multicorn-shield 0.10.0 → 0.12.0

package/CHANGELOG.md

@@ -5,6 +5,46 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [X.Y.Z] - YYYY-MM-DD
+
+### Added
+
+- Cline native plugin support via PreToolUse/PostToolUse hooks
+- Hook scripts for Cline: pre-tool-use.cjs, post-tool-use.cjs, shared.cjs
+- Cline plugin README with setup instructions and troubleshooting
+- Browser auto-open for consent screen when Shield blocks an action
+- Licence headers on all plugin scripts
+
+### Changed
+
+- CLI wizard installs Cline hooks to ~/Documents/Cline/Hooks/ (previously ~/Documents/Cline/Rules/Hooks/)
+- Cline hook reads toolName field from hook input (Cline v3.81+ sends toolName, not tool)
+- Consent flow no longer polls for approval (blocks immediately with consent URL to avoid Cline's 30-second hook timeout)
+- Extracted shared utilities (config loading, HTTP, tool mapping) into shared.cjs to eliminate duplication between hooks
+- Parameter metadata scrubbed before sending to Shield API (file contents redacted, commands truncated)
+- HTTPS enforced for non-local Shield API connections
+
+### Removed
+
+- Polling-based consent approval flow (replaced with immediate block + consent URL)
+- Consent marker filesystem state (no longer needed without polling)
+
+### Security
+
+- Fixed Windows shell injection in openBrowser (replaced execSync with execFileSync)
+- Added HTTPS enforcement for non-localhost baseUrl in hook config
+- Added parameter and result scrubbing to prevent sensitive data leakage in audit metadata
+
+## [0.11.0] - 2026-04-25
+
+### Added
+
+- `<multicorn-badge>` trust badge web component for embedding in third-party products. Shadow DOM encapsulation, dark/light themes, compact/standard sizes, optional action count display.
+- CDN entrypoint (`dist/badge.js`) for single-script-tag embedding: `<script src="https://cdn.multicorn.ai/badge.js" data-agent-id="..."></script>`. Self-contained, no Lit runtime dependency.
+- `MulticornBadge` class exported from the main SDK barrel for programmatic usage.
+- Shared `shield-tokens.ts` module (`src/shared/`) extracting `SHIELD_COLORS` design tokens for reuse across consent and badge components.
+- `size-limit` budget enforcement for `dist/badge.js` at 5 kB gzip (actual ~1.75 kB).
+
 ## [0.10.0] - 2026-04-21
 
 ### Added

package/dist/badge.js

@@ -0,0 +1,44 @@
+var n={surface:"#14141f",surfaceHover:"#1a1a2e",border:"#2a2a3d",text:"#e8e8f0",accent:"#8b5cf6",accentDim:"rgba(139, 92, 246, 0.12)"};var E="#0f172a",y="#f8fafc",L="#f1f5f9",A="#e2e8f0";function h(){return `
+:host { display: inline-block; line-height: 0; }
+.badge {
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  box-sizing: border-box;
+  gap: 6px;
+  min-height: 28px;
+  padding: 4px 10px 4px 8px;
+  border-radius: 9999px;
+  text-decoration: none;
+  font-family: system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+  font-size: 12px;
+  font-weight: 500;
+  border: 1px solid ${n.border};
+  background: ${n.surface};
+  color: ${n.text};
+  transition: background 0.15s ease, border-color 0.15s ease, box-shadow 0.15s ease;
+}
+:host([theme="light"]) .badge {
+  border-color: ${A};
+  background: ${y};
+  color: ${E};
+}
+.badge:hover {
+  background: ${n.surfaceHover};
+  border-color: ${n.accent};
+  box-shadow: 0 0 0 1px ${n.accentDim};
+}
+:host([theme="light"]) .badge:hover {
+  background: ${L};
+  border-color: ${n.accent};
+}
+.badge:focus-visible {
+  outline: 2px solid ${n.accent};
+  outline-offset: 2px;
+}
+.icon { flex-shrink: 0; display: block; }
+.text { white-space: nowrap; }
+:host([size="compact"]) .text { display: none; }
+:host([size="compact"]) .badge { padding: 4px 6px; }
+@media (prefers-reduced-motion: reduce) { .badge { transition: none; } }
+  `.trim()}var T="https://multicorn.ai/verify/",x="multicorn-badge",v="M12 1L3 5v6c0 5.55 3.84 9.95 9 12 5.16-2.05 9-6.45 9-12V5l-9-4z",w=typeof HTMLElement<"u"?HTMLElement:class{connectedCallback(){}};function C(e){if(e==null||e==="")return;let t=Number(e);return Number.isNaN(t)?void 0:t}var m=class extends w{#e=false;ensureShadow(){return this.shadowRoot!=null?this.shadowRoot:this.attachShadow({mode:"open"})}static get observedAttributes(){return ["agent-id","size","theme","action-count"]}connectedCallback(){this.render();}attributeChangedCallback(){this.render();}render(){let t=this.ensureShadow();if(!this.#e){let g=document.createElement("style");g.textContent=h(),t.appendChild(g),this.#e=true;}let s=(this.getAttribute("agent-id")??"").trim(),c=C(this.getAttribute("action-count")),a=t.querySelector("a.badge");if(a&&a.remove(),s==="")return;let d,l;if(c==null)d="Secured by Multicorn",l="Secured by Multicorn, verify this agent";else {let f=String(c);d="Secured by Multicorn \xB7 "+f+" actions secured",l="Secured by Multicorn \xB7 "+f+" actions secured, verify this agent";}let S=`${T}${encodeURIComponent(s)}`,o=document.createElement("a");o.className="badge",o.href=S,o.target="_blank",o.rel="noopener noreferrer",o.setAttribute("aria-label",l);let p="http://www.w3.org/2000/svg",r=document.createElementNS(p,"svg");r.setAttribute("class","icon"),r.setAttribute("width","16"),r.setAttribute("height","16"),r.setAttribute("viewBox","0 0 24 24"),r.setAttribute("aria-hidden","true");let u=document.createElementNS(p,"path");u.setAttribute("d",v),u.setAttribute("fill",n.accent),r.appendChild(u),o.appendChild(r);let b=document.createElement("span");b.className="text",b.textContent=d,o.appendChild(b),t.appendChild(o);}};typeof customElements<"u"&&customElements.get(x)===void 0&&customElements.define(x,m);function H(e){return e==="compact"||e==="standard"}function M(e){return e==="dark"||e==="light"}var i=(typeof document<"u"&&document.currentScript!==null?document.currentScript:null)??null;if(i==null)console.warn("[Multicorn] badge.js must be loaded as a classic script (document.currentScript was null).");else {let e=i.dataset.agentId?.trim();if(e==null||e==="")console.warn("[Multicorn] Skipping trust badge: missing data-agent-id on the badge script tag.");else {let t=document.createElement("multicorn-badge");t.setAttribute("agent-id",e);let s=i.dataset.size;H(s)&&t.setAttribute("size",s);let c=i.dataset.theme;M(c)&&t.setAttribute("theme",c);let a=i.dataset.actionCount;a!=null&&a!==""&&t.setAttribute("action-count",a),i.parentNode?.insertBefore(t,i.nextSibling);}}

package/dist/index.cjs

@@ -4,13 +4,12 @@ var lit = require('lit');
 var decorators_js = require('lit/decorators.js');
 
 var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __decorateClass = (decorators, target, key, kind) => {
-  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  var result = void 0 ;
   for (var i = decorators.length - 1, decorator; i >= 0; i--)
     if (decorator = decorators[i])
-      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
-  if (kind && result) __defProp(target, key, result);
+      result = (decorator(target, key, result) ) || result;
+  if (result) __defProp(target, key, result);
   return result;
 };
 
@@ -432,6 +431,8 @@ function getScopeWarning(scopeString) {
   const metadata = getScopeMetadata(scopeString);
   return metadata?.warningMessage;
 }
+
+// src/shared/shield-tokens.ts
 var SHIELD_COLORS = {
   bg: "#0d0d14",
   surface: "#14141f",
@@ -452,6 +453,8 @@ var SHIELD_COLORS = {
   red: "#ef4444",
   redDim: "rgba(239, 68, 68, 0.12)"
 };
+
+// src/consent/consent-styles.ts
 var consentStyles = lit.css`
   :host {
     display: block;
@@ -1124,7 +1127,7 @@ function groupScopesByService(scopes) {
 function scopeKey(scope) {
   return `${scope.service}:${scope.permissionLevel}`;
 }
-exports.MulticornConsent = class MulticornConsent extends lit.LitElement {
+var MulticornConsent = class extends lit.LitElement {
   constructor() {
     super(...arguments);
     this.agentName = "";
@@ -1197,6 +1200,9 @@ exports.MulticornConsent = class MulticornConsent extends lit.LitElement {
       }
     };
   }
+  static {
+    this.styles = [consentStyles];
+  }
   connectedCallback() {
     super.connectedCallback();
     if (Array.isArray(this.scopes) && this.scopes.length > 0) {
@@ -1570,34 +1576,175 @@ exports.MulticornConsent = class MulticornConsent extends lit.LitElement {
     this.requestUpdate();
   }
 };
-exports.MulticornConsent.styles = [consentStyles];
 __decorateClass([
   decorators_js.property({ type: String, attribute: "agent-name" })
-], exports.MulticornConsent.prototype, "agentName", 2);
+], MulticornConsent.prototype, "agentName");
 __decorateClass([
   decorators_js.property({ type: String, attribute: "agent-color" })
-], exports.MulticornConsent.prototype, "agentColor", 2);
+], MulticornConsent.prototype, "agentColor");
 __decorateClass([
   decorators_js.property({ type: Array, attribute: "scopes" })
-], exports.MulticornConsent.prototype, "scopes", 2);
+], MulticornConsent.prototype, "scopes");
 __decorateClass([
   decorators_js.property({ type: Number, attribute: "spend-limit" })
-], exports.MulticornConsent.prototype, "spendLimit", 2);
+], MulticornConsent.prototype, "spendLimit");
 __decorateClass([
   decorators_js.property({ type: String })
-], exports.MulticornConsent.prototype, "mode", 2);
+], MulticornConsent.prototype, "mode");
 __decorateClass([
   decorators_js.state()
-], exports.MulticornConsent.prototype, "_grantedScopes", 2);
+], MulticornConsent.prototype, "_grantedScopes");
 __decorateClass([
   decorators_js.state()
-], exports.MulticornConsent.prototype, "_adjustedSpendLimit", 2);
+], MulticornConsent.prototype, "_adjustedSpendLimit");
 __decorateClass([
   decorators_js.state()
-], exports.MulticornConsent.prototype, "_isOpen", 2);
-exports.MulticornConsent = __decorateClass([
-  decorators_js.customElement(CONSENT_ELEMENT_TAG)
-], exports.MulticornConsent);
+], MulticornConsent.prototype, "_isOpen");
+if (typeof customElements !== "undefined" && customElements.get(CONSENT_ELEMENT_TAG) === void 0) {
+  customElements.define(CONSENT_ELEMENT_TAG, MulticornConsent);
+}
+
+// src/badge/badge-styles.ts
+var LIGHT_TEXT = "#0f172a";
+var LIGHT_SURFACE = "#f8fafc";
+var LIGHT_SURFACE_HOVER = "#f1f5f9";
+var LIGHT_BORDER = "#e2e8f0";
+function getBadgeStyleText() {
+  return `
+:host { display: inline-block; line-height: 0; }
+.badge {
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  box-sizing: border-box;
+  gap: 6px;
+  min-height: 28px;
+  padding: 4px 10px 4px 8px;
+  border-radius: 9999px;
+  text-decoration: none;
+  font-family: system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+  font-size: 12px;
+  font-weight: 500;
+  border: 1px solid ${SHIELD_COLORS.border};
+  background: ${SHIELD_COLORS.surface};
+  color: ${SHIELD_COLORS.text};
+  transition: background 0.15s ease, border-color 0.15s ease, box-shadow 0.15s ease;
+}
+:host([theme="light"]) .badge {
+  border-color: ${LIGHT_BORDER};
+  background: ${LIGHT_SURFACE};
+  color: ${LIGHT_TEXT};
+}
+.badge:hover {
+  background: ${SHIELD_COLORS.surfaceHover};
+  border-color: ${SHIELD_COLORS.accent};
+  box-shadow: 0 0 0 1px ${SHIELD_COLORS.accentDim};
+}
+:host([theme="light"]) .badge:hover {
+  background: ${LIGHT_SURFACE_HOVER};
+  border-color: ${SHIELD_COLORS.accent};
+}
+.badge:focus-visible {
+  outline: 2px solid ${SHIELD_COLORS.accent};
+  outline-offset: 2px;
+}
+.icon { flex-shrink: 0; display: block; }
+.text { white-space: nowrap; }
+:host([size="compact"]) .text { display: none; }
+:host([size="compact"]) .badge { padding: 4px 6px; }
+@media (prefers-reduced-motion: reduce) { .badge { transition: none; } }
+  `.trim();
+}
+
+// src/badge/multicorn-badge.ts
+var VERIFY_BASE = "https://multicorn.ai/verify/";
+var BADGE_ELEMENT_TAG = "multicorn-badge";
+var SHIELD_PATH = "M12 1L3 5v6c0 5.55 3.84 9.95 9 12 5.16-2.05 9-6.45 9-12V5l-9-4z";
+var SafeHTMLElement = typeof HTMLElement !== "undefined" ? HTMLElement : class {
+  connectedCallback() {
+  }
+};
+function parseOptionalCount(raw) {
+  if (raw == null || raw === "") {
+    return void 0;
+  }
+  const n = Number(raw);
+  return Number.isNaN(n) ? void 0 : n;
+}
+var MulticornBadge = class extends SafeHTMLElement {
+  #didInjectStyle = false;
+  ensureShadow() {
+    if (this.shadowRoot != null) {
+      return this.shadowRoot;
+    }
+    return this.attachShadow({ mode: "open" });
+  }
+  static get observedAttributes() {
+    return ["agent-id", "size", "theme", "action-count"];
+  }
+  connectedCallback() {
+    this.render();
+  }
+  attributeChangedCallback() {
+    this.render();
+  }
+  render() {
+    const root = this.ensureShadow();
+    if (this.#didInjectStyle) ; else {
+      const style = document.createElement("style");
+      style.textContent = getBadgeStyleText();
+      root.appendChild(style);
+      this.#didInjectStyle = true;
+    }
+    const agentId = (this.getAttribute("agent-id") ?? "").trim();
+    const actionCount = parseOptionalCount(this.getAttribute("action-count"));
+    const prior = root.querySelector("a.badge");
+    if (prior) {
+      prior.remove();
+    }
+    if (agentId === "") {
+      return;
+    }
+    let labelSuffix;
+    let ariaLabel;
+    if (actionCount == null) {
+      labelSuffix = "Secured by Multicorn";
+      ariaLabel = "Secured by Multicorn, verify this agent";
+    } else {
+      const count = actionCount;
+      const countText = String(count);
+      labelSuffix = "Secured by Multicorn \xB7 " + countText + " actions secured";
+      ariaLabel = "Secured by Multicorn \xB7 " + countText + " actions secured, verify this agent";
+    }
+    const href = `${VERIFY_BASE}${encodeURIComponent(agentId)}`;
+    const a = document.createElement("a");
+    a.className = "badge";
+    a.href = href;
+    a.target = "_blank";
+    a.rel = "noopener noreferrer";
+    a.setAttribute("aria-label", ariaLabel);
+    const svgNs = "http://www.w3.org/2000/svg";
+    const svg = document.createElementNS(svgNs, "svg");
+    svg.setAttribute("class", "icon");
+    svg.setAttribute("width", "16");
+    svg.setAttribute("height", "16");
+    svg.setAttribute("viewBox", "0 0 24 24");
+    svg.setAttribute("aria-hidden", "true");
+    const path = document.createElementNS(svgNs, "path");
+    path.setAttribute("d", SHIELD_PATH);
+    path.setAttribute("fill", SHIELD_COLORS.accent);
+    svg.appendChild(path);
+    a.appendChild(svg);
+    const text = document.createElement("span");
+    text.className = "text";
+    text.textContent = labelSuffix;
+    a.appendChild(text);
+    root.appendChild(a);
+  }
+};
+if (typeof customElements !== "undefined" && customElements.get(BADGE_ELEMENT_TAG) === void 0) {
+  customElements.define(BADGE_ELEMENT_TAG, MulticornBadge);
+}
 
 // src/logger/action-logger.ts
 function createActionLogger(config) {
@@ -2749,6 +2896,8 @@ exports.ACTION_STATUSES = ACTION_STATUSES;
 exports.AGENT_STATUSES = AGENT_STATUSES;
 exports.BUILT_IN_SERVICES = BUILT_IN_SERVICES;
 exports.CONSENT_ELEMENT_TAG = CONSENT_ELEMENT_TAG;
+exports.MulticornBadge = MulticornBadge;
+exports.MulticornConsent = MulticornConsent;
 exports.MulticornShield = MulticornShield;
 exports.PERMISSION_LEVELS = PERMISSION_LEVELS;
 exports.SERVICE_NAME_PATTERN = SERVICE_NAME_PATTERN;

package/dist/index.d.cts

@@ -1069,6 +1069,33 @@ interface FocusTrap {
  */
 declare function createFocusTrap(container: HTMLElement, initialFocus?: HTMLElement | null): FocusTrap;
 
+/**
+ * `<multicorn-badge>`: small embeddable trust badge (Shadow DOM).
+ * Implemented as a native custom element to keep the CDN `badge.js` under the
+ * size budget. Styling and tokens align with the Lit-based consent screen.
+ *
+ * @module badge/multicorn-badge
+ */
+/** Custom element tag for the trust badge. */
+declare const BADGE_ELEMENT_TAG: "multicorn-badge";
+declare const SafeHTMLElement: {
+    new (): HTMLElement;
+    prototype: HTMLElement;
+};
+declare class MulticornBadge extends SafeHTMLElement {
+    #private;
+    private ensureShadow;
+    static get observedAttributes(): string[];
+    connectedCallback(): void;
+    attributeChangedCallback(): void;
+    private render;
+}
+declare global {
+    interface HTMLElementTagNameMap {
+        [BADGE_ELEMENT_TAG]: MulticornBadge;
+    }
+}
+
 /**
  * Action logging client for Multicorn Shield.
  *
@@ -2283,4 +2310,4 @@ interface ContentReviewRequestPayload {
  */
 declare function requestContentReview(payload: ContentReviewRequestPayload, apiKey: string, baseUrl: string, logger?: PluginLogger): Promise<ContentReviewResult>;
 
-export { ACTION_STATUSES, AGENT_STATUSES, type Action, type ActionInput, type ActionLogger, type ActionLoggerConfig, type ActionPayload, type ActionStatus, type Agent, type AgentStatus, type ApiError, BUILT_IN_SERVICES, type BatchModeConfig, type BuiltInServiceName, CONSENT_ELEMENT_TAG, type ConsentDecision, type ConsentDeniedEventDetail, type ConsentEventDetail, type ConsentEventMap, type ConsentEventName, type ConsentGrantedEventDetail, type ConsentOptions, type ConsentPartialEventDetail, type ContentReviewRequestPayload, type ContentReviewResult, type ContentReviewStatusResponse, type FocusTrap, type McpAdapter, type McpAdapterConfig, type McpAdapterResult, type McpBlockedResult, type McpToolCall, type McpToolHandler, type McpToolResult, MulticornConsent, MulticornShield, type MulticornShieldConfig, PERMISSION_LEVELS, type Permission, type PermissionLevel, type RemainingBudget, SERVICE_NAME_PATTERN, type Scope, ScopeParseError, type ScopeParseResult, type ScopeRegistry, type ScopeRequest, type ServiceDefinition, type SpendCheckResult, type SpendingCheckResult, type SpendingChecker, type SpendingLimit, type SpendingLimits, type SpendingTrackerConfig, type ValidationResult, centsToDollars, createActionLogger, createFocusTrap, createMcpAdapter, createScopeRegistry, createSpendingChecker, dollarsToCents, formatScope, getPermissionLabel, getScopeLabel, getScopeShortLabel, getServiceDisplayName, getServiceIcon, hasScope, isBlockedResult, isPublicContentAction, isValidScopeString, parseScope, parseScopes, requestContentReview, requiresContentReview, tryParseScope, validateAllScopesAccess, validateScopeAccess };
+export { ACTION_STATUSES, AGENT_STATUSES, type Action, type ActionInput, type ActionLogger, type ActionLoggerConfig, type ActionPayload, type ActionStatus, type Agent, type AgentStatus, type ApiError, BUILT_IN_SERVICES, type BatchModeConfig, type BuiltInServiceName, CONSENT_ELEMENT_TAG, type ConsentDecision, type ConsentDeniedEventDetail, type ConsentEventDetail, type ConsentEventMap, type ConsentEventName, type ConsentGrantedEventDetail, type ConsentOptions, type ConsentPartialEventDetail, type ContentReviewRequestPayload, type ContentReviewResult, type ContentReviewStatusResponse, type FocusTrap, type McpAdapter, type McpAdapterConfig, type McpAdapterResult, type McpBlockedResult, type McpToolCall, type McpToolHandler, type McpToolResult, MulticornBadge, MulticornConsent, MulticornShield, type MulticornShieldConfig, PERMISSION_LEVELS, type Permission, type PermissionLevel, type RemainingBudget, SERVICE_NAME_PATTERN, type Scope, ScopeParseError, type ScopeParseResult, type ScopeRegistry, type ScopeRequest, type ServiceDefinition, type SpendCheckResult, type SpendingCheckResult, type SpendingChecker, type SpendingLimit, type SpendingLimits, type SpendingTrackerConfig, type ValidationResult, centsToDollars, createActionLogger, createFocusTrap, createMcpAdapter, createScopeRegistry, createSpendingChecker, dollarsToCents, formatScope, getPermissionLabel, getScopeLabel, getScopeShortLabel, getServiceDisplayName, getServiceIcon, hasScope, isBlockedResult, isPublicContentAction, isValidScopeString, parseScope, parseScopes, requestContentReview, requiresContentReview, tryParseScope, validateAllScopesAccess, validateScopeAccess };

package/dist/index.d.ts

@@ -1069,6 +1069,33 @@ interface FocusTrap {
  */
 declare function createFocusTrap(container: HTMLElement, initialFocus?: HTMLElement | null): FocusTrap;
 
+/**
+ * `<multicorn-badge>`: small embeddable trust badge (Shadow DOM).
+ * Implemented as a native custom element to keep the CDN `badge.js` under the
+ * size budget. Styling and tokens align with the Lit-based consent screen.
+ *
+ * @module badge/multicorn-badge
+ */
+/** Custom element tag for the trust badge. */
+declare const BADGE_ELEMENT_TAG: "multicorn-badge";
+declare const SafeHTMLElement: {
+    new (): HTMLElement;
+    prototype: HTMLElement;
+};
+declare class MulticornBadge extends SafeHTMLElement {
+    #private;
+    private ensureShadow;
+    static get observedAttributes(): string[];
+    connectedCallback(): void;
+    attributeChangedCallback(): void;
+    private render;
+}
+declare global {
+    interface HTMLElementTagNameMap {
+        [BADGE_ELEMENT_TAG]: MulticornBadge;
+    }
+}
+
 /**
  * Action logging client for Multicorn Shield.
  *
@@ -2283,4 +2310,4 @@ interface ContentReviewRequestPayload {
  */
 declare function requestContentReview(payload: ContentReviewRequestPayload, apiKey: string, baseUrl: string, logger?: PluginLogger): Promise<ContentReviewResult>;
 
-export { ACTION_STATUSES, AGENT_STATUSES, type Action, type ActionInput, type ActionLogger, type ActionLoggerConfig, type ActionPayload, type ActionStatus, type Agent, type AgentStatus, type ApiError, BUILT_IN_SERVICES, type BatchModeConfig, type BuiltInServiceName, CONSENT_ELEMENT_TAG, type ConsentDecision, type ConsentDeniedEventDetail, type ConsentEventDetail, type ConsentEventMap, type ConsentEventName, type ConsentGrantedEventDetail, type ConsentOptions, type ConsentPartialEventDetail, type ContentReviewRequestPayload, type ContentReviewResult, type ContentReviewStatusResponse, type FocusTrap, type McpAdapter, type McpAdapterConfig, type McpAdapterResult, type McpBlockedResult, type McpToolCall, type McpToolHandler, type McpToolResult, MulticornConsent, MulticornShield, type MulticornShieldConfig, PERMISSION_LEVELS, type Permission, type PermissionLevel, type RemainingBudget, SERVICE_NAME_PATTERN, type Scope, ScopeParseError, type ScopeParseResult, type ScopeRegistry, type ScopeRequest, type ServiceDefinition, type SpendCheckResult, type SpendingCheckResult, type SpendingChecker, type SpendingLimit, type SpendingLimits, type SpendingTrackerConfig, type ValidationResult, centsToDollars, createActionLogger, createFocusTrap, createMcpAdapter, createScopeRegistry, createSpendingChecker, dollarsToCents, formatScope, getPermissionLabel, getScopeLabel, getScopeShortLabel, getServiceDisplayName, getServiceIcon, hasScope, isBlockedResult, isPublicContentAction, isValidScopeString, parseScope, parseScopes, requestContentReview, requiresContentReview, tryParseScope, validateAllScopesAccess, validateScopeAccess };
+export { ACTION_STATUSES, AGENT_STATUSES, type Action, type ActionInput, type ActionLogger, type ActionLoggerConfig, type ActionPayload, type ActionStatus, type Agent, type AgentStatus, type ApiError, BUILT_IN_SERVICES, type BatchModeConfig, type BuiltInServiceName, CONSENT_ELEMENT_TAG, type ConsentDecision, type ConsentDeniedEventDetail, type ConsentEventDetail, type ConsentEventMap, type ConsentEventName, type ConsentGrantedEventDetail, type ConsentOptions, type ConsentPartialEventDetail, type ContentReviewRequestPayload, type ContentReviewResult, type ContentReviewStatusResponse, type FocusTrap, type McpAdapter, type McpAdapterConfig, type McpAdapterResult, type McpBlockedResult, type McpToolCall, type McpToolHandler, type McpToolResult, MulticornBadge, MulticornConsent, MulticornShield, type MulticornShieldConfig, PERMISSION_LEVELS, type Permission, type PermissionLevel, type RemainingBudget, SERVICE_NAME_PATTERN, type Scope, ScopeParseError, type ScopeParseResult, type ScopeRegistry, type ScopeRequest, type ServiceDefinition, type SpendCheckResult, type SpendingCheckResult, type SpendingChecker, type SpendingLimit, type SpendingLimits, type SpendingTrackerConfig, type ValidationResult, centsToDollars, createActionLogger, createFocusTrap, createMcpAdapter, createScopeRegistry, createSpendingChecker, dollarsToCents, formatScope, getPermissionLabel, getScopeLabel, getScopeShortLabel, getServiceDisplayName, getServiceIcon, hasScope, isBlockedResult, isPublicContentAction, isValidScopeString, parseScope, parseScopes, requestContentReview, requiresContentReview, tryParseScope, validateAllScopesAccess, validateScopeAccess };

package/dist/index.js

@@ -1,14 +1,13 @@
 import { unsafeCSS, css, LitElement, html } from 'lit';
-import { property, state, customElement } from 'lit/decorators.js';
+import { property, state } from 'lit/decorators.js';
 
 var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __decorateClass = (decorators, target, key, kind) => {
-  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  var result = void 0 ;
   for (var i = decorators.length - 1, decorator; i >= 0; i--)
     if (decorator = decorators[i])
-      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
-  if (kind && result) __defProp(target, key, result);
+      result = (decorator(target, key, result) ) || result;
+  if (result) __defProp(target, key, result);
   return result;
 };
 
@@ -430,6 +429,8 @@ function getScopeWarning(scopeString) {
   const metadata = getScopeMetadata(scopeString);
   return metadata?.warningMessage;
 }
+
+// src/shared/shield-tokens.ts
 var SHIELD_COLORS = {
   bg: "#0d0d14",
   surface: "#14141f",
@@ -450,6 +451,8 @@ var SHIELD_COLORS = {
   red: "#ef4444",
   redDim: "rgba(239, 68, 68, 0.12)"
 };
+
+// src/consent/consent-styles.ts
 var consentStyles = css`
   :host {
     display: block;
@@ -1195,6 +1198,9 @@ var MulticornConsent = class extends LitElement {
       }
     };
   }
+  static {
+    this.styles = [consentStyles];
+  }
   connectedCallback() {
     super.connectedCallback();
     if (Array.isArray(this.scopes) && this.scopes.length > 0) {
@@ -1568,34 +1574,175 @@ var MulticornConsent = class extends LitElement {
     this.requestUpdate();
   }
 };
-MulticornConsent.styles = [consentStyles];
 __decorateClass([
   property({ type: String, attribute: "agent-name" })
-], MulticornConsent.prototype, "agentName", 2);
+], MulticornConsent.prototype, "agentName");
 __decorateClass([
   property({ type: String, attribute: "agent-color" })
-], MulticornConsent.prototype, "agentColor", 2);
+], MulticornConsent.prototype, "agentColor");
 __decorateClass([
   property({ type: Array, attribute: "scopes" })
-], MulticornConsent.prototype, "scopes", 2);
+], MulticornConsent.prototype, "scopes");
 __decorateClass([
   property({ type: Number, attribute: "spend-limit" })
-], MulticornConsent.prototype, "spendLimit", 2);
+], MulticornConsent.prototype, "spendLimit");
 __decorateClass([
   property({ type: String })
-], MulticornConsent.prototype, "mode", 2);
+], MulticornConsent.prototype, "mode");
 __decorateClass([
   state()
-], MulticornConsent.prototype, "_grantedScopes", 2);
+], MulticornConsent.prototype, "_grantedScopes");
 __decorateClass([
   state()
-], MulticornConsent.prototype, "_adjustedSpendLimit", 2);
+], MulticornConsent.prototype, "_adjustedSpendLimit");
 __decorateClass([
   state()
-], MulticornConsent.prototype, "_isOpen", 2);
-MulticornConsent = __decorateClass([
-  customElement(CONSENT_ELEMENT_TAG)
-], MulticornConsent);
+], MulticornConsent.prototype, "_isOpen");
+if (typeof customElements !== "undefined" && customElements.get(CONSENT_ELEMENT_TAG) === void 0) {
+  customElements.define(CONSENT_ELEMENT_TAG, MulticornConsent);
+}
+
+// src/badge/badge-styles.ts
+var LIGHT_TEXT = "#0f172a";
+var LIGHT_SURFACE = "#f8fafc";
+var LIGHT_SURFACE_HOVER = "#f1f5f9";
+var LIGHT_BORDER = "#e2e8f0";
+function getBadgeStyleText() {
+  return `
+:host { display: inline-block; line-height: 0; }
+.badge {
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  box-sizing: border-box;
+  gap: 6px;
+  min-height: 28px;
+  padding: 4px 10px 4px 8px;
+  border-radius: 9999px;
+  text-decoration: none;
+  font-family: system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+  font-size: 12px;
+  font-weight: 500;
+  border: 1px solid ${SHIELD_COLORS.border};
+  background: ${SHIELD_COLORS.surface};
+  color: ${SHIELD_COLORS.text};
+  transition: background 0.15s ease, border-color 0.15s ease, box-shadow 0.15s ease;
+}
+:host([theme="light"]) .badge {
+  border-color: ${LIGHT_BORDER};
+  background: ${LIGHT_SURFACE};
+  color: ${LIGHT_TEXT};
+}
+.badge:hover {
+  background: ${SHIELD_COLORS.surfaceHover};
+  border-color: ${SHIELD_COLORS.accent};
+  box-shadow: 0 0 0 1px ${SHIELD_COLORS.accentDim};
+}
+:host([theme="light"]) .badge:hover {
+  background: ${LIGHT_SURFACE_HOVER};
+  border-color: ${SHIELD_COLORS.accent};
+}
+.badge:focus-visible {
+  outline: 2px solid ${SHIELD_COLORS.accent};
+  outline-offset: 2px;
+}
+.icon { flex-shrink: 0; display: block; }
+.text { white-space: nowrap; }
+:host([size="compact"]) .text { display: none; }
+:host([size="compact"]) .badge { padding: 4px 6px; }
+@media (prefers-reduced-motion: reduce) { .badge { transition: none; } }
+  `.trim();
+}
+
+// src/badge/multicorn-badge.ts
+var VERIFY_BASE = "https://multicorn.ai/verify/";
+var BADGE_ELEMENT_TAG = "multicorn-badge";
+var SHIELD_PATH = "M12 1L3 5v6c0 5.55 3.84 9.95 9 12 5.16-2.05 9-6.45 9-12V5l-9-4z";
+var SafeHTMLElement = typeof HTMLElement !== "undefined" ? HTMLElement : class {
+  connectedCallback() {
+  }
+};
+function parseOptionalCount(raw) {
+  if (raw == null || raw === "") {
+    return void 0;
+  }
+  const n = Number(raw);
+  return Number.isNaN(n) ? void 0 : n;
+}
+var MulticornBadge = class extends SafeHTMLElement {
+  #didInjectStyle = false;
+  ensureShadow() {
+    if (this.shadowRoot != null) {
+      return this.shadowRoot;
+    }
+    return this.attachShadow({ mode: "open" });
+  }
+  static get observedAttributes() {
+    return ["agent-id", "size", "theme", "action-count"];
+  }
+  connectedCallback() {
+    this.render();
+  }
+  attributeChangedCallback() {
+    this.render();
+  }
+  render() {
+    const root = this.ensureShadow();
+    if (this.#didInjectStyle) ; else {
+      const style = document.createElement("style");
+      style.textContent = getBadgeStyleText();
+      root.appendChild(style);
+      this.#didInjectStyle = true;
+    }
+    const agentId = (this.getAttribute("agent-id") ?? "").trim();
+    const actionCount = parseOptionalCount(this.getAttribute("action-count"));
+    const prior = root.querySelector("a.badge");
+    if (prior) {
+      prior.remove();
+    }
+    if (agentId === "") {
+      return;
+    }
+    let labelSuffix;
+    let ariaLabel;
+    if (actionCount == null) {
+      labelSuffix = "Secured by Multicorn";
+      ariaLabel = "Secured by Multicorn, verify this agent";
+    } else {
+      const count = actionCount;
+      const countText = String(count);
+      labelSuffix = "Secured by Multicorn \xB7 " + countText + " actions secured";
+      ariaLabel = "Secured by Multicorn \xB7 " + countText + " actions secured, verify this agent";
+    }
+    const href = `${VERIFY_BASE}${encodeURIComponent(agentId)}`;
+    const a = document.createElement("a");
+    a.className = "badge";
+    a.href = href;
+    a.target = "_blank";
+    a.rel = "noopener noreferrer";
+    a.setAttribute("aria-label", ariaLabel);
+    const svgNs = "http://www.w3.org/2000/svg";
+    const svg = document.createElementNS(svgNs, "svg");
+    svg.setAttribute("class", "icon");
+    svg.setAttribute("width", "16");
+    svg.setAttribute("height", "16");
+    svg.setAttribute("viewBox", "0 0 24 24");
+    svg.setAttribute("aria-hidden", "true");
+    const path = document.createElementNS(svgNs, "path");
+    path.setAttribute("d", SHIELD_PATH);
+    path.setAttribute("fill", SHIELD_COLORS.accent);
+    svg.appendChild(path);
+    a.appendChild(svg);
+    const text = document.createElement("span");
+    text.className = "text";
+    text.textContent = labelSuffix;
+    a.appendChild(text);
+    root.appendChild(a);
+  }
+};
+if (typeof customElements !== "undefined" && customElements.get(BADGE_ELEMENT_TAG) === void 0) {
+  customElements.define(BADGE_ELEMENT_TAG, MulticornBadge);
+}
 
 // src/logger/action-logger.ts
 function createActionLogger(config) {
@@ -2743,4 +2890,4 @@ function validateApiKey(apiKey) {
   }
 }
 
-export { ACTION_STATUSES, AGENT_STATUSES, BUILT_IN_SERVICES, CONSENT_ELEMENT_TAG, MulticornConsent, MulticornShield, PERMISSION_LEVELS, SERVICE_NAME_PATTERN, ScopeParseError, centsToDollars, createActionLogger, createFocusTrap, createMcpAdapter, createScopeRegistry, createSpendingChecker, dollarsToCents, formatScope, getPermissionLabel, getScopeLabel, getScopeShortLabel, getServiceDisplayName, getServiceIcon, hasScope, isBlockedResult, isPublicContentAction, isValidScopeString, parseScope, parseScopes, requestContentReview, requiresContentReview, tryParseScope, validateAllScopesAccess, validateScopeAccess };
+export { ACTION_STATUSES, AGENT_STATUSES, BUILT_IN_SERVICES, CONSENT_ELEMENT_TAG, MulticornBadge, MulticornConsent, MulticornShield, PERMISSION_LEVELS, SERVICE_NAME_PATTERN, ScopeParseError, centsToDollars, createActionLogger, createFocusTrap, createMcpAdapter, createScopeRegistry, createSpendingChecker, dollarsToCents, formatScope, getPermissionLabel, getScopeLabel, getScopeShortLabel, getServiceDisplayName, getServiceIcon, hasScope, isBlockedResult, isPublicContentAction, isValidScopeString, parseScope, parseScopes, requestContentReview, requiresContentReview, tryParseScope, validateAllScopesAccess, validateScopeAccess };