agentsafe-mcp-server 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/build/index.js +145 -0
  2. package/package.json +22 -0
package/build/index.js ADDED
@@ -0,0 +1,145 @@
1
+ #!/usr/bin/env node
2
+ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
3
+ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
4
+ import { z } from "zod";
5
+ const API_BASE = "https://workspaceapi-server-production-1955.up.railway.app";
6
+ const server = new McpServer({
7
+ name: "agentsafe",
8
+ version: "1.0.0",
9
+ description: "Trust infrastructure for AI agents — prevents autonomous agents from interacting with malicious websites",
10
+ });
11
+ // Tool 1: evaluate_url
12
+ server.tool("evaluate_url", "Check if a URL is safe for an AI agent to interact with. Returns ALLOW, BLOCK, or REQUIRE_HUMAN_APPROVAL with Claude AI reasoning.", {
13
+ url: z.string().url().describe("The URL to evaluate"),
14
+ action: z.enum(["browse", "login", "make_payment", "submit_sensitive_data"])
15
+ .default("browse")
16
+ .describe("The action the agent wants to take"),
17
+ data_sensitivity: z.enum(["low", "medium", "high"])
18
+ .default("low")
19
+ .describe("Sensitivity of data involved"),
20
+ }, async ({ url, action, data_sensitivity }) => {
21
+ try {
22
+ const res = await fetch(`${API_BASE}/api/check`, {
23
+ method: "POST",
24
+ headers: { "Content-Type": "application/json" },
25
+ body: JSON.stringify({ url, action, data_sensitivity }),
26
+ });
27
+ const data = await res.json();
28
+ return {
29
+ content: [
30
+ {
31
+ type: "text",
32
+ text: JSON.stringify({
33
+ url: data.url,
34
+ score: data.score,
35
+ recommendation: data.recommendation,
36
+ recommended_action: data.recommended_action,
37
+ confidence_score: data.confidence_score,
38
+ agent_policy: data.agent_policy,
39
+ summary: data.summary,
40
+ risk_factors: data.risk_factors,
41
+ }, null, 2),
42
+ },
43
+ ],
44
+ };
45
+ }
46
+ catch (err) {
47
+ return {
48
+ content: [{ type: "text", text: `Error evaluating URL: ${err.message}` }],
49
+ isError: true,
50
+ };
51
+ }
52
+ });
53
+ // Tool 2: evaluate_payment
54
+ server.tool("evaluate_payment", "Check if a URL is safe for an AI agent to make a payment on. Uses strict payment-context scoring.", {
55
+ url: z.string().url().describe("The payment URL to evaluate"),
56
+ amount: z.number().optional().describe("Transaction amount in dollars"),
57
+ }, async ({ url, amount }) => {
58
+ try {
59
+ const res = await fetch(`${API_BASE}/api/check`, {
60
+ method: "POST",
61
+ headers: { "Content-Type": "application/json" },
62
+ body: JSON.stringify({
63
+ url,
64
+ action: "make_payment",
65
+ data_sensitivity: "high",
66
+ }),
67
+ });
68
+ const data = await res.json();
69
+ const amountWarning = amount && amount > 100 && data.recommendation !== "TRUSTED"
70
+ ? `⚠️ High value transaction ($${amount}) blocked — site not fully trusted.`
71
+ : null;
72
+ return {
73
+ content: [
74
+ {
75
+ type: "text",
76
+ text: JSON.stringify({
77
+ url: data.url,
78
+ safe_to_pay: data.recommendation === "TRUSTED",
79
+ recommended_action: data.recommended_action,
80
+ confidence_score: data.confidence_score,
81
+ agent_policy: data.agent_policy,
82
+ summary: data.summary,
83
+ amount_warning: amountWarning,
84
+ risk_factors: data.risk_factors,
85
+ }, null, 2),
86
+ },
87
+ ],
88
+ };
89
+ }
90
+ catch (err) {
91
+ return {
92
+ content: [{ type: "text", text: `Error evaluating payment URL: ${err.message}` }],
93
+ isError: true,
94
+ };
95
+ }
96
+ });
97
+ // Tool 3: evaluate_login
98
+ server.tool("evaluate_login", "Check if a URL is safe for an AI agent to submit login credentials to. Prevents credential theft on phishing sites.", {
99
+ url: z.string().url().describe("The login URL to evaluate"),
100
+ }, async ({ url }) => {
101
+ try {
102
+ const res = await fetch(`${API_BASE}/api/check`, {
103
+ method: "POST",
104
+ headers: { "Content-Type": "application/json" },
105
+ body: JSON.stringify({
106
+ url,
107
+ action: "login",
108
+ data_sensitivity: "high",
109
+ }),
110
+ });
111
+ const data = await res.json();
112
+ return {
113
+ content: [
114
+ {
115
+ type: "text",
116
+ text: JSON.stringify({
117
+ url: data.url,
118
+ safe_to_login: data.recommendation === "TRUSTED",
119
+ recommended_action: data.recommended_action,
120
+ confidence_score: data.confidence_score,
121
+ agent_policy: data.agent_policy,
122
+ summary: data.summary,
123
+ risk_factors: data.risk_factors,
124
+ }, null, 2),
125
+ },
126
+ ],
127
+ };
128
+ }
129
+ catch (err) {
130
+ return {
131
+ content: [{ type: "text", text: `Error evaluating login URL: ${err.message}` }],
132
+ isError: true,
133
+ };
134
+ }
135
+ });
136
+ // Start the server
137
+ async function main() {
138
+ const transport = new StdioServerTransport();
139
+ await server.connect(transport);
140
+ console.error("AgentSafe MCP Server running — trust infrastructure for AI agents");
141
+ }
142
+ main().catch((err) => {
143
+ console.error("Fatal error:", err);
144
+ process.exit(1);
145
+ });
package/package.json ADDED
@@ -0,0 +1,22 @@
1
+ {
2
+ "name": "agentsafe-mcp-server",
3
+ "version": "1.0.0",
4
+ "description": "AgentSafe MCP Server - Trust infrastructure for AI agents",
5
+ "type": "module",
6
+ "bin": {
7
+ "agentsafe-mcp": "./build/index.js"
8
+ },
9
+ "scripts": {
10
+ "build": "tsc",
11
+ "start": "node build/index.js"
12
+ },
13
+ "files": ["build"],
14
+ "dependencies": {
15
+ "@modelcontextprotocol/sdk": "^1.0.0",
16
+ "zod": "^3.22.0"
17
+ },
18
+ "devDependencies": {
19
+ "@types/node": "^20.10.0",
20
+ "typescript": "^5.3.0"
21
+ }
22
+ }