filemayor-mcp 4.0.6 → 4.0.7

package/README.md

@@ -2,7 +2,7 @@
 
 **The FileMayor MCP server.** Drive your intelligent filesystem clerk from Claude, Cursor, Zed, or any [Model Context Protocol](https://modelcontextprotocol.io) client.
 
-`v4.0.5` · Node ≥20 · [filemayor.com/mcp](https://filemayor.com/mcp)
+`v4.0.7` · Node ≥20 · [filemayor.com/mcp](https://filemayor.com/mcp)
 
 [![smithery badge](https://smithery.ai/badge/filemayor-mcp)](https://smithery.ai/server/filemayor-mcp)
 
@@ -103,9 +103,9 @@ Doesn't apply. FileMayor MCP is **Node.js**, not Python. Its single runtime depe
 
 This is the supply-chain risk that applies to *every* MCP server in principle, ours included. Our mitigations:
 
-- The whole server is one file: [`mcp/index.mjs`](https://github.com/Hrypopo/FileMayor/blob/main/mcp/index.mjs) — ~410 lines. Tool declarations and their `case` handlers sit side-by-side. You can read it end-to-end in 10 minutes.
+- The whole server is one file: [`mcp/index.mjs`](https://github.com/Hrypopo/FileMayor/blob/main/mcp/index.mjs) — ~580 lines. Tool declarations and their `case` handlers sit side-by-side. You can read it end-to-end in about 15 minutes. (`--audit` prints the exact current line count under `verifyBy`, so the number can't drift out of date.)
 - `grep -E "fetch\(|http\.request|https\.request|net\." mcp/index.mjs` returns nothing. The server makes no outbound network calls of its own.
-- The *only* off-machine egress path is the optional AI call inside `filemayor_plan`, gated by an AI provider key (`ANTHROPIC_API_KEY`, `GEMINI_API_KEY`, or `OPENAI_API_KEY`). Without any key, the tool returns an error and nothing is sent. With a key, only directory metadata (paths, sizes, extensions) is sent — no file contents. When Claude is the MCP client, `filemayor_plan` is not needed at all.
+- The *only* off-machine egress path is the optional AI call inside `filemayor_plan`, gated by an AI provider key (`ANTHROPIC_API_KEY` → Claude, `GEMINI_API_KEY` → Gemini, or `OPENAI_API_KEY` → GPT-4o-mini). The first key present wins. Without any key, the tool returns an error and nothing is sent. With a key, only directory metadata (paths, sizes, extensions) is sent — no file contents. When Claude is the MCP client, `filemayor_plan` is not needed at all.
 - The GitHub repo is the canonical source.
 
 ### What `--audit` reports
@@ -113,16 +113,20 @@ This is the supply-chain risk that applies to *every* MCP server in principle, o
 ```json
 {
   "package": "filemayor-mcp",
-  "version": "4.0.0",
+  "version": "4.0.7",
   "transport": { "type": "stdio", "networkListeners": false, "ports": [] },
   "outbound": {
     "defaultEgress": "none",
     "optionalEgress": {
       "enabled": false,
-      "destination": "ai provider API (Anthropic / Google / OpenAI — whichever key is set)",
+      "destinations": [
+        "https://api.anthropic.com",
+        "https://generativelanguage.googleapis.com",
+        "https://api.openai.com"
+      ],
       "trigger": "filemayor_plan tool only (not used when Claude is the MCP client)",
       "payload": "directory metadata only — no file contents",
-      "gatedBy": "ANTHROPIC_API_KEY, GEMINI_API_KEY, or OPENAI_API_KEY environment variable"
+      "gatedBy": "one of ANTHROPIC_API_KEY / GEMINI_API_KEY / OPENAI_API_KEY (none currently set)"
     }
   },
   "runtimeSafeguards": {
@@ -136,7 +140,7 @@ This is the supply-chain risk that applies to *every* MCP server in principle, o
   "dependencies": { "runtime": ["@modelcontextprotocol/sdk"], "python": false, "starlette": false, "fastapi": false },
   "source": "https://github.com/Hrypopo/FileMayor/blob/main/mcp/index.mjs",
   "verifyBy": [
-    "Read mcp/index.mjs end-to-end — it's ~410 lines.",
+    "Read mcp/index.mjs end-to-end — the report prints the exact current line count here.",
     "grep for outbound calls: rg \"fetch\\(|http\\.request|https\\.request|net\\.\" mcp/index.mjs",
     "Run `npm view filemayor-mcp` and compare the published shasum to the GitHub tag.",
     "Run this same `--audit` after upgrading to detect changes to transport / egress / tool list."
@@ -148,7 +152,7 @@ This is the supply-chain risk that applies to *every* MCP server in principle, o
 
 A viral tutorial recommended `pip install mcp-audit && mcp-audit scan` to audit installed MCP servers. As of this release, `mcp-audit` is **not published on PyPI**, and the `mcp-audit` package on npm is a 408-byte hello-world stub (v0.0.1, published April 2025, no functional code). The tutorial directs viewers to comment on a social-media post to receive the "real" tool by direct message — that's a social-engineering pattern, not a verifiable tool. Be skeptical of any installer not on a public registry under a known maintainer.
 
-If a real, signed, open-source MCP scanner emerges, we'll link to it from this section and publish the verdict against `filemayor-mcp`. Until then, `--audit` + reading the 410 lines of source is the trustworthy path.
+If a real, signed, open-source MCP scanner emerges, we'll link to it from this section and publish the verdict against `filemayor-mcp`. Until then, `--audit` + reading the ~580 lines of source is the trustworthy path.
 
 ### Hardened-runtime safeguards (the engine, not just the MCP shell)
 

package/index.mjs

@@ -16,10 +16,13 @@
  *
  * When Claude is the MCP client, Claude IS the AI — no external API key
  * is needed. filemayor_plan is available for non-Claude clients (Cursor,
- * Zed, scripts) and picks up whichever key is set in the environment:
- *   ANTHROPIC_API_KEY  → Claude claude-haiku-4-5-20251001
- *   GEMINI_API_KEY     → Gemini Flash
+ * Zed, scripts) and picks up whichever key is set in the environment, in
+ * this priority order:
+ *   ANTHROPIC_API_KEY  → Claude (claude-haiku-4-5-20251001)
+ *   GEMINI_API_KEY     → Gemini (gemini-2.0-flash)
  *   OPENAI_API_KEY     → GPT-4o-mini
+ * The key selects the provider; the core planner (cli/core/ai) dispatches
+ * the actual call. See detectAiProvider() below.
  * ═══════════════════════════════════════════════════════════════════
  */
 
@@ -82,6 +85,24 @@ function checkDir(p) {
     return { resolved: v.resolved };
 }
 
+// Pick the external AI provider for filemayor_plan from whichever key is
+// set, in priority order. The core planner (cli/core/ai) dispatches on
+// FM_AI_PROVIDER + FM_AI_API_KEY, so the keys below are the single source
+// of truth for what the tool actually supports. Returns null if no key.
+const AI_PROVIDERS = [
+    { env: 'ANTHROPIC_API_KEY', provider: 'anthropic', label: 'Claude (claude-haiku-4-5-20251001)' },
+    { env: 'GEMINI_API_KEY',    provider: 'gemini',    label: 'Gemini (gemini-2.0-flash)' },
+    { env: 'OPENAI_API_KEY',    provider: 'openai',    label: 'GPT-4o-mini' },
+];
+
+function detectAiProvider() {
+    for (const p of AI_PROVIDERS) {
+        const apiKey = process.env[p.env];
+        if (apiKey) return { ...p, apiKey };
+    }
+    return null;
+}
+
 // ─── Tool definitions ──────────────────────────────────────────────
 
 const TOOLS = [
@@ -134,7 +155,7 @@ const TOOLS = [
     },
     {
         name: 'filemayor_apply',
-        description: 'Execute a move plan and journal every operation for rollback. Two modes: (1) Claude-native — pass a "moves" array of {src, dst} objects that you generated yourself after calling filemayor_explain; (2) Gemini/external — call filemayor_plan first, then call this with no arguments to execute that plan. The journal is written to disk so filemayor_rollback can undo it.',
+        description: 'Execute a move plan and journal every operation for rollback. Two modes: (1) Claude-native — pass a "moves" array of {src, dst} objects that you generated yourself after calling filemayor_explain; (2) external-AI — call filemayor_plan first (Anthropic / Gemini / OpenAI, by key), then call this with no arguments to execute that plan. The journal is written to disk so filemayor_rollback can undo it.',
         inputSchema: {
             type: 'object',
             properties: {
@@ -276,19 +297,35 @@ async function handleTool(name, args) {
             const c = checkDir(args.path);
             if (c.error) return err(c.error);
             if (!args.prompt) return err('prompt is required');
-            const apiKey = process.env.GEMINI_API_KEY || '';
-            if (!apiKey) {
+            const ai = detectAiProvider();
+            if (!ai) {
                 return err(
-                    'filemayor_plan requires GEMINI_API_KEY (the underlying planner uses the Gemini API).\n\n' +
+                    'filemayor_plan needs an AI provider key for non-Claude clients. Set one of:\n' +
+                    '  ANTHROPIC_API_KEY → Claude (claude-haiku-4-5-20251001)\n' +
+                    '  GEMINI_API_KEY    → Gemini (gemini-2.0-flash)\n' +
+                    '  OPENAI_API_KEY    → GPT-4o-mini\n\n' +
                     'If Claude is your MCP client you do NOT need this tool — Claude is already the AI. ' +
                     'Instead: call filemayor_explain to audit the folder, reason about the moves yourself, ' +
                     'then pass them directly to filemayor_apply as the "moves" parameter.'
                 );
             }
-            const engine = new CureEngine(c.resolved, apiKey);
-            const plan = await engine.generatePlan(args.prompt);
-            activeCureEngine = engine;
-            return ok(plan);
+            // Route the core planner to the selected provider. Restore the
+            // previous env afterwards so we never leak state between calls.
+            const prevProvider = process.env.FM_AI_PROVIDER;
+            const prevKey = process.env.FM_AI_API_KEY;
+            process.env.FM_AI_PROVIDER = ai.provider;
+            process.env.FM_AI_API_KEY = ai.apiKey;
+            try {
+                const engine = new CureEngine(c.resolved, ai.apiKey);
+                const plan = await engine.generatePlan(args.prompt);
+                activeCureEngine = engine;
+                return ok({ provider: ai.label, ...plan });
+            } finally {
+                if (prevProvider === undefined) delete process.env.FM_AI_PROVIDER;
+                else process.env.FM_AI_PROVIDER = prevProvider;
+                if (prevKey === undefined) delete process.env.FM_AI_API_KEY;
+                else process.env.FM_AI_API_KEY = prevKey;
+            }
         }
 
         case 'filemayor_apply': {
@@ -452,9 +489,16 @@ if (process.argv.includes('--audit')) {
         'filemayor_undo_last',
     ]);
 
+    const activeProvider = detectAiProvider();
+    const PROVIDER_ENDPOINTS = {
+        anthropic: 'https://api.anthropic.com',
+        gemini: 'https://generativelanguage.googleapis.com',
+        openai: 'https://api.openai.com',
+    };
+
     const report = {
         package: 'filemayor-mcp',
-        version: '4.0.0',
+        version: PKG_VERSION,
         node: process.version,
         platform: `${process.platform}-${process.arch}`,
         transport: {
@@ -465,20 +509,21 @@ if (process.argv.includes('--audit')) {
         },
         outbound: {
             defaultEgress: 'none',
-            optionalEgress: process.env.GEMINI_API_KEY
+            optionalEgress: activeProvider
                 ? {
                     enabled: true,
-                    destination: 'https://generativelanguage.googleapis.com',
+                    destination: PROVIDER_ENDPOINTS[activeProvider.provider],
+                    provider: activeProvider.label,
                     trigger: 'filemayor_plan tool only',
                     payload: 'directory metadata (paths, sizes, extensions). No file contents.',
-                    gatedBy: 'GEMINI_API_KEY environment variable',
+                    gatedBy: `${activeProvider.env} environment variable`,
                 }
                 : {
                     enabled: false,
-                    destination: 'https://generativelanguage.googleapis.com',
+                    destinations: Object.values(PROVIDER_ENDPOINTS),
                     trigger: 'filemayor_plan tool only',
                     payload: 'directory metadata only — no file contents',
-                    gatedBy: 'GEMINI_API_KEY environment variable (currently NOT set)',
+                    gatedBy: 'one of ANTHROPIC_API_KEY / GEMINI_API_KEY / OPENAI_API_KEY (none currently set)',
                 },
         },
         runtimeSafeguards: {
@@ -503,7 +548,7 @@ if (process.argv.includes('--audit')) {
         },
         source: 'https://github.com/Hrypopo/FileMayor/blob/main/mcp/index.mjs',
         verifyBy: [
-            "Read mcp/index.mjs end-to-end — it's ~410 lines.",
+            `Read mcp/index.mjs end-to-end — it's ${(() => { try { return fs.readFileSync(new URL(import.meta.url)).toString().split('\n').length; } catch { return 'a few hundred'; } })()} lines.`,
             "grep for outbound calls: rg \"fetch\\(|http\\.request|https\\.request|net\\.\" mcp/index.mjs",
             "Run `npm view filemayor-mcp` and compare the published shasum to the GitHub tag.",
             "Run this same `--audit` after upgrading to detect changes to transport / egress / tool list.",

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "filemayor-mcp",
-    "version": "4.0.6",
+    "version": "4.0.7",
     "description": "FileMayor MCP server — drive the intelligent filesystem clerk from Claude, Cursor, or any MCP client.",
     "type": "module",
     "main": "index.mjs",