happy-mcp-server 0.1.0

package/dist/server.js

@@ -0,0 +1,89 @@
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { registerListComputers } from './tools/list_computers.js';
+import { registerListSessions } from './tools/list_sessions.js';
+import { registerGetSession } from './tools/get_session.js';
+import { registerWatchSession } from './tools/watch_session.js';
+import { registerSendMessage } from './tools/send_message.js';
+import { registerApprovePermission } from './tools/approve_permission.js';
+import { registerDenyPermission } from './tools/deny_permission.js';
+import { registerAnswerQuestion } from './tools/answer_question.js';
+import { registerStartSession } from './tools/start_session.js';
+const AUTH_ERROR = {
+    isError: true,
+    content: [{
+            type: 'text',
+            text: 'Not authenticated. User must run `happy-mcp auth` in their terminal to authenticate before this tool is available. Have the user run this command and then try again.',
+        }],
+};
+const AUTH_RETRY = {
+    content: [{
+            type: 'text',
+            text: 'Authentication successful. Tools are now active. Please retry your request.',
+        }],
+};
+const TOOL_STUBS = [
+    ['list_computers', 'List available computers filtered by HAPPY_MCP_COMPUTERS.'],
+    ['list_sessions', 'List all active Happy Coder sessions.'],
+    ['get_session', 'Get detailed state of a specific session.'],
+    ['watch_session', 'Watch sessions for real-time updates.'],
+    ['send_message', 'Send a message to a session.'],
+    ['approve_permission', 'Approve a pending permission request.'],
+    ['deny_permission', 'Deny a pending permission request.'],
+    ['answer_question', 'Answer a question from a session.'],
+];
+/**
+ * Create an MCP server in unauthenticated mode.
+ * All tools are registered as stubs that call the provided callback when invoked.
+ * The callback should attempt authentication and return true on success.
+ * Call activate() to swap in real tool handlers.
+ */
+export function createUnauthenticatedServer(config, onToolCallWhileUnauthenticated) {
+    const server = new McpServer({
+        name: 'happy-mcp',
+        version: '0.1.0',
+    });
+    let stubRegistrations = [];
+    const stubHandler = async () => {
+        const activated = await onToolCallWhileUnauthenticated();
+        if (activated) {
+            return AUTH_RETRY;
+        }
+        return AUTH_ERROR;
+    };
+    function registerStubs() {
+        stubRegistrations = [];
+        for (const [name, desc] of TOOL_STUBS) {
+            stubRegistrations.push(server.tool(name, desc, {}, stubHandler));
+        }
+        if (config.enableStart) {
+            stubRegistrations.push(server.tool('start_session', 'Start a new Happy Coder session.', {}, stubHandler));
+        }
+    }
+    function registerReal(api, relay, sessionManager) {
+        registerListComputers(server, sessionManager, config);
+        registerListSessions(server, sessionManager, config);
+        registerGetSession(server, api, sessionManager);
+        registerWatchSession(server, relay, sessionManager);
+        registerSendMessage(server, api, sessionManager);
+        registerApprovePermission(server, relay, sessionManager);
+        registerDenyPermission(server, relay, sessionManager);
+        registerAnswerQuestion(server, api, relay, sessionManager);
+        if (config.enableStart) {
+            registerStartSession(server, api, relay, sessionManager);
+        }
+    }
+    // Start with stubs
+    registerStubs();
+    return {
+        server,
+        activate(api, relay, sessionManager) {
+            // Remove all stubs synchronously
+            for (const stub of stubRegistrations) {
+                stub.remove();
+            }
+            stubRegistrations = [];
+            // Register real tools
+            registerReal(api, relay, sessionManager);
+        },
+    };
+}

package/dist/session/keys.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Per-session encryption key cache.
+ *
+ * Wraps resolveSessionEncryption() to avoid redundant NaCl box
+ * decryptions when the same dataEncryptionKey is seen multiple times
+ * (e.g., on reconnect catch-up or duplicate update events).
+ *
+ * Keys are cached by dataEncryptionKey string value. Sessions without
+ * a dataEncryptionKey (legacy) always return the account secret directly
+ * and don't need caching.
+ */
+import { type SessionEncryption, type Credentials } from '../auth/crypto.js';
+/**
+ * Resolve session encryption, using cache for previously-seen keys.
+ * This avoids repeated NaCl box decryptions for the same dataEncryptionKey.
+ */
+export declare function resolveSessionEncryptionCached(dataEncryptionKey: string | null | undefined, credentials: Credentials): SessionEncryption;
+/**
+ * Clear the key cache. Call on shutdown or credential rotation.
+ */
+export declare function clearKeyCache(): void;
+/**
+ * Get the current cache size (for diagnostics).
+ */
+export declare function keyCacheSize(): number;

package/dist/session/keys.js

@@ -0,0 +1,41 @@
+/**
+ * Per-session encryption key cache.
+ *
+ * Wraps resolveSessionEncryption() to avoid redundant NaCl box
+ * decryptions when the same dataEncryptionKey is seen multiple times
+ * (e.g., on reconnect catch-up or duplicate update events).
+ *
+ * Keys are cached by dataEncryptionKey string value. Sessions without
+ * a dataEncryptionKey (legacy) always return the account secret directly
+ * and don't need caching.
+ */
+import { resolveSessionEncryption } from '../auth/crypto.js';
+const keyCache = new Map();
+/**
+ * Resolve session encryption, using cache for previously-seen keys.
+ * This avoids repeated NaCl box decryptions for the same dataEncryptionKey.
+ */
+export function resolveSessionEncryptionCached(dataEncryptionKey, credentials) {
+    if (!dataEncryptionKey) {
+        // Legacy: no caching needed, returns account secret directly
+        return resolveSessionEncryption(dataEncryptionKey, credentials);
+    }
+    const cached = keyCache.get(dataEncryptionKey);
+    if (cached)
+        return cached;
+    const encryption = resolveSessionEncryption(dataEncryptionKey, credentials);
+    keyCache.set(dataEncryptionKey, encryption);
+    return encryption;
+}
+/**
+ * Clear the key cache. Call on shutdown or credential rotation.
+ */
+export function clearKeyCache() {
+    keyCache.clear();
+}
+/**
+ * Get the current cache size (for diagnostics).
+ */
+export function keyCacheSize() {
+    return keyCache.size;
+}

package/dist/session/manager.d.ts

@@ -0,0 +1,27 @@
+import type { CachedSession, MachineState, DecryptedMessage, SessionMetadata, AgentState, SessionStatus, PermissionRequest } from './types.js';
+import type { SessionEncryption } from '../auth/crypto.js';
+export declare class SessionManager {
+    private sessions;
+    private machines;
+    private cacheTtl;
+    private cleanupInterval;
+    constructor(cacheTtlSeconds?: number);
+    loadSession(id: string, encryption: SessionEncryption, metadata: SessionMetadata | null, metadataVersion: number, agentState: AgentState | null, agentStateVersion: number, active: boolean, createdAt: number, updatedAt: number): void;
+    get(id: string): CachedSession | undefined;
+    getAll(): CachedSession[];
+    has(id: string): boolean;
+    remove(id: string): void;
+    updateMetadata(id: string, metadata: SessionMetadata | null, version: number): void;
+    updateAgentState(id: string, agentState: AgentState | null, version: number): void;
+    applyMessage(sessionId: string, messageId: string, seq: number, content: unknown, createdAt: number): void;
+    getMessages(sessionId: string, limit?: number): DecryptedMessage[];
+    getSessionStatus(sessionId: string): SessionStatus;
+    getPendingPermissions(sessionId: string): PermissionRequest[];
+    loadMachine(state: MachineState): void;
+    getMachine(machineId: string): MachineState | undefined;
+    getAllMachines(): MachineState[];
+    updateMachineMetadata(machineId: string, metadata: unknown, version: number): void;
+    updateMachineDaemonState(machineId: string, daemonState: unknown, version: number): void;
+    private evictStale;
+    destroy(): void;
+}

package/dist/session/manager.js

@@ -0,0 +1,187 @@
+import { logger } from '../logger.js';
+const MAX_MESSAGES_PER_SESSION = 500;
+export class SessionManager {
+    sessions = new Map();
+    machines = new Map();
+    cacheTtl;
+    cleanupInterval;
+    constructor(cacheTtlSeconds = 300) {
+        this.cacheTtl = cacheTtlSeconds * 1000;
+        this.cleanupInterval = setInterval(() => this.evictStale(), 60_000);
+        this.cleanupInterval.unref();
+    }
+    // --- Session CRUD ---
+    loadSession(id, encryption, metadata, metadataVersion, agentState, agentStateVersion, active, createdAt, updatedAt) {
+        const existing = this.sessions.get(id);
+        if (existing) {
+            // Preserve messages, update metadata/agentState if newer
+            if (metadataVersion > existing.metadataVersion) {
+                existing.metadata = metadata;
+                existing.metadataVersion = metadataVersion;
+            }
+            if (agentStateVersion > existing.agentStateVersion) {
+                existing.agentState = agentState;
+                existing.agentStateVersion = agentStateVersion;
+            }
+            existing.active = active;
+            existing.encryption = encryption;
+            existing.lastActivity = Date.now();
+            return;
+        }
+        this.sessions.set(id, {
+            id,
+            encryption,
+            metadata,
+            metadataVersion,
+            agentState,
+            agentStateVersion,
+            messages: [],
+            lastSeq: 0,
+            lastActivity: Date.now(),
+            active,
+            createdAt,
+            updatedAt,
+        });
+    }
+    get(id) {
+        return this.sessions.get(id);
+    }
+    getAll() {
+        return Array.from(this.sessions.values());
+    }
+    has(id) {
+        return this.sessions.has(id);
+    }
+    remove(id) {
+        this.sessions.delete(id);
+    }
+    // --- Metadata/AgentState Updates ---
+    updateMetadata(id, metadata, version) {
+        const session = this.sessions.get(id);
+        if (!session)
+            return;
+        if (version > session.metadataVersion) {
+            session.metadata = metadata;
+            session.metadataVersion = version;
+            session.lastActivity = Date.now();
+            logger.debug(`Session ${id} metadata updated to v${version}`);
+        }
+    }
+    updateAgentState(id, agentState, version) {
+        const session = this.sessions.get(id);
+        if (!session)
+            return;
+        if (version > session.agentStateVersion) {
+            session.agentState = agentState;
+            session.agentStateVersion = version;
+            session.lastActivity = Date.now();
+            logger.debug(`Session ${id} agentState updated to v${version}`);
+        }
+    }
+    // --- Message Handling ---
+    applyMessage(sessionId, messageId, seq, content, createdAt) {
+        const session = this.sessions.get(sessionId);
+        if (!session)
+            return;
+        // Deduplicate by seq
+        if (session.messages.some(m => m.seq === seq))
+            return;
+        session.messages.push({ id: messageId, seq, content, createdAt });
+        session.lastSeq = Math.max(session.lastSeq, seq);
+        session.lastActivity = Date.now();
+        // Cap messages
+        if (session.messages.length > MAX_MESSAGES_PER_SESSION) {
+            session.messages = session.messages.slice(-MAX_MESSAGES_PER_SESSION);
+        }
+    }
+    getMessages(sessionId, limit) {
+        const session = this.sessions.get(sessionId);
+        if (!session)
+            return [];
+        const msgs = session.messages;
+        return limit ? msgs.slice(-limit) : msgs;
+    }
+    // --- Status Derivation ---
+    getSessionStatus(sessionId) {
+        const session = this.sessions.get(sessionId);
+        if (!session?.agentState)
+            return 'idle';
+        const state = session.agentState;
+        const hasRequests = state.requests && Object.keys(state.requests).length > 0;
+        if (hasRequests)
+            return 'waiting_permission';
+        if (state.controlledByUser)
+            return 'active';
+        return 'idle';
+    }
+    getPendingPermissions(sessionId) {
+        const session = this.sessions.get(sessionId);
+        if (!session?.agentState?.requests)
+            return [];
+        return Object.entries(session.agentState.requests).map(([id, req]) => ({
+            requestId: id,
+            tool: req.tool,
+            arguments: req.arguments,
+            createdAt: req.createdAt,
+            isQuestion: req.tool === 'AskUserQuestion',
+        }));
+    }
+    // --- Machine State ---
+    loadMachine(state) {
+        const existing = this.machines.get(state.machineId);
+        if (existing) {
+            if (state.metadataVersion > existing.metadataVersion) {
+                existing.metadata = state.metadata;
+                existing.metadataVersion = state.metadataVersion;
+            }
+            if (state.daemonStateVersion > existing.daemonStateVersion) {
+                existing.daemonState = state.daemonState;
+                existing.daemonStateVersion = state.daemonStateVersion;
+            }
+            existing.active = state.active;
+            existing.activeAt = state.activeAt;
+            existing.encryption = state.encryption;
+            return;
+        }
+        this.machines.set(state.machineId, { ...state });
+    }
+    getMachine(machineId) {
+        return this.machines.get(machineId);
+    }
+    getAllMachines() {
+        return Array.from(this.machines.values());
+    }
+    updateMachineMetadata(machineId, metadata, version) {
+        const machine = this.machines.get(machineId);
+        if (!machine)
+            return;
+        if (version > machine.metadataVersion) {
+            machine.metadata = metadata;
+            machine.metadataVersion = version;
+        }
+    }
+    updateMachineDaemonState(machineId, daemonState, version) {
+        const machine = this.machines.get(machineId);
+        if (!machine)
+            return;
+        if (version > machine.daemonStateVersion) {
+            machine.daemonState = daemonState;
+            machine.daemonStateVersion = version;
+        }
+    }
+    // --- Cleanup ---
+    evictStale() {
+        const now = Date.now();
+        for (const [id, session] of this.sessions) {
+            if (!session.active && now - session.lastActivity > this.cacheTtl) {
+                this.sessions.delete(id);
+                logger.debug(`Evicted stale session ${id}`);
+            }
+        }
+    }
+    destroy() {
+        clearInterval(this.cleanupInterval);
+        this.sessions.clear();
+        this.machines.clear();
+    }
+}

package/dist/session/types.d.ts

@@ -0,0 +1,101 @@
+import type { SessionEncryption } from '../auth/crypto.js';
+export interface SessionMetadata {
+    path?: string;
+    host?: string;
+    version?: string;
+    os?: string;
+    machineId?: string;
+    name?: string;
+    summary?: {
+        text: string;
+        updatedAt: number;
+    };
+    tools?: string[];
+    homeDir?: string;
+    flavor?: string;
+    lifecycleState?: string;
+    [key: string]: unknown;
+}
+export interface AgentState {
+    controlledByUser?: boolean | null;
+    requests?: Record<string, {
+        tool: string;
+        arguments: unknown;
+        createdAt: number;
+    }>;
+    completedRequests?: Record<string, {
+        tool: string;
+        arguments: unknown;
+        createdAt: number;
+        completedAt: number;
+        status: 'canceled' | 'denied' | 'approved';
+        reason?: string;
+        mode?: string;
+        decision?: string;
+        allowTools?: string[];
+    }>;
+}
+export interface DecryptedMessage {
+    id: string;
+    seq: number;
+    content: unknown;
+    createdAt: number;
+}
+export interface CachedSession {
+    id: string;
+    encryption: SessionEncryption;
+    metadata: SessionMetadata | null;
+    metadataVersion: number;
+    agentState: AgentState | null;
+    agentStateVersion: number;
+    messages: DecryptedMessage[];
+    lastSeq: number;
+    lastActivity: number;
+    active: boolean;
+    createdAt: number;
+    updatedAt: number;
+}
+export interface MachineState {
+    machineId: string;
+    metadata: unknown | null;
+    metadataVersion: number;
+    daemonState: unknown | null;
+    daemonStateVersion: number;
+    encryption: SessionEncryption | null;
+    active: boolean;
+    activeAt: number;
+}
+export interface RawSession {
+    id: string;
+    seq: number;
+    createdAt: number;
+    updatedAt: number;
+    active: boolean;
+    activeAt: number;
+    metadata: string;
+    metadataVersion: number;
+    agentState: string | null;
+    agentStateVersion: number;
+    dataEncryptionKey: string | null;
+}
+export interface RawMachine {
+    id: string;
+    metadata: string;
+    metadataVersion: number;
+    daemonState?: string | null;
+    daemonStateVersion?: number;
+    dataEncryptionKey?: string | null;
+    seq: number;
+    active: boolean;
+    activeAt: number;
+    createdAt: number;
+    updatedAt: number;
+}
+export type SessionStatus = 'active' | 'idle' | 'waiting_permission';
+export interface PermissionRequest {
+    requestId: string;
+    tool: string;
+    arguments: unknown;
+    createdAt: number;
+    isQuestion: boolean;
+}

package/dist/session/types.js

@@ -0,0 +1 @@
+export {};

package/dist/tools/answer_question.d.ts

@@ -0,0 +1,5 @@
+import type { McpServer, RegisteredTool } from '@modelcontextprotocol/sdk/server/mcp.js';
+import type { ApiClient } from '../api/client.js';
+import type { RelayClient } from '../relay/client.js';
+import type { SessionManager } from '../session/manager.js';
+export declare function registerAnswerQuestion(server: McpServer, api: ApiClient, relay: RelayClient, sessionManager: SessionManager): RegisteredTool;

package/dist/tools/answer_question.js

@@ -0,0 +1,52 @@
+import { z } from 'zod';
+import { randomUUID } from 'crypto';
+import { encryptToBase64 } from '../auth/crypto.js';
+export function registerAnswerQuestion(server, api, relay, sessionManager) {
+    return server.tool('answer_question', 'Answer a question (AskUserQuestion) from a session. Approves the pending permission and sends a user message with the answer.', {
+        sessionId: z.string().describe('The session ID'),
+        requestId: z.string().describe('The question request ID from pending permissions'),
+        answers: z.record(z.string(), z.string()).describe('Map of question header to selected answer'),
+    }, async ({ sessionId, requestId, answers }) => {
+        try {
+            // Check relay is connected (REQUIRED for answer_question)
+            if (!relay.connected) {
+                return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'RelayDisconnected', message: 'Relay must be connected to answer questions' }) }] };
+            }
+            const session = sessionManager.get(sessionId);
+            if (!session) {
+                return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'SessionNotFound', message: `Session ${sessionId} not found` }) }] };
+            }
+            // Validate request exists
+            const pending = sessionManager.getPendingPermissions(sessionId);
+            const request = pending.find(r => r.requestId === requestId);
+            if (!request) {
+                return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'RequestNotFound', message: `Request ${requestId} not found in pending permissions` }) }] };
+            }
+            // Validate it's a question
+            if (!request.isQuestion) {
+                return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'NotAQuestion', message: `Request ${requestId} is not an AskUserQuestion. Use approve_permission instead.` }) }] };
+            }
+            // 1. Approve the permission request (MUST succeed)
+            await relay.sessionRpc(sessionId, 'permission', {
+                id: requestId,
+                approved: true,
+                decision: 'approved',
+            });
+            // 2. Format and send the answer as a user message
+            const answerText = Object.entries(answers)
+                .map(([header, selection]) => `${header}: ${selection}`)
+                .join('\n');
+            const content = {
+                role: 'user',
+                content: { type: 'text', text: answerText },
+                meta: { sentFrom: 'happy-mcp' },
+            };
+            const encrypted = encryptToBase64(session.encryption, content);
+            await api.sendMessages(sessionId, [{ content: encrypted, localId: randomUUID() }]);
+            return { content: [{ type: 'text', text: JSON.stringify({ success: true, requestId, answered: true }, null, 2) }] };
+        }
+        catch (err) {
+            return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'AnswerQuestionFailed', message: err.message }) }] };
+        }
+    });
+}

package/dist/tools/approve_permission.d.ts

@@ -0,0 +1,4 @@
+import type { McpServer, RegisteredTool } from '@modelcontextprotocol/sdk/server/mcp.js';
+import type { RelayClient } from '../relay/client.js';
+import type { SessionManager } from '../session/manager.js';
+export declare function registerApprovePermission(server: McpServer, relay: RelayClient, sessionManager: SessionManager): RegisteredTool;

package/dist/tools/approve_permission.js

@@ -0,0 +1,54 @@
+import { z } from 'zod';
+import { logger } from '../logger.js';
+const PERMISSION_MODES = ['default', 'acceptEdits', 'bypassPermissions', 'plan', 'read-only', 'safe-yolo', 'yolo'];
+const DECISIONS = ['approved', 'approved_for_session'];
+export function registerApprovePermission(server, relay, sessionManager) {
+    return server.tool('approve_permission', 'Approve a pending permission request in a session. Permission requests are shown in get_session and watch_session results.', {
+        sessionId: z.string().describe('The session ID'),
+        requestId: z.string().describe('The permission request ID to approve, or "all_pending" to approve all'),
+        mode: z.enum(PERMISSION_MODES).optional().describe('Permission mode to set after approval'),
+        allowTools: z.array(z.string()).optional().describe('List of tools to allow'),
+        decision: z.enum(DECISIONS).optional().default('approved').describe('Approval decision type'),
+    }, async ({ sessionId, requestId, mode, allowTools, decision }) => {
+        try {
+            if (!relay.connected) {
+                return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'RelayDisconnected', message: 'Relay is not connected' }) }] };
+            }
+            const session = sessionManager.get(sessionId);
+            if (!session) {
+                return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'SessionNotFound', message: `Session ${sessionId} not found` }) }] };
+            }
+            if (requestId === 'all_pending') {
+                const pending = sessionManager.getPendingPermissions(sessionId);
+                if (pending.length === 0) {
+                    return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'NoPendingRequests', message: 'No pending permission requests to approve' }) }] };
+                }
+                const results = [];
+                for (const req of pending) {
+                    await relay.sessionRpc(sessionId, 'permission', {
+                        id: req.requestId,
+                        approved: true,
+                        mode,
+                        allowTools,
+                        decision: decision ?? 'approved',
+                    });
+                    results.push(req.requestId);
+                }
+                logger.info(`[audit] Permission APPROVED ALL: session=${sessionId} count=${results.length} decision=${decision ?? 'approved'}${mode ? ` mode=${mode}` : ''}`);
+                return { content: [{ type: 'text', text: JSON.stringify({ success: true, approvedCount: results.length, requestIds: results, decision: decision ?? 'approved' }, null, 2) }] };
+            }
+            await relay.sessionRpc(sessionId, 'permission', {
+                id: requestId,
+                approved: true,
+                mode,
+                allowTools,
+                decision: decision ?? 'approved',
+            });
+            logger.info(`[audit] Permission APPROVED: session=${sessionId} request=${requestId} decision=${decision ?? 'approved'}${mode ? ` mode=${mode}` : ''}`);
+            return { content: [{ type: 'text', text: JSON.stringify({ success: true, requestId, decision: decision ?? 'approved' }, null, 2) }] };
+        }
+        catch (err) {
+            return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'ApprovePermissionFailed', message: err.message }) }] };
+        }
+    });
+}

package/dist/tools/deny_permission.d.ts

@@ -0,0 +1,4 @@
+import type { McpServer, RegisteredTool } from '@modelcontextprotocol/sdk/server/mcp.js';
+import type { RelayClient } from '../relay/client.js';
+import type { SessionManager } from '../session/manager.js';
+export declare function registerDenyPermission(server: McpServer, relay: RelayClient, sessionManager: SessionManager): RegisteredTool;

package/dist/tools/deny_permission.js

@@ -0,0 +1,31 @@
+import { z } from 'zod';
+import { logger } from '../logger.js';
+export function registerDenyPermission(server, relay, sessionManager) {
+    return server.tool('deny_permission', 'Deny a pending permission request in a session. Can also abort the entire session.', {
+        sessionId: z.string().describe('The session ID'),
+        requestId: z.string().describe('The permission request ID to deny'),
+        reason: z.string().optional().describe('Feedback text explaining why the request was denied'),
+        decision: z.enum(['denied', 'abort']).optional().default('denied').describe('Denial type: denied (reject this request) or abort (stop the session)'),
+    }, async ({ sessionId, requestId, reason, decision }) => {
+        try {
+            if (!relay.connected) {
+                return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'RelayDisconnected', message: 'Relay is not connected' }) }] };
+            }
+            const session = sessionManager.get(sessionId);
+            if (!session) {
+                return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'SessionNotFound', message: `Session ${sessionId} not found` }) }] };
+            }
+            await relay.sessionRpc(sessionId, 'permission', {
+                id: requestId,
+                approved: false,
+                reason,
+                decision: decision ?? 'denied',
+            });
+            logger.info(`[audit] Permission DENIED: session=${sessionId} request=${requestId} decision=${decision ?? 'denied'}${reason ? ` reason=${reason}` : ''}`);
+            return { content: [{ type: 'text', text: JSON.stringify({ success: true, requestId, decision: decision ?? 'denied' }, null, 2) }] };
+        }
+        catch (err) {
+            return { isError: true, content: [{ type: 'text', text: JSON.stringify({ error: 'DenyPermissionFailed', message: err.message }) }] };
+        }
+    });
+}

package/dist/tools/get_session.d.ts

@@ -0,0 +1,4 @@
+import type { McpServer, RegisteredTool } from '@modelcontextprotocol/sdk/server/mcp.js';
+import type { ApiClient } from '../api/client.js';
+import type { SessionManager } from '../session/manager.js';
+export declare function registerGetSession(server: McpServer, api: ApiClient, sessionManager: SessionManager): RegisteredTool;