contextguard 0.2.3 → 0.2.4

package/dist/agent.d.ts

@@ -5,7 +5,7 @@
  * LICENSE file in the root directory of this source tree.
  */
 import { Logger, ContextGuardConfig } from "./logger";
-import { AgentPolicyRow } from "./types/database.types";
+import { AgentPolicyRow } from "./types/agent.types";
 /**
  * Agent interface
  */

package/dist/agent.js

@@ -21,7 +21,7 @@ const mcp_1 = require("./types/mcp");
  */
 const createAgent = (serverCommand, policyConfig, agentId, contextGuardConfig) => {
     const policy = (0, security_engine_1.createPolicyChecker)(policyConfig);
-    const logger = (0, logger_1.createLogger)(policyConfig.logPath, agentId, policyConfig.alertWebhook, policyConfig.alertOnSeverity, contextGuardConfig);
+    const logger = (0, logger_1.createLogger)(agentId, policyConfig.alertWebhook, policyConfig.alertOnSeverity, contextGuardConfig);
     const sessionId = (0, mcp_1.generateSessionId)();
     const state = {
         process: null,

package/dist/index.d.ts

@@ -11,4 +11,4 @@ export { createPolicyChecker, DEFAULT_POLICY } from "./security-engine";
 export type { PolicyChecker } from "./security-engine";
 export { createLogger } from "./logger";
 export type { Logger, SecurityStatistics, ContextGuardConfig } from "./logger";
-export type { AgentPolicyRow, AgentPolicyInsert, AgentPolicyUpdate, SecurityEventRow, SecurityEventInsert, SecurityEventUpdate, AgentStatusRow, AgentStatusInsert, AgentStatusUpdate, EventStatisticsRow, SecuritySeverity, AgentStatus, } from "./types/database.types";
+export type { AgentPolicyRow, SecurityEventRow, SecuritySeverity, } from "./types/agent.types";

package/dist/init.js

@@ -78,13 +78,12 @@ function isAlreadyWrapped(server) {
 }
 /**
  * Wrap an MCP server entry:
- *   { command, args } → { command: "npx", args: ["-y", "contextguard", "--", <original command+args>] }
+ *   { command, args } → { command: "npx", args: ["-y", "contextguard", "--", command, ...args] }
  */
 function wrapServer(server, apiKey) {
-    const originalCmd = [server.command, ...(server.args ?? [])];
     return {
         command: "npx",
-        args: ["-y", "contextguard", "--", ...originalCmd],
+        args: ["-y", "contextguard", "--", server.command, ...(server.args ?? [])],
         env: {
             ...server.env,
             CONTEXTGUARD_API_KEY: apiKey,

package/dist/logger.d.ts

@@ -4,7 +4,7 @@
  * This source code is licensed under the MIT license found in the
  * LICENSE file in the root directory of this source tree.
  */
-import { SecurityEventRow, SecuritySeverity } from "./types/database.types";
+import { SecurityEventRow, SecuritySeverity } from "./types/agent.types";
 /**
  * ContextGuard API configuration
  */
@@ -32,11 +32,10 @@ export interface Logger {
 }
 /**
  * Create a security event logger
- * @param logFile - Path to log file
  * @param agentId - Agent identifier for event attribution
  * @param alertWebhook - Optional webhook URL for HIGH/CRITICAL alerts
  * @param alertOnSeverity - Severity levels that trigger webhook alerts
  * @param contextGuardConfig - Optional ContextGuard API config for remote logging
  * @returns Logger functions
  */
-export declare const createLogger: (logFile?: string, agentId?: string, alertWebhook?: string, alertOnSeverity?: string[], contextGuardConfig?: ContextGuardConfig) => Logger;
+export declare const createLogger: (agentId?: string, alertWebhook?: string, alertOnSeverity?: string[], contextGuardConfig?: ContextGuardConfig) => Logger;

package/dist/logger.js

@@ -5,44 +5,8 @@
  * This source code is licensed under the MIT license found in the
  * LICENSE file in the root directory of this source tree.
  */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createLogger = void 0;
-const fs = __importStar(require("fs"));
-const os = __importStar(require("os"));
-const path = __importStar(require("path"));
 const MAX_STORED_EVENTS = 1000;
 /**
  * Count events by a specific field
@@ -72,14 +36,13 @@ const fireWebhookAlert = (webhookUrl, event) => {
 };
 /**
  * Create a security event logger
- * @param logFile - Path to log file
  * @param agentId - Agent identifier for event attribution
  * @param alertWebhook - Optional webhook URL for HIGH/CRITICAL alerts
  * @param alertOnSeverity - Severity levels that trigger webhook alerts
  * @param contextGuardConfig - Optional ContextGuard API config for remote logging
  * @returns Logger functions
  */
-const createLogger = (logFile = path.join(os.homedir(), ".contextguard", "mcp_security.log"), agentId = "", alertWebhook, alertOnSeverity = ["HIGH", "CRITICAL"], contextGuardConfig) => {
+const createLogger = (agentId = "", alertWebhook, alertOnSeverity = ["HIGH", "CRITICAL"], contextGuardConfig) => {
     let events = [];
     return {
         /**
@@ -101,15 +64,6 @@ const createLogger = (logFile = path.join(os.homedir(), ".contextguard", "mcp_se
             if (events.length > MAX_STORED_EVENTS) {
                 events = events.slice(-MAX_STORED_EVENTS);
             }
-            // Write to log file (silently fail if filesystem is read-only)
-            try {
-                fs.mkdirSync(path.dirname(logFile), { recursive: true });
-                fs.appendFileSync(logFile, JSON.stringify(event) + "\n");
-            }
-            catch {
-                // Silently ignore filesystem errors to avoid polluting stderr
-                // This can happen in read-only environments like Claude Desktop
-            }
             // Alert on high/critical severity
             if (severity === "HIGH" || severity === "CRITICAL") {
                 console.error(`[SECURITY ALERT] ${eventType}: ${JSON.stringify(details)}`);

package/dist/security-engine.d.ts

@@ -4,7 +4,7 @@
  * This source code is licensed under the MIT license found in the
  * LICENSE file in the root directory of this source tree.
  */
-import { AgentPolicyRow } from "./types/database.types";
+import { AgentPolicyRow } from "./types/agent.types";
 /**
  * Policy checker interface
  */

package/dist/sse-proxy.d.ts

@@ -5,7 +5,7 @@
  * LICENSE file in the root directory of this source tree.
  */
 import { Logger } from "./logger";
-import { AgentPolicyRow } from "./types/database.types";
+import { AgentPolicyRow } from "./types/agent.types";
 /**
  * SSE/HTTP Proxy interface
  */

package/dist/sse-proxy.js

@@ -53,7 +53,7 @@ const mcp_1 = require("./types/mcp");
  */
 const createSSEProxy = (policyConfig, agentId = "sse-proxy") => {
     const policy = (0, security_engine_1.createPolicyChecker)(policyConfig);
-    const logger = (0, logger_1.createLogger)(policyConfig.logPath, agentId);
+    const logger = (0, logger_1.createLogger)(agentId);
     const sessionId = (0, mcp_1.generateSessionId)();
     let toolCallTimestamps = [];
     /**

package/dist/types/agent.types.d.ts

@@ -0,0 +1,49 @@
+/**
+ * Copyright (c) 2026 Amir Mironi
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */
+export type SecuritySeverity = "LOW" | "MEDIUM" | "HIGH" | "CRITICAL";
+export interface SecurityEventRow {
+    id: string;
+    agent_id: string;
+    session_id: string;
+    event_type: string;
+    severity: SecuritySeverity;
+    details: Record<string, unknown>;
+    timestamp: string;
+    created_at: string;
+}
+export interface AgentPolicyRow {
+    id: string;
+    agent_id: string;
+    maxToolCallsPerMinute?: number;
+    blockedPatterns?: string[];
+    allowedFilePaths?: string[];
+    alertThreshold?: number;
+    enablePromptInjectionDetection?: boolean;
+    enableSensitiveDataDetection?: boolean;
+    enablePathTraversalPrevention?: boolean;
+    mode?: "monitor" | "block";
+    logPath?: string;
+    enableProFeatures?: boolean;
+    licenseFilePath?: string;
+    transport?: "stdio" | "sse" | "http";
+    port?: number;
+    targetUrl?: string;
+    allowedTools?: string[];
+    blockedTools?: string[];
+    alertWebhook?: string;
+    alertOnSeverity?: string[];
+    enableSQLInjectionDetection?: boolean;
+    enableSemanticDetection?: boolean;
+    enableXSSDetection?: boolean;
+    customRules?: Array<{
+        name: string;
+        pattern: string;
+        severity?: string;
+    }>;
+    created_at: string;
+    updated_at: string;
+}

package/dist/types/agent.types.js

@@ -0,0 +1,8 @@
+"use strict";
+/**
+ * Copyright (c) 2026 Amir Mironi
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/types/database.types.d.ts

@@ -12,28 +12,28 @@ export interface Database {
                 Row: {
                     id: string;
                     agent_id: string;
-                    maxToolCallsPerMinute?: number;
-                    blockedPatterns?: string[];
-                    allowedFilePaths?: string[];
-                    alertThreshold?: number;
-                    enablePromptInjectionDetection?: boolean;
-                    enableSensitiveDataDetection?: boolean;
-                    enablePathTraversalPrevention?: boolean;
+                    max_tool_calls_per_minute?: number;
+                    blocked_patterns?: string[];
+                    allowed_file_paths?: string[];
+                    alert_threshold?: number;
+                    enable_prompt_injection_detection?: boolean;
+                    enable_sensitive_data_detection?: boolean;
+                    enable_path_traversal_prevention?: boolean;
+                    enable_sql_injection_detection?: boolean;
+                    enable_semantic_detection?: boolean;
+                    enable_xss_detection?: boolean;
                     mode?: "monitor" | "block";
-                    logPath?: string;
-                    enableProFeatures?: boolean;
-                    licenseFilePath?: string;
+                    log_path?: string;
+                    enable_pro_features?: boolean;
+                    license_file_path?: string;
                     transport?: "stdio" | "sse" | "http";
                     port?: number;
-                    targetUrl?: string;
-                    allowedTools?: string[];
-                    blockedTools?: string[];
-                    alertWebhook?: string;
-                    alertOnSeverity?: string[];
-                    enableSQLInjectionDetection?: boolean;
-                    enableSemanticDetection?: boolean;
-                    enableXSSDetection?: boolean;
-                    customRules?: Array<{
+                    target_url?: string;
+                    allowed_tools?: string[];
+                    blocked_tools?: string[];
+                    alert_webhook?: string;
+                    alert_on_severity?: string[];
+                    custom_rules?: Array<{
                         name: string;
                         pattern: string;
                         severity?: string;
@@ -44,28 +44,28 @@ export interface Database {
                 Insert: {
                     id?: string;
                     agent_id: string;
-                    maxToolCallsPerMinute?: number;
-                    blockedPatterns?: string[];
-                    allowedFilePaths?: string[];
-                    alertThreshold?: number;
-                    enablePromptInjectionDetection?: boolean;
-                    enableSensitiveDataDetection?: boolean;
-                    enablePathTraversalPrevention?: boolean;
+                    max_tool_calls_per_minute?: number;
+                    blocked_patterns?: string[];
+                    allowed_file_paths?: string[];
+                    alert_threshold?: number;
+                    enable_prompt_injection_detection?: boolean;
+                    enable_sensitive_data_detection?: boolean;
+                    enable_path_traversal_prevention?: boolean;
+                    enable_sql_injection_detection?: boolean;
+                    enable_semantic_detection?: boolean;
+                    enable_xss_detection?: boolean;
                     mode?: "monitor" | "block";
-                    logPath?: string;
-                    enableProFeatures?: boolean;
-                    licenseFilePath?: string;
+                    log_path?: string;
+                    enable_pro_features?: boolean;
+                    license_file_path?: string;
                     transport?: "stdio" | "sse" | "http";
                     port?: number;
-                    targetUrl?: string;
-                    allowedTools?: string[];
-                    blockedTools?: string[];
-                    alertWebhook?: string;
-                    alertOnSeverity?: string[];
-                    enableSQLInjectionDetection?: boolean;
-                    enableSemanticDetection?: boolean;
-                    enableXSSDetection?: boolean;
-                    customRules?: Array<{
+                    target_url?: string;
+                    allowed_tools?: string[];
+                    blocked_tools?: string[];
+                    alert_webhook?: string;
+                    alert_on_severity?: string[];
+                    custom_rules?: Array<{
                         name: string;
                         pattern: string;
                         severity?: string;
@@ -76,28 +76,28 @@ export interface Database {
                 Update: {
                     id?: string;
                     agent_id?: string;
-                    maxToolCallsPerMinute?: number;
-                    blockedPatterns?: string[];
-                    allowedFilePaths?: string[];
-                    alertThreshold?: number;
-                    enablePromptInjectionDetection?: boolean;
-                    enableSensitiveDataDetection?: boolean;
-                    enablePathTraversalPrevention?: boolean;
+                    max_tool_calls_per_minute?: number;
+                    blocked_patterns?: string[];
+                    allowed_file_paths?: string[];
+                    alert_threshold?: number;
+                    enable_prompt_injection_detection?: boolean;
+                    enable_sensitive_data_detection?: boolean;
+                    enable_path_traversal_prevention?: boolean;
+                    enable_sql_injection_detection?: boolean;
+                    enable_semantic_detection?: boolean;
+                    enable_xss_detection?: boolean;
                     mode?: "monitor" | "block";
-                    logPath?: string;
-                    enableProFeatures?: boolean;
-                    licenseFilePath?: string;
+                    log_path?: string;
+                    enable_pro_features?: boolean;
+                    license_file_path?: string;
                     transport?: "stdio" | "sse" | "http";
                     port?: number;
-                    targetUrl?: string;
-                    allowedTools?: string[];
-                    blockedTools?: string[];
-                    alertWebhook?: string;
-                    alertOnSeverity?: string[];
-                    enableSQLInjectionDetection?: boolean;
-                    enableSemanticDetection?: boolean;
-                    enableXSSDetection?: boolean;
-                    customRules?: Array<{
+                    target_url?: string;
+                    allowed_tools?: string[];
+                    blocked_tools?: string[];
+                    alert_webhook?: string;
+                    alert_on_severity?: string[];
+                    custom_rules?: Array<{
                         name: string;
                         pattern: string;
                         severity?: string;
@@ -165,25 +165,8 @@ export interface Database {
                 };
             };
         };
-        Views: {
-            event_statistics: {
-                Row: {
-                    agent_id: string;
-                    event_type: string;
-                    severity: SecuritySeverity;
-                    count: number;
-                    hour: string;
-                };
-            };
-        };
-        Functions: {
-            cleanup_old_events: {
-                Args: {
-                    days_to_keep?: number;
-                };
-                Returns: number;
-            };
-        };
+        Views: Record<string, never>;
+        Functions: Record<string, never>;
     };
 }
 /**
@@ -202,10 +185,6 @@ export type AgentPolicyRow = Database["public"]["Tables"]["policies"]["Row"];
  * Agent status from database
  */
 export type AgentStatusRow = Database["public"]["Tables"]["agents"]["Row"];
-/**
- * Event statistics from view
- */
-export type EventStatisticsRow = Database["public"]["Views"]["event_statistics"]["Row"];
 /**
  * Insert types for convenience
  */

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "contextguard",
-  "version": "0.2.3",
+  "version": "0.2.4",
   "description": "Security monitoring wrapper for MCP servers with enterprise features",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -29,7 +29,7 @@
     "test": "jest",
     "lint": "eslint . && pnpm tsc --noEmit",
     "prepublishOnly": "npm run build",
-    "release": "npm publish && npm install -g contextguard"
+    "pub": "npm publish && npm install -g contextguard"
   },
   "keywords": [
     "mcp",
@@ -50,21 +50,21 @@
     "url": "https://github.com/amironi/contextguard/issues"
   },
   "devDependencies": {
-    "@eslint/js": "^9.37.0",
-    "@types/jest": "^29.5.0",
-    "@types/node": "^24.7.0",
-    "@typescript-eslint/eslint-plugin": "^8.46.0",
-    "@typescript-eslint/parser": "^8.46.0",
-    "eslint": "^9.37.0",
-    "globals": "^16.4.0",
+    "@eslint/js": "^9.39.4",
+    "@types/jest": "^29.5.14",
+    "@types/node": "^24.12.0",
+    "@typescript-eslint/eslint-plugin": "^8.57.0",
+    "@typescript-eslint/parser": "^8.57.0",
+    "eslint": "^9.39.4",
+    "globals": "^16.5.0",
     "jest": "^29.7.0",
-    "ts-jest": "^29.2.0",
+    "ts-jest": "^29.4.6",
     "ts-node": "^10.9.2",
     "typescript": "^5.9.3",
-    "typescript-eslint": "^8.46.0"
+    "typescript-eslint": "^8.57.0"
   },
   "dependencies": {
     "@anthropic-ai/sdk": "^0.54.0",
-    "@supabase/supabase-js": "^2.79.0"
+    "@supabase/supabase-js": "^2.99.1"
   }
 }