multicorn-shield 0.11.0 → 0.12.0

package/CHANGELOG.md

@@ -5,6 +5,36 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [X.Y.Z] - YYYY-MM-DD
+
+### Added
+
+- Cline native plugin support via PreToolUse/PostToolUse hooks
+- Hook scripts for Cline: pre-tool-use.cjs, post-tool-use.cjs, shared.cjs
+- Cline plugin README with setup instructions and troubleshooting
+- Browser auto-open for consent screen when Shield blocks an action
+- Licence headers on all plugin scripts
+
+### Changed
+
+- CLI wizard installs Cline hooks to ~/Documents/Cline/Hooks/ (previously ~/Documents/Cline/Rules/Hooks/)
+- Cline hook reads toolName field from hook input (Cline v3.81+ sends toolName, not tool)
+- Consent flow no longer polls for approval (blocks immediately with consent URL to avoid Cline's 30-second hook timeout)
+- Extracted shared utilities (config loading, HTTP, tool mapping) into shared.cjs to eliminate duplication between hooks
+- Parameter metadata scrubbed before sending to Shield API (file contents redacted, commands truncated)
+- HTTPS enforced for non-local Shield API connections
+
+### Removed
+
+- Polling-based consent approval flow (replaced with immediate block + consent URL)
+- Consent marker filesystem state (no longer needed without polling)
+
+### Security
+
+- Fixed Windows shell injection in openBrowser (replaced execSync with execFileSync)
+- Added HTTPS enforcement for non-localhost baseUrl in hook config
+- Added parameter and result scrubbing to prevent sensitive data leakage in audit metadata
+
 ## [0.11.0] - 2026-04-25
 
 ### Added

package/dist/badge.js

@@ -1,4 +1,4 @@
-var n={surface:"#14141f",surfaceHover:"#1a1a2e",border:"#2a2a3d",text:"#e8e8f0",accent:"#8b5cf6",accentDim:"rgba(139, 92, 246, 0.12)"};var E="#0f172a",y="#f8fafc",A="#f1f5f9",v="#e2e8f0";function h(){return `
+var n={surface:"#14141f",surfaceHover:"#1a1a2e",border:"#2a2a3d",text:"#e8e8f0",accent:"#8b5cf6",accentDim:"rgba(139, 92, 246, 0.12)"};var E="#0f172a",y="#f8fafc",L="#f1f5f9",A="#e2e8f0";function h(){return `
 :host { display: inline-block; line-height: 0; }
 .badge {
   display: inline-flex;
@@ -19,7 +19,7 @@ var n={surface:"#14141f",surfaceHover:"#1a1a2e",border:"#2a2a3d",text:"#e8e8f0",
   transition: background 0.15s ease, border-color 0.15s ease, box-shadow 0.15s ease;
 }
 :host([theme="light"]) .badge {
-  border-color: ${v};
+  border-color: ${A};
   background: ${y};
   color: ${E};
 }
@@ -29,7 +29,7 @@ var n={surface:"#14141f",surfaceHover:"#1a1a2e",border:"#2a2a3d",text:"#e8e8f0",
   box-shadow: 0 0 0 1px ${n.accentDim};
 }
 :host([theme="light"]) .badge:hover {
-  background: ${A};
+  background: ${L};
   border-color: ${n.accent};
 }
 .badge:focus-visible {
@@ -41,4 +41,4 @@ var n={surface:"#14141f",surfaceHover:"#1a1a2e",border:"#2a2a3d",text:"#e8e8f0",
 :host([size="compact"]) .text { display: none; }
 :host([size="compact"]) .badge { padding: 4px 6px; }
 @media (prefers-reduced-motion: reduce) { .badge { transition: none; } }
-  `.trim()}var L="https://multicorn.ai/verify/",x="multicorn-badge",w="M12 1L3 5v6c0 5.55 3.84 9.95 9 12 5.16-2.05 9-6.45 9-12V5l-9-4z";function C(e){if(e==null||e==="")return;let t=Number(e);return Number.isNaN(t)?void 0:t}var m=class extends HTMLElement{#e=false;ensureShadow(){return this.shadowRoot!=null?this.shadowRoot:this.attachShadow({mode:"open"})}static get observedAttributes(){return ["agent-id","size","theme","action-count"]}connectedCallback(){this.render();}attributeChangedCallback(){this.render();}render(){let t=this.ensureShadow();if(!this.#e){let g=document.createElement("style");g.textContent=h(),t.appendChild(g),this.#e=true;}let s=(this.getAttribute("agent-id")??"").trim(),c=C(this.getAttribute("action-count")),a=t.querySelector("a.badge");if(a&&a.remove(),s==="")return;let d,l;if(c==null)d="Secured by Multicorn",l="Secured by Multicorn, verify this agent";else {let f=String(c);d="Secured by Multicorn \xB7 "+f+" actions secured",l="Secured by Multicorn \xB7 "+f+" actions secured, verify this agent";}let S=`${L}${encodeURIComponent(s)}`,r=document.createElement("a");r.className="badge",r.href=S,r.target="_blank",r.rel="noopener noreferrer",r.setAttribute("aria-label",l);let p="http://www.w3.org/2000/svg",o=document.createElementNS(p,"svg");o.setAttribute("class","icon"),o.setAttribute("width","16"),o.setAttribute("height","16"),o.setAttribute("viewBox","0 0 24 24"),o.setAttribute("aria-hidden","true");let u=document.createElementNS(p,"path");u.setAttribute("d",w),u.setAttribute("fill",n.accent),o.appendChild(u),r.appendChild(o);let b=document.createElement("span");b.className="text",b.textContent=d,r.appendChild(b),t.appendChild(r);}};customElements.get(x)===void 0&&customElements.define(x,m);function T(e){return e==="compact"||e==="standard"}function H(e){return e==="dark"||e==="light"}var i=(typeof document<"u"&&document.currentScript!==null?document.currentScript:null)??null;if(i==null)console.warn("[Multicorn] badge.js must be loaded as a classic script (document.currentScript was null).");else {let e=i.dataset.agentId?.trim();if(e==null||e==="")console.warn("[Multicorn] Skipping trust badge: missing data-agent-id on the badge script tag.");else {let t=document.createElement("multicorn-badge");t.setAttribute("agent-id",e);let s=i.dataset.size;T(s)&&t.setAttribute("size",s);let c=i.dataset.theme;H(c)&&t.setAttribute("theme",c);let a=i.dataset.actionCount;a!=null&&a!==""&&t.setAttribute("action-count",a),i.parentNode?.insertBefore(t,i.nextSibling);}}
+  `.trim()}var T="https://multicorn.ai/verify/",x="multicorn-badge",v="M12 1L3 5v6c0 5.55 3.84 9.95 9 12 5.16-2.05 9-6.45 9-12V5l-9-4z",w=typeof HTMLElement<"u"?HTMLElement:class{connectedCallback(){}};function C(e){if(e==null||e==="")return;let t=Number(e);return Number.isNaN(t)?void 0:t}var m=class extends w{#e=false;ensureShadow(){return this.shadowRoot!=null?this.shadowRoot:this.attachShadow({mode:"open"})}static get observedAttributes(){return ["agent-id","size","theme","action-count"]}connectedCallback(){this.render();}attributeChangedCallback(){this.render();}render(){let t=this.ensureShadow();if(!this.#e){let g=document.createElement("style");g.textContent=h(),t.appendChild(g),this.#e=true;}let s=(this.getAttribute("agent-id")??"").trim(),c=C(this.getAttribute("action-count")),a=t.querySelector("a.badge");if(a&&a.remove(),s==="")return;let d,l;if(c==null)d="Secured by Multicorn",l="Secured by Multicorn, verify this agent";else {let f=String(c);d="Secured by Multicorn \xB7 "+f+" actions secured",l="Secured by Multicorn \xB7 "+f+" actions secured, verify this agent";}let S=`${T}${encodeURIComponent(s)}`,o=document.createElement("a");o.className="badge",o.href=S,o.target="_blank",o.rel="noopener noreferrer",o.setAttribute("aria-label",l);let p="http://www.w3.org/2000/svg",r=document.createElementNS(p,"svg");r.setAttribute("class","icon"),r.setAttribute("width","16"),r.setAttribute("height","16"),r.setAttribute("viewBox","0 0 24 24"),r.setAttribute("aria-hidden","true");let u=document.createElementNS(p,"path");u.setAttribute("d",v),u.setAttribute("fill",n.accent),r.appendChild(u),o.appendChild(r);let b=document.createElement("span");b.className="text",b.textContent=d,o.appendChild(b),t.appendChild(o);}};typeof customElements<"u"&&customElements.get(x)===void 0&&customElements.define(x,m);function H(e){return e==="compact"||e==="standard"}function M(e){return e==="dark"||e==="light"}var i=(typeof document<"u"&&document.currentScript!==null?document.currentScript:null)??null;if(i==null)console.warn("[Multicorn] badge.js must be loaded as a classic script (document.currentScript was null).");else {let e=i.dataset.agentId?.trim();if(e==null||e==="")console.warn("[Multicorn] Skipping trust badge: missing data-agent-id on the badge script tag.");else {let t=document.createElement("multicorn-badge");t.setAttribute("agent-id",e);let s=i.dataset.size;H(s)&&t.setAttribute("size",s);let c=i.dataset.theme;M(c)&&t.setAttribute("theme",c);let a=i.dataset.actionCount;a!=null&&a!==""&&t.setAttribute("action-count",a),i.parentNode?.insertBefore(t,i.nextSibling);}}

package/dist/index.cjs

@@ -4,13 +4,12 @@ var lit = require('lit');
 var decorators_js = require('lit/decorators.js');
 
 var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __decorateClass = (decorators, target, key, kind) => {
-  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  var result = void 0 ;
   for (var i = decorators.length - 1, decorator; i >= 0; i--)
     if (decorator = decorators[i])
-      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
-  if (kind && result) __defProp(target, key, result);
+      result = (decorator(target, key, result) ) || result;
+  if (result) __defProp(target, key, result);
   return result;
 };
 
@@ -1128,7 +1127,7 @@ function groupScopesByService(scopes) {
 function scopeKey(scope) {
   return `${scope.service}:${scope.permissionLevel}`;
 }
-exports.MulticornConsent = class MulticornConsent extends lit.LitElement {
+var MulticornConsent = class extends lit.LitElement {
   constructor() {
     super(...arguments);
     this.agentName = "";
@@ -1201,6 +1200,9 @@ exports.MulticornConsent = class MulticornConsent extends lit.LitElement {
       }
     };
   }
+  static {
+    this.styles = [consentStyles];
+  }
   connectedCallback() {
     super.connectedCallback();
     if (Array.isArray(this.scopes) && this.scopes.length > 0) {
@@ -1574,34 +1576,33 @@ exports.MulticornConsent = class MulticornConsent extends lit.LitElement {
     this.requestUpdate();
   }
 };
-exports.MulticornConsent.styles = [consentStyles];
 __decorateClass([
   decorators_js.property({ type: String, attribute: "agent-name" })
-], exports.MulticornConsent.prototype, "agentName", 2);
+], MulticornConsent.prototype, "agentName");
 __decorateClass([
   decorators_js.property({ type: String, attribute: "agent-color" })
-], exports.MulticornConsent.prototype, "agentColor", 2);
+], MulticornConsent.prototype, "agentColor");
 __decorateClass([
   decorators_js.property({ type: Array, attribute: "scopes" })
-], exports.MulticornConsent.prototype, "scopes", 2);
+], MulticornConsent.prototype, "scopes");
 __decorateClass([
   decorators_js.property({ type: Number, attribute: "spend-limit" })
-], exports.MulticornConsent.prototype, "spendLimit", 2);
+], MulticornConsent.prototype, "spendLimit");
 __decorateClass([
   decorators_js.property({ type: String })
-], exports.MulticornConsent.prototype, "mode", 2);
+], MulticornConsent.prototype, "mode");
 __decorateClass([
   decorators_js.state()
-], exports.MulticornConsent.prototype, "_grantedScopes", 2);
+], MulticornConsent.prototype, "_grantedScopes");
 __decorateClass([
   decorators_js.state()
-], exports.MulticornConsent.prototype, "_adjustedSpendLimit", 2);
+], MulticornConsent.prototype, "_adjustedSpendLimit");
 __decorateClass([
   decorators_js.state()
-], exports.MulticornConsent.prototype, "_isOpen", 2);
-exports.MulticornConsent = __decorateClass([
-  decorators_js.customElement(CONSENT_ELEMENT_TAG)
-], exports.MulticornConsent);
+], MulticornConsent.prototype, "_isOpen");
+if (typeof customElements !== "undefined" && customElements.get(CONSENT_ELEMENT_TAG) === void 0) {
+  customElements.define(CONSENT_ELEMENT_TAG, MulticornConsent);
+}
 
 // src/badge/badge-styles.ts
 var LIGHT_TEXT = "#0f172a";
@@ -1659,6 +1660,10 @@ function getBadgeStyleText() {
 var VERIFY_BASE = "https://multicorn.ai/verify/";
 var BADGE_ELEMENT_TAG = "multicorn-badge";
 var SHIELD_PATH = "M12 1L3 5v6c0 5.55 3.84 9.95 9 12 5.16-2.05 9-6.45 9-12V5l-9-4z";
+var SafeHTMLElement = typeof HTMLElement !== "undefined" ? HTMLElement : class {
+  connectedCallback() {
+  }
+};
 function parseOptionalCount(raw) {
   if (raw == null || raw === "") {
     return void 0;
@@ -1666,7 +1671,7 @@ function parseOptionalCount(raw) {
   const n = Number(raw);
   return Number.isNaN(n) ? void 0 : n;
 }
-var MulticornBadge = class extends HTMLElement {
+var MulticornBadge = class extends SafeHTMLElement {
   #didInjectStyle = false;
   ensureShadow() {
     if (this.shadowRoot != null) {
@@ -1737,7 +1742,7 @@ var MulticornBadge = class extends HTMLElement {
     root.appendChild(a);
   }
 };
-if (customElements.get(BADGE_ELEMENT_TAG) === void 0) {
+if (typeof customElements !== "undefined" && customElements.get(BADGE_ELEMENT_TAG) === void 0) {
   customElements.define(BADGE_ELEMENT_TAG, MulticornBadge);
 }
 
@@ -2892,6 +2897,7 @@ exports.AGENT_STATUSES = AGENT_STATUSES;
 exports.BUILT_IN_SERVICES = BUILT_IN_SERVICES;
 exports.CONSENT_ELEMENT_TAG = CONSENT_ELEMENT_TAG;
 exports.MulticornBadge = MulticornBadge;
+exports.MulticornConsent = MulticornConsent;
 exports.MulticornShield = MulticornShield;
 exports.PERMISSION_LEVELS = PERMISSION_LEVELS;
 exports.SERVICE_NAME_PATTERN = SERVICE_NAME_PATTERN;

package/dist/index.d.cts

@@ -1078,7 +1078,11 @@ declare function createFocusTrap(container: HTMLElement, initialFocus?: HTMLElem
  */
 /** Custom element tag for the trust badge. */
 declare const BADGE_ELEMENT_TAG: "multicorn-badge";
-declare class MulticornBadge extends HTMLElement {
+declare const SafeHTMLElement: {
+    new (): HTMLElement;
+    prototype: HTMLElement;
+};
+declare class MulticornBadge extends SafeHTMLElement {
     #private;
     private ensureShadow;
     static get observedAttributes(): string[];

package/dist/index.d.ts

@@ -1078,7 +1078,11 @@ declare function createFocusTrap(container: HTMLElement, initialFocus?: HTMLElem
  */
 /** Custom element tag for the trust badge. */
 declare const BADGE_ELEMENT_TAG: "multicorn-badge";
-declare class MulticornBadge extends HTMLElement {
+declare const SafeHTMLElement: {
+    new (): HTMLElement;
+    prototype: HTMLElement;
+};
+declare class MulticornBadge extends SafeHTMLElement {
     #private;
     private ensureShadow;
     static get observedAttributes(): string[];

package/dist/index.js

@@ -1,14 +1,13 @@
 import { unsafeCSS, css, LitElement, html } from 'lit';
-import { property, state, customElement } from 'lit/decorators.js';
+import { property, state } from 'lit/decorators.js';
 
 var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __decorateClass = (decorators, target, key, kind) => {
-  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  var result = void 0 ;
   for (var i = decorators.length - 1, decorator; i >= 0; i--)
     if (decorator = decorators[i])
-      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
-  if (kind && result) __defProp(target, key, result);
+      result = (decorator(target, key, result) ) || result;
+  if (result) __defProp(target, key, result);
   return result;
 };
 
@@ -1199,6 +1198,9 @@ var MulticornConsent = class extends LitElement {
       }
     };
   }
+  static {
+    this.styles = [consentStyles];
+  }
   connectedCallback() {
     super.connectedCallback();
     if (Array.isArray(this.scopes) && this.scopes.length > 0) {
@@ -1572,34 +1574,33 @@ var MulticornConsent = class extends LitElement {
     this.requestUpdate();
   }
 };
-MulticornConsent.styles = [consentStyles];
 __decorateClass([
   property({ type: String, attribute: "agent-name" })
-], MulticornConsent.prototype, "agentName", 2);
+], MulticornConsent.prototype, "agentName");
 __decorateClass([
   property({ type: String, attribute: "agent-color" })
-], MulticornConsent.prototype, "agentColor", 2);
+], MulticornConsent.prototype, "agentColor");
 __decorateClass([
   property({ type: Array, attribute: "scopes" })
-], MulticornConsent.prototype, "scopes", 2);
+], MulticornConsent.prototype, "scopes");
 __decorateClass([
   property({ type: Number, attribute: "spend-limit" })
-], MulticornConsent.prototype, "spendLimit", 2);
+], MulticornConsent.prototype, "spendLimit");
 __decorateClass([
   property({ type: String })
-], MulticornConsent.prototype, "mode", 2);
+], MulticornConsent.prototype, "mode");
 __decorateClass([
   state()
-], MulticornConsent.prototype, "_grantedScopes", 2);
+], MulticornConsent.prototype, "_grantedScopes");
 __decorateClass([
   state()
-], MulticornConsent.prototype, "_adjustedSpendLimit", 2);
+], MulticornConsent.prototype, "_adjustedSpendLimit");
 __decorateClass([
   state()
-], MulticornConsent.prototype, "_isOpen", 2);
-MulticornConsent = __decorateClass([
-  customElement(CONSENT_ELEMENT_TAG)
-], MulticornConsent);
+], MulticornConsent.prototype, "_isOpen");
+if (typeof customElements !== "undefined" && customElements.get(CONSENT_ELEMENT_TAG) === void 0) {
+  customElements.define(CONSENT_ELEMENT_TAG, MulticornConsent);
+}
 
 // src/badge/badge-styles.ts
 var LIGHT_TEXT = "#0f172a";
@@ -1657,6 +1658,10 @@ function getBadgeStyleText() {
 var VERIFY_BASE = "https://multicorn.ai/verify/";
 var BADGE_ELEMENT_TAG = "multicorn-badge";
 var SHIELD_PATH = "M12 1L3 5v6c0 5.55 3.84 9.95 9 12 5.16-2.05 9-6.45 9-12V5l-9-4z";
+var SafeHTMLElement = typeof HTMLElement !== "undefined" ? HTMLElement : class {
+  connectedCallback() {
+  }
+};
 function parseOptionalCount(raw) {
   if (raw == null || raw === "") {
     return void 0;
@@ -1664,7 +1669,7 @@ function parseOptionalCount(raw) {
   const n = Number(raw);
   return Number.isNaN(n) ? void 0 : n;
 }
-var MulticornBadge = class extends HTMLElement {
+var MulticornBadge = class extends SafeHTMLElement {
   #didInjectStyle = false;
   ensureShadow() {
     if (this.shadowRoot != null) {
@@ -1735,7 +1740,7 @@ var MulticornBadge = class extends HTMLElement {
     root.appendChild(a);
   }
 };
-if (customElements.get(BADGE_ELEMENT_TAG) === void 0) {
+if (typeof customElements !== "undefined" && customElements.get(BADGE_ELEMENT_TAG) === void 0) {
   customElements.define(BADGE_ELEMENT_TAG, MulticornBadge);
 }
 

package/dist/multicorn-proxy.js

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 import { existsSync } from 'fs';
-import { mkdir, writeFile, readFile, copyFile, unlink } from 'fs/promises';
+import { mkdir, writeFile, readFile, copyFile, chmod, unlink } from 'fs/promises';
 import { join, dirname } from 'path';
 import { homedir } from 'os';
 import { fileURLToPath } from 'url';
@@ -473,19 +473,86 @@ async function installWindsurfNativeHooks() {
   await mkdir(hooksDir, { recursive: true });
   await writeFile(hooksPath, JSON.stringify(base, null, 2) + "\n", { encoding: "utf8" });
 }
-var PLATFORM_LABELS = ["OpenClaw", "Claude Code", "Cursor", "Windsurf", "Local MCP / Other"];
+function getClineHooksInstallDir() {
+  return join(homedir(), ".multicorn", "cline-hooks");
+}
+function getClineGlobalHooksDir() {
+  return join(homedir(), "Documents", "Cline", "Hooks");
+}
+async function installClineNativeHooks() {
+  const root = multicornShieldPackageRoot();
+  const srcPre = join(root, "plugins", "cline", "hooks", "scripts", "pre-tool-use.cjs");
+  const srcPost = join(root, "plugins", "cline", "hooks", "scripts", "post-tool-use.cjs");
+  const srcShared = join(root, "plugins", "cline", "hooks", "scripts", "shared.cjs");
+  if (!existsSync(srcPre) || !existsSync(srcPost) || !existsSync(srcShared)) {
+    throw new Error(
+      `Could not find Shield Cline hook scripts at ${srcPre}. If you use npm, install the latest multicorn-shield package.`
+    );
+  }
+  const installDir = getClineHooksInstallDir();
+  await mkdir(installDir, { recursive: true });
+  const destPre = join(installDir, "pre-tool-use.cjs");
+  const destPost = join(installDir, "post-tool-use.cjs");
+  const destShared = join(installDir, "shared.cjs");
+  await copyFile(srcPre, destPre);
+  await copyFile(srcPost, destPost);
+  await copyFile(srcShared, destShared);
+  const hookScriptMode = 493;
+  await chmod(destPre, hookScriptMode);
+  await chmod(destPost, hookScriptMode);
+  await chmod(destShared, hookScriptMode);
+  const hooksDir = getClineGlobalHooksDir();
+  await mkdir(hooksDir, { recursive: true });
+  const preWrapper = join(hooksDir, "PreToolUse");
+  const postWrapper = join(hooksDir, "PostToolUse");
+  const preContent = `#!/usr/bin/env node
+require(${JSON.stringify(destPre)});
+`;
+  const postContent = `#!/usr/bin/env node
+require(${JSON.stringify(destPost)});
+`;
+  await writeFile(preWrapper, preContent, { encoding: "utf8", mode: 493 });
+  await writeFile(postWrapper, postContent, { encoding: "utf8", mode: 493 });
+}
+async function promptClineIntegrationMode(ask) {
+  process.stderr.write("\n" + style.bold("Cline integration") + "\n");
+  process.stderr.write(
+    "  " + style.violet("1") + ". Native plugin (recommended) - Cline Hooks see every file, terminal, browser, and MCP action\n"
+  );
+  process.stderr.write(
+    "  " + style.violet("2") + ". Hosted proxy - govern MCP traffic only (paste proxy URL into Cline MCP settings)\n"
+  );
+  let choice = 0;
+  while (choice === 0) {
+    const input = await ask("Choose integration (1-2): ");
+    const num = parseInt(input.trim(), 10);
+    if (num === 1) choice = 1;
+    if (num === 2) choice = 2;
+  }
+  return choice === 1 ? "native" : "hosted";
+}
+var PLATFORM_LABELS = [
+  "OpenClaw",
+  "Claude Code",
+  "Cursor",
+  "Windsurf",
+  "Cline",
+  "Local MCP / Other"
+];
 var PLATFORM_BY_SELECTION = {
   1: "openclaw",
   2: "claude-code",
   3: "cursor",
   4: "windsurf",
-  5: "other-mcp"
+  5: "cline",
+  6: "other-mcp"
 };
 var DEFAULT_AGENT_NAMES = {
   openclaw: "my-openclaw-agent",
   "claude-code": "my-claude-code-agent",
   cursor: "my-cursor-agent",
-  windsurf: "my-windsurf-agent"
+  windsurf: "my-windsurf-agent",
+  cline: "my-cline-agent"
 };
 async function promptPlatformSelection(ask) {
   process.stderr.write(
@@ -505,13 +572,13 @@ async function promptPlatformSelection(ask) {
     );
   }
   process.stderr.write(
-    style.dim("     Pick 5 if you want to wrap a local MCP server with multicorn-proxy --wrap.") + "\n"
+    style.dim("     Pick 6 if you want to wrap a local MCP server with multicorn-proxy --wrap.") + "\n"
   );
   let selection = 0;
   while (selection === 0) {
-    const input = await ask("Select (1-5): ");
+    const input = await ask("Select (1-6): ");
     const num = parseInt(input.trim(), 10);
-    if (num >= 1 && num <= 5) {
+    if (num >= 1 && num <= 6) {
       selection = num;
     }
   }
@@ -632,7 +699,7 @@ async function createProxyConfig(baseUrl, apiKey, agentName, targetUrl, serverNa
   return typeof data?.["proxy_url"] === "string" ? data["proxy_url"] : "";
 }
 function printPlatformSnippet(platform, routingToken, shortName, apiKey) {
-  const usesInlineKey = platform === "cursor" || platform === "windsurf";
+  const usesInlineKey = platform === "cursor" || platform === "windsurf" || platform === "cline";
   const authHeader = usesInlineKey ? `Bearer ${apiKey}` : "Bearer YOUR_SHIELD_API_KEY";
   const urlKey = platform === "windsurf" ? "serverUrl" : "url";
   const mcpSnippet = JSON.stringify(
@@ -657,6 +724,23 @@ function printPlatformSnippet(platform, routingToken, shortName, apiKey) {
     process.stderr.write(
       "\n" + style.dim("Add this to ~/.codeium/windsurf/mcp_config.json:") + "\n\n"
     );
+  } else if (platform === "cline") {
+    process.stderr.write("\n" + style.dim("Add this to your Cline MCP settings file:") + "\n");
+    process.stderr.write(
+      style.dim(
+        "  macOS: ~/Library/Application Support/Code/User/globalStorage/saoudrizwan.claude-dev/settings/cline_mcp_settings.json"
+      ) + "\n"
+    );
+    process.stderr.write(
+      style.dim(
+        "  Windows: %APPDATA%\\Code\\User\\globalStorage\\saoudrizwan.claude-dev\\settings\\cline_mcp_settings.json"
+      ) + "\n"
+    );
+    process.stderr.write(
+      style.dim(
+        "  Linux: ~/.config/Code/User/globalStorage/saoudrizwan.claude-dev/settings/cline_mcp_settings.json"
+      ) + "\n\n"
+    );
   } else {
     process.stderr.write("\n" + style.dim("Add this to ~/.cursor/mcp.json:") + "\n\n");
   }
@@ -680,6 +764,13 @@ function printPlatformSnippet(platform, routingToken, shortName, apiKey) {
       ) + "\n"
     );
   }
+  if (platform === "cline") {
+    process.stderr.write(
+      style.dim(
+        "After pasting, restart Cline or reload the VS Code window. Cline will discover the Shield tools automatically."
+      ) + "\n"
+    );
+  }
   if (platform === "windsurf") {
     process.stderr.write(style.dim("Then restart Windsurf (Cmd/Ctrl+Q, then reopen).") + "\n");
     process.stderr.write(
@@ -777,7 +868,7 @@ async function runInit(explicitBaseUrl) {
     const selection = await promptPlatformSelection(ask);
     const selectedPlatform = PLATFORM_BY_SELECTION[selection] ?? "cursor";
     const selectedLabel = PLATFORM_LABELS[selection - 1] ?? "Cursor";
-    if (selection === 5) {
+    if (selection === 6) {
       const raw = existing !== null ? { ...existing } : {};
       raw["apiKey"] = apiKey;
       raw["baseUrl"] = resolvedBaseUrl;
@@ -1001,6 +1092,71 @@ An agent for ${selectedLabel} already exists: ${style.cyan(existingForPlatform.n
           setupSucceeded = true;
         }
       }
+    } else if (selection === 5) {
+      const clineMode = await promptClineIntegrationMode(ask);
+      if (clineMode === "native") {
+        try {
+          await installClineNativeHooks();
+          process.stderr.write("\n" + style.bold("Shield Cline hooks installed") + "\n\n");
+          process.stderr.write(
+            style.dim(
+              "The Shield hook runs with your user permissions. It intercepts Cline tool calls to check permissions and log activity. Review the scripts under "
+            ) + style.cyan("~/.multicorn/cline-hooks") + style.dim(" if that is a concern.") + "\n"
+          );
+          configuredAgents.push({
+            selection,
+            platform: selectedPlatform,
+            platformLabel: selectedLabel,
+            agentName,
+            clineIntegration: "native"
+          });
+          setupSucceeded = true;
+        } catch (error) {
+          const detail = error instanceof Error ? error.message : String(error);
+          process.stderr.write(style.red("\u2717 ") + detail + "\n");
+        }
+      } else {
+        const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
+        let proxyUrl = "";
+        let created = false;
+        while (!created) {
+          const spinner = withSpinner("Creating proxy config...");
+          try {
+            proxyUrl = await createProxyConfig(
+              resolvedBaseUrl,
+              apiKey,
+              agentName,
+              targetUrl,
+              shortName,
+              selectedPlatform
+            );
+            spinner.stop(true, "Proxy config created!");
+            created = true;
+          } catch (error) {
+            const detail = error instanceof Error ? error.message : String(error);
+            spinner.stop(false, detail);
+            const retry = await ask("Try again? (Y/n) ");
+            if (retry.trim().toLowerCase() === "n") {
+              break;
+            }
+          }
+        }
+        if (created && proxyUrl.length > 0) {
+          process.stderr.write("\n" + style.bold("Your Shield proxy URL:") + "\n");
+          process.stderr.write("  " + style.cyan(proxyUrl) + "\n");
+          printPlatformSnippet(selectedPlatform, proxyUrl, shortName, apiKey);
+          configuredAgents.push({
+            selection,
+            platform: selectedPlatform,
+            platformLabel: selectedLabel,
+            agentName,
+            shortName,
+            proxyUrl,
+            clineIntegration: "hosted"
+          });
+          setupSucceeded = true;
+        }
+      }
     } else {
       const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
       let proxyUrl = "";
@@ -1119,6 +1275,22 @@ An agent for ${selectedLabel} already exists: ${style.cyan(existingForPlatform.n
         "\n" + style.bold("To complete your Windsurf hosted-proxy setup:") + "\n  1. If you don't have Windsurf yet, download it from " + style.cyan("https://windsurf.com/download") + "\n  2. Open " + style.cyan("~/.codeium/windsurf/mcp_config.json") + " and paste the config snippet shown above\n  3. Restart Windsurf (or launch it for the first time) to load the new MCP server\n"
       );
     }
+    const clineNativeConfigured = configuredAgents.some(
+      (a) => a.platform === "cline" && a.clineIntegration === "native"
+    );
+    const clineHostedConfigured = configuredAgents.some(
+      (a) => a.platform === "cline" && a.clineIntegration === "hosted"
+    );
+    if (clineNativeConfigured) {
+      blocks.push(
+        "\n" + style.bold("To complete native Cline (Shield) setup:") + "\n  1. Enable Hooks in Cline: open VS Code, click the Cline sidebar icon, click the gear icon,\n     scroll down to the Advanced section, and toggle Hooks on.\n  2. Reload the VS Code window (Cmd+Shift+P > Reload Window)\n  3. Trigger any tool call to verify Shield is intercepting\n"
+      );
+    }
+    if (clineHostedConfigured) {
+      blocks.push(
+        "\n" + style.bold("To complete your Cline hosted-proxy setup:") + "\n  1. If you don't have Cline yet, install it from the VS Code marketplace\n  2. Open your Cline MCP settings file and paste the config snippet shown above\n  3. Restart Cline or reload the VS Code window\n"
+      );
+    }
     if (blocks.length > 0) {
       process.stderr.write("\n" + style.bold(style.violet("Next steps")) + "\n");
       process.stderr.write(blocks.join("") + "\n");

package/dist/openclaw-hook/handler.js

@@ -377,7 +377,6 @@ ${url}
 }
 async function waitForConsent(agentId, agentName, apiKey, baseUrl, scope, logger) {
   const dashboardUrl = deriveDashboardUrl(baseUrl);
-  console.error("[SHIELD] buildConsentUrl baseUrl:", baseUrl);
   const consentUrl = buildConsentUrl(agentName, dashboardUrl, scope);
   process.stderr.write(
     `[multicorn-shield] Opening consent page...

package/dist/openclaw-plugin/multicorn-shield.js

@@ -315,14 +315,6 @@ async function fetchGrantedScopes(agentId, apiKey, baseUrl, logger) {
 }
 async function checkActionPermission(payload, apiKey, baseUrl, logger) {
   try {
-    const requestBody = {
-      agent: payload.agent,
-      service: payload.service,
-      actionType: payload.actionType,
-      status: payload.status,
-      metadata: payload.metadata
-    };
-    console.error("[SHIELD-CLIENT] POST /api/v1/actions request: " + JSON.stringify(requestBody));
     const response = await fetch(`${baseUrl}/api/v1/actions`, {
       method: "POST",
       headers: {
@@ -333,22 +325,18 @@ async function checkActionPermission(payload, apiKey, baseUrl, logger) {
       signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS)
     });
     if (response.status === 201) {
-      console.error(
-        "[SHIELD-CLIENT] response status=201, returning approved (body not read - backend may have failed approval creation)"
-      );
+      console.error("[SHIELD-CLIENT] POST /api/v1/actions: 201 approved");
       return { status: "approved" };
     }
     if (response.status === 202) {
       const body = await response.json();
       const data = isApiSuccess(body) ? body.data : null;
-      console.error("[SHIELD-CLIENT] response status=202 body=" + JSON.stringify(data ?? body));
+      console.error("[SHIELD-CLIENT] POST /api/v1/actions: 202 pending");
       if (!isApiSuccess(body) || data === null) {
         return { status: "blocked" };
       }
       const approvalId = typeof data["approval_id"] === "string" ? data["approval_id"] : void 0;
-      console.error(
-        "[SHIELD-CLIENT] extracted: status=" + String(data["status"]) + " approval_id=" + (approvalId ?? "undefined")
-      );
+      console.error("[SHIELD-CLIENT] extracted: approval_id=" + (approvalId ?? "undefined"));
       if (approvalId === void 0) {
         return { status: "blocked" };
       }
@@ -439,7 +427,6 @@ ${url}
 }
 async function waitForConsent(agentId, agentName, apiKey, baseUrl, scope, logger) {
   const dashboardUrl = deriveDashboardUrl(baseUrl);
-  console.error("[SHIELD] buildConsentUrl baseUrl:", baseUrl);
   const consentUrl = buildConsentUrl(agentName, dashboardUrl, scope);
   process.stderr.write(
     `[multicorn-shield] Opening consent page...
@@ -509,7 +496,14 @@ function readConfig() {
   const resolvedBaseUrl = asString(cachedMulticornConfig?.baseUrl) ?? asString(process.env["MULTICORN_BASE_URL"]) ?? "https://api.multicorn.ai";
   const agentName = asString(pc["agentName"]) ?? process.env["MULTICORN_AGENT_NAME"] ?? agentNameFromOpenclawPlatform(cachedMulticornConfig) ?? asString(cachedMulticornConfig?.agentName) ?? null;
   const failMode = "closed";
-  return { apiKey: resolvedApiKey, baseUrl: resolvedBaseUrl, agentName, failMode };
+  let apiKey = resolvedApiKey;
+  if (apiKey.length > 0 && (!apiKey.startsWith("mcs_") || apiKey.length < 16)) {
+    pluginLogger?.error(
+      "Invalid API key format. Key must start with mcs_ and be at least 16 characters."
+    );
+    apiKey = "";
+  }
+  return { apiKey, baseUrl: resolvedBaseUrl, agentName, failMode };
 }
 function asString(value) {
   return typeof value === "string" && value.length > 0 ? value : void 0;