mcp-nervous-system 1.9.0 → 1.9.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +12 -6
- package/package.json +3 -2
- package/server.js +1 -1
- package/skills/multi-agent-governance/SKILL.md +97 -0
- package/stdio.js +4 -4
package/README.md
CHANGED
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
|
|
5
5
|
7 mechanically enforced rules that prevent the most common failure modes when LLMs have access to real infrastructure: context loss, silent failures, file damage, goal drift, and overreach.
|
|
6
6
|
|
|
7
|
-
Built by [Arthur Palyan](https://www.levelsofself.com) at Palyan Family AI System.
|
|
7
|
+
Built by [Arthur Palyan](https://www.levelsofself.com) at Palyan Family AI System. 21 tools including configuration drift detection and emergency kill switch. Battle-tested on a 13-agent AI family running 27 processes 24/7 on a single VPS. 58+ violations logged, 0 bypassed.
|
|
8
8
|
|
|
9
9
|
## The Problem
|
|
10
10
|
|
|
@@ -93,7 +93,7 @@ Configuration drift detection across 5 scopes: roles, versions, files, processes
|
|
|
93
93
|
| 6 | **Ask Before Touching** | Unauthorized changes. Logic changes need human approval. |
|
|
94
94
|
| 7 | **Hand Off** | Context loss. Written handoffs every 3-4 exchanges. |
|
|
95
95
|
|
|
96
|
-
## MCP Tools (
|
|
96
|
+
## MCP Tools (21)
|
|
97
97
|
|
|
98
98
|
| Tool | Description |
|
|
99
99
|
|------|------------|
|
|
@@ -143,7 +143,7 @@ https://api.100levelup.com/family/eu-ai-act.html
|
|
|
143
143
|
|
|
144
144
|
## Production Reference: Tamara
|
|
145
145
|
|
|
146
|
-
Tamara is an autonomous AI operations manager built on the Nervous System framework. She manages 13 AI agents across 5 platforms, serving 175 countries from a $
|
|
146
|
+
Tamara is an autonomous AI operations manager built on the Nervous System framework. She manages 13 AI agents across 5 platforms, serving 175+ countries accessible from a $12/month VPS - without dedicated DevOps staff.
|
|
147
147
|
|
|
148
148
|
Tamara is the proof that the Nervous System works in production. She runs 60-minute autonomous check cycles, detects configuration drift, dispatches remediation agents, and reports to the human operator only when judgment is needed.
|
|
149
149
|
|
|
@@ -168,10 +168,10 @@ From the live Palyan Family AI System deployment (Feb 28 - Mar 5, 2026):
|
|
|
168
168
|
|
|
169
169
|
- **58+** violations caught
|
|
170
170
|
- **29** edits blocked by preflight
|
|
171
|
-
- **
|
|
171
|
+
- **100** files protected
|
|
172
172
|
- **0** rules bypassed
|
|
173
|
-
- **
|
|
174
|
-
- **
|
|
173
|
+
- **27** processes monitored
|
|
174
|
+
- **5** days continuous operation
|
|
175
175
|
|
|
176
176
|
## Live Demo
|
|
177
177
|
|
|
@@ -199,6 +199,12 @@ Works with the major multi-agent platforms and any MCP client:
|
|
|
199
199
|
|
|
200
200
|
Each integration includes working code, example configs, and a step-by-step README.
|
|
201
201
|
|
|
202
|
+
## Agent Skills
|
|
203
|
+
|
|
204
|
+
The Nervous System is also available as an Agent Skill following the open [Agent Skills standard](https://agentskills.io). Install the governance skill to teach any AI agent (Claude, Codex, Cursor, Copilot, VS Code) how to enforce behavioral guardrails in multi-agent systems.
|
|
205
|
+
|
|
206
|
+
See `skills/multi-agent-governance/SKILL.md` for the full skill definition.
|
|
207
|
+
|
|
202
208
|
## Philosophy
|
|
203
209
|
|
|
204
210
|
> "LLMs can't reliably self-enforce promises. Guardrails work via preflight.sh, violation logs, and catching drift. Build enforcement systems, don't make promises."
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mcp-nervous-system",
|
|
3
|
-
"version": "1.9.
|
|
3
|
+
"version": "1.9.2",
|
|
4
4
|
"description": "Governance layer for multi-agent AI systems. 7 mechanically enforced rules, 19 tools including kill switch, audit chain, dispatch, drift audit, security audit, page health, pre-publish audit, and session close. Works with Ruflo, Hivemind, Agent Teams, and any MCP client.",
|
|
5
5
|
"main": "server.js",
|
|
6
6
|
"bin": {
|
|
@@ -43,5 +43,6 @@
|
|
|
43
43
|
},
|
|
44
44
|
"dependencies": {
|
|
45
45
|
"@modelcontextprotocol/sdk": "^1.0.0"
|
|
46
|
-
}
|
|
46
|
+
},
|
|
47
|
+
"mcpName": "io.github.levelsofself/nervous-system"
|
|
47
48
|
}
|
package/server.js
CHANGED
|
@@ -1147,7 +1147,7 @@ const NERVOUS_SYSTEM_INFO = {
|
|
|
1147
1147
|
]
|
|
1148
1148
|
},
|
|
1149
1149
|
stats: {
|
|
1150
|
-
protected_files: '
|
|
1150
|
+
protected_files: '100 untouchable files',
|
|
1151
1151
|
core_rules: 7,
|
|
1152
1152
|
reflection_trigger: 'Every 4 messages',
|
|
1153
1153
|
processes_managed: '22+ autonomous PM2 processes',
|
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: multi-agent-governance
|
|
3
|
+
description: "Use this skill when building, managing, or auditing multi-agent AI systems. Provides governance patterns for behavioral enforcement, drift detection, audit trails, role management, and accountability across autonomous AI agents. Compatible with any orchestration framework."
|
|
4
|
+
license: Apache-2.0
|
|
5
|
+
metadata:
|
|
6
|
+
author: palyan-family-ai
|
|
7
|
+
version: "1.0.0"
|
|
8
|
+
homepage: https://www.npmjs.com/package/@anthropic-ai/mcp-nervous-system
|
|
9
|
+
repository: https://github.com/anthropics/mcp-nervous-system
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
# Multi-Agent Governance
|
|
13
|
+
|
|
14
|
+
Governance patterns for multi-agent AI systems. When you have multiple autonomous AI agents operating together, you need accountability, behavioral enforcement, and drift detection - just like human organizations.
|
|
15
|
+
|
|
16
|
+
## Core Principles
|
|
17
|
+
|
|
18
|
+
1. **Single source of truth** - One config file defines all agent roles. Every agent reads from it. No parallel systems.
|
|
19
|
+
2. **Behavioral enforcement** - Rules are not suggestions. Guardrails are enforced through preflight checks, violation logging, and automated audits.
|
|
20
|
+
3. **Drift detection** - Systems drift from their intended state over time. Automated drift audits catch configuration mismatches, version inconsistencies, and role conflicts before they cause failures.
|
|
21
|
+
4. **Tamper-proof audit trails** - Every action, every change, every decision is logged in append-only logs that can be verified for integrity.
|
|
22
|
+
5. **File-based memory** - Agent memory lives in files on disk, not in cloud databases. This enables air-gapped deployment, full auditability, and zero vendor dependency.
|
|
23
|
+
|
|
24
|
+
## Governance Patterns
|
|
25
|
+
|
|
26
|
+
### Role Management
|
|
27
|
+
Define roles in a single JSON file that all agents reference:
|
|
28
|
+
```json
|
|
29
|
+
{
|
|
30
|
+
"agent-name": {
|
|
31
|
+
"role": "Operations Manager",
|
|
32
|
+
"scope": ["dispatch", "monitoring", "reporting"],
|
|
33
|
+
"access": "admin",
|
|
34
|
+
"model": "claude-opus-4-6"
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
```
|
|
38
|
+
Every agent reads from this file at startup. Changes propagate automatically.
|
|
39
|
+
|
|
40
|
+
### Preflight Checks
|
|
41
|
+
Before any agent modifies a file:
|
|
42
|
+
1. Check if the file is on the protected list
|
|
43
|
+
2. If protected: log the attempt, report to admin, and STOP
|
|
44
|
+
3. If allowed: create backup, make change, syntax check, restart affected process
|
|
45
|
+
|
|
46
|
+
### Drift Audit Scopes
|
|
47
|
+
Run periodic audits across these dimensions:
|
|
48
|
+
- **roles** - Do running agents match their role definitions?
|
|
49
|
+
- **versions** - Are all agents on the correct model version?
|
|
50
|
+
- **files** - Have any protected files been modified?
|
|
51
|
+
- **processes** - Are all expected processes running?
|
|
52
|
+
- **config** - Do config files match expected state?
|
|
53
|
+
|
|
54
|
+
### Session Management
|
|
55
|
+
Every agent session should:
|
|
56
|
+
1. Read the current system state before acting
|
|
57
|
+
2. Write progress as it goes (no silent failures)
|
|
58
|
+
3. Update handoff documentation before ending
|
|
59
|
+
4. Run a drift audit on affected areas
|
|
60
|
+
|
|
61
|
+
### Permission Protocol
|
|
62
|
+
Two categories of changes:
|
|
63
|
+
- **DATA** (values, content, configuration): Agent can act with general authorization
|
|
64
|
+
- **LOGIC** (how something decides, classifies, responds): Agent PROPOSES and WAITS for human approval
|
|
65
|
+
|
|
66
|
+
When in doubt, it is LOGIC. Ask the human.
|
|
67
|
+
|
|
68
|
+
## Implementation
|
|
69
|
+
|
|
70
|
+
### Using the Nervous System MCP
|
|
71
|
+
The Nervous System is a Model Context Protocol server that implements these governance patterns with 19+ tools:
|
|
72
|
+
|
|
73
|
+
```bash
|
|
74
|
+
npm install -g @anthropic-ai/mcp-nervous-system
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
Tools include: drift_audit, security_audit, auto_propagate, session_close, preflight_check, violation_logging, and more.
|
|
78
|
+
|
|
79
|
+
### DIY Implementation
|
|
80
|
+
If building your own governance layer:
|
|
81
|
+
1. Create a roles config file (JSON) as single source of truth
|
|
82
|
+
2. Create a protected files list that agents check before editing
|
|
83
|
+
3. Implement append-only logging for all agent actions
|
|
84
|
+
4. Schedule periodic drift audits (compare expected vs actual state)
|
|
85
|
+
5. Build a violation log that captures unauthorized changes
|
|
86
|
+
|
|
87
|
+
## Anti-Patterns
|
|
88
|
+
- Letting agents self-modify their own rules
|
|
89
|
+
- Multiple sources of truth for the same data
|
|
90
|
+
- Silent failures (agent encounters error but does not report it)
|
|
91
|
+
- Manual fixes without adding automated detection
|
|
92
|
+
- Hardcoding values that should come from config
|
|
93
|
+
|
|
94
|
+
## Resources
|
|
95
|
+
- [Nervous System MCP on npm](https://www.npmjs.com/package/@anthropic-ai/mcp-nervous-system)
|
|
96
|
+
- [Agent Skills Specification](https://agentskills.io/specification)
|
|
97
|
+
- [Model Context Protocol](https://modelcontextprotocol.io)
|
package/stdio.js
CHANGED
|
@@ -37,7 +37,7 @@ const TOOLS = [
|
|
|
37
37
|
{ name: "dispatch_to_llm", description: "Dispatch a task to a background Claude Code agent", schema: { type: "object", properties: { task: { type: "string", description: "Task description" }, max_turns: { type: "number", description: "Max turns (default 15)" } }, required: ["task"] } }
|
|
38
38
|
];
|
|
39
39
|
|
|
40
|
-
const server = new Server({ name: "nervous-system", version: "1.
|
|
40
|
+
const server = new Server({ name: "nervous-system", version: "1.9.0" }, { capabilities: { tools: {}, resources: {} } });
|
|
41
41
|
|
|
42
42
|
server.setRequestHandler(ListToolsRequestSchema, async () => ({
|
|
43
43
|
tools: TOOLS.map(t => ({ name: t.name, description: t.description, inputSchema: t.schema }))
|
|
@@ -48,10 +48,10 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
|
|
|
48
48
|
|
|
49
49
|
switch (name) {
|
|
50
50
|
case "get_framework":
|
|
51
|
-
return { content: [{ type: "text", text: JSON.stringify({ name: "The Nervous System", version: "1.
|
|
51
|
+
return { content: [{ type: "text", text: JSON.stringify({ name: "The Nervous System", version: "1.9.0", description: "LLM Behavioral Enforcement Framework", rules: RULES, total_tools: 11, production_stats: { violations_caught: 58, rules_bypassed: 0, edits_blocked: 32, processes_monitored: 22 } }, null, 2) }] };
|
|
52
52
|
|
|
53
53
|
case "get_nervous_system_info":
|
|
54
|
-
return { content: [{ type: "text", text: JSON.stringify({ name: "The Nervous System", version: "1.
|
|
54
|
+
return { content: [{ type: "text", text: JSON.stringify({ name: "The Nervous System", version: "1.9.0", author: "Arthur Palyan", company: "Palyan Family AI System / Levels of Self LLC", website: "https://www.levelsofself.com", demo: "https://api.100levelup.com/family/arthur.html?guest=1", github: "https://github.com/levelsofself/mcp-nervous-system", npm: "https://www.npmjs.com/package/mcp-nervous-system", tools: 11, rules: 7, production_stats: { violations: 58, bypasses: 0, blocked_edits: 32, uptime_days: 25, monthly_cost: "$12" } }, null, 2) }] };
|
|
55
55
|
|
|
56
56
|
case "check_preflight":
|
|
57
57
|
const fp = args?.file_path || "unknown";
|
|
@@ -100,7 +100,7 @@ server.setRequestHandler(ReadResourceRequestSchema, async (request) => {
|
|
|
100
100
|
return { contents: [{ uri, mimeType: "application/json", text: JSON.stringify(RULES, null, 2) }] };
|
|
101
101
|
}
|
|
102
102
|
if (uri === "ns://stats") {
|
|
103
|
-
return { contents: [{ uri, mimeType: "application/json", text: JSON.stringify({ violations:
|
|
103
|
+
return { contents: [{ uri, mimeType: "application/json", text: JSON.stringify({ violations: 58, bypasses: 0, blocked: 32, processes: 22, uptime_days: 25, version: "1.9.0" }, null, 2) }] };
|
|
104
104
|
}
|
|
105
105
|
return { contents: [{ uri, mimeType: "text/plain", text: "Unknown resource" }] };
|
|
106
106
|
});
|