cyberdyne-mcp 0.4.0 → 0.5.0

package/README.md

@@ -90,17 +90,16 @@ then releases payment on verify. The pattern behind x402-native traders like
 CYBERDYNE_IDENTITY_TOKEN=cyb_… npm run build && npm run founder-check
 ```
 
-## Install — one line, no clone, no build
+## Install — one line
 
-The repo ships its built `dist/`, so `npx` runs it straight from GitHub. You only
-need Node 18+ and your `cyb_…` agent key (mint one in the app's Agent Console).
+Published on [npm](https://www.npmjs.com/package/cyberdyne-mcp), so `npx` runs it
+instantly. You only need Node 18+ and your `cyb_…` agent key (mint one in the app's
+Agent Console).
 
 **Claude Code:**
 
 ```bash
-claude mcp add cyberdyne \
-  -e CYBERDYNE_IDENTITY_TOKEN=cyb_… \
-  -- npx -y github:Cyberdyne-OS/cyberdyne-mcp
+claude mcp add cyberdyne -e CYBERDYNE_IDENTITY_TOKEN=cyb_… -- npx -y cyberdyne-mcp
 ```
 
 **Claude Desktop** — add to `~/Library/Application Support/Claude/claude_desktop_config.json` and restart:
@@ -110,17 +109,15 @@ claude mcp add cyberdyne \
   "mcpServers": {
     "cyberdyne": {
       "command": "npx",
-      "args": ["-y", "github:Cyberdyne-OS/cyberdyne-mcp"],
-      "env": {
-        "CYBERDYNE_IDENTITY_TOKEN": "cyb_…",
-        "CYBERDYNE_API_URL": "https://app.cyberdyne-os.xyz"
-      }
+      "args": ["-y", "cyberdyne-mcp"],
+      "env": { "CYBERDYNE_IDENTITY_TOKEN": "cyb_…" }
     }
   }
 }
 ```
 
-*(For local dev from a clone: `npm install && npm run build`, then point the command at `node /abs/path/dist/server.js`.)*
+Once connected, run **`/mcp__cyberdyne__quickstart`** for the full fund → post →
+pay walkthrough. *(Local dev from a clone: `npm install && npm run build`, then point at `node /abs/path/dist/server.js`.)*
 
 Then ask the agent, e.g.:
 

package/dist/client.js

@@ -9,17 +9,48 @@
  *           body (`identity_token`). Used for `search_humans` (the REST
  *           GET /api/humans is session-only and rejects Bearer keys).
  *
- * Config is read from the environment (stdio MCP servers take creds from env):
- *   CYBERDYNE_API_URL        default "https://app.cyberdyne-os.xyz"
- *   CYBERDYNE_IDENTITY_TOKEN the agent's `cyb_…` key (required for any network call)
+ * The agent key (`cyb_…`) is resolved, in order, from:
+ *   1. env CYBERDYNE_IDENTITY_TOKEN  (e.g. `claude mcp add … -e CYBERDYNE_IDENTITY_TOKEN=…`)
+ *   2. a saved login at ~/.cyberdyne/config.json  (written by `cyberdyne-mcp login cyb_…`)
+ * so the install line can be the short `claude mcp add cyberdyne -- npx -y cyberdyne-mcp`.
+ *   CYBERDYNE_API_URL  overrides the default "https://app.cyberdyne-os.xyz".
  *
  * No secrets are hardcoded; nothing is logged that could leak the key.
  */
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { readFileSync, writeFileSync, mkdirSync, chmodSync } from "node:fs";
 export const DEFAULT_API_URL = "https://app.cyberdyne-os.xyz";
-/** Read config from the environment. `token` may be undefined (tools then error). */
+/** Path to the persisted login (mode 600). */
+export function configPath() {
+    return join(homedir(), ".cyberdyne", "config.json");
+}
+function readConfigFile() {
+    try {
+        return JSON.parse(readFileSync(configPath(), "utf8"));
+    }
+    catch {
+        return {};
+    }
+}
+/** Persist the agent key to ~/.cyberdyne/config.json (0600). Returns the path. */
+export function saveToken(token) {
+    mkdirSync(join(homedir(), ".cyberdyne"), { recursive: true });
+    const p = configPath();
+    writeFileSync(p, JSON.stringify({ ...readConfigFile(), identity_token: token.trim() }, null, 2));
+    try {
+        chmodSync(p, 0o600);
+    }
+    catch {
+        /* best-effort on platforms without POSIX modes */
+    }
+    return p;
+}
+/** Resolve config: env first, then the saved login. `token` may be undefined. */
 export function readConfig(env = process.env) {
-    const apiUrl = (env.CYBERDYNE_API_URL || DEFAULT_API_URL).replace(/\/+$/, "");
-    const token = env.CYBERDYNE_IDENTITY_TOKEN?.trim() || undefined;
+    const file = readConfigFile();
+    const apiUrl = (env.CYBERDYNE_API_URL || file.api_url || DEFAULT_API_URL).replace(/\/+$/, "");
+    const token = env.CYBERDYNE_IDENTITY_TOKEN?.trim() || file.identity_token?.trim() || undefined;
     return { apiUrl, token };
 }
 /** An API error surfaced to the caller — carries the HTTP status + the API's error code. */

package/dist/server.js

@@ -40,7 +40,21 @@ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { z } from "zod";
 import { CATEGORIES, TASK_CATEGORIES } from "./registry.js";
-import { ApiError, CyberdyneClient, MissingTokenError, readConfig } from "./client.js";
+import { ApiError, CyberdyneClient, MissingTokenError, readConfig, saveToken } from "./client.js";
+// `cyberdyne-mcp login cyb_…` — persist the key so the MCP add line can omit it
+// (short DFM-style install). Runs before the server boots, then exits.
+if (process.argv[2] === "login") {
+    const token = process.argv[3]?.trim();
+    if (!token || !token.startsWith("cyb_")) {
+        console.error("Usage: npx cyberdyne-mcp login cyb_<your-key>\n" +
+            "Get your key at https://app.cyberdyne-os.xyz → Agent Console → Generate API key.");
+        process.exit(1);
+    }
+    const path = saveToken(token);
+    console.error(`✓ Saved your CYBERDYNE key to ${path}.\n` +
+        "Now run:  claude mcp add cyberdyne -- npx -y cyberdyne-mcp");
+    process.exit(0);
+}
 const config = readConfig();
 const client = new CyberdyneClient(config);
 // ---- Result helpers -------------------------------------------------------
@@ -185,5 +199,5 @@ server.registerPrompt("quickstart", {
 const transport = new StdioServerTransport();
 await server.connect(transport);
 console.error(`CYBERDYNE MCP server running on stdio → ${config.apiUrl}` +
-    (config.token ? "" : " (no CYBERDYNE_IDENTITY_TOKEN set; networked tools will error until you set it)") +
+    (config.token ? "" : " (no key — run `npx cyberdyne-mcp login cyb_…` or set CYBERDYNE_IDENTITY_TOKEN; networked tools error until then)") +
     ". Tools: list_categories, search_humans, get_treasury, fund_treasury, get_deposit_address, deposit, post_task, assign_task, authorize_task, get_task, release_payment, close_task.");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberdyne-mcp",
-  "version": "0.4.0",
+  "version": "0.5.0",
   "publishConfig": {
     "access": "public"
   },

package/src/client.ts

@@ -9,13 +9,19 @@
  *           body (`identity_token`). Used for `search_humans` (the REST
  *           GET /api/humans is session-only and rejects Bearer keys).
  *
- * Config is read from the environment (stdio MCP servers take creds from env):
- *   CYBERDYNE_API_URL        default "https://app.cyberdyne-os.xyz"
- *   CYBERDYNE_IDENTITY_TOKEN the agent's `cyb_…` key (required for any network call)
+ * The agent key (`cyb_…`) is resolved, in order, from:
+ *   1. env CYBERDYNE_IDENTITY_TOKEN  (e.g. `claude mcp add … -e CYBERDYNE_IDENTITY_TOKEN=…`)
+ *   2. a saved login at ~/.cyberdyne/config.json  (written by `cyberdyne-mcp login cyb_…`)
+ * so the install line can be the short `claude mcp add cyberdyne -- npx -y cyberdyne-mcp`.
+ *   CYBERDYNE_API_URL  overrides the default "https://app.cyberdyne-os.xyz".
  *
  * No secrets are hardcoded; nothing is logged that could leak the key.
  */
 
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { readFileSync, writeFileSync, mkdirSync, chmodSync } from "node:fs";
+
 export const DEFAULT_API_URL = "https://app.cyberdyne-os.xyz";
 
 export interface CyberdyneConfig {
@@ -23,10 +29,37 @@ export interface CyberdyneConfig {
   token: string | undefined;
 }
 
-/** Read config from the environment. `token` may be undefined (tools then error). */
+/** Path to the persisted login (mode 600). */
+export function configPath(): string {
+  return join(homedir(), ".cyberdyne", "config.json");
+}
+
+function readConfigFile(): { identity_token?: string; api_url?: string } {
+  try {
+    return JSON.parse(readFileSync(configPath(), "utf8"));
+  } catch {
+    return {};
+  }
+}
+
+/** Persist the agent key to ~/.cyberdyne/config.json (0600). Returns the path. */
+export function saveToken(token: string): string {
+  mkdirSync(join(homedir(), ".cyberdyne"), { recursive: true });
+  const p = configPath();
+  writeFileSync(p, JSON.stringify({ ...readConfigFile(), identity_token: token.trim() }, null, 2));
+  try {
+    chmodSync(p, 0o600);
+  } catch {
+    /* best-effort on platforms without POSIX modes */
+  }
+  return p;
+}
+
+/** Resolve config: env first, then the saved login. `token` may be undefined. */
 export function readConfig(env: NodeJS.ProcessEnv = process.env): CyberdyneConfig {
-  const apiUrl = (env.CYBERDYNE_API_URL || DEFAULT_API_URL).replace(/\/+$/, "");
-  const token = env.CYBERDYNE_IDENTITY_TOKEN?.trim() || undefined;
+  const file = readConfigFile();
+  const apiUrl = (env.CYBERDYNE_API_URL || file.api_url || DEFAULT_API_URL).replace(/\/+$/, "");
+  const token = env.CYBERDYNE_IDENTITY_TOKEN?.trim() || file.identity_token?.trim() || undefined;
   return { apiUrl, token };
 }
 

package/src/server.ts

@@ -40,7 +40,26 @@ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { z } from "zod";
 import { CATEGORIES, TASK_CATEGORIES } from "./registry.js";
-import { ApiError, CyberdyneClient, MissingTokenError, readConfig } from "./client.js";
+import { ApiError, CyberdyneClient, MissingTokenError, readConfig, saveToken } from "./client.js";
+
+// `cyberdyne-mcp login cyb_…` — persist the key so the MCP add line can omit it
+// (short DFM-style install). Runs before the server boots, then exits.
+if (process.argv[2] === "login") {
+  const token = process.argv[3]?.trim();
+  if (!token || !token.startsWith("cyb_")) {
+    console.error(
+      "Usage: npx cyberdyne-mcp login cyb_<your-key>\n" +
+        "Get your key at https://app.cyberdyne-os.xyz → Agent Console → Generate API key.",
+    );
+    process.exit(1);
+  }
+  const path = saveToken(token);
+  console.error(
+    `✓ Saved your CYBERDYNE key to ${path}.\n` +
+      "Now run:  claude mcp add cyberdyne -- npx -y cyberdyne-mcp",
+  );
+  process.exit(0);
+}
 
 const config = readConfig();
 const client = new CyberdyneClient(config);
@@ -285,6 +304,6 @@ const transport = new StdioServerTransport();
 await server.connect(transport);
 console.error(
   `CYBERDYNE MCP server running on stdio → ${config.apiUrl}` +
-    (config.token ? "" : " (no CYBERDYNE_IDENTITY_TOKEN set; networked tools will error until you set it)") +
+    (config.token ? "" : " (no key — run `npx cyberdyne-mcp login cyb_…` or set CYBERDYNE_IDENTITY_TOKEN; networked tools error until then)") +
     ". Tools: list_categories, search_humans, get_treasury, fund_treasury, get_deposit_address, deposit, post_task, assign_task, authorize_task, get_task, release_payment, close_task.",
 );