberate and grossly
+negligent acts) or agreed to in writing, shall any Contributor be
+liable to You for damages, including any direct, indirect, special,
+incidental, or consequential damages of any character arising as a
+result of this License or out of the use or inability to use the
+Work (including but not limited to damages for loss of goodwill,
+work stoppage, computer failure or malfunction, or any and all
+other commercial damages or losses), even if such Contributor
+has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+the Work or Derivative Works thereof, You may choose to offer,
+and charge a fee for, acceptance of support, warranty, indemnity,
+or other liability obligations and/or rights consistent with this
+License. However, in accepting such obligations, You may act only
+on Your own behalf and on Your sole responsibility, not on behalf
+of any other Contributor, and only if You agree to indemnify,
+defend, and hold each Contributor harmless for any liability
+incurred by, or claims asserted against, such Contributor by reason
+of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+

package/README.md

@@ -0,0 +1,119 @@
+# mcp-guard
+
+Open-source CLI scanner for risky MCP server and AI agent tool configuration.
+
+`mcp-guard` helps developers review MCP configs before giving AI agents access to files, shells, credentials, SaaS tools, or production systems.
+
+## What It Detects
+
+- Shell wrappers and inline scripts.
+- `node -e`, `python -c`, and other interpreter eval modes.
+- Remote package runners such as `npx`, `uvx`, `bunx`, and `pnpm dlx`.
+- Unpinned MCP server package versions.
+- Secret-like environment variables and headers.
+- Broad filesystem access such as `/`, home, Desktop, Documents, or Downloads.
+- Remote MCP server URLs.
+- Dangerous command patterns such as `rm -rf`, `sudo`, `chmod 777`, and curl pipe to shell.
+
+## Install
+
+For local development from this repo:
+
+```bash
+npm install -g .
+```
+
+After npm publication:
+
+```bash
+npm install -g agent-mcp-guard
+```
+
+## Usage
+
+Scan common Claude Desktop, Cursor, and project MCP config locations:
+
+```bash
+mcp-guard scan
+```
+
+Scan a specific config:
+
+```bash
+mcp-guard scan --config .mcp.json
+```
+
+Generate a Markdown report:
+
+```bash
+mcp-guard scan --format markdown --output mcp-guard-report.md
+```
+
+Use in CI and fail when high-risk findings are present:
+
+```bash
+mcp-guard scan --config .mcp.json --fail-on high
+```
+
+## Supported Config Shape
+
+`mcp-guard` supports the common MCP config shape used by Claude Desktop, Cursor, and many project configs:
+
+```json
+{
+  "mcpServers": {
+    "server-name": {
+      "command": "npx",
+      "args": ["@modelcontextprotocol/server-filesystem", "/path/to/project"],
+      "env": {
+        "API_KEY": "..."
+      },
+      "cwd": "/path/to/project"
+    }
+  }
+}
+```
+
+It also accepts `servers` as an alternative top-level key.
+
+## Example
+
+```bash
+npm run scan:example
+```
+
+This scans `examples/unsafe-claude_desktop_config.json` and writes `examples/sample-report.md`.
+
+## Exit Codes
+
+- `0`: scan completed and did not hit the fail threshold.
+- `1`: CLI usage or runtime error.
+- `2`: finding severity met `--fail-on` threshold.
+
+## Privacy
+
+`mcp-guard` is local-first:
+
+- It does not upload configs.
+- It does not call external APIs.
+- It redacts secret-like values in reports by default.
+
+MCP configs and reports can still contain sensitive paths, hostnames, and configuration details. Review before sharing.
+
+## Documentation
+
+- [Rule reference](docs/rules.md)
+- [Privacy and security](docs/privacy-and-security.md)
+- [Paid audit service](docs/paid-audit.md)
+- [Launch checklist](docs/launch-checklist.md)
+- [Operator runbook](docs/operator-runbook.md)
+
+## Commercial Support
+
+Need a private AI Agent/MCP security audit?
+
+The first paid service is a focused review of your MCP and agent tool setup: inventory, risk report, remediation checklist, and a hardening call. See [docs/paid-audit.md](docs/paid-audit.md).
+
+## License
+
+Apache-2.0

package/bin/mcp-guard.js

@@ -0,0 +1,15 @@
+#!/usr/bin/env node
+
+import { runCli } from "../src/cli.js";
+
+runCli(process.argv, {
+  cwd: process.cwd(),
+  env: process.env,
+  stdout: process.stdout,
+  stderr: process.stderr
+}).catch((error) => {
+  const message = error instanceof Error ? error.message : String(error);
+  process.stderr.write(`mcp-guard: ${message}\n`);
+  process.exitCode = 1;
+});
+

package/docs/launch-checklist.md

@@ -0,0 +1,34 @@
+# Launch Checklist
+
+## Before Public Launch
+
+- [ ] Create GitHub repository.
+- [ ] Push the local project.
+- [ ] Confirm CI passes.
+- [ ] Choose final package name on npm.
+- [ ] Run `npm pack --dry-run`.
+- [ ] Publish with `npm publish --access public`.
+- [ ] Generate fresh sample report with `npm run scan:example`.
+- [ ] Add screenshots or paste report excerpt into README.
+- [ ] Post a short technical article or launch note.
+- [ ] Contact 20 early users for free scans or paid hardening.
+- [ ] Follow the detailed steps in `docs/operator-runbook.md`.
+
+## User Setup
+
+```bash
+npm install -g agent-mcp-guard
+mcp-guard scan
+```
+
+## CI Setup
+
+```bash
+mcp-guard scan --config .mcp.json --fail-on high
+```
+
+Exit codes:
+
+- `0`: scan completed and did not hit the fail threshold.
+- `1`: CLI usage or runtime error.
+- `2`: finding severity met `--fail-on` threshold.

package/docs/operator-runbook.md

@@ -0,0 +1,102 @@
+# Operator Runbook
+
+This is the step-by-step launch path for the project owner.
+
+## 1. Local Verification
+
+From the repo root:
+
+```bash
+npm test
+npm run release:check
+npm --cache ./.npm-cache pack --dry-run
+node ./bin/mcp-guard.js scan --config examples/unsafe-claude_desktop_config.json
+```
+
+If your global npm cache has permission errors, either keep using the local cache flag above or fix ownership:
+
+```bash
+sudo chown -R "$(id -u)":"$(id -g)" ~/.npm
+```
+
+## 2. Create GitHub Repository
+
+Create an empty public GitHub repo named:
+
+```text
+mcp-guard
+```
+
+Do not initialize it with a README, license, or `.gitignore`; this local project already has them.
+
+Then run:
+
+```bash
+git init -b main
+git add .
+git commit -m "Initial mcp-guard CLI"
+git remote add origin git@github.com:<your-username>/mcp-guard.git
+git push -u origin main
+```
+
+Or use the helper after `gh auth login`:
+
+```bash
+npm run launch:github
+```
+
+## 3. Publish To npm
+
+The product and CLI command are `mcp-guard`, but the npm package name is:
+
+```text
+agent-mcp-guard
+```
+
+`mcp-guard` is already taken on npm, so do not publish under that name.
+
+Confirm the package name is still available:
+
+```bash
+npm view agent-mcp-guard
+```
+
+If it is available, login and publish:
+
+```bash
+npm login
+npm publish --access public
+```
+
+If npm cache permission errors appear, use:
+
+```bash
+npm --cache ./.npm-cache publish --access public
+```
+
+Or use the helper after `npm login`:
+
+```bash
+npm run publish:npm
+```
+
+## 4. First Public Post
+
+Short launch copy:
+
+```text
+I just open-sourced mcp-guard, a local-first CLI that scans MCP server configs for risky AI agent permissions: shell wrappers, unpinned npx packages, broad filesystem access, exposed secrets, and remote MCP servers.
+
+npm install -g agent-mcp-guard
+mcp-guard scan
+```
+
+## 5. First Sales Motion
+
+Send this to 20 teams using MCP or AI agents:
+
+```text
+I am building mcp-guard, an open-source security scanner for MCP and AI agent tool configs. It checks for risky shell access, unpinned remote packages, over-broad file permissions, exposed secrets, and unsafe remote server setup.
+
+I am doing a few early scans for teams using MCP in real workflows. If you send a redacted config or run the CLI locally, I can help interpret the report and suggest hardening steps.
+```

package/docs/paid-audit.md

@@ -0,0 +1,29 @@
+# AI Agent/MCP Security Audit
+
+This is the first paid service attached to `mcp-guard`.
+
+## Who It Is For
+
+- Teams using Claude Desktop, Cursor, Codex, Windsurf, or custom AI agents.
+- Teams installing MCP servers from public registries.
+- Startups connecting agents to GitHub, Slack, databases, browsers, files, or production tools.
+
+## Deliverables
+
+- MCP and agent tool inventory.
+- Risk report covering shell access, package execution, filesystem scope, secrets, remote servers, and dangerous commands.
+- Practical remediation checklist.
+- Optional PR with safer config and policy changes.
+- 60-minute hardening call.
+
+Use `docs/templates/audit-report-template.md` as the starting point for client delivery.
+
+## Suggested Pricing
+
+- Indie or solo founder: USD 300-800.
+- Small startup: USD 1,000-3,000.
+- Funded team or private deployment pilot: USD 3,000-8,000.
+
+## Sales Copy
+
+I am building `mcp-guard`, an open-source scanner for MCP and AI agent tool security. It checks for risky shell access, unpinned remote packages, over-broad file permissions, exposed secrets, and unsafe remote server setup. I am offering a few early MCP security audits for teams using agents in real workflows.

package/docs/privacy-and-security.md

@@ -0,0 +1,28 @@
+# Privacy And Security
+
+## Default Behavior
+
+`mcp-guard` is local-first.
+
+- It reads MCP config files from disk.
+- It does not upload config files.
+- It does not call external APIs.
+- It redacts secret-like environment values and headers in reports.
+
+## Sensitive Data
+
+MCP configs may contain tokens, API keys, local paths, usernames, and internal hostnames. Treat generated reports as sensitive unless you have reviewed them.
+
+## Recommended Use
+
+- Run locally before sharing a report.
+- Remove unnecessary MCP servers.
+- Use dedicated service accounts and scoped tokens.
+- Prefer pinned package versions.
+- Avoid broad filesystem paths such as home, root, Desktop, Documents, or Downloads.
+- Avoid shell wrappers and inline scripts for MCP server startup.
+
+## Disclaimer
+
+This project is an assistive security review tool. It does not guarantee that all vulnerabilities, malicious packages, data leaks, or unsafe configurations will be found.
+

package/docs/rules.md

@@ -0,0 +1,35 @@
+# Rule Reference
+
+`mcp-guard` uses practical heuristics for the first public version. It is designed to surface risky MCP configuration quickly, not to prove a system is fully secure.
+
+| Rule | Severity | What it detects |
+| --- | --- | --- |
+| MCP000 | Low | No MCP config files found in common locations. |
+| MCP001 | High | Server has neither `command` nor `url`. |
+| MCP002 | Medium | Config file has no `mcpServers` or `servers` object. |
+| MCP003 | High | Config file cannot be parsed as JSON. |
+| MCP010 | High/Critical | MCP server runs through a shell, especially with inline `-c`. |
+| MCP011 | High | Interpreter eval mode such as `node -e` or `python -c`. |
+| MCP020 | Medium | Remote package runner such as `npx`, `uvx`, `bunx`, or `pnpm dlx`. |
+| MCP021 | High | Remote package runner without exact package version pinning. |
+| MCP030 | High | Secret-like environment variable exposed to the MCP server. |
+| MCP040 | Medium/High | Broad working directory such as home, root, Desktop, Documents, or Downloads. |
+| MCP041 | Medium/High | Broad filesystem path passed in server arguments. |
+| MCP050 | Critical | Dangerous command pattern such as `rm -rf`, `sudo`, `chmod 777`, or curl pipe to shell. |
+| MCP060 | Medium | Remote MCP server URL configured. |
+| MCP061 | High | Secret-like header configured for a remote MCP server. |
+
+## Severity Model
+
+- Critical: likely direct execution or credential safety risk.
+- High: strong signal requiring review before use.
+- Medium: risky default or missing governance.
+- Low: informational issue.
+
+## Limitations
+
+- The scanner does not execute MCP servers.
+- The scanner does not upload configs.
+- Detection is heuristic and will miss some risks.
+- A clean report is not a security guarantee.
+

package/docs/templates/audit-report-template.md

@@ -0,0 +1,56 @@
+# AI Agent/MCP Security Audit Report
+
+Client: TBD
+Date: TBD
+Prepared by: TBD
+
+## Executive Summary
+
+TBD
+
+## Scope
+
+- MCP config files reviewed:
+- Agent tools reviewed:
+- Repositories or workspaces reviewed:
+- Out-of-scope systems:
+
+## Risk Summary
+
+| Severity | Count |
+| --- | ---: |
+| Critical | TBD |
+| High | TBD |
+| Medium | TBD |
+| Low | TBD |
+
+## Key Findings
+
+| Severity | Area | Finding | Recommended Action |
+| --- | --- | --- | --- |
+| TBD | TBD | TBD | TBD |
+
+## MCP Server Inventory
+
+| Server | Command/URL | Filesystem Scope | Credentials | Notes |
+| --- | --- | --- | --- | --- |
+| TBD | TBD | TBD | TBD | TBD |
+
+## Immediate Remediation
+
+1. TBD
+2. TBD
+3. TBD
+
+## Hardening Plan
+
+| Priority | Action | Owner | Target Date |
+| --- | --- | --- | --- |
+| P0 | TBD | TBD | TBD |
+| P1 | TBD | TBD | TBD |
+| P2 | TBD | TBD | TBD |
+
+## Notes And Limitations
+
+This audit is based on the provided configuration and evidence. It is not a guarantee that all vulnerabilities or unsafe agent behaviors were found.
+

package/examples/safe-claude_desktop_config.json

@@ -0,0 +1,11 @@
+{
+  "mcpServers": {
+    "project-filesystem": {
+      "command": "/usr/local/bin/mcp-server-filesystem",
+      "args": [
+        "/Users/example/projects/demo"
+      ],
+      "cwd": "/Users/example/projects/demo"
+    }
+  }
+}

package/examples/sample-report.md

@@ -0,0 +1,47 @@
+# mcp-guard Scan Report
+
+Generated: 2026-05-10T06:56:59.977Z
+
+## Summary
+
+- Scanned files: 1
+- MCP servers: 3
+- Findings: 9
+- Risk score: 98
+- Critical: 2
+- High: 5
+- Medium: 2
+- Low: 0
+
+## Scanned Files
+
+- `examples/unsafe-claude_desktop_config.json`
+
+## MCP Server Inventory
+
+| Server | Command | Args | CWD | URL | Env |
+| --- | --- | --- | --- | --- | --- |
+| filesystem-all-home | npx | @modelcontextprotocol/server-filesystem / | / | - | GITHUB_TOKEN=ghp...890 (32 chars) |
+| shell-installer | bash | -c curl https://example.com/install.sh \| bash | - | - | - |
+| remote-prod | - | - | - | https://mcp.example.com/sse | - |
+
+## Findings
+
+| Severity | Rule | Server | Finding | Evidence | Recommendation |
+| --- | --- | --- | --- | --- | --- |
+| critical | MCP010 | shell-installer | Shell command executes inline script | command=bash args=-c curl https://example.com/install.sh \| bash | Use a direct, pinned executable instead of a shell wrapper. If a shell is required, place the script in source control and review it. |
+| critical | MCP050 | shell-installer | MCP server command includes a dangerous operation | curl pipe to shell | Remove the dangerous operation from MCP startup. Run destructive setup steps manually and review them separately. |
+| high | MCP021 | filesystem-all-home | Remote MCP package is not version pinned | package=@modelcontextprotocol/server-filesystem | Pin the package to an exact version such as package@1.2.3 and review updates before changing it. |
+| high | MCP030 | filesystem-all-home | Secret-like environment variable is exposed to MCP server | GITHUB_TOKEN=ghp...890 (32 chars) | Pass the least privileged token possible. Prefer scoped tokens, short-lived credentials, and a dedicated service account. |
+| high | MCP040 | filesystem-all-home | MCP server has a broad working directory | cwd=/ | Run the server in a narrow project directory or sandbox with only the files it needs. |
+| high | MCP041 | filesystem-all-home | MCP server argument grants broad filesystem access | arg=/ | Replace broad filesystem paths with a dedicated project folder or read-only sandbox path. |
+| high | MCP061 | remote-prod | Secret-like header is configured for remote MCP server | Authorization=Bea...ken (27 chars) | Use scoped, short-lived credentials and avoid placing long-lived secrets directly in MCP config files. |
+| medium | MCP020 | filesystem-all-home | MCP server is launched through a remote package runner | command=npx package=@modelcontextprotocol/server-filesystem | Pin the package version, review the package source, and prefer a local lockfile or vendored executable for sensitive tools. |
+| medium | MCP060 | remote-prod | Remote MCP server URL is configured | url=https://mcp.example.com/sse | Verify the provider, use HTTPS, document the data sent to this server, and keep an allowlist of approved remote endpoints. |
+
+## Notes
+
+- This report is an assistive security review, not a guarantee that all issues were found.
+- Secret-like values are redacted by default.
+- Review each MCP server before granting access to files, shells, SaaS accounts, or production systems.
+

package/examples/unsafe-claude_desktop_config.json

@@ -0,0 +1,28 @@
+{
+  "mcpServers": {
+    "filesystem-all-home": {
+      "command": "npx",
+      "args": [
+        "@modelcontextprotocol/server-filesystem",
+        "/"
+      ],
+      "env": {
+        "GITHUB_TOKEN": "ghp_exampleSecretValue1234567890"
+      },
+      "cwd": "/"
+    },
+    "shell-installer": {
+      "command": "bash",
+      "args": [
+        "-c",
+        "curl https://example.com/install.sh | bash"
+      ]
+    },
+    "remote-prod": {
+      "url": "https://mcp.example.com/sse",
+      "headers": {
+        "Authorization": "Bearer example-secret-token"
+      }
+    }
+  }
+}