fa-mcp-sdk 0.4.51 → 0.4.53

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. package/README.md +1 -1
  2. package/cli-template/.claude/settings.json +3 -1
  3. package/cli-template/.claude/skills/edit-claude-files/SKILL.md +46 -0
  4. package/cli-template/.claude/skills/feature-generator/SKILL.md +364 -0
  5. package/cli-template/.claude/skills/readme-generator/README.md +1 -0
  6. package/cli-template/.claude/skills/readme-generator/SKILL.md +237 -0
  7. package/cli-template/.claude/skills/readme-generator/reference/best-practices.md +218 -0
  8. package/cli-template/.claude/skills/readme-generator/reference/satellite-templates.md +534 -0
  9. package/cli-template/.claude/skills/readme-generator/reference/templates.md +385 -0
  10. package/cli-template/CLAUDE.md +5 -19
  11. package/cli-template/FA-MCP-SDK-DOC/00-FA-MCP-SDK-index.md +1 -1
  12. package/cli-template/FA-MCP-SDK-DOC/02-1-tools-and-api.md +60 -0
  13. package/cli-template/FA-MCP-SDK-DOC/04-authentication.md +10 -8
  14. package/cli-template/README.md +72 -22
  15. package/cli-template/SKILL_README.md +139 -0
  16. package/cli-template/package.json +1 -1
  17. package/cli-template/prompt-example-new-MCP.md +3 -2
  18. package/config/custom-environment-variables.yaml +4 -3
  19. package/config/default.yaml +20 -18
  20. package/config/local-test.yaml +44 -0
  21. package/dist/core/_types_/config.d.ts +8 -5
  22. package/dist/core/_types_/config.d.ts.map +1 -1
  23. package/dist/core/auth/admin-auth.d.ts +12 -5
  24. package/dist/core/auth/admin-auth.d.ts.map +1 -1
  25. package/dist/core/auth/admin-auth.js +37 -25
  26. package/dist/core/auth/admin-auth.js.map +1 -1
  27. package/dist/core/bootstrap/startup-info.d.ts.map +1 -1
  28. package/dist/core/bootstrap/startup-info.js +13 -5
  29. package/dist/core/bootstrap/startup-info.js.map +1 -1
  30. package/dist/core/mcp/readme-assembler.d.ts +20 -0
  31. package/dist/core/mcp/readme-assembler.d.ts.map +1 -0
  32. package/dist/core/mcp/readme-assembler.js +88 -0
  33. package/dist/core/mcp/readme-assembler.js.map +1 -0
  34. package/dist/core/mcp/resources.d.ts.map +1 -1
  35. package/dist/core/mcp/resources.js +2 -1
  36. package/dist/core/mcp/resources.js.map +1 -1
  37. package/dist/core/web/admin-router.js +2 -2
  38. package/dist/core/web/admin-router.js.map +1 -1
  39. package/dist/core/web/home-api.d.ts.map +1 -1
  40. package/dist/core/web/home-api.js +13 -5
  41. package/dist/core/web/home-api.js.map +1 -1
  42. package/dist/core/web/server-http.d.ts.map +1 -1
  43. package/dist/core/web/server-http.js +1 -2
  44. package/dist/core/web/server-http.js.map +1 -1
  45. package/dist/core/web/static/home/index.html +2 -2
  46. package/dist/core/web/static/home/script.js +2 -2
  47. package/package.json +1 -1
@@ -0,0 +1,385 @@
1
+ # Section Templates (Main README)
2
+
3
+ Canonical blocks for the main `README.md` of an `fa-mcp-sdk`-based MCP server. Copy, then adapt
4
+ placeholders (`<NAME>`, `<PORT>`, `<prefix>`, `<upstream>`) to the actual project.
5
+
6
+ ---
7
+
8
+ ## 1. Title + one-liner
9
+
10
+ ```markdown
11
+ # <Project Name>
12
+
13
+ <One-sentence description: "MCP server for <Upstream System> — lets AI agents <primary action>.">
14
+ ```
15
+
16
+ Example:
17
+
18
+ ```markdown
19
+ # MCP Wiki
20
+
21
+ MCP server for Atlassian Confluence. Lets AI agents search, read, create, and edit wiki pages via
22
+ the Model Context Protocol.
23
+ ```
24
+
25
+ ---
26
+
27
+ ## 2. Badges
28
+
29
+ Prefer shields.io. Include only badges that are meaningful (skip build status if no CI yet).
30
+
31
+ ```markdown
32
+ [![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
33
+ [![Node.js](https://img.shields.io/badge/node-%3E%3D18-339933?logo=node.js&logoColor=white)](https://nodejs.org/)
34
+ [![TypeScript](https://img.shields.io/badge/TypeScript-3178C6?logo=typescript&logoColor=white)](https://www.typescriptlang.org/)
35
+ [![MCP](https://img.shields.io/badge/MCP-Server-DA7857)](https://modelcontextprotocol.io/)
36
+ [![fa-mcp-sdk](https://img.shields.io/badge/built%20with-fa--mcp--sdk-526CFE)](https://github.com/Bazilio-san/fa-mcp-sdk)
37
+ ```
38
+
39
+ ---
40
+
41
+ ## 3. Overview
42
+
43
+ 2–4 sentences. Answer: *what is this / for whom / core value*. Active voice. No marketing fluff.
44
+
45
+ ```markdown
46
+ ## Overview
47
+
48
+ <Project> provides comprehensive <upstream> integration for AI agents via the Model Context Protocol.
49
+ It exposes <N> tools covering <main domains>, supports <auth methods>, and ships with <one or two
50
+ distinguishing features>. Use it when you need <primary use case>.
51
+ ```
52
+
53
+ ---
54
+
55
+ ## 4. Tools
56
+
57
+ Group by domain. Keep rows short — one-line descriptions only.
58
+
59
+ ```markdown
60
+ ## Tools (<N>)
61
+
62
+ ### <Domain 1>
63
+ | Tool | Description |
64
+ |-----------------------|----------------------------------------------------|
65
+ | `<tool_name>` | <Short description, verb-first, ≤ 80 chars> |
66
+ | `<tool_name>` | <Short description> |
67
+
68
+ ### <Domain 2>
69
+ | Tool | Description |
70
+ |-----------------------|----------------------------------------------------|
71
+ | `<tool_name>` | <Short description> |
72
+ ```
73
+
74
+ Notes:
75
+
76
+ - Column widths consistent within the file.
77
+ - Tool names always inline-code.
78
+ - If a tool has a caveat (e.g. server vs. cloud behaviour), use a footnote `*` and explain below
79
+ the table.
80
+
81
+ ---
82
+
83
+ ## 5. Quick Start
84
+
85
+ Three steps. Target: a user running the server in under 2 minutes.
86
+
87
+ ```markdown
88
+ ## Quick Start
89
+
90
+ ```bash
91
+ npm install
92
+ cp config/_local.yaml config/local.yaml # configure <upstream> credentials
93
+ npm run build
94
+ npm start # HTTP mode, port <PORT>
95
+ ```
96
+
97
+ For STDIO mode (Claude Desktop direct spawn):
98
+
99
+ ```bash
100
+ node dist/src/start.js stdio
101
+ ```
102
+ ```
103
+
104
+ ---
105
+
106
+ ## 6. MCP Client Integration
107
+
108
+ Always in main README. Adapt custom header names (`x-<prefix>-*`) to this server's actual scheme.
109
+
110
+ ```markdown
111
+ ## MCP Client Integration
112
+
113
+ ### Claude Code
114
+
115
+ Add to `~/.claude.json`:
116
+
117
+ ```json
118
+ {
119
+ "mcpServers": {
120
+ "<name>": {
121
+ "type": "http",
122
+ "url": "http[s]://<host[:port]>/mcp",
123
+ "headers": {
124
+ "x-<prefix>-username": "<your username>",
125
+ "x-<prefix>-password": "<your password>"
126
+ }
127
+ }
128
+ }
129
+ }
130
+ ```
131
+
132
+ Alternatively, use a Personal Access Token:
133
+
134
+ ```json
135
+ "headers": {
136
+ "x-<prefix>-token": "<your PAT>"
137
+ }
138
+ ```
139
+
140
+ ### Claude Desktop
141
+
142
+ Add to `claude_desktop_config.json`.
143
+
144
+ **Option 1 — STDIO (local build, direct spawn):**
145
+
146
+ ```json
147
+ {
148
+ "mcpServers": {
149
+ "<name>": {
150
+ "command": "node",
151
+ "args": ["<path>/<project>/dist/src/start.js", "stdio"],
152
+ "env": {}
153
+ }
154
+ }
155
+ }
156
+ ```
157
+
158
+ **Option 2 — HTTP (remote server via `mcp-remote`):**
159
+
160
+ ```json
161
+ {
162
+ "mcpServers": {
163
+ "<name>": {
164
+ "command": "npx",
165
+ "args": [
166
+ "-y",
167
+ "mcp-remote@latest",
168
+ "http[s]://<host[:port]>/mcp",
169
+ "--header",
170
+ "x-<prefix>-username:<your username>",
171
+ "--header",
172
+ "x-<prefix>-password:<your password>",
173
+ "--allow-http",
174
+ "--transport",
175
+ "http-only"
176
+ ]
177
+ }
178
+ }
179
+ }
180
+ ```
181
+
182
+ ### Qwen Code
183
+
184
+ Add to `~/.qwen/settings.json`:
185
+
186
+ ```json
187
+ {
188
+ "mcpServers": {
189
+ "<name>": {
190
+ "command": "npx",
191
+ "args": [
192
+ "-y",
193
+ "mcp-remote@latest",
194
+ "http[s]://<host[:port]>/mcp",
195
+ "--header",
196
+ "x-<prefix>-username:<your_username>",
197
+ "--header",
198
+ "x-<prefix>-password:<your_password>",
199
+ "--allow-http",
200
+ "--transport",
201
+ "http-only"
202
+ ]
203
+ }
204
+ }
205
+ }
206
+ ```
207
+ ```
208
+
209
+ ---
210
+
211
+ ## 7. Key Features
212
+
213
+ 5–8 bullets. Include enabled SDK subsystems and project-specific capabilities. One line each.
214
+
215
+ ```markdown
216
+ ## Key Features
217
+
218
+ - **Multi-auth**: Basic, PAT, OAuth 2.0 with automatic token refresh
219
+ - **Per-request credentials**: override server config via `x-<prefix>-*` headers
220
+ - **Batch operations** for high-throughput scenarios
221
+ - **Fuzzy entity resolution** via external microservice
222
+ - **Aggressive caching** with thundering-herd protection
223
+ - **Webhook callbacks** for audit / chaining (`x-web-hook`)
224
+ - **Agent Tester UI + Headless API** for end-to-end testing
225
+ ```
226
+
227
+ ---
228
+
229
+ ## 8. Transports
230
+
231
+ ```markdown
232
+ ## Transports
233
+
234
+ - **HTTP** — web integrations. Endpoints:
235
+ - `/mcp` — MCP protocol (JSON-RPC 2.0)
236
+ - `/api/*` — REST API (if custom API is present)
237
+ - `/docs` — Swagger UI
238
+ - `/health` — healthcheck
239
+ - `/admin` — token generator UI
240
+ - `/agent-tester` — Agent Tester web UI
241
+ - **STDIO** — for Claude Desktop direct spawn (no network)
242
+
243
+ Port is set in `config/default.yaml` → `webServer.port` (default <PORT>).
244
+ ```
245
+
246
+ Keep endpoints that actually exist; drop the rest.
247
+
248
+ ---
249
+
250
+ ## 9. Configuration Basics
251
+
252
+ Compact table with 5–10 most important keys. Link to full reference when the list grows.
253
+
254
+ ```markdown
255
+ ## Configuration Basics
256
+
257
+ Priority: env vars > `config/local.yaml` > `config/{NODE_ENV}.yaml` > `config/default.yaml`.
258
+
259
+ | Key | Description | Default |
260
+ |----------------------------------|-------------------------------------|-----------|
261
+ | `<upstream>.url` | <Upstream> base URL | — |
262
+ | `<upstream>.auth.pat` | Personal Access Token | — |
263
+ | `<upstream>.auth.basic.username` | Basic auth username | — |
264
+ | `<upstream>.auth.basic.password` | Basic auth password | — |
265
+ | `webServer.port` | HTTP server port | `<PORT>` |
266
+ | `webServer.auth.enabled` | MCP server authorization on/off | `false` |
267
+ | `mcp.toolAnswerAs` | Response format (`text` / `json`) | `text` |
268
+
269
+ Full reference: [Configuration](./readme-docs/configuration.md).
270
+ ```
271
+
272
+ ---
273
+
274
+ ## 10. Build & Run
275
+
276
+ ```markdown
277
+ ## Build & Run
278
+
279
+ ```bash
280
+ npm run build # tsc + copy static assets
281
+ npm start # HTTP server
282
+ npm run dev # tsc --watch
283
+ ```
284
+
285
+ Lint / typecheck / test:
286
+
287
+ ```bash
288
+ npm run lint:fix
289
+ npm run typecheck
290
+ npm test
291
+ ```
292
+
293
+ Environment variables:
294
+
295
+ - `NODE_ENV` — picks `config/{NODE_ENV}.yaml` overlay
296
+ - `DEBUG` — namespace-based logging (see [Debug Logging](./readme-docs/debugging.md))
297
+ ```
298
+
299
+ ---
300
+
301
+ ## 11. Authentication (summary + link)
302
+
303
+ Keep this short. Push tables and invariants into `readme-docs/authentication.md`.
304
+
305
+ ```markdown
306
+ ## Authentication
307
+
308
+ The server supports per-request credentials via `x-<prefix>-*` headers (Basic, PAT) and
309
+ config-level defaults with OAuth 2.0 token refresh. When `x-on-behalf-of-user` is set, the request
310
+ is routed through the impersonation proxy.
311
+
312
+ Priority rules, resolution order, and invariants: [Authentication](./readme-docs/authentication.md).
313
+ ```
314
+
315
+ ---
316
+
317
+ ## 12. Dynamic feature sections
318
+
319
+ One short subsection per enabled optional subsystem. 2–3 sentences each, with a link to the
320
+ satellite file when details warrant one.
321
+
322
+ ```markdown
323
+ ### Consul service discovery
324
+
325
+ Server registers itself on startup and deregisters on SIGTERM; health check path is `/health`.
326
+ Setup: [Consul](./readme-docs/consul.md).
327
+
328
+ ### Active Directory
329
+
330
+ Tools can gate access by AD group membership. Configuration and per-domain setup:
331
+ [Active Directory](./readme-docs/active-directory.md).
332
+
333
+ ### Webhooks
334
+
335
+ After every tool invocation the server can POST the result to an external URL via the `x-web-hook`
336
+ header or a per-tool `hook` return value. Body schema and priority:
337
+ [Webhooks](./readme-docs/webhooks.md).
338
+
339
+ ### Agent Tester
340
+
341
+ Built-in web UI (`/agent-tester`) and Headless API (`/agent-tester/api/chat/test`) for end-to-end
342
+ testing with a real LLM. Full guide: [Testing](./readme-docs/testing.md).
343
+ ```
344
+
345
+ ---
346
+
347
+ ## 13. Skills
348
+
349
+ ```markdown
350
+ ## Claude Code Skills
351
+
352
+ The project ships with custom skills in `.claude/skills/`:
353
+
354
+ | Command | Description |
355
+ |---------------------|-----------------------------------------------------|
356
+ | `/gen-jwt` | Generate JWT tokens for MCP server authentication |
357
+ | `/headless-test` | Run headless tests for all MCP tools via curl API |
358
+ | `/upgrade-guide` | Generate migration guide for fa-mcp-sdk upgrades |
359
+
360
+ Details, launch modes, and examples: [SKILL_README.md](./SKILL_README.md).
361
+ ```
362
+
363
+ ---
364
+
365
+ ## 14. Stack
366
+
367
+ ```markdown
368
+ ## Stack
369
+
370
+ - **Framework**: [fa-mcp-sdk](https://github.com/Bazilio-san/fa-mcp-sdk)
371
+ - **Transport**: MCP (STDIO, HTTP, SSE)
372
+ - **Language**: TypeScript (ESM)
373
+ - **HTTP client**: Axios
374
+ - **Key libs**: <fill in the notable dependencies>
375
+ ```
376
+
377
+ ---
378
+
379
+ ## 15. License
380
+
381
+ ```markdown
382
+ ## License
383
+
384
+ <License name> © <Owner>. See [LICENSE](./LICENSE).
385
+ ```
@@ -342,25 +342,11 @@ This log serves as:
342
342
  - **Progress tracker** — which tools/scenarios are covered, which remain
343
343
  - **Handoff document** — if the session is interrupted, the next session can read the log and continue
344
344
 
345
- ## Editing files in `.claude/`
346
-
347
- Files inside `.claude/` (SKILL.md and others) are monitored by Claude Code and reloaded on change. To avoid partial reads during multi-edit sessions, follow this protocol:
348
-
349
- 1. **Copy** the target file to a temp location outside `.claude/`:
350
- ```bash
351
- node scripts/fcp.js tmp-skill.md .claude/skills/<skill-name>/SKILL.md
352
- ```
353
- 2. **Edit** `tmp-skill.md` — make ALL changes there (multiple Edit calls are fine).
354
- 3. **Save** atomically via the helper script:
355
- ```bash
356
- node scripts/fcp.js .claude/skills/<skill-name>/SKILL.md tmp-skill.md
357
- ```
358
- 4. **Remove** the temp file:
359
- ```bash
360
- rm tmp-skill.md
361
- ```
362
-
363
- CRITICAL: Never use `Edit` or `Write` directly on files inside `.claude/` — always go through the temp-copy workflow above.
345
+ ## Editing files in `.claude/` (Skill /edit-claude-files)
346
+
347
+ Any edit or new file under `.claude/**` (SKILL.md, scripts, hooks, agents, `settings.json`) is blocked
348
+ by `settings.json` — direct `Write`/`Edit` will fail. Invoke the `/edit-claude-files` skill, which
349
+ describes the required `scripts/fcp.js` temp-copy protocol.
364
350
 
365
351
 
366
352
  ## Formatting
@@ -13,7 +13,7 @@ npm install fa-mcp-sdk
13
13
  | File | Content | Read When |
14
14
  |------|---------|-----------|
15
15
  | [01-getting-started](01-getting-started.md) | `initMcpServer()`, `McpServerData`, `IPromptData`, `IResourceData`, `AppConfig` | Starting new project |
16
- | [02-1-tools-and-api](02-1-tools-and-api.md) | Tool definitions, `toolHandler`, REST API with tsoa, OpenAPI/Swagger | Creating tools, REST endpoints |
16
+ | [02-1-tools-and-api](02-1-tools-and-api.md) | Tool definitions, `toolHandler`, outbound webhooks, REST API with tsoa, OpenAPI/Swagger | Creating tools, REST endpoints, webhook callbacks |
17
17
  | [02-2-prompts-and-resources](02-2-prompts-and-resources.md) | Standard/custom prompts, resources, `requireAuth` | Configuring prompts/resources |
18
18
  | [03-configuration](03-configuration.md) | `appConfig`, YAML config, cache, PostgreSQL | Server configuration, DB |
19
19
  | [04-authentication](04-authentication.md) | JWT, Basic auth, server tokens, `createAuthMW()`, Token Generator, CLI Token Generator, JWT Generation API | Authentication setup |
@@ -62,6 +62,66 @@ const clientIP = headers?.['x-real-ip'] || headers?.['x-forwarded-for'];
62
62
  `IToolHandlerParams` includes `ITransportContext` fields (`transport`, `headers`, `payload`).
63
63
  See [ITransportContext](./02-2-prompts-and-resources.md#itransportcontext).
64
64
 
65
+ ### Outbound Webhooks
66
+
67
+ The SDK does not ship a built-in webhook — it is a **handler-level pattern** enabled by
68
+ the fact that `params.headers` already carries every client header through to the tool.
69
+ Use it when the caller should be notified of each tool result (audit, dashboards, CI
70
+ chains). Reference implementation: `mcp-jira` (`src/tools/tools-manager.ts`,
71
+ `callWebHook` + dispatch block).
72
+
73
+ **Recipe:**
74
+
75
+ 1. **Declare the header** so Agent Tester and `use://http-headers` advertise it:
76
+
77
+ ```typescript
78
+ usedHttpHeaders: [
79
+ { name: 'x-web-hook', description: 'URL to POST the tool result to.', isOptional: true },
80
+ ],
81
+ ```
82
+
83
+ 2. **Dispatch inside the handler** — fire-and-forget, never throw, never block the reply:
84
+
85
+ ```typescript
86
+ import axios from 'axios';
87
+ import { appConfig, logger, toStr, IToolHandlerParams } from 'fa-mcp-sdk';
88
+
89
+ const URL_REGEX = /^https?:\/\/[^\s]+$/i;
90
+
91
+ const callWebHook = (url: string, tool: string, response: unknown, user?: string): void => {
92
+ if (!URL_REGEX.test(url)) { return; }
93
+ axios.post(url, { mcpName: appConfig.name, tool, user, response }, { timeout: 10_000 })
94
+ .catch((err) => logger.warn(`Web-hook POST ${url} failed: ${toStr(err?.message || err)}`));
95
+ };
96
+
97
+ export const handleToolCall = async (params: IToolHandlerParams) => {
98
+ const { name, headers = {} } = params;
99
+ const result = await runTool(params); // produce { text, json, hook? }
100
+ const hookUrl = (result.hook || headers['x-web-hook'] || '').trim();
101
+ if (hookUrl) { callWebHook(hookUrl, name, result.json, resolveUser(headers, params.payload)); }
102
+ return formatToolResult(result.json);
103
+ };
104
+ ```
105
+
106
+ 3. **Per-tool override (optional)** — let a tool return its own `hook` URL that wins over
107
+ the client header. Extend your internal tool-response type:
108
+
109
+ ```typescript
110
+ export interface IToolResponse { text: string; json: Record<string, any>; hook?: string; }
111
+ ```
112
+
113
+ **Body contract** (recommended; keep stable across tools):
114
+
115
+ | Field | Description |
116
+ |-------|-------------|
117
+ | `mcpName` | `appConfig.name` — which MCP sent the callback |
118
+ | `tool` | Tool name that was invoked |
119
+ | `user` | Caller identity (JWT `payload.user`, auth header, or a lookup — project-specific) |
120
+ | `response` | Full JSON the tool produced |
121
+
122
+ **Rules of thumb:** validate the URL (`http(s)://…`), short timeout (≤10 s), catch+log
123
+ only, **never** `await` the POST, and never let a webhook failure surface as a tool error.
124
+
65
125
 
66
126
  ## REST API Endpoints
67
127
 
@@ -50,16 +50,18 @@ The admin panel (`/admin`) supports 4 authentication types and can be configured
50
50
 
51
51
  ```yaml
52
52
  # config/default.yaml
53
- webServer:
54
- adminAuth:
55
- enabled: true
56
- # Single type (string)
57
- type: 'basic'
58
- # Or multiple types (array) — login page shows tabs to choose
59
- type: ['jwtToken', 'basic']
53
+ adminPanel:
54
+ enabled: true
55
+ # Single type (string)
56
+ authType: 'basic'
57
+ # Or multiple types (array) — login page shows tabs to choose
58
+ authType: ['jwtToken', 'basic']
59
+ # 'none' / null / empty array / not set — panel opens WITHOUT authentication
60
+ # (convenience for local development; do NOT use in production).
61
+ authType: 'none'
60
62
  ```
61
63
 
62
- **Supported types:** `permanentServerTokens`, `basic`, `jwtToken`, `ntlm`
64
+ **Supported types:** `permanentServerTokens`, `basic`, `jwtToken`, `ntlm`, `none` (= open access)
63
65
 
64
66
  When multiple types are configured (e.g. `['jwtToken', 'basic']`), the login page shows tabs:
65
67
  - **Token** tab — for `permanentServerTokens` and `jwtToken` authentication
@@ -76,25 +76,81 @@ Same as `agent_prompt` prompt. **MIME:** text/plain
76
76
  **Option B: Environment Variables**
77
77
 
78
78
 
79
- ## Claude Desktop Setup
79
+ ## Usage with AI CLIs
80
80
 
81
- Add to `claude_desktop_config.json`:
81
+ The server exposes an HTTP MCP endpoint at `http[s]://<host[:port]>/mcp`. Authentication (when enabled in
82
+ `config/default.yaml` → `webServer.auth`) is passed via the standard `Authorization` header — most commonly a
83
+ JWT Bearer token generated by the `/gen-jwt` skill or by `node scripts/generate-jwt.js`.
84
+
85
+ ### With Claude Code
86
+
87
+ Add to `~\.claude.json`:
82
88
 
83
89
  ```json
84
90
  {
85
91
  "mcpServers": {
86
92
  "{{project.name}}": {
87
- "command": "node",
88
- "args": [
89
- "<path-to-project>/mcp-staff-db/dist/src/index.js"
90
- ],
91
- "env": {
93
+ "type": "http",
94
+ "url": "http[s]://<host[:port]>/mcp",
95
+ "headers": {
96
+ "Authorization": "Bearer <jwt-token>"
92
97
  }
93
98
  }
94
99
  }
95
100
  }
96
101
  ```
97
102
 
103
+ ### With Claude Desktop
104
+
105
+ Add to your Claude Desktop configuration (`claude_desktop_config.json`):
106
+
107
+ ```json
108
+ {
109
+ "mcpServers": {
110
+ "{{project.name}}": {
111
+ "command": "npx",
112
+ "args": [
113
+ "-y",
114
+ "mcp-remote@latest",
115
+ "http[s]://<host[:port]>/mcp",
116
+ "--header",
117
+ "Authorization: Bearer <jwt-token>",
118
+ "--allow-http",
119
+ "--transport",
120
+ "http-only"
121
+ ]
122
+ }
123
+ }
124
+ }
125
+ ```
126
+
127
+ ### With Qwen Code
128
+
129
+ Add to `~\.qwen\settings.json`:
130
+
131
+ ```json
132
+ {
133
+ "mcpServers": {
134
+ "{{project.name}}": {
135
+ "command": "npx",
136
+ "args": [
137
+ "-y",
138
+ "mcp-remote@latest",
139
+ "http[s]://<host[:port]>/mcp",
140
+ "--header",
141
+ "Authorization: Bearer <jwt-token>",
142
+ "--allow-http",
143
+ "--transport",
144
+ "http-only"
145
+ ]
146
+ }
147
+ }
148
+ }
149
+ ```
150
+
151
+ > For STDIO transport (local Claude Desktop integration without an HTTP server), run
152
+ > `node <path-to-project>/dist/src/start.js stdio` — see `CLAUDE.md` for details.
153
+
98
154
  ## HTTP Mode Endpoints
99
155
 
100
156
  - **/** - Home page
@@ -104,28 +160,22 @@ Add to `claude_desktop_config.json`:
104
160
 
105
161
  ## Claude Code Skills
106
162
 
107
- ### `/upgrade-guide`
163
+ The project ships with custom skills in `.claude/skills/`:
108
164
 
109
- Generates a migration guide for upgrading `fa-mcp-sdk` to the latest (or specified) version. Analyzes config changes, template diffs, new exports, and breaking changes, then saves a step-by-step guide to `upgrade-guide-<old>-to-<new>.md`.
165
+ | Command | Description |
166
+ |----------------------|-------------------------------------------------------------------------|
167
+ | `/gen-jwt` | Generate JWT tokens for MCP server authentication |
168
+ | `/upgrade-guide` | Generate migration guide for `fa-mcp-sdk` upgrades |
169
+ | `/feature-generator` | Turn a feature description into a self-sufficient prompt for an AI CLI |
170
+ | `/readme-generator` | Generate structured README.md + satellite `readme-docs/*.md` |
110
171
 
111
- By default versions and commit hashes refer to THIS project — the skill looks up which SDK version was used in each project commit/tag. To pass SDK references directly, mention "SDK" explicitly.
112
-
113
- ```
114
- /upgrade-guide # current SDK → latest SDK
115
- /upgrade-guide 1.2.3 # project version 1.2.3 → latest SDK
116
- /upgrade-guide 1.2.3 1.2.7 # project versions
117
- /upgrade-guide abc1234 def5678 # project commits
118
- /upgrade-guide от версии 0.1.30 SDK # SDK versions directly → latest SDK
119
- /upgrade-guide от версии 0.4.30 SDK до 0.5.0 SDK # SDK versions directly
120
- /upgrade-guide от комита sdk abc1234 до комита sdk def5678 # SDK commits directly
121
- /upgrade-guide 1.2.3 1.2.7 на русском
122
- ```
172
+ Details, launch modes, and examples: [SKILL_README.md](SKILL_README.md)
123
173
 
124
174
  ## Security
125
175
 
126
176
  ### Admin panel JWT requirement
127
177
 
128
- When `adminAuth.type` includes `jwtToken`, the admin panel (`/admin`) accepts a JWT
178
+ When `adminPanel.authType` includes `jwtToken`, the admin panel (`/admin`) accepts a JWT
129
179
  **only if its payload contains `allow: 'gen-token'`**. JWTs without this claim are
130
180
  rejected with `401` — this blocks short-lived tokens issued for other purposes (for
131
181
  example, the 5-minute JWT auto-generated by the Agent Tester page and written into its