multicorn-shield 0.2.0 → 0.2.2

package/README.md

@@ -54,6 +54,28 @@ That's it. Every tool call now goes through Shield's permission layer, and activ
 
 See the [full MCP proxy guide](https://multicorn.ai/docs/mcp-proxy) for Claude Code, OpenClaw, and generic MCP client examples.
 
+### Claude Desktop Extension (.mcpb)
+
+Install Shield without the terminal: download the `.mcpb` bundle (or use **Install** from the Shield product page), open it in Claude Desktop, and enter your API key when prompted. The extension reads your existing MCP servers from `claude_desktop_config.json`, runs them as child processes, merges their tools, and checks every `tools/call` with the Shield API. Activity still shows up in your [Multicorn dashboard](https://app.multicorn.ai).
+
+**Disable or uninstall recovery:** On each start the extension saves a copy of your `mcpServers` block to `~/.multicorn/extension-backup.json` with restricted file permissions (owner read/write only). If you turn the extension off and need your original Claude Desktop MCP entries back, run:
+
+```bash
+npx multicorn-shield restore
+```
+
+Then restart Claude Desktop. That overwrites `mcpServers` in your config with the last backup.
+
+**Duplicate tool names:** If two MCP servers expose the same tool name, the first server in your config file keeps the name. The duplicate is skipped and a warning is written to the extension logs (stderr). Rename tools on the server side if you need both.
+
+Build the bundle locally (requires a full `pnpm build` first):
+
+```bash
+pnpm run pack:extension
+```
+
+This runs `mcpb validate` and writes `dist/multicorn-shield.mcpb`.
+
 ### Option 2: OpenClaw Plugin (native integration)
 
 If you're running [OpenClaw](https://openclaw.ai), Shield integrates directly as a plugin. No proxy layer, no code changes. The plugin intercepts every tool call at the infrastructure level before it executes.

package/dist/multicorn-proxy.js

@@ -297,7 +297,7 @@ async function isClaudeDesktopConnected() {
     return false;
   }
 }
-async function runInit(baseUrl = "https://api.multicorn.ai") {
+async function runInit(baseUrl = "https://api.multicorn.ai", platform) {
   if (!process.stdin.isTTY) {
     process.stderr.write(
       style.red("Error: interactive terminal required. Cannot run init with piped input.") + "\n"
@@ -320,15 +320,22 @@ async function runInit(baseUrl = "https://api.multicorn.ai") {
   );
   let apiKey = "";
   const existing = await loadConfig().catch(() => null);
+  if (baseUrl === "https://api.multicorn.ai") {
+    if (existing !== null && existing.baseUrl.length > 0) {
+      baseUrl = existing.baseUrl;
+    } else {
+      const envBaseUrl = process.env["MULTICORN_BASE_URL"];
+      if (envBaseUrl !== void 0 && envBaseUrl.length > 0) {
+        baseUrl = envBaseUrl;
+      }
+    }
+  }
   if (existing !== null && existing.apiKey.startsWith("mcs_") && existing.apiKey.length >= 8) {
     const masked = "mcs_..." + existing.apiKey.slice(-4);
     process.stderr.write("Found existing API key: " + style.cyan(masked) + "\n");
     const answer = await ask("Use this key? (Y/n) ");
     if (answer.trim().toLowerCase() !== "n") {
       apiKey = existing.apiKey;
-      if (baseUrl === "https://api.multicorn.ai") {
-        baseUrl = existing.baseUrl;
-      }
     }
   }
   while (apiKey.length === 0) {
@@ -354,7 +361,11 @@ async function runInit(baseUrl = "https://api.multicorn.ai") {
     apiKey = key;
   }
   const configuredPlatforms = /* @__PURE__ */ new Set();
-  let lastConfig = { apiKey, baseUrl };
+  let lastConfig = {
+    apiKey,
+    baseUrl,
+    ...{}
+  };
   let configuring = true;
   while (configuring) {
     process.stderr.write(
@@ -589,7 +600,7 @@ async function runInit(baseUrl = "https://api.multicorn.ai") {
       );
     }
     configuredPlatforms.add(selection);
-    lastConfig = { apiKey, baseUrl, agentName };
+    lastConfig = { apiKey, baseUrl, agentName, ...{} };
     try {
       await saveConfig(lastConfig);
       process.stderr.write(style.green("\u2713") + ` Config saved to ${style.cyan(CONFIG_PATH)}
@@ -1237,14 +1248,14 @@ async function findAgentByName(agentName, apiKey, baseUrl) {
   if (match === void 0) return null;
   return { id: match.id, name: match.name, scopes: [] };
 }
-async function registerAgent(agentName, apiKey, baseUrl) {
+async function registerAgent(agentName, apiKey, baseUrl, platform) {
   const response = await fetch(`${baseUrl}/api/v1/agents`, {
     method: "POST",
     headers: {
       "Content-Type": "application/json",
       "X-Multicorn-Key": apiKey
     },
-    body: JSON.stringify({ name: agentName }),
+    body: JSON.stringify({ name: agentName, ...platform ? { platform } : {} }),
     signal: AbortSignal.timeout(8e3)
   });
   if (!response.ok) {
@@ -1299,9 +1310,9 @@ function openBrowser(url) {
   const cmd = platform === "darwin" ? "open" : platform === "win32" ? "start" : "xdg-open";
   spawn(cmd, [url], { detached: true, stdio: "ignore" }).unref();
 }
-async function waitForConsent(agentId, agentName, apiKey, baseUrl, dashboardUrl, logger, scope) {
+async function waitForConsent(agentId, agentName, apiKey, baseUrl, dashboardUrl, logger, scope, platform) {
   const scopeStrings = scope ? [`${scope.service}:${scope.permissionLevel}`] : detectScopeHints();
-  const consentUrl = buildConsentUrl(agentName, scopeStrings, dashboardUrl);
+  const consentUrl = buildConsentUrl(agentName, scopeStrings, dashboardUrl, platform);
   logger.info("Opening consent page in your browser.", { url: consentUrl });
   process.stderr.write(
     `
@@ -1325,7 +1336,7 @@ Waiting for you to grant access in the Multicorn dashboard...
     `Consent not granted within ${String(CONSENT_POLL_TIMEOUT_MS / 6e4)} minutes. Grant access at ${dashboardUrl} and restart the proxy.`
   );
 }
-async function resolveAgentRecord(agentName, apiKey, baseUrl, logger) {
+async function resolveAgentRecord(agentName, apiKey, baseUrl, logger, platform) {
   const cachedScopes = await loadCachedScopes(agentName, apiKey);
   if (cachedScopes !== null && cachedScopes.length > 0) {
     logger.debug("Loaded scopes from cache.", { agent: agentName, count: cachedScopes.length });
@@ -1338,7 +1349,7 @@ async function resolveAgentRecord(agentName, apiKey, baseUrl, logger) {
   if (agent === null) {
     try {
       logger.info("Agent not found. Registering.", { agent: agentName });
-      const id = await registerAgent(agentName, apiKey, baseUrl);
+      const id = await registerAgent(agentName, apiKey, baseUrl, platform);
       agent = { id, name: agentName, scopes: [] };
       logger.info("Agent registered.", { agent: agentName, id });
     } catch (error) {
@@ -1358,12 +1369,15 @@ async function resolveAgentRecord(agentName, apiKey, baseUrl, logger) {
   }
   return { ...agent, scopes };
 }
-function buildConsentUrl(agentName, scopes, dashboardUrl) {
+function buildConsentUrl(agentName, scopes, dashboardUrl, platform) {
   const base = dashboardUrl.replace(/\/+$/, "");
   const params = new URLSearchParams({ agent: agentName });
   if (scopes.length > 0) {
     params.set("scopes", scopes.join(","));
   }
+  if (platform) {
+    params.set("platform", platform);
+  }
   return `${base}/consent?${params.toString()}`;
 }
 function detectScopeHints() {
@@ -1390,7 +1404,7 @@ function isAgentDetailShape(value) {
 function isPermissionShape(value) {
   if (typeof value !== "object" || value === null) return false;
   const obj = value;
-  return typeof obj["service"] === "string" && typeof obj["read"] === "boolean" && typeof obj["write"] === "boolean" && typeof obj["execute"] === "boolean" && (obj["revoked_at"] === null || typeof obj["revoked_at"] === "string");
+  return typeof obj["service"] === "string" && typeof obj["read"] === "boolean" && typeof obj["write"] === "boolean" && typeof obj["execute"] === "boolean" && (obj["revoked_at"] === null || obj["revoked_at"] === void 0 || typeof obj["revoked_at"] === "string");
 }
 
 // src/proxy/index.ts
@@ -1445,7 +1459,8 @@ function createProxyServer(config) {
         config.baseUrl,
         config.dashboardUrl,
         config.logger,
-        scopeParam
+        scopeParam,
+        config.platform ?? "other-mcp"
       );
       grantedScopes = scopes;
       await saveCachedScopes(config.agentName, agentId, scopes, config.apiKey);
@@ -1596,7 +1611,8 @@ function createProxyServer(config) {
       config.agentName,
       config.apiKey,
       config.baseUrl,
-      config.logger
+      config.logger,
+      config.platform ?? "other-mcp"
     );
     agentId = agentRecord.id;
     grantedScopes = agentRecord.scopes;
@@ -1823,7 +1839,8 @@ Use https:// or http://localhost for local development.
     agentName,
     baseUrl: finalBaseUrl,
     dashboardUrl: finalDashboardUrl,
-    logger
+    logger,
+    platform: "other-mcp"
   });
   async function shutdown() {
     logger.info("Shutting down.");

package/dist/multicorn-shield.js

@@ -0,0 +1,118 @@
+#!/usr/bin/env node
+import { readFile, mkdir, writeFile } from 'fs/promises';
+import { join, dirname } from 'path';
+import 'fs';
+import { homedir } from 'os';
+import 'readline';
+
+var CONFIG_DIR = join(homedir(), ".multicorn");
+join(CONFIG_DIR, "config.json");
+join(homedir(), ".openclaw", "openclaw.json");
+function getClaudeDesktopConfigPath() {
+  switch (process.platform) {
+    case "win32":
+      return join(
+        process.env["APPDATA"] ?? join(homedir(), "AppData", "Roaming"),
+        "Claude",
+        "claude_desktop_config.json"
+      );
+    case "linux":
+      return join(homedir(), ".config", "Claude", "claude_desktop_config.json");
+    default:
+      return join(
+        homedir(),
+        "Library",
+        "Application Support",
+        "Claude",
+        "claude_desktop_config.json"
+      );
+  }
+}
+var EXTENSION_BACKUP_FILENAME = "extension-backup.json";
+function getExtensionBackupPath() {
+  return join(homedir(), ".multicorn", EXTENSION_BACKUP_FILENAME);
+}
+function isRecord(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+async function readExtensionBackup() {
+  try {
+    const raw = await readFile(getExtensionBackupPath(), "utf8");
+    const parsed = JSON.parse(raw);
+    if (!isRecord(parsed)) return null;
+    if (parsed["version"] !== 1) return null;
+    if (typeof parsed["createdAt"] !== "string") return null;
+    if (typeof parsed["claudeDesktopConfigPath"] !== "string") return null;
+    const mcpServers = parsed["mcpServers"];
+    if (!isRecord(mcpServers)) return null;
+    return {
+      version: 1,
+      createdAt: parsed["createdAt"],
+      claudeDesktopConfigPath: parsed["claudeDesktopConfigPath"],
+      mcpServers
+    };
+  } catch {
+    return null;
+  }
+}
+
+// src/extension/restore.ts
+function isErrnoException(e) {
+  return typeof e === "object" && e !== null && "code" in e;
+}
+function isRecord2(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+async function restoreClaudeDesktopMcpFromBackup() {
+  const backup = await readExtensionBackup();
+  if (backup === null) {
+    throw new Error(
+      "No Shield extension backup found. Expected ~/.multicorn/extension-backup.json from a previous Shield Desktop Extension session."
+    );
+  }
+  const configPath = getClaudeDesktopConfigPath();
+  let root = {};
+  try {
+    const raw = await readFile(configPath, "utf8");
+    const parsed = JSON.parse(raw);
+    if (isRecord2(parsed)) {
+      root = parsed;
+    }
+  } catch (error) {
+    if (!isErrnoException(error) || error.code !== "ENOENT") {
+      throw error;
+    }
+  }
+  root["mcpServers"] = backup.mcpServers;
+  await mkdir(dirname(configPath), { recursive: true });
+  await writeFile(configPath, JSON.stringify(root, null, 2) + "\n", { encoding: "utf8" });
+}
+
+// bin/multicorn-shield.ts
+async function main() {
+  const arg = process.argv[2];
+  if (arg === "restore") {
+    await restoreClaudeDesktopMcpFromBackup();
+    process.stderr.write(
+      "Restored MCP server entries from ~/.multicorn/extension-backup.json into Claude Desktop config.\nRestart Claude Desktop to apply changes.\n"
+    );
+    return;
+  }
+  process.stderr.write(
+    [
+      "Multicorn Shield command-line tool",
+      "",
+      "Usage:",
+      "  npx multicorn-shield restore",
+      "      Restore MCP servers in claude_desktop_config.json from the Shield extension backup.",
+      ""
+    ].join("\n")
+  );
+  process.exit(arg === void 0 || arg === "help" || arg === "--help" ? 0 : 1);
+}
+void main().catch((error) => {
+  const message = error instanceof Error ? error.message : String(error);
+  process.stderr.write(`Error: ${message}
+`);
+  process.exit(1);
+});

package/dist/openclaw-hook/handler.js

@@ -178,7 +178,7 @@ function isAgentDetail(value) {
 function isPermissionEntry(value) {
   if (typeof value !== "object" || value === null) return false;
   const obj = value;
-  return typeof obj["service"] === "string" && typeof obj["read"] === "boolean" && typeof obj["write"] === "boolean" && typeof obj["execute"] === "boolean" && (obj["revoked_at"] === null || typeof obj["revoked_at"] === "string");
+  return typeof obj["service"] === "string" && typeof obj["read"] === "boolean" && typeof obj["write"] === "boolean" && typeof obj["execute"] === "boolean" && (obj["revoked_at"] === null || obj["revoked_at"] === void 0 || typeof obj["revoked_at"] === "string");
 }
 function handleHttpError(status, logger, retryDelaySeconds) {
   if (status === 401 || status === 403) {
@@ -233,7 +233,7 @@ async function registerAgent(agentName, apiKey, baseUrl, logger) {
       "Content-Type": "application/json",
       [AUTH_HEADER]: apiKey
     },
-    body: JSON.stringify({ name: agentName }),
+    body: JSON.stringify({ name: agentName, platform: "openclaw" }),
     signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS)
   });
   if (!response.ok) {

package/dist/openclaw-plugin/multicorn-shield.js

@@ -183,7 +183,7 @@ function isAgentDetail(value) {
 function isPermissionEntry(value) {
   if (typeof value !== "object" || value === null) return false;
   const obj = value;
-  return typeof obj["service"] === "string" && typeof obj["read"] === "boolean" && typeof obj["write"] === "boolean" && typeof obj["execute"] === "boolean" && (obj["revoked_at"] === null || typeof obj["revoked_at"] === "string");
+  return typeof obj["service"] === "string" && typeof obj["read"] === "boolean" && typeof obj["write"] === "boolean" && typeof obj["execute"] === "boolean" && (obj["revoked_at"] === null || obj["revoked_at"] === void 0 || typeof obj["revoked_at"] === "string");
 }
 function handleHttpError(status, logger, retryDelaySeconds) {
   if (status === 401 || status === 403) {
@@ -241,7 +241,7 @@ async function registerAgent(agentName, apiKey, baseUrl, logger) {
       "Content-Type": "application/json",
       [AUTH_HEADER]: apiKey
     },
-    body: JSON.stringify({ name: agentName }),
+    body: JSON.stringify({ name: agentName, platform: "openclaw" }),
     signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS)
   });
   if (!response.ok) {