npm - mcp-server-agentpay - Versions diffs - 1.1.1 → 1.1.2 - Mend

mcp-server-agentpay 1.1.1 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md CHANGED Viewed

@@ -1,10 +1,8 @@
 # mcp-server-agentpay
-<a href="https://glama.ai/mcp/servers/@joepangallo/mcp-server-agentpay"><img width="380" height="200" src="https://glama.ai/mcp/servers/@joepangallo/mcp-server-agentpay/badge" alt="AgentPay MCP server" /></a>
 MCP server for **AgentPay** — the payment gateway for autonomous AI agents.
-Fund a wallet once, give your agent the key, and it discovers, provisions, and pays for tool APIs on its own. One key, every tool.
+Fund a wallet once, give your agent the key, and it discovers, provisions, and pays for tool APIs on its own.
 ## Quick Setup
@@ -25,7 +23,8 @@ Or add to `~/.claude/settings.json`:
       "command": "npx",
       "args": ["-y", "mcp-server-agentpay"],
       "env": {
-        "AGENTPAY_GATEWAY_KEY": "apg_your_key_here"
+        "AGENTPAY_GATEWAY_KEY": "apg_your_key_here",
+        "AGENTPAY_URL": "https://pay.leddconsulting.com"
       }
     }
   }
@@ -42,28 +41,42 @@ curl -X POST https://pay.leddconsulting.com/gateway/register \
 You get $1 in free credits to start.
-## Tools
+## Tools (13 total)
 | Tool | Description |
 |------|-------------|
-| `discover_tools` | Search tools by keyword (e.g. 'security', 'seo') |
+| `discover_tools` | Search tools by keyword |
 | `list_tools` | List all available tools with pricing |
 | `check_balance` | Check wallet balance and provisioned tools |
 | `call_tool` | Call any tool method (metered, auto-provisions) |
 | `provision_tool` | Pre-provision access to a tool |
 | `get_usage` | View recent call history and costs |
 | `fund_wallet_stripe` | Get Stripe checkout URL for credits |
-| `fund_wallet_x402` | Get x402 crypto funding info (autonomous USDC) |
+| `fund_wallet_x402` | Get x402 crypto funding info |
 | `x402_info` | View x402 payment options and setup |
+| `reliability_dashboard` | Admin: view circuit breaker + health dashboard |
+| `reliability_tool_detail` | Admin: detailed reliability view per tool |
+| `reliability_reset` | Admin: force-close a tripped circuit |
+| `reliability_config` | Admin: update per-tool reliability settings |
-### Admin Tools (optional, requires `AGENTPAY_ADMIN_KEY`)
+The 4 reliability tools require `AGENTPAY_ADMIN_KEY`.
-| Tool | Description |
-|------|-------------|
-| `reliability_dashboard` | Circuit breaker states, health metrics, recent events |
-| `reliability_tool_detail` | Detailed reliability info for a specific tool |
-| `reliability_reset` | Force-close a tripped circuit breaker |
-| `reliability_config` | Update circuit breaker settings |
+## Funding Methods
+### Stripe (human-in-the-loop)
+Use `fund_wallet_stripe` — returns a checkout URL for a human to complete.
+### x402 USDC (fully autonomous)
+Use `fund_wallet_x402` — returns endpoint, network, and instructions for autonomous USDC payments via the x402 protocol. No human needed.
+## Credit Packages
+| Package | Price | Credits | Bonus |
+|---------|-------|---------|-------|
+| test    | $1    | 1       | —     |
+| starter | $25   | 25      | —     |
+| pro     | $100  | 103     | 3%    |
+| scale   | $500  | 525     | 5%    |
 ## How It Works
@@ -74,45 +87,33 @@ You get $1 in free credits to start.
 The agent never needs to know about individual tool APIs, accounts, or payment. One key, every tool.
-## Funding Methods
-### Stripe (human-in-the-loop)
-Use `fund_wallet_stripe` — returns a checkout URL for a human to complete.
-### x402 USDC (fully autonomous)
-Use `fund_wallet_x402` — returns endpoint, network, and instructions for autonomous USDC payments via the [x402 protocol](https://www.x402.org/). No human needed.
-### Credit Packages
-| Package | Price | Credits |
-|---------|-------|---------|
-| micro   | $10   | 10      |
-| small   | $45   | 50      |
-| medium  | $80   | 100     |
-| large   | $350  | 500     |
-| whale   | $600  | 1,000   |
 ## Environment Variables
 | Variable | Required | Description |
 |----------|----------|-------------|
 | `AGENTPAY_GATEWAY_KEY` | Yes | Your gateway API key (starts with `apg_`) |
-| `AGENTPAY_ADMIN_KEY` | No | Admin key for reliability endpoints |
+| `AGENTPAY_ADMIN_KEY` | No | Admin key for reliability tools (`reliability_*`) |
 | `AGENTPAY_URL` | No | Custom gateway URL (default: `https://pay.leddconsulting.com`) |
+Advanced optional toggles:
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `AGENTPAY_ENABLE_ADMIN_TOOLS` | `true` | Enable/disable `reliability_*` MCP tools |
+| `AGENTPAY_ENFORCE_HOST_ALLOWLIST` | `false` | Enforce host allowlist for `AGENTPAY_URL` |
+| `AGENTPAY_ALLOWED_HOSTS` | `pay.leddconsulting.com,agentpay.leddconsulting.com,localhost,127.0.0.1` | Comma-separated allowlist used when enforcement is enabled |
+| `AGENTPAY_SESSION_BUDGET` | unset | Optional session spending cap in credits |
+| `AGENTPAY_REAL_MONEY_WARNINGS` | `false` | Use stricter warning text in paid-tool/funding descriptions |
 ## Available Tools (via gateway)
 - **Security Audit** — scan websites for vulnerabilities, SSL issues, OWASP risks
 - **IndexForge SEO** — submit URLs to Google/Bing, scan sitemaps, check index status
-More tools added regularly. Developers can register tools at the [marketplace](https://pay.leddconsulting.com/docs).
+More tools added regularly. Tool providers can register at the gateway.
 ## Links
-- [API Docs](https://pay.leddconsulting.com/docs)
-- [Status Page](https://pay.leddconsulting.com/status)
+- [GitHub](https://github.com/joepangallo/agent-pay)
+- [API Docs](https://pay.leddconsulting.com/docs) — alias: `https://agentpay.leddconsulting.com`
 - [MCP Registry](https://registry.modelcontextprotocol.io) — `io.github.joepangallo/agent-pay`
-## License
-MIT

package/core.js ADDED Viewed

@@ -0,0 +1,625 @@
+const { McpServer } = require("@modelcontextprotocol/sdk/server/mcp.js");
+const { StdioServerTransport } = require("@modelcontextprotocol/sdk/server/stdio.js");
+const { z } = require("zod");
+const https = require("https");
+const http = require("http");
+const DEFAULT_BASE_URL = "https://pay.leddconsulting.com";
+const DEFAULT_ALLOWED_HOSTS = ["pay.leddconsulting.com", "agentpay.leddconsulting.com", "localhost", "127.0.0.1"];
+const MAX_RESPONSE_SIZE = 5 * 1024 * 1024; // 5MB
+const CALL_TOOL_DESCRIPTION = "Call any tool method through the AgentPay gateway. Automatically provisions access on first use. Credits are deducted per call. Use discover_tools or list_tools first to see available tools and methods.";
+const CALL_TOOL_DESCRIPTION_REAL_MONEY = "Call any tool method through the AgentPay gateway. Automatically provisions access on first use. Credits are deducted per call (real money). Use discover_tools or list_tools first to see available tools and methods. IMPORTANT: Each call costs real credits. Only call when explicitly instructed by the user.";
+const X402_DESCRIPTION = "Get x402 crypto funding info for your wallet. Returns the endpoint URL, network, and setup instructions. To actually pay, your HTTP client needs @x402/fetch which automatically handles the 402 payment flow with USDC. This is the fully autonomous funding method - no human needed.";
+const X402_DESCRIPTION_REAL_MONEY = "Get x402 crypto funding info for your wallet. Returns the endpoint URL, network, and setup instructions. IMPORTANT: This spends real USDC on Base mainnet. Only call when explicitly instructed by the user. To actually pay, your HTTP client needs @x402/fetch which automatically handles the 402 payment flow.";
+function parseBoolean(rawValue, fallback) {
+  if (rawValue === undefined || rawValue === null || rawValue === "") return fallback;
+  const normalized = String(rawValue).trim().toLowerCase();
+  if (["1", "true", "yes", "y", "on"].includes(normalized)) return true;
+  if (["0", "false", "no", "n", "off"].includes(normalized)) return false;
+  return fallback;
+}
+function parseNumber(rawValue, fallback) {
+  if (rawValue === undefined || rawValue === null || rawValue === "") return fallback;
+  const parsed = Number(rawValue);
+  return Number.isFinite(parsed) ? parsed : fallback;
+}
+function parseAllowedHosts(rawValue, fallbackHosts) {
+  if (rawValue === undefined || rawValue === null || rawValue === "") return [...fallbackHosts];
+  const hosts = String(rawValue)
+    .split(",")
+    .map((host) => host.trim())
+    .filter(Boolean);
+  if (hosts.length === 0) return [...fallbackHosts];
+  return hosts;
+}
+function textResponse(text) {
+  return {
+    content: [{ type: "text", text }],
+  };
+}
+function buildMcpOptionsFromEnv({ version, defaults = {} }) {
+  const baseUrl = (process.env.AGENTPAY_URL || defaults.baseUrl || DEFAULT_BASE_URL).replace(/\/$/, "");
+  const gatewayKey = process.env.AGENTPAY_GATEWAY_KEY || defaults.gatewayKey || "";
+  const adminKey = process.env.AGENTPAY_ADMIN_KEY || defaults.adminKey || "";
+  return {
+    version,
+    baseUrl,
+    gatewayKey,
+    adminKey,
+    includeAdminTools: parseBoolean(process.env.AGENTPAY_ENABLE_ADMIN_TOOLS, defaults.includeAdminTools ?? true),
+    enforceHostAllowlist: parseBoolean(process.env.AGENTPAY_ENFORCE_HOST_ALLOWLIST, defaults.enforceHostAllowlist ?? false),
+    allowedHosts: parseAllowedHosts(process.env.AGENTPAY_ALLOWED_HOSTS, defaults.allowedHosts || DEFAULT_ALLOWED_HOSTS),
+    sessionBudget: parseNumber(process.env.AGENTPAY_SESSION_BUDGET, defaults.sessionBudget ?? null),
+    realMoneyWarnings: parseBoolean(process.env.AGENTPAY_REAL_MONEY_WARNINGS, defaults.realMoneyWarnings ?? false),
+    userAgentName: defaults.userAgentName || "mcp-server-agentpay",
+  };
+}
+function createAgentPayMcpServer(options = {}) {
+  const {
+    version,
+    baseUrl,
+    gatewayKey,
+    adminKey,
+    includeAdminTools = true,
+    enforceHostAllowlist = false,
+    allowedHosts = DEFAULT_ALLOWED_HOSTS,
+    sessionBudget = null,
+    realMoneyWarnings = false,
+    userAgentName = "mcp-server-agentpay",
+  } = options;
+  if (!version) {
+    throw new Error("MCP server version is required.");
+  }
+  let parsedBaseUrl;
+  try {
+    parsedBaseUrl = new URL(baseUrl || DEFAULT_BASE_URL);
+  } catch {
+    throw new Error(`[agentpay] Invalid AGENTPAY_URL: ${baseUrl}`);
+  }
+  if (parsedBaseUrl.protocol !== "https:" && parsedBaseUrl.protocol !== "http:") {
+    throw new Error(`[agentpay] Unsupported AGENTPAY_URL protocol: ${parsedBaseUrl.protocol}`);
+  }
+  if (enforceHostAllowlist) {
+    const host = parsedBaseUrl.hostname;
+    if (!allowedHosts.includes(host)) {
+      throw new Error(
+        `[agentpay] SECURITY: AGENTPAY_URL host \"${host}\" not in allowlist. Allowed: ${allowedHosts.join(", ")}`
+      );
+    }
+  }
+  const resolvedBaseUrl = parsedBaseUrl.toString().replace(/\/$/, "");
+  const hasSessionBudget = Number.isFinite(sessionBudget) && Number(sessionBudget) > 0;
+  const resolvedSessionBudget = hasSessionBudget ? Number(sessionBudget) : null;
+  let sessionSpent = 0;
+  function doRequest({ method, urlPath, body, timeout = 120_000, headers, authLabel }) {
+    return new Promise((resolve, reject) => {
+      const fullUrl = `${resolvedBaseUrl}${urlPath}`;
+      let parsed;
+      try {
+        parsed = new URL(fullUrl);
+      } catch {
+        reject(new Error(`Invalid request URL: ${fullUrl}`));
+        return;
+      }
+      const isHttps = parsed.protocol === "https:";
+      if (parsed.protocol !== "https:" && parsed.protocol !== "http:") {
+        reject(new Error(`Unsupported URL protocol: ${parsed.protocol}`));
+        return;
+      }
+      if (!isHttps && authLabel) {
+        reject(new Error(`Refusing to send ${authLabel} over insecure HTTP. Use HTTPS.`));
+        return;
+      }
+      const mod = isHttps ? https : http;
+      const opts = {
+        hostname: parsed.hostname,
+        port: parsed.port || (isHttps ? 443 : 80),
+        path: parsed.pathname + parsed.search,
+        method,
+        headers,
+        timeout,
+      };
+      const req = mod.request(opts, (res) => {
+        let data = "";
+        let size = 0;
+        res.on("data", (chunk) => {
+          size += chunk.length;
+          if (size > MAX_RESPONSE_SIZE) {
+            req.destroy();
+            reject(new Error("Response too large"));
+            return;
+          }
+          data += chunk;
+        });
+        res.on("end", () => {
+          try {
+            const json = JSON.parse(data);
+            if (res.statusCode >= 400) {
+              reject(new Error(json.error || `HTTP ${res.statusCode}`));
+              return;
+            }
+            resolve(json);
+          } catch {
+            if (res.statusCode >= 400) {
+              reject(new Error(`HTTP ${res.statusCode}: ${data.slice(0, 300)}`));
+              return;
+            }
+            resolve(data);
+          }
+        });
+      });
+      req.on("error", reject);
+      req.on("timeout", () => {
+        req.destroy();
+        reject(new Error("Request timed out"));
+      });
+      if (body) req.write(JSON.stringify(body));
+      req.end();
+    });
+  }
+  function gatewayRequest(method, urlPath, body, timeout = 120_000) {
+    const headers = {
+      "Content-Type": "application/json",
+      "User-Agent": `${userAgentName}/${version}`,
+    };
+    if (gatewayKey) headers["X-Gateway-Key"] = gatewayKey;
+    return doRequest({
+      method,
+      urlPath,
+      body,
+      timeout,
+      headers,
+      authLabel: gatewayKey ? "gateway key" : null,
+    });
+  }
+  function adminRequest(method, urlPath, body, timeout = 30_000) {
+    const headers = {
+      "Content-Type": "application/json",
+      "User-Agent": `${userAgentName}/${version}`,
+      Authorization: `Bearer ${adminKey}`,
+    };
+    return doRequest({
+      method,
+      urlPath,
+      body,
+      timeout,
+      headers,
+      authLabel: adminKey ? "admin key" : null,
+    });
+  }
+  function noKeyError() {
+    return textResponse(
+      "Error: AGENTPAY_GATEWAY_KEY environment variable is required.\n\nRegister at https://pay.leddconsulting.com to get a gateway key.\nYou get $1 in free credits to start."
+    );
+  }
+  function noAdminKeyError() {
+    return textResponse(
+      "Error: AGENTPAY_ADMIN_KEY environment variable is required for reliability endpoints.\n\nThis is the admin key configured on the AgentPay server."
+    );
+  }
+  const server = new McpServer({
+    name: "agentpay",
+    version,
+  });
+  server.tool(
+    "discover_tools",
+    "Search for available AI tools by keyword or capability. Returns matching tools with descriptions, methods, and per-call pricing. Use this to find what tools are available before calling them.",
+    {
+      query: z.string().describe("Search keyword (e.g. 'security', 'seo', 'indexing', 'vulnerability')"),
+    },
+    async ({ query }) => {
+      try {
+        const result = await gatewayRequest("POST", "/gateway/discover", { query });
+        if (result.count === 0) {
+          return textResponse(`No tools found for \"${query}\". Try: security, seo, indexing, vulnerability, audit`);
+        }
+        return textResponse(JSON.stringify(result.tools ?? [], null, 2));
+      } catch (error) {
+        return textResponse(`Error: ${error.message}`);
+      }
+    }
+  );
+  server.tool(
+    "list_tools",
+    "List all available tools in the AgentPay gateway with their descriptions, methods, and pricing. No authentication required.",
+    {},
+    async () => {
+      try {
+        const result = await gatewayRequest("GET", "/gateway/tools");
+        return textResponse(JSON.stringify(result.tools ?? [], null, 2));
+      } catch (error) {
+        return textResponse(`Error: ${error.message}`);
+      }
+    }
+  );
+  server.tool(
+    "check_balance",
+    "Check your AgentPay wallet balance, total credits funded, total spent, and which tools you have provisioned access to.",
+    {},
+    async () => {
+      if (!gatewayKey) return noKeyError();
+      try {
+        const result = await gatewayRequest("GET", "/gateway/balance");
+        return textResponse(JSON.stringify(result, null, 2));
+      } catch (error) {
+        return textResponse(`Error: ${error.message}`);
+      }
+    }
+  );
+  server.tool(
+    "call_tool",
+    realMoneyWarnings ? CALL_TOOL_DESCRIPTION_REAL_MONEY : CALL_TOOL_DESCRIPTION,
+    {
+      tool: z.string().describe("Tool ID (e.g. 'agent-audit', 'indexforge')"),
+      method: z.string().describe("Method name (e.g. 'security_scan', 'scan_sitemap')"),
+      params_json: z
+        .string()
+        .optional()
+        .describe("Method parameters as JSON string (e.g. '{\"url\": \"example.com\"}'). Omit if no params needed."),
+    },
+    async ({ tool, method, params_json }) => {
+      if (!gatewayKey) return noKeyError();
+      if (hasSessionBudget && sessionSpent >= resolvedSessionBudget) {
+        return textResponse(
+          `Session budget exhausted ($${sessionSpent.toFixed(2)}/$${resolvedSessionBudget}). Restart the MCP server or increase AGENTPAY_SESSION_BUDGET to continue.`
+        );
+      }
+      try {
+        let params = {};
+        if (params_json) {
+          try {
+            params = JSON.parse(params_json);
+          } catch {
+            return textResponse("Error: params_json must be valid JSON");
+          }
+        }
+        const result = await gatewayRequest("POST", "/gateway/call", { tool, method, params }, 600_000);
+        const cost = Number(result.cost) || 0;
+        if (hasSessionBudget) {
+          sessionSpent += cost;
+        }
+        const balance = Number(result.balance) || 0;
+        const sessionMeta = hasSessionBudget
+          ? ` | Session: $${sessionSpent.toFixed(2)}/$${resolvedSessionBudget}`
+          : "";
+        const meta = `[Cost: $${cost.toFixed(2)} | Balance: $${balance.toFixed(2)}${sessionMeta} | Time: ${result.elapsed || 0}ms]`;
+        return textResponse(`${meta}\n\n${JSON.stringify(result.result, null, 2)}`);
+      } catch (error) {
+        return textResponse(`Error: ${error.message}`);
+      }
+    }
+  );
+  server.tool(
+    "provision_tool",
+    "Pre-provision access to a specific tool. This auto-creates an account on the tool's backend. Not required - call_tool auto-provisions on first use - but useful to confirm access before making calls.",
+    {
+      tool: z.string().describe("Tool ID to provision (e.g. 'indexforge', 'agent-audit')"),
+    },
+    async ({ tool }) => {
+      if (!gatewayKey) return noKeyError();
+      try {
+        const result = await gatewayRequest("POST", "/gateway/provision", { tool });
+        return textResponse(`${result.status}: ${result.message}`);
+      } catch (error) {
+        return textResponse(`Error: ${error.message}`);
+      }
+    }
+  );
+  server.tool(
+    "get_usage",
+    "View your recent tool call history - which tools you called, what methods, how much each cost, and when.",
+    {
+      limit: z.number().int().min(1).max(200).default(20).describe("Number of recent calls to show (default: 20, max: 200)"),
+    },
+    async ({ limit }) => {
+      if (!gatewayKey) return noKeyError();
+      try {
+        const result = await gatewayRequest("GET", `/gateway/usage?limit=${limit}`);
+        return textResponse(JSON.stringify(result.usage ?? [], null, 2));
+      } catch (error) {
+        return textResponse(`Error: ${error.message}`);
+      }
+    }
+  );
+  server.tool(
+    "fund_wallet_stripe",
+    "Get a Stripe checkout URL to add credits. Requires a human to open the link and pay. Use fund_wallet_x402 for fully autonomous crypto payments instead.",
+    {
+      package: z
+        .enum(["test", "starter", "pro", "scale"])
+        .describe("Credit package: test ($1/1cr), starter ($25/25cr), pro ($100/103cr, 3% bonus), scale ($500/525cr, 5% bonus)"),
+    },
+    async ({ package: pkg }) => {
+      if (!gatewayKey) return noKeyError();
+      try {
+        const result = await gatewayRequest("POST", "/gateway/fund", { package: pkg });
+        return textResponse(
+          `Checkout URL (share with a human to complete payment):\n${result.checkoutUrl}\n\nPackage: ${pkg} (${result.credits} credits)`
+        );
+      } catch (error) {
+        return textResponse(`Error: ${error.message}`);
+      }
+    }
+  );
+  server.tool(
+    "fund_wallet_x402",
+    realMoneyWarnings ? X402_DESCRIPTION_REAL_MONEY : X402_DESCRIPTION,
+    {
+      package: z
+        .enum(["test", "starter", "pro", "scale"])
+        .describe("Credit package: test ($1/1cr), starter ($25/25cr), pro ($100/103cr, 3% bonus), scale ($500/525cr, 5% bonus)"),
+    },
+    async ({ package: pkg }) => {
+      if (!gatewayKey) return noKeyError();
+      try {
+        const info = await gatewayRequest("GET", "/gateway/fund/x402");
+        const option = info.options?.find((candidate) => candidate.package === pkg);
+        if (!option) {
+          return textResponse(`Package \"${pkg}\" not found. Available: ${info.options?.map((candidate) => candidate.package).join(", ")}`);
+        }
+        return textResponse(
+          `x402 Crypto Funding for ${pkg} package (${option.credits} credits, ${option.price} USDC):\n\n` +
+            `Endpoint: POST ${resolvedBaseUrl}${option.endpoint}\n` +
+            `Network: ${option.network}\n` +
+            `PayTo: ${option.payTo}\n\n` +
+            `To pay autonomously, make an HTTP request to the endpoint above.\n` +
+            `If using @x402/fetch, the 402 payment flow is handled automatically:\n\n` +
+            `  const fetchWithPayment = wrapFetchWithPayment(fetch, x402Client);\n` +
+            `  const res = await fetchWithPayment(\"${resolvedBaseUrl}/gateway/fund/x402/${pkg}\", {\n` +
+            `    method: \"POST\",\n` +
+            `    headers: { \"X-Gateway-Key\": \"your_key\" }\n` +
+            "  });\n\n" +
+            `The agent's EVM wallet needs USDC on ${option.network}.\n` +
+            "Setup: npm install @x402/fetch @x402/evm\n" +
+            "Env: EVM_PRIVATE_KEY=0x... (agent wallet with USDC)"
+        );
+      } catch (error) {
+        return textResponse(`Error: ${error.message}`);
+      }
+    }
+  );
+  server.tool(
+    "x402_info",
+    "Get information about x402 crypto payment support - which networks, tokens, and funding options are available for autonomous wallet funding.",
+    {},
+    async () => {
+      try {
+        const info = await gatewayRequest("GET", "/gateway/fund/x402");
+        return textResponse(JSON.stringify(info, null, 2));
+      } catch (error) {
+        return textResponse(`x402 not enabled on this gateway. Error: ${error.message}`);
+      }
+    }
+  );
+  if (includeAdminTools) {
+    server.tool(
+      "reliability_dashboard",
+      "View the full reliability dashboard - circuit breaker states, health metrics (latency p50/p95/p99, success rates), and recent events for all tool backends. Requires admin key.",
+      {},
+      async () => {
+        if (!adminKey) return noAdminKeyError();
+        try {
+          const result = await adminRequest("GET", "/admin/reliability");
+          const circuits = result.circuits || {};
+          const health = result.health || {};
+          const events = result.events || [];
+          let text = "=== Reliability Dashboard ===\\n\\n";
+          text += "CIRCUITS:\\n";
+          const toolIds = Object.keys(circuits);
+          if (toolIds.length === 0) {
+            text += "  No circuit data yet (no tool calls made since restart)\\n";
+          } else {
+            for (const toolId of toolIds) {
+              const circuit = circuits[toolId];
+              text += `  ${toolId}: ${circuit.state} (failures: ${circuit.failureCount}, successes: ${circuit.successCount})\\n`;
+            }
+          }
+          text += "\\nHEALTH:\\n";
+          const healthIds = Object.keys(health);
+          if (healthIds.length === 0) {
+            text += "  No health data yet\\n";
+          } else {
+            for (const toolId of healthIds) {
+              const metric = health[toolId];
+              text += `  ${toolId}: ${metric.successRate}% success (${metric.requests.total} calls) - latency avg ${metric.latency.avg}ms, p95 ${metric.latency.p95}ms\\n`;
+            }
+          }
+          if (events.length > 0) {
+            text += `\\nRECENT EVENTS (last ${events.length}):\\n`;
+            for (const event of events.slice(-10)) {
+              const status = event.success ? "OK" : "FAIL";
+              text += `  [${event.timestamp}] ${event.toolId}.${event.method} ${status} ${event.latencyMs}ms${event.error ? " - " + event.error : ""}\\n`;
+            }
+            if (events.length > 10) {
+              text += `  ... and ${events.length - 10} more\\n`;
+            }
+          }
+          return textResponse(text);
+        } catch (error) {
+          return textResponse(`Error: ${error.message}`);
+        }
+      }
+    );
+    server.tool(
+      "reliability_tool_detail",
+      "Get detailed reliability info for a specific tool - circuit breaker state, config (thresholds, timeouts), health metrics, and recent events.",
+      {
+        tool_id: z.string().describe("Tool ID (e.g. 'agent-audit', 'indexforge')"),
+      },
+      async ({ tool_id: toolId }) => {
+        if (!adminKey) return noAdminKeyError();
+        try {
+          const result = await adminRequest("GET", `/admin/reliability/${encodeURIComponent(toolId)}`);
+          const circuit = result.circuit || {};
+          const config = result.config || {};
+          const health = result.health || {};
+          const events = result.events || [];
+          let text = `=== ${toolId} Reliability ===\\n\\n`;
+          text += `CIRCUIT: ${circuit.state} (failures: ${circuit.failureCount}, successes: ${circuit.successCount})\\n`;
+          text += `CONFIG: threshold=${config.failureThreshold} failures, recovery=${config.recoveryTimeoutMs}ms, timeout=${config.requestTimeoutMs}ms\\n`;
+          text += `HEALTH: ${health.successRate}% success (${health.requests?.total || 0} calls)\\n`;
+          text += `LATENCY: avg=${health.latency?.avg || 0}ms, p50=${health.latency?.p50 || 0}ms, p95=${health.latency?.p95 || 0}ms, p99=${health.latency?.p99 || 0}ms (${health.latency?.samples || 0} samples)\\n`;
+          if (health.lastCall) {
+            text += `LAST CALL: ${health.lastCall}\\n`;
+          }
+          if (events.length > 0) {
+            text += `\\nEVENTS (${events.length}):\\n`;
+            for (const event of events.slice(-20)) {
+              const status = event.success ? "OK" : "FAIL";
+              text += `  [${event.timestamp}] ${event.method} ${status} ${event.latencyMs}ms${event.error ? " - " + event.error : ""}\\n`;
+            }
+          }
+          return textResponse(text);
+        } catch (error) {
+          return textResponse(`Error: ${error.message}`);
+        }
+      }
+    );
+    server.tool(
+      "reliability_reset",
+      "Force-close a tripped circuit breaker for a tool, allowing calls to resume immediately. Use when a backend has recovered but the circuit has not automatically reset yet.",
+      {
+        tool_id: z.string().describe("Tool ID to reset (e.g. 'agent-audit', 'indexforge')"),
+      },
+      async ({ tool_id: toolId }) => {
+        if (!adminKey) return noAdminKeyError();
+        try {
+          const result = await adminRequest("POST", `/admin/reliability/${encodeURIComponent(toolId)}/reset`);
+          return textResponse(`Circuit reset for ${toolId}: ${result.previousState} -> ${result.currentState}`);
+        } catch (error) {
+          return textResponse(`Error: ${error.message}`);
+        }
+      }
+    );
+    server.tool(
+      "reliability_config",
+      "Update reliability settings for a specific tool - failure threshold, recovery timeout, and request timeout. Changes take effect immediately.",
+      {
+        tool_id: z.string().describe("Tool ID to configure (e.g. 'agent-audit', 'indexforge')"),
+        failure_threshold: z
+          .number()
+          .int()
+          .min(1)
+          .max(100)
+          .optional()
+          .describe("Number of consecutive failures before circuit opens (1-100)"),
+        recovery_timeout_ms: z
+          .number()
+          .int()
+          .min(5000)
+          .max(600000)
+          .optional()
+          .describe("Milliseconds before OPEN circuit tries recovery (5000-600000)"),
+        request_timeout_ms: z
+          .number()
+          .int()
+          .min(1000)
+          .max(600000)
+          .optional()
+          .describe("Per-request timeout in milliseconds (1000-600000)"),
+      },
+      async ({ tool_id: toolId, failure_threshold: failureThreshold, recovery_timeout_ms: recoveryTimeoutMs, request_timeout_ms: requestTimeoutMs }) => {
+        if (!adminKey) return noAdminKeyError();
+        const body = {};
+        if (failureThreshold !== undefined) body.failureThreshold = failureThreshold;
+        if (recoveryTimeoutMs !== undefined) body.recoveryTimeoutMs = recoveryTimeoutMs;
+        if (requestTimeoutMs !== undefined) body.requestTimeoutMs = requestTimeoutMs;
+        if (Object.keys(body).length === 0) {
+          return textResponse(
+            "Error: Provide at least one setting to update (failure_threshold, recovery_timeout_ms, request_timeout_ms)"
+          );
+        }
+        try {
+          const result = await adminRequest("POST", `/admin/reliability/${encodeURIComponent(toolId)}/config`, body);
+          const config = result.config || {};
+          return textResponse(
+            `Config updated for ${toolId}:\\n  failureThreshold: ${config.failureThreshold}\\n  recoveryTimeoutMs: ${config.recoveryTimeoutMs}\\n  requestTimeoutMs: ${config.requestTimeoutMs}`
+          );
+        } catch (error) {
+          return textResponse(`Error: ${error.message}`);
+        }
+      }
+    );
+  }
+  return {
+    server,
+    async connectStdio() {
+      const transport = new StdioServerTransport();
+      await server.connect(transport);
+    },
+  };
+}
+function startAgentPayMcpFromEnv({ version, defaults = {} }) {
+  const options = buildMcpOptionsFromEnv({ version, defaults });
+  const runtime = createAgentPayMcpServer(options);
+  return runtime.connectStdio();
+}
+module.exports = {
+  DEFAULT_ALLOWED_HOSTS,
+  buildMcpOptionsFromEnv,
+  createAgentPayMcpServer,
+  startAgentPayMcpFromEnv,
+};

package/index.js CHANGED Viewed

@@ -1,500 +1,17 @@
 #!/usr/bin/env node
-const { McpServer } = require("@modelcontextprotocol/sdk/server/mcp.js");
-const { StdioServerTransport } = require("@modelcontextprotocol/sdk/server/stdio.js");
-const { z } = require("zod");
-const https = require("https");
-const http = require("http");
 const { version } = require("./package.json");
+const { startAgentPayMcpFromEnv } = require("./core");
-// ── Config ──────────────────────────────────────────────────────────
-const GATEWAY_KEY = process.env.AGENTPAY_GATEWAY_KEY || "";
-const ADMIN_KEY = process.env.AGENTPAY_ADMIN_KEY || "";
-const BASE_URL = (process.env.AGENTPAY_URL || "https://pay.leddconsulting.com").replace(/\/$/, "");
-// ── HTTP helper ─────────────────────────────────────────────────────
-const MAX_RESPONSE_SIZE = 5 * 1024 * 1024; // 5MB
-function request(method, urlPath, body, timeout = 120_000) {
-  return new Promise((resolve, reject) => {
-    const fullUrl = `${BASE_URL}${urlPath}`;
-    const parsed = new URL(fullUrl);
-    const isHttps = parsed.protocol === "https:";
-    if (!isHttps && GATEWAY_KEY) {
-      return reject(new Error("Refusing to send gateway key over insecure HTTP. Use HTTPS."));
-    }
-    const mod = isHttps ? https : http;
-    const headers = {
-      "Content-Type": "application/json",
-      "User-Agent": `mcp-server-agentpay/${version}`,
-    };
-    if (GATEWAY_KEY) headers["X-Gateway-Key"] = GATEWAY_KEY;
-    const opts = {
-      hostname: parsed.hostname,
-      port: parsed.port || (isHttps ? 443 : 80),
-      path: parsed.pathname + parsed.search,
-      method,
-      headers,
-      timeout,
-    };
-    const req = mod.request(opts, (res) => {
-      let data = "";
-      let size = 0;
-      res.on("data", (c) => {
-        size += c.length;
-        if (size > MAX_RESPONSE_SIZE) { req.destroy(); return reject(new Error("Response too large")); }
-        data += c;
-      });
-      res.on("end", () => {
-        try {
-          const json = JSON.parse(data);
-          if (res.statusCode >= 400) return reject(new Error(json.error || `HTTP ${res.statusCode}`));
-          resolve(json);
-        } catch {
-          if (res.statusCode >= 400) return reject(new Error(`HTTP ${res.statusCode}: ${data.slice(0, 300)}`));
-          resolve(data);
-        }
-      });
-    });
-    req.on("error", reject);
-    req.on("timeout", () => { req.destroy(); reject(new Error("Request timed out")); });
-    if (body) req.write(JSON.stringify(body));
-    req.end();
-  });
-}
-function noKeyError() {
-  return {
-    content: [{ type: "text", text: "Error: AGENTPAY_GATEWAY_KEY environment variable is required.\n\nRegister at https://pay.leddconsulting.com to get a gateway key.\nYou get $1 in free credits to start." }],
-  };
-}
-function noAdminKeyError() {
-  return {
-    content: [{ type: "text", text: "Error: AGENTPAY_ADMIN_KEY environment variable is required for reliability endpoints.\n\nThis is the admin key configured on the AgentPay server." }],
-  };
-}
-function adminRequest(method, urlPath, body, timeout = 30_000) {
-  return new Promise((resolve, reject) => {
-    const fullUrl = `${BASE_URL}${urlPath}`;
-    const parsed = new URL(fullUrl);
-    const isHttps = parsed.protocol === "https:";
-    if (!isHttps && ADMIN_KEY) {
-      return reject(new Error("Refusing to send admin key over insecure HTTP. Use HTTPS."));
-    }
-    const mod = isHttps ? https : http;
-    const headers = {
-      "Content-Type": "application/json",
-      "User-Agent": `mcp-server-agentpay/${version}`,
-      "Authorization": `Bearer ${ADMIN_KEY}`,
-    };
-    const opts = {
-      hostname: parsed.hostname,
-      port: parsed.port || (isHttps ? 443 : 80),
-      path: parsed.pathname + parsed.search,
-      method,
-      headers,
-      timeout,
-    };
-    const req = mod.request(opts, (res) => {
-      let data = "";
-      let size = 0;
-      res.on("data", (c) => {
-        size += c.length;
-        if (size > MAX_RESPONSE_SIZE) { req.destroy(); return reject(new Error("Response too large")); }
-        data += c;
-      });
-      res.on("end", () => {
-        try {
-          const json = JSON.parse(data);
-          if (res.statusCode >= 400) return reject(new Error(json.error || `HTTP ${res.statusCode}`));
-          resolve(json);
-        } catch {
-          if (res.statusCode >= 400) return reject(new Error(`HTTP ${res.statusCode}: ${data.slice(0, 300)}`));
-          resolve(data);
-        }
-      });
-    });
-    req.on("error", reject);
-    req.on("timeout", () => { req.destroy(); reject(new Error("Request timed out")); });
-    if (body) req.write(JSON.stringify(body));
-    req.end();
-  });
-}
-// ── MCP Server ──────────────────────────────────────────────────────
-const server = new McpServer({
-  name: "agentpay",
+startAgentPayMcpFromEnv({
   version,
-});
-// ── Tool: discover_tools ────────────────────────────────────────────
-server.tool(
-  "discover_tools",
-  "Search for available AI tools by keyword or capability. Returns matching tools with descriptions, methods, and per-call pricing. Use this to find what tools are available before calling them.",
-  {
-    query: z.string().describe("Search keyword (e.g. 'security', 'seo', 'indexing', 'vulnerability')"),
-  },
-  async ({ query }) => {
-    try {
-      const result = await request("POST", "/gateway/discover", { query });
-      if (result.count === 0) {
-        return { content: [{ type: "text", text: `No tools found for "${query}". Try: security, seo, indexing, vulnerability, audit` }] };
-      }
-      return { content: [{ type: "text", text: JSON.stringify(result.tools ?? [], null, 2) }] };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: list_tools ────────────────────────────────────────────────
-server.tool(
-  "list_tools",
-  "List all available tools in the AgentPay gateway with their descriptions, methods, and pricing. No authentication required.",
-  {},
-  async () => {
-    try {
-      const result = await request("GET", "/gateway/tools");
-      return { content: [{ type: "text", text: JSON.stringify(result.tools ?? [], null, 2) }] };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: check_balance ─────────────────────────────────────────────
-server.tool(
-  "check_balance",
-  "Check your AgentPay wallet balance, total credits funded, total spent, and which tools you have provisioned access to.",
-  {},
-  async () => {
-    if (!GATEWAY_KEY) return noKeyError();
-    try {
-      const result = await request("GET", "/gateway/balance");
-      return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: call_tool ─────────────────────────────────────────────────
-server.tool(
-  "call_tool",
-  "Call any tool method through the AgentPay gateway. Automatically provisions access on first use. Credits are deducted per call. Use discover_tools or list_tools first to see available tools and methods.",
-  {
-    tool: z.string().describe("Tool ID (e.g. 'agent-audit', 'indexforge')"),
-    method: z.string().describe("Method name (e.g. 'security_scan', 'scan_sitemap')"),
-    params_json: z.string().optional().describe("Method parameters as JSON string (e.g. '{\"url\": \"example.com\"}'). Omit if no params needed."),
-  },
-  async ({ tool, method, params_json }) => {
-    if (!GATEWAY_KEY) return noKeyError();
-    try {
-      let params = {};
-      if (params_json) {
-        try { params = JSON.parse(params_json); } catch { return { content: [{ type: "text", text: "Error: params_json must be valid JSON" }] }; }
-      }
-      const result = await request("POST", "/gateway/call", { tool, method, params }, 600_000);
-      const cost = Number(result.cost) || 0;
-      const balance = Number(result.balance) || 0;
-      const meta = `[Cost: $${cost.toFixed(2)} | Balance: $${balance.toFixed(2)} | Time: ${result.elapsed || 0}ms]`;
-      return {
-        content: [{ type: "text", text: `${meta}\n\n${JSON.stringify(result.result, null, 2)}` }],
-      };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: provision_tool ────────────────────────────────────────────
-server.tool(
-  "provision_tool",
-  "Pre-provision access to a specific tool. This auto-creates an account on the tool's backend. Not required — call_tool auto-provisions on first use — but useful to confirm access before making calls.",
-  {
-    tool: z.string().describe("Tool ID to provision (e.g. 'indexforge', 'agent-audit')"),
-  },
-  async ({ tool }) => {
-    if (!GATEWAY_KEY) return noKeyError();
-    try {
-      const result = await request("POST", "/gateway/provision", { tool });
-      return { content: [{ type: "text", text: `${result.status}: ${result.message}` }] };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: get_usage ─────────────────────────────────────────────────
-server.tool(
-  "get_usage",
-  "View your recent tool call history — which tools you called, what methods, how much each cost, and when.",
-  {
-    limit: z.number().int().min(1).max(200).default(20).describe("Number of recent calls to show (default: 20, max: 200)"),
-  },
-  async ({ limit }) => {
-    if (!GATEWAY_KEY) return noKeyError();
-    try {
-      const result = await request("GET", `/gateway/usage?limit=${limit}`);
-      return { content: [{ type: "text", text: JSON.stringify(result.usage ?? [], null, 2) }] };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: fund_wallet_stripe ─────────────────────────────────────────
-server.tool(
-  "fund_wallet_stripe",
-  "Get a Stripe checkout URL to add credits. Requires a human to open the link and pay. Use fund_wallet_x402 for fully autonomous crypto payments instead.",
-  {
-    package: z.enum(["micro", "small", "medium", "large", "whale"]).describe("Credit package: micro ($10/10cr), small ($45/50cr), medium ($80/100cr), large ($350/500cr), whale ($600/1000cr)"),
-  },
-  async ({ package: pkg }) => {
-    if (!GATEWAY_KEY) return noKeyError();
-    try {
-      const result = await request("POST", "/gateway/fund", { package: pkg });
-      return { content: [{ type: "text", text: `Checkout URL (share with a human to complete payment):\n${result.checkoutUrl}\n\nPackage: ${pkg} (${result.credits} credits)` }] };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: fund_wallet_x402 ──────────────────────────────────────────
-server.tool(
-  "fund_wallet_x402",
-  "Get x402 crypto funding info for your wallet. Returns the endpoint URL, network, and setup instructions. To actually pay, your HTTP client needs @x402/fetch which automatically handles the 402 payment flow with USDC. This is the fully autonomous funding method — no human needed.",
-  {
-    package: z.enum(["micro", "small", "medium", "large", "whale"]).describe("Credit package: micro ($10/10cr), small ($45/50cr), medium ($80/100cr), large ($350/500cr), whale ($600/1000cr)"),
-  },
-  async ({ package: pkg }) => {
-    if (!GATEWAY_KEY) return noKeyError();
-    try {
-      const info = await request("GET", "/gateway/fund/x402");
-      const option = info.options?.find(o => o.package === pkg);
-      if (!option) {
-        return { content: [{ type: "text", text: `Package "${pkg}" not found. Available: ${info.options?.map(o => o.package).join(", ")}` }] };
-      }
-      return {
-        content: [{
-          type: "text",
-          text: `x402 Crypto Funding for ${pkg} package (${option.credits} credits, ${option.price} USDC):\n\n` +
-            `Endpoint: POST ${BASE_URL}${option.endpoint}\n` +
-            `Network: ${option.network}\n` +
-            `PayTo: ${option.payTo}\n\n` +
-            `To pay autonomously, make an HTTP request to the endpoint above.\n` +
-            `If using @x402/fetch, the 402 payment flow is handled automatically:\n\n` +
-            `  const fetchWithPayment = wrapFetchWithPayment(fetch, x402Client);\n` +
-            `  const res = await fetchWithPayment("${BASE_URL}/gateway/fund/x402/${pkg}", {\n` +
-            `    method: "POST",\n` +
-            `    headers: { "X-Gateway-Key": "your_key" }\n` +
-            `  });\n\n` +
-            `The agent's EVM wallet needs USDC on ${option.network}.\n` +
-            `Setup: npm install @x402/fetch @x402/evm\n` +
-            `Env: EVM_PRIVATE_KEY=0x... (agent wallet with USDC)`,
-        }],
-      };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: x402_info ─────────────────────────────────────────────────
-server.tool(
-  "x402_info",
-  "Get information about x402 crypto payment support — which networks, tokens, and funding options are available for autonomous wallet funding.",
-  {},
-  async () => {
-    try {
-      const info = await request("GET", "/gateway/fund/x402");
-      return { content: [{ type: "text", text: JSON.stringify(info, null, 2) }] };
-    } catch (e) {
-      return { content: [{ type: "text", text: `x402 not enabled on this gateway. Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: reliability_dashboard ────────────────────────────────────
-server.tool(
-  "reliability_dashboard",
-  "View the full reliability dashboard — circuit breaker states, health metrics (latency p50/p95/p99, success rates), and recent events for all tool backends. Requires admin key.",
-  {},
-  async () => {
-    if (!ADMIN_KEY) return noAdminKeyError();
-    try {
-      const result = await adminRequest("GET", "/admin/reliability");
-      const circuits = result.circuits || {};
-      const health = result.health || {};
-      const events = result.events || [];
-      let text = "=== Reliability Dashboard ===\n\n";
-      // Circuit states
-      text += "CIRCUITS:\n";
-      const toolIds = Object.keys(circuits);
-      if (toolIds.length === 0) {
-        text += "  No circuit data yet (no tool calls made since restart)\n";
-      } else {
-        for (const id of toolIds) {
-          const c = circuits[id];
-          text += `  ${id}: ${c.state} (failures: ${c.failureCount}, successes: ${c.successCount})\n`;
-        }
-      }
-      // Health metrics
-      text += "\nHEALTH:\n";
-      const healthIds = Object.keys(health);
-      if (healthIds.length === 0) {
-        text += "  No health data yet\n";
-      } else {
-        for (const id of healthIds) {
-          const h = health[id];
-          text += `  ${id}: ${h.successRate}% success (${h.requests.total} calls) — latency avg ${h.latency.avg}ms, p95 ${h.latency.p95}ms\n`;
-        }
-      }
-      // Recent events
-      if (events.length > 0) {
-        text += `\nRECENT EVENTS (last ${events.length}):\n`;
-        for (const e of events.slice(-10)) {
-          const status = e.success ? "OK" : "FAIL";
-          text += `  [${e.timestamp}] ${e.toolId}.${e.method} ${status} ${e.latencyMs}ms${e.error ? " — " + e.error : ""}\n`;
-        }
-        if (events.length > 10) text += `  ... and ${events.length - 10} more\n`;
-      }
-      return { content: [{ type: "text", text }] };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: reliability_tool_detail ─────────────────────────────────
-server.tool(
-  "reliability_tool_detail",
-  "Get detailed reliability info for a specific tool — circuit breaker state, config (thresholds, timeouts), health metrics, and recent events.",
-  {
-    tool_id: z.string().describe("Tool ID (e.g. 'agent-audit', 'indexforge')"),
-  },
-  async ({ tool_id }) => {
-    if (!ADMIN_KEY) return noAdminKeyError();
-    try {
-      const result = await adminRequest("GET", `/admin/reliability/${encodeURIComponent(tool_id)}`);
-      const c = result.circuit || {};
-      const cfg = result.config || {};
-      const h = result.health || {};
-      const events = result.events || [];
-      let text = `=== ${tool_id} Reliability ===\n\n`;
-      text += `CIRCUIT: ${c.state} (failures: ${c.failureCount}, successes: ${c.successCount})\n`;
-      text += `CONFIG: threshold=${cfg.failureThreshold} failures, recovery=${cfg.recoveryTimeoutMs}ms, timeout=${cfg.requestTimeoutMs}ms\n`;
-      text += `HEALTH: ${h.successRate}% success (${h.requests?.total || 0} calls)\n`;
-      text += `LATENCY: avg=${h.latency?.avg || 0}ms, p50=${h.latency?.p50 || 0}ms, p95=${h.latency?.p95 || 0}ms, p99=${h.latency?.p99 || 0}ms (${h.latency?.samples || 0} samples)\n`;
-      if (h.lastCall) text += `LAST CALL: ${h.lastCall}\n`;
-      if (events.length > 0) {
-        text += `\nEVENTS (${events.length}):\n`;
-        for (const e of events.slice(-20)) {
-          const status = e.success ? "OK" : "FAIL";
-          text += `  [${e.timestamp}] ${e.method} ${status} ${e.latencyMs}ms${e.error ? " — " + e.error : ""}\n`;
-        }
-      }
-      return { content: [{ type: "text", text }] };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: reliability_reset ───────────────────────────────────────
-server.tool(
-  "reliability_reset",
-  "Force-close a tripped circuit breaker for a tool, allowing calls to resume immediately. Use when a backend has recovered but the circuit hasn't automatically reset yet.",
-  {
-    tool_id: z.string().describe("Tool ID to reset (e.g. 'agent-audit', 'indexforge')"),
-  },
-  async ({ tool_id }) => {
-    if (!ADMIN_KEY) return noAdminKeyError();
-    try {
-      const result = await adminRequest("POST", `/admin/reliability/${encodeURIComponent(tool_id)}/reset`);
-      return { content: [{ type: "text", text: `Circuit reset for ${tool_id}: ${result.previousState} → ${result.currentState}` }] };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Tool: reliability_config ──────────────────────────────────────
-server.tool(
-  "reliability_config",
-  "Update reliability settings for a specific tool — failure threshold, recovery timeout, and request timeout. Changes take effect immediately.",
-  {
-    tool_id: z.string().describe("Tool ID to configure (e.g. 'agent-audit', 'indexforge')"),
-    failure_threshold: z.number().int().min(1).max(100).optional().describe("Number of consecutive failures before circuit opens (1-100)"),
-    recovery_timeout_ms: z.number().int().min(5000).max(600000).optional().describe("Milliseconds before OPEN circuit tries recovery (5000-600000)"),
-    request_timeout_ms: z.number().int().min(1000).max(600000).optional().describe("Per-request timeout in milliseconds (1000-600000)"),
-  },
-  async ({ tool_id, failure_threshold, recovery_timeout_ms, request_timeout_ms }) => {
-    if (!ADMIN_KEY) return noAdminKeyError();
-    const body = {};
-    if (failure_threshold !== undefined) body.failureThreshold = failure_threshold;
-    if (recovery_timeout_ms !== undefined) body.recoveryTimeoutMs = recovery_timeout_ms;
-    if (request_timeout_ms !== undefined) body.requestTimeoutMs = request_timeout_ms;
-    if (Object.keys(body).length === 0) {
-      return { content: [{ type: "text", text: "Error: Provide at least one setting to update (failure_threshold, recovery_timeout_ms, request_timeout_ms)" }] };
-    }
-    try {
-      const result = await adminRequest("POST", `/admin/reliability/${encodeURIComponent(tool_id)}/config`, body);
-      const cfg = result.config || {};
-      return { content: [{ type: "text", text: `Config updated for ${tool_id}:\n  failureThreshold: ${cfg.failureThreshold}\n  recoveryTimeoutMs: ${cfg.recoveryTimeoutMs}\n  requestTimeoutMs: ${cfg.requestTimeoutMs}` }] };
-    } catch (e) {
-      return { content: [{ type: "text", text: `Error: ${e.message}` }] };
-    }
-  }
-);
-// ── Start ───────────────────────────────────────────────────────────
-async function main() {
-  const transport = new StdioServerTransport();
-  await server.connect(transport);
-}
-main().catch((e) => {
-  console.error("MCP server error:", e);
+  defaults: {
+    includeAdminTools: true,
+    enforceHostAllowlist: false,
+    sessionBudget: null,
+    realMoneyWarnings: false,
+  },
+}).catch((error) => {
+  console.error("MCP server error:", error);
   process.exit(1);
 });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mcp-server-agentpay",
-  "version": "1.1.1",
+  "version": "1.1.2",
   "mcpName": "io.github.joepangallo/agent-pay",
   "description": "MCP server for AgentPay — the payment gateway for autonomous AI agents. Discover, provision, and pay for MCP tool APIs. Includes reliability monitoring with circuit breakers and health metrics.",
   "bin": {
@@ -38,12 +38,11 @@
     "web3"
   ],
   "license": "MIT",
-  "author": "MetalTorque",
+  "author": "Ledd Consulting",
   "repository": {
     "type": "git",
-    "url": "https://github.com/joepangallo/mcp-server-agentpay"
+    "url": "https://github.com/joepangallo/agent-pay"
   },
-  "homepage": "https://pay.leddconsulting.com",
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.27.0",
     "zod": "^3.23.0"
@@ -53,6 +52,7 @@
   },
   "files": [
     "index.js",
+    "core.js",
     "README.md",
     "server.json",
     "package.json"

package/server.json CHANGED Viewed

@@ -1,17 +1,17 @@
 {
   "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
   "name": "io.github.joepangallo/agent-pay",
-  "description": "Payment gateway for AI agents. Discover, provision, and pay for tool APIs.",
+  "description": "Payment gateway for AI agents with tool discovery, provisioning, metering, and reliability tools.",
   "repository": {
-    "url": "https://github.com/joepangallo/mcp-server-agentpay",
+    "url": "https://github.com/joepangallo/agent-pay",
     "source": "github"
   },
-  "version": "1.1.1",
+  "version": "1.1.2",
   "packages": [
     {
       "registryType": "npm",
       "identifier": "mcp-server-agentpay",
-      "version": "1.1.1",
+      "version": "1.1.2",
       "transport": {
         "type": "stdio"
       },
@@ -31,7 +31,7 @@
           "name": "AGENTPAY_ADMIN_KEY"
         },
         {
-          "description": "AgentPay API URL. Defaults to https://pay.leddconsulting.com",
+          "description": "AgentPay API URL",
           "isRequired": false,
           "format": "string",
           "isSecret": false,

package/LICENSE DELETED Viewed

@@ -1,21 +0,0 @@
-MIT License
-Copyright (c) 2026 MetalTorque
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.