askshepherd 0.1.37 → 0.1.38
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +10 -0
- package/bin/shepherd-onboard.js +13 -6
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -67,6 +67,12 @@ It reports the saved Shepherd account, connected cloud sources, downstream
|
|
|
67
67
|
processing state, and local background sync health for Messages and Coding
|
|
68
68
|
Sessions.
|
|
69
69
|
|
|
70
|
+
Agents must not inspect the user's folders or repositories to answer setup
|
|
71
|
+
status. Do not run `ls`, `find`, `rg`, `grep`, `cat`, `Read`, `Glob`, or
|
|
72
|
+
`Explore` against the user's home directory, repositories, `~/.codex`,
|
|
73
|
+
`~/.claude`, or `~/.shepherd` for Shepherd setup. Use the npm status command
|
|
74
|
+
above; it performs the bounded local checks.
|
|
75
|
+
|
|
70
76
|
## Set Up Coding Agent Sessions
|
|
71
77
|
|
|
72
78
|
Use this when the user asks "Help me set up coding agent sessions":
|
|
@@ -80,6 +86,8 @@ npx -y askshepherd@latest status
|
|
|
80
86
|
|
|
81
87
|
The coding agent should ask for consent before enabling this source. The local
|
|
82
88
|
collector syncs redacted Codex and Claude Code summaries, not full transcripts.
|
|
89
|
+
The agent should run only the commands above and should not search the local
|
|
90
|
+
filesystem for a Shepherd agent implementation.
|
|
83
91
|
|
|
84
92
|
## Customer MCP Login
|
|
85
93
|
|
|
@@ -115,6 +123,8 @@ set up coding agent sessions", the MCP exposes local tools such as
|
|
|
115
123
|
`shepherd_status` and `shepherd_setup_coding_sessions` that route agents to the
|
|
116
124
|
local `askshepherd status` / add-source flow. Production memory and wiki tools
|
|
117
125
|
remain remote Railway-backed tools for source recall and company-memory answers.
|
|
126
|
+
Those local MCP tools are also the permission boundary: an MCP client should not
|
|
127
|
+
use shell or file tools to inspect the user's folders or repositories for setup.
|
|
118
128
|
|
|
119
129
|
Use `--json` when an agent or setup script needs machine-readable endpoint and
|
|
120
130
|
header details.
|
package/bin/shepherd-onboard.js
CHANGED
|
@@ -803,21 +803,21 @@ function localMcpTools() {
|
|
|
803
803
|
return [
|
|
804
804
|
{
|
|
805
805
|
name: "shepherd_status",
|
|
806
|
-
description: "LOCAL Shepherd setup and sync status. Use this first when the user asks what they have enabled, what is connected, whether Shepherd is syncing, or why local Messages/Coding Sessions are not running. This is backed by the local askshepherd npm CLI; do not use production memory/wiki tools for local setup status.",
|
|
806
|
+
description: "LOCAL Shepherd setup and sync status. Use this first when the user asks what they have enabled, what is connected, whether Shepherd is syncing, or why local Messages/Coding Sessions are not running. This is backed by the local askshepherd npm CLI; do not use production memory/wiki tools or shell/file exploration for local setup status.",
|
|
807
807
|
inputSchema: emptyInputSchema,
|
|
808
808
|
annotations: readOnlyAnnotations,
|
|
809
809
|
_meta: { provider: "local_npm", command: `${agentCommand()} status` },
|
|
810
810
|
},
|
|
811
811
|
{
|
|
812
812
|
name: "shepherd_local_status",
|
|
813
|
-
description: "Explicit local alias for shepherd_status. Returns the authoritative local askshepherd npm status path and current local setup/sync state.",
|
|
813
|
+
description: "Explicit local alias for shepherd_status. Returns the authoritative local askshepherd npm status path and current local setup/sync state. Do not inspect user folders or repositories yourself.",
|
|
814
814
|
inputSchema: emptyInputSchema,
|
|
815
815
|
annotations: readOnlyAnnotations,
|
|
816
816
|
_meta: { provider: "local_npm", command: `${agentCommand()} status` },
|
|
817
817
|
},
|
|
818
818
|
{
|
|
819
819
|
name: "shepherd_setup_coding_sessions",
|
|
820
|
-
description: "LOCAL setup guide for Codex and Claude Code coding-session sync. Use when the user asks to set up coding agent sessions. Ask for consent, then guide the local askshepherd npm login/add-sources/continue/status commands.",
|
|
820
|
+
description: "LOCAL setup guide for Codex and Claude Code coding-session sync. Use when the user asks to set up coding agent sessions. Ask for consent, then guide the local askshepherd npm login/add-sources/continue/status commands. Do not search, list, or read the user's folders or repos to discover setup.",
|
|
821
821
|
inputSchema: emptyInputSchema,
|
|
822
822
|
annotations: readOnlyAnnotations,
|
|
823
823
|
_meta: { provider: "local_npm", command: `${agentCommand()} agent --add-sources coding-sessions` },
|
|
@@ -828,7 +828,8 @@ function localMcpTools() {
|
|
|
828
828
|
function localMcpInstructions(remoteInstructions, remoteConnectError) {
|
|
829
829
|
return [
|
|
830
830
|
"This MCP server is the local askshepherd npm wrapper plus production Shepherd memory/wiki tools.",
|
|
831
|
-
`For local setup/sync questions like "what do I have set up on Shepherd", "what have I enabled", "is Shepherd syncing", "help me set up coding agent sessions", or "enable coding sessions", use shepherd_status or shepherd_setup_coding_sessions first. These local tools route to the local askshepherd npm status/setup flow
|
|
831
|
+
`For local setup/sync questions like "what do I have set up on Shepherd", "what have I enabled", "is Shepherd syncing", "help me set up coding agent sessions", or "enable coding sessions", use shepherd_status or shepherd_setup_coding_sessions first. These local tools route to the local askshepherd npm status/setup flow. The askshepherd CLI is the only component that may perform bounded local checks of Shepherd state, LaunchAgents, and known Codex/Claude session locations.`,
|
|
832
|
+
"Hard boundary: do not use shell or filesystem tools such as ls, find, rg, grep, cat, Read, Glob, or Explore to inspect the user's home directory, repositories, ~/.codex, ~/.claude, or ~/.shepherd for Shepherd setup. If local status is needed, call shepherd_status or run the exact askshepherd status command.",
|
|
832
833
|
`If the user asks for raw local status outside MCP, tell them to run ${agentCommand()} status. For setup of coding agent sessions, ask consent, then use ${agentCommand()} agent --login if needed, ${agentCommand()} agent --add-sources coding-sessions --name "<full_name>" --org "<organization>", ${agentCommand()} agent --continue, then ${agentCommand()} status.`,
|
|
833
834
|
"Use production memory/wiki tools only for company-memory questions, source recall, wiki lookup, messages/meetings retrieval, or coding-session work history that has already synced to Shepherd.",
|
|
834
835
|
"Important override: any production instruction saying not to use local shell commands applies only to production memory/wiki answers. It does not apply to local Shepherd setup, source enablement, or sync health.",
|
|
@@ -843,6 +844,7 @@ async function callLocalMcpTool(name) {
|
|
|
843
844
|
return localMcpTextResult([
|
|
844
845
|
`Authoritative local status path: ${agentCommand()} status`,
|
|
845
846
|
"Use this result for setup/source/sync-health questions. Do not use production memory/wiki tools to answer what is enabled locally.",
|
|
847
|
+
"Do not inspect the user's folders or repositories yourself. Do not run ls/find/rg/grep/cat/Read/Glob/Explore against the user's home directory, repos, ~/.codex, ~/.claude, or ~/.shepherd for Shepherd setup.",
|
|
846
848
|
renderShepherdStatus(status),
|
|
847
849
|
].join("\n\n"));
|
|
848
850
|
}
|
|
@@ -862,6 +864,7 @@ function renderCodingSessionsSetupMcpResult(status) {
|
|
|
862
864
|
"Local Shepherd coding-session setup",
|
|
863
865
|
"",
|
|
864
866
|
"Use this when the user asks to set up coding agent sessions. Ask for explicit consent before enabling this source: Shepherd will read local Codex and Claude Code session logs, redact sensitive strings locally, and sync bounded summaries plus repo/command/file metadata, not full raw transcripts.",
|
|
867
|
+
"Do not inspect the user's folders or repositories to set this up. Do not run ls/find/rg/grep/cat/Read/Glob/Explore against the user's home directory, repos, ~/.codex, ~/.claude, or ~/.shepherd. Use only the Shepherd npm commands below and the status result they print.",
|
|
865
868
|
"",
|
|
866
869
|
alreadyConfigured
|
|
867
870
|
? "Current state: Coding Sessions already has a local config. Check whether the LaunchAgent is running and whether the last sync is healthy below."
|
|
@@ -1837,11 +1840,11 @@ function printAgentContract() {
|
|
|
1837
1840
|
commonUserRequests: [
|
|
1838
1841
|
{
|
|
1839
1842
|
userSays: "Check what I've enabled for Shepherd.",
|
|
1840
|
-
agentShould: `Run ${command} status and summarize connected sources, local background agents, unreadable folders, queued items, and any next command it prints.`,
|
|
1843
|
+
agentShould: `Run ${command} status and summarize connected sources, local background agents, unreadable folders, queued items, and any next command it prints. Do not inspect local folders or repositories yourself.`,
|
|
1841
1844
|
},
|
|
1842
1845
|
{
|
|
1843
1846
|
userSays: "Help me set up coding agent sessions.",
|
|
1844
|
-
agentShould: `Ask for consent to sync Codex and Claude Code summaries, then run ${command} agent --login if there is no saved Shepherd login, ${command} agent --add-sources coding-sessions --name "<full_name>" --org "<organization>", ${command} agent --continue, and finally ${command} status.`,
|
|
1847
|
+
agentShould: `Ask for consent to sync Codex and Claude Code summaries, then run ${command} agent --login if there is no saved Shepherd login, ${command} agent --add-sources coding-sessions --name "<full_name>" --org "<organization>", ${command} agent --continue, and finally ${command} status. Do not search the user's filesystem or repos for an agent implementation.`,
|
|
1845
1848
|
},
|
|
1846
1849
|
],
|
|
1847
1850
|
askStyle: [
|
|
@@ -1907,6 +1910,7 @@ function printAgentContract() {
|
|
|
1907
1910
|
"Do not ask the customer to create a Google service account or upload service account JSON for the default Shepherd-managed flow.",
|
|
1908
1911
|
"Do not use WorkOS Auth, WorkOS Pipes, or per-user Google OAuth for Google Workspace delegation.",
|
|
1909
1912
|
"Do not fill onboarding fields from local repository context, shell identity, machine paths, or earlier conversations; confirm them directly with the user.",
|
|
1913
|
+
"Do not use shell or file tools to list, search, or read the user's home directory, repositories, ~/.codex, ~/.claude, or ~/.shepherd for Shepherd setup. Only the askshepherd npm commands should perform local setup/status checks.",
|
|
1910
1914
|
],
|
|
1911
1915
|
loginCommand: `${command} agent --login`,
|
|
1912
1916
|
startCommand: `${command} agent --name "<full_name>" --org "<organization>"`,
|
|
@@ -1950,6 +1954,8 @@ Use this as a public checklist for coding-agent onboarding to Shepherd raw sync.
|
|
|
1950
1954
|
|
|
1951
1955
|
Confirm onboarding choices and fields directly with the user instead of assuming them from the local repo, shell username, machine paths, or earlier conversations.
|
|
1952
1956
|
|
|
1957
|
+
Do not inspect the user's folders or repositories for Shepherd setup. Do not run ls, find, rg, grep, cat, Read, Glob, or Explore against the user's home directory, repos, ~/.codex, ~/.claude, or ~/.shepherd. Use the askshepherd npm commands below; those commands perform the bounded local checks.
|
|
1958
|
+
|
|
1953
1959
|
Ask with short interactive prompts, not as one pasted checklist. Do not paste this whole checklist into the chat unless the user explicitly asks to see it.
|
|
1954
1960
|
|
|
1955
1961
|
Common user requests:
|
|
@@ -2038,6 +2044,7 @@ After the current modality is complete, run:
|
|
|
2038
2044
|
Omit either optional flag if that source is not being connected.
|
|
2039
2045
|
|
|
2040
2046
|
If Coding Sessions was selected, the continue step installs local Codex/Claude Code session summary sync. It probes ~/.codex and ~/.claude, redacts sensitive strings, and uploads bounded summaries and work metadata rather than full transcripts. It usually does not need Full Disk Access unless macOS denies access to those folders.
|
|
2047
|
+
The coding agent must not probe those folders directly; only the askshepherd CLI may perform that local check.
|
|
2041
2048
|
|
|
2042
2049
|
Check progress with:
|
|
2043
2050
|
${payload.statusCommand}
|