npm - mneme-ai - Versions diffs - 2.59.0 → 2.61.0 - Mend

mneme-ai 2.59.0 → 2.61.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAuIA,wBAAsB,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,~~CA29KvD~~"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAuIA,wBAAsB,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAgrLvD"}

package/dist/index.js CHANGED Viewed

@@ -4682,6 +4682,238 @@ export async function run(argv) {
             process.exitCode = 1;
         }
     });
+    // v2.61.0 — PASSPORT: capability-based security for MCP.
+    // Agents request HMAC-signed passports before sensitive tool calls;
+    // trust score gates issuance; delegation chain + revocation cascade
+    // + HMAC-chained audit ledger.
+    const passportParent = program
+        .command("capability")
+        .description("v2.61 — capability-based security. Default action = audit ledger.")
+        .action(async () => {
+        try {
+            const core = await import("@mneme-ai/core");
+            const led = core.passport.verifyLedgerChain(process.cwd());
+            const rows = core.passport.readLedger(process.cwd());
+            process.stdout.write(JSON.stringify({ ok: led.ok, rows: led.rows, brokenAt: led.brokenAt, recent: rows.slice(-10) }, null, 2) + "\n");
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
+    passportParent.command("request")
+        .description("Request a passport for a sensitive tool. Trust score must clear tier threshold.")
+        .requiredOption("--tool <name>", "Tool name (e.g. shell.exec)")
+        .requiredOption("--agent <id>", "Requesting agent identifier")
+        .option("--tier <t>", "Explicit risk tier (safe/read/write/network/destructive). Default: auto-classify from tool name.")
+        .option("--env-confidence <n>", "Trust signal: NEMESIS env-scan confidence 0..1", (v) => Number(v))
+        .option("--identity-verdict <v>", "Trust signal: NEMESIS verify_identity (CONFIRMED|DISPUTED|IMPOSSIBLE|INCONCLUSIVE)")
+        .option("--hm-weight <n>", "Trust signal: HONEST_MIRROR weight 0..1", (v) => Number(v))
+        .option("--stealth <n>", "Trust signal: STEALTH score 0..1 (inverted)", (v) => Number(v))
+        .option("--history <n>", "Trust signal: historical approval rate 0..1", (v) => Number(v))
+        .option("--scope <list>", "Comma-separated scope sub-restrictions", (v) => v.split(",").map((s) => s.trim()).filter(Boolean))
+        .option("--parent <token>", "Parent passport token (for delegation)")
+        .action(async (opts) => {
+        try {
+            const core = await import("@mneme-ai/core");
+            const trustInputs = {
+                envScanConfidence: opts.envConfidence,
+                identityVerdict: opts.identityVerdict,
+                honestMirrorWeight: opts.hmWeight,
+                stealthScore: opts.stealth,
+                historicalApprovalRate: opts.history,
+            };
+            const r = core.passport.issuePassport({
+                tool: opts.tool,
+                agent: opts.agent,
+                tier: opts.tier,
+                trustInputs,
+                scope: opts.scope,
+                parent: opts.parent,
+                cwd: process.cwd(),
+            });
+            process.stdout.write(JSON.stringify(r, null, 2) + "\n");
+            if (!r.ok)
+                process.exitCode = 1;
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
+    passportParent.command("verify")
+        .description("Verify a passport token (HMAC + TTL + revocation + optional expected tool/scope).")
+        .requiredOption("--token <t>", "Passport token to verify")
+        .option("--tool <name>", "Optional expected tool")
+        .option("--scope <list>", "Optional expected scope (comma-separated; all must be present)", (v) => v.split(",").map((s) => s.trim()).filter(Boolean))
+        .action(async (opts) => {
+        try {
+            const core = await import("@mneme-ai/core");
+            const r = core.passport.verifyPassport({ token: opts.token, expectedTool: opts.tool, expectedScope: opts.scope, cwd: process.cwd() });
+            process.stdout.write(JSON.stringify(r, null, 2) + "\n");
+            if (!r.valid)
+                process.exitCode = 1;
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
+    passportParent.command("revoke")
+        .description("Revoke a passport. Cascade revoke = also revokes every delegated descendant (default).")
+        .option("--token <t>", "Passport token")
+        .option("--jti <id>", "Direct jti (when you don't have the token)")
+        .option("--no-cascade", "Disable cascade revoke of descendants")
+        .action(async (opts) => {
+        try {
+            const core = await import("@mneme-ai/core");
+            const r = core.passport.revokePassport({ token: opts.token, jti: opts.jti, cascade: opts.cascade !== false, cwd: process.cwd() });
+            process.stdout.write(JSON.stringify(r, null, 2) + "\n");
+            if (!r.ok)
+                process.exitCode = 1;
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
+    passportParent.command("audit")
+        .description("Verify the HMAC-chained passport ledger + show last N entries.")
+        .option("--limit <n>", "How many entries to show", (v) => Number(v), 20)
+        .action(async (opts) => {
+        try {
+            const core = await import("@mneme-ai/core");
+            const led = core.passport.verifyLedgerChain(process.cwd());
+            const rows = core.passport.readLedger(process.cwd());
+            process.stdout.write(JSON.stringify({ ok: led.ok, totalRows: led.rows, brokenAt: led.brokenAt, recent: rows.slice(-(opts.limit ?? 20)) }, null, 2) + "\n");
+            if (!led.ok)
+                process.exitCode = 1;
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
+    passportParent.command("policy")
+        .description("Show the current default policy (tier → minTrust + ttlMs).")
+        .action(async () => {
+        try {
+            const core = await import("@mneme-ai/core");
+            process.stdout.write(JSON.stringify({ policy: core.passport.DEFAULT_POLICY }, null, 2) + "\n");
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
+    // v2.60.0 — SKELETON KEY: MCP server security auditor.
+    // First MCP security audit tool in the ecosystem. Discovers MCP
+    // servers in Claude Desktop / Cursor / Continue / Cline configs +
+    // risk-scores them + computes transitive bypass graph + pins HMAC
+    // snapshot for drift detection.
+    const skeletonKeyParent = program
+        .command("skeleton_key")
+        .description("v2.60 — MCP server security auditor. Default action = audit.")
+        .option("--budget <n>", "risk budget cap (default 5.0)", (v) => Number(v), 5.0)
+        .option("--empirical", "spawn each MCP server + read tools/list (slow, accurate)", false)
+        .action(async (opts) => {
+        try {
+            const core = await import("@mneme-ai/core");
+            const r = await core.skeletonKey.auditMcpConfigs({ budgetCap: opts.budget, empiricalProbe: opts.empirical });
+            process.stdout.write(JSON.stringify(r, null, 2) + "\n");
+            if (!r.ok)
+                process.exitCode = 1;
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
+    skeletonKeyParent.command("audit")
+        .description("Full MCP audit: discover servers, score risk, compute bypass graph, render banner.")
+        .option("--budget <n>", "risk budget cap (default 5.0)", (v) => Number(v), 5.0)
+        .option("--empirical", "spawn each MCP server + read tools/list (slow, accurate)", false)
+        .option("--banner", "render ASCII banner instead of JSON", false)
+        .action(async (opts) => {
+        try {
+            const core = await import("@mneme-ai/core");
+            const r = await core.skeletonKey.auditMcpConfigs({ budgetCap: opts.budget, empiricalProbe: opts.empirical });
+            if (opts.banner)
+                process.stdout.write(core.skeletonKey.renderAuditBanner(r) + "\n");
+            else
+                process.stdout.write(JSON.stringify(r, null, 2) + "\n");
+            if (!r.ok)
+                process.exitCode = 1;
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
+    skeletonKeyParent.command("recommend")
+        .description("Concrete config changes to reduce risk surface.")
+        .option("--budget <n>", "risk budget cap (default 5.0)", (v) => Number(v), 5.0)
+        .action(async (opts) => {
+        try {
+            const core = await import("@mneme-ai/core");
+            const a = await core.skeletonKey.auditMcpConfigs({ budgetCap: opts.budget });
+            const recs = core.skeletonKey.buildRecommendations(a);
+            process.stdout.write(JSON.stringify({ ok: recs.length === 0, count: recs.length, recommendations: recs }, null, 2) + "\n");
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
+    skeletonKeyParent.command("pin")
+        .description("Snapshot the current MCP config (HMAC-signed). Future drift checks compare against this.")
+        .action(async () => {
+        try {
+            const core = await import("@mneme-ai/core");
+            const snap = core.skeletonKey.pinConfigSnapshot(process.cwd());
+            process.stdout.write(JSON.stringify({ ok: true, snapshot: snap }, null, 2) + "\n");
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
+    skeletonKeyParent.command("drift")
+        .description("Compare current MCP config vs pinned snapshot. Detects silent tampering.")
+        .action(async () => {
+        try {
+            const core = await import("@mneme-ai/core");
+            const r = core.skeletonKey.detectConfigDrift(process.cwd());
+            process.stdout.write(JSON.stringify(r, null, 2) + "\n");
+            if (!r.ok)
+                process.exitCode = 1;
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
+    skeletonKeyParent.command("probe")
+        .description("Empirically spawn ONE MCP server + read its tools/list. Reveals real capabilities (not name-heuristic).")
+        .requiredOption("--server <name>", "MCP server name to probe (must match a discovered config entry)")
+        .action(async (opts) => {
+        try {
+            const core = await import("@mneme-ai/core");
+            const all = core.skeletonKey.discoverServers(core.skeletonKey.defaultConfigPaths());
+            const found = all.find((s) => s.name === opts.server);
+            if (!found || !found.command) {
+                process.stdout.write(JSON.stringify({ ok: false, hint: `server '${opts.server}' not found in any discovered config (or has no command)` }) + "\n");
+                process.exitCode = 1;
+                return;
+            }
+            const r = await core.skeletonKey.probeServer({ name: found.name, command: found.command, args: found.args, env: found.env });
+            process.stdout.write(JSON.stringify(r, null, 2) + "\n");
+        }
+        catch (e) {
+            process.stdout.write(JSON.stringify({ ok: false, error: e.message }) + "\n");
+            process.exitCode = 1;
+        }
+    });
     // v2.59.0 — SDK SURFACE AUDITOR: gate-self-verification.
     // Empirically imports @mneme-ai/sdk + checks the external public
     // surface matches WIRING DOCTOR's claims. Closes the v2.58 blind-spot