npm - multicorn-shield - Versions diffs - 0.8.0 → 0.10.0 - Mend

multicorn-shield 0.8.0 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/CHANGELOG.md +365 -0
package/LICENSE +1 -1
package/README.md +29 -1
package/dist/index.cjs +295 -27
package/dist/index.d.cts +105 -1
package/dist/index.d.ts +105 -1
package/dist/index.js +293 -28
package/dist/multicorn-proxy.js +190 -6
package/dist/multicorn-shield.js +1 -0
package/dist/shield-extension.js +2 -1
package/package.json +9 -2
package/plugins/windsurf/README.md +54 -0
package/plugins/windsurf/hooks/scripts/post-action.cjs +245 -0
package/plugins/windsurf/hooks/scripts/pre-action.cjs +646 -0

package/dist/index.js CHANGED Viewed

@@ -285,6 +285,39 @@ function hasScope(grantedScopes, requested) {
   );
 }
+// src/scopes/content-review-detector.ts
+function requiresContentReview(scope) {
+  if (scope.service === "web" && scope.permissionLevel === "publish") {
+    return true;
+  }
+  if (scope.service === "public_content" && scope.permissionLevel === "create") {
+    return true;
+  }
+  return false;
+}
+function isPublicContentAction(toolName, service) {
+  const lowerToolName = toolName.toLowerCase();
+  const lowerService = service.toLowerCase();
+  if (lowerService === "web" || lowerService === "public_content") {
+    return true;
+  }
+  const publicContentIndicators = [
+    "publish",
+    "public",
+    "web",
+    "blog",
+    "post",
+    "article",
+    "social",
+    "twitter",
+    "facebook",
+    "linkedin",
+    "github_pages",
+    "deploy"
+  ];
+  return publicContentIndicators.some((indicator) => lowerToolName.includes(indicator));
+}
 // src/consent/scope-labels.ts
 var SERVICE_DISPLAY_NAMES = {
   gmail: "Gmail",
@@ -1876,37 +1909,215 @@ function centsToDollars(cents) {
   })}`;
 }
-// src/scopes/content-review-detector.ts
-function requiresContentReview(scope) {
-  if (scope.service === "web" && scope.permissionLevel === "publish") {
-    return true;
+// src/openclaw/shield-client.ts
+var REQUEST_TIMEOUT_MS = 5e3;
+var AUTH_HEADER = "X-Multicorn-Key";
+var POLL_INTERVAL_MS = 3e3;
+var MAX_POLLS = 100;
+var POLL_TIMEOUT_MS = POLL_INTERVAL_MS * MAX_POLLS;
+var authErrorLogged = false;
+function isApiSuccess(value) {
+  if (typeof value !== "object" || value === null) return false;
+  const obj = value;
+  return obj["success"] === true;
+}
+function isContentReviewStatusResponse(value) {
+  if (typeof value !== "object" || value === null) return false;
+  const obj = value;
+  return typeof obj["id"] === "string" && typeof obj["status"] === "string" && ["pending", "approved", "blocked", "timeout"].includes(obj["status"]);
+}
+function readApiErrorCode(body) {
+  if (typeof body !== "object" || body === null) return void 0;
+  const err = body["error"];
+  if (typeof err !== "object" || err === null) return void 0;
+  const code = err["code"];
+  return typeof code === "string" ? code : void 0;
+}
+function isPlanTierInsufficientError(status, body) {
+  return status === 403 && readApiErrorCode(body) === "PLAN_TIER_INSUFFICIENT";
+}
+function handleHttpError(status, logger, retryDelaySeconds) {
+  if (status === 401 || status === 403) {
+    if (!authErrorLogged) {
+      authErrorLogged = true;
+      const errorMsg = "[multicorn-shield] ERROR: Authentication failed. Your MULTICORN_API_KEY is invalid or expired. Check the key in your OpenClaw config (~/.openclaw/openclaw.json \u2192 plugins.entries.multicorn-shield.env.MULTICORN_API_KEY). Get a valid key from your Multicorn dashboard (Settings \u2192 API Keys).";
+      logger?.error(errorMsg);
+      process.stderr.write(`${errorMsg}
+`);
+    }
+    return { shouldBlock: true };
+  }
+  if (status === 429) {
+    if (retryDelaySeconds !== void 0) {
+      const rateLimitMsg = `[multicorn-shield] Rate limited by Shield API. Retrying in ${String(retryDelaySeconds)}s.`;
+      logger?.warn(rateLimitMsg);
+      process.stderr.write(`${rateLimitMsg}
+`);
+    } else {
+      const rateLimitMsg = "[multicorn-shield] Rate limited by Shield API. Action blocked: Shield cannot verify permissions.";
+      logger?.warn(rateLimitMsg);
+      process.stderr.write(`${rateLimitMsg}
+`);
+    }
+    return { shouldBlock: true };
   }
-  if (scope.service === "public_content" && scope.permissionLevel === "create") {
-    return true;
+  if (status >= 500 && status < 600) {
+    const serverErrorMsg = `[multicorn-shield] Shield API error (${String(status)}). Action blocked: Shield cannot verify permissions.`;
+    logger?.warn(serverErrorMsg);
+    process.stderr.write(`${serverErrorMsg}
+`);
+    return { shouldBlock: true };
   }
-  return false;
+  return { shouldBlock: true };
 }
-function isPublicContentAction(toolName, service) {
-  const lowerToolName = toolName.toLowerCase();
-  const lowerService = service.toLowerCase();
-  if (lowerService === "web" || lowerService === "public_content") {
-    return true;
+async function pollContentReviewStatus(reviewId, apiKey, baseUrl, logger) {
+  const startTime = Date.now();
+  const logDebug = logger?.debug?.bind(logger);
+  for (let pollCount = 0; pollCount < MAX_POLLS; pollCount++) {
+    if (Date.now() - startTime >= POLL_TIMEOUT_MS) {
+      return { status: "timeout", reason: "decision_window_exceeded", reviewId };
+    }
+    let row = null;
+    for (let retry = 0; retry < 3; retry++) {
+      try {
+        const response = await fetch(`${baseUrl}/api/v1/content-reviews/${reviewId}/status`, {
+          headers: { [AUTH_HEADER]: apiKey },
+          signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS)
+        });
+        if (!response.ok) {
+          if (response.status === 404) {
+            return { status: "blocked", reason: "review_not_found", reviewId };
+          }
+          const errBody = await response.json().catch(() => null);
+          if (isPlanTierInsufficientError(response.status, errBody)) {
+            return { status: "blocked", reason: "plan_tier_insufficient", reviewId };
+          }
+          if (response.status === 401 || response.status === 403) {
+            handleHttpError(response.status, logger);
+            return { status: "blocked", reason: "auth_error", reviewId };
+          }
+          if (response.status === 429 || response.status >= 500 && response.status < 600) {
+            const retryDelay = retry < 2 ? Math.pow(2, retry) : void 0;
+            handleHttpError(response.status, logger, retryDelay);
+          }
+          logDebug?.(
+            `Content review poll ${String(pollCount + 1)} failed: HTTP ${String(response.status)}. Retrying...`
+          );
+          if (retry < 2) {
+            await new Promise((resolve) => setTimeout(resolve, 1e3 * Math.pow(2, retry)));
+          }
+          continue;
+        }
+        const body = await response.json();
+        if (!isApiSuccess(body)) {
+          logDebug?.(
+            `Content review poll ${String(pollCount + 1)} failed: invalid response format. Retrying...`
+          );
+          if (retry < 2) {
+            await new Promise((resolve) => setTimeout(resolve, 1e3 * Math.pow(2, retry)));
+          }
+          continue;
+        }
+        const statusData = body.data;
+        if (!isContentReviewStatusResponse(statusData)) {
+          logDebug?.(
+            `Content review poll ${String(pollCount + 1)} failed: invalid status data. Retrying...`
+          );
+          if (retry < 2) {
+            await new Promise((resolve) => setTimeout(resolve, 1e3 * Math.pow(2, retry)));
+          }
+          continue;
+        }
+        row = statusData;
+        break;
+      } catch (error) {
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        logDebug?.(
+          `Content review poll ${String(pollCount + 1)} failed: ${errorMessage}. Retrying...`
+        );
+        if (retry < 2) {
+          await new Promise((resolve) => setTimeout(resolve, 1e3 * Math.pow(2, retry)));
+        }
+      }
+    }
+    if (row !== null) {
+      if (row.status === "approved") {
+        return { status: "approved", reviewId };
+      }
+      if (row.status === "blocked") {
+        return { status: "blocked", reason: "blocked_by_reviewer", reviewId };
+      }
+      if (row.status === "timeout") {
+        return { status: "timeout", reason: "decision_window_exceeded", reviewId };
+      }
+      if (pollCount < MAX_POLLS - 1) {
+        await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL_MS));
+      }
+    } else {
+      logDebug?.(
+        `All retries failed for content review poll ${String(pollCount + 1)}. Continuing...`
+      );
+      if (pollCount < MAX_POLLS - 1) {
+        await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL_MS));
+      }
+    }
+  }
+  return { status: "timeout", reason: "decision_window_exceeded", reviewId };
+}
+async function requestContentReview(payload, apiKey, baseUrl, logger) {
+  try {
+    const response = await fetch(`${baseUrl}/api/v1/actions`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        [AUTH_HEADER]: apiKey
+      },
+      body: JSON.stringify({
+        agent: payload.agent,
+        service: payload.service,
+        actionType: payload.actionType,
+        status: "requires_approval",
+        cost: payload.cost ?? 0,
+        metadata: payload.metadata
+      }),
+      signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS)
+    });
+    const body = await response.json().catch(() => null);
+    if (isPlanTierInsufficientError(response.status, body)) {
+      return { status: "blocked", reason: "plan_tier_insufficient" };
+    }
+    if (response.status === 401 || response.status === 403) {
+      handleHttpError(response.status, logger);
+      return { status: "blocked", reason: "auth_error" };
+    }
+    if (response.status === 429 || response.status >= 500 && response.status < 600) {
+      handleHttpError(response.status, logger);
+      return { status: "blocked", reason: "service_unavailable" };
+    }
+    if (response.status === 202) {
+      if (!isApiSuccess(body)) {
+        return { status: "blocked", reason: "no_review_id" };
+      }
+      const data = body.data;
+      if (typeof data !== "object" || data === null) {
+        return { status: "blocked", reason: "no_review_id" };
+      }
+      const record = data;
+      const rid = record["content_review_id"];
+      const reviewId = typeof rid === "string" ? rid : void 0;
+      if (reviewId === void 0) {
+        return { status: "blocked", reason: "no_review_id" };
+      }
+      const polled = await pollContentReviewStatus(reviewId, apiKey, baseUrl, logger);
+      return { ...polled, reviewId };
+    }
+    if (response.status === 201) {
+      return { status: "blocked", reason: "no_review_id" };
+    }
+    return { status: "blocked", reason: "service_unavailable" };
+  } catch {
+    return { status: "blocked", reason: "network_error" };
   }
-  const publicContentIndicators = [
-    "publish",
-    "public",
-    "web",
-    "blog",
-    "post",
-    "article",
-    "social",
-    "twitter",
-    "facebook",
-    "linkedin",
-    "github_pages",
-    "deploy"
-  ];
-  return publicContentIndicators.some((indicator) => lowerToolName.includes(indicator));
 }
 // src/mcp/mcp-adapter.ts
@@ -1983,6 +2194,28 @@ function createMcpAdapter(config) {
       status
     });
   }
+  function mapContentReviewReasonToUserMessage(reason) {
+    switch (reason) {
+      case "plan_tier_insufficient":
+        return "Content review requires an Enterprise plan. Upgrade at app.multicorn.ai/settings.";
+      case "review_not_found":
+        return "Content review no longer exists. It may have been deleted or timed out.";
+      case "decision_window_exceeded":
+        return "Content review timed out before a decision was made.";
+      case "blocked_by_reviewer":
+        return "Content review was blocked by a reviewer.";
+      case "auth_error":
+        return "Content review failed: please verify your Multicorn API key.";
+      case "service_unavailable":
+        return "Content review failed: service unavailable.";
+      case "network_error":
+        return "Content review failed: network error.";
+      case "no_review_id":
+        return "Content review failed: could not start review.";
+      default:
+        return "Content review failed.";
+    }
+  }
   async function checkAutoApproveStatus() {
     if (config.checkAutoApprove !== void 0) {
       const result = config.checkAutoApprove(config.agentId);
@@ -2052,6 +2285,38 @@ function createMcpAdapter(config) {
             arguments: JSON.stringify(toolCall.arguments),
             requiresReview: true
           };
+          if (config.waitForReviewDecision === true) {
+            if (config.baseUrl === void 0 || config.apiKey === void 0) {
+              return {
+                blocked: true,
+                reason: "waitForReviewDecision requires baseUrl and apiKey to poll the content review.",
+                toolName: toolCall.toolName,
+                service: mappedService,
+                action
+              };
+            }
+            const review = await requestContentReview(
+              {
+                agent: config.agentId,
+                service: mappedService,
+                actionType: action,
+                metadata
+              },
+              config.apiKey,
+              config.baseUrl
+            );
+            if (review.status === "approved") {
+              await recordAction(mappedService, action, ACTION_STATUSES.Approved);
+              return handler(toolCall);
+            }
+            return {
+              blocked: true,
+              reason: mapContentReviewReasonToUserMessage(review.reason),
+              toolName: toolCall.toolName,
+              service: mappedService,
+              action
+            };
+          }
           if (config.logger) {
             await config.logger.logAction({
               agent: config.agentId,
@@ -2478,4 +2743,4 @@ function validateApiKey(apiKey) {
   }
 }
-export { ACTION_STATUSES, AGENT_STATUSES, BUILT_IN_SERVICES, CONSENT_ELEMENT_TAG, MulticornConsent, MulticornShield, PERMISSION_LEVELS, SERVICE_NAME_PATTERN, ScopeParseError, centsToDollars, createActionLogger, createFocusTrap, createMcpAdapter, createScopeRegistry, createSpendingChecker, dollarsToCents, formatScope, getPermissionLabel, getScopeLabel, getScopeShortLabel, getServiceDisplayName, getServiceIcon, hasScope, isBlockedResult, isValidScopeString, parseScope, parseScopes, tryParseScope, validateAllScopesAccess, validateScopeAccess };
+export { ACTION_STATUSES, AGENT_STATUSES, BUILT_IN_SERVICES, CONSENT_ELEMENT_TAG, MulticornConsent, MulticornShield, PERMISSION_LEVELS, SERVICE_NAME_PATTERN, ScopeParseError, centsToDollars, createActionLogger, createFocusTrap, createMcpAdapter, createScopeRegistry, createSpendingChecker, dollarsToCents, formatScope, getPermissionLabel, getScopeLabel, getScopeShortLabel, getServiceDisplayName, getServiceIcon, hasScope, isBlockedResult, isPublicContentAction, isValidScopeString, parseScope, parseScopes, requestContentReview, requiresContentReview, tryParseScope, validateAllScopesAccess, validateScopeAccess };

package/dist/multicorn-proxy.js CHANGED Viewed

@@ -1,8 +1,9 @@
 #!/usr/bin/env node
 import { existsSync } from 'fs';
-import { mkdir, writeFile, readFile, unlink } from 'fs/promises';
-import { join } from 'path';
+import { mkdir, writeFile, readFile, copyFile, unlink } from 'fs/promises';
+import { join, dirname } from 'path';
 import { homedir } from 'os';
+import { fileURLToPath } from 'url';
 import { createInterface } from 'readline';
 import { spawn } from 'child_process';
 import { createHash } from 'crypto';
@@ -386,6 +387,92 @@ async function isWindsurfConnected() {
     return false;
   }
 }
+function multicornShieldPackageRoot() {
+  return join(dirname(fileURLToPath(import.meta.url)), "..");
+}
+function getWindsurfHooksInstallDir() {
+  return join(homedir(), ".multicorn", "windsurf-hooks");
+}
+function getWindsurfCascadeHooksJsonPath() {
+  return join(homedir(), ".codeium", "windsurf", "hooks.json");
+}
+function isShieldWindsurfHookCommand(cmd) {
+  return cmd.includes("windsurf-hooks/pre-action.cjs") || cmd.includes("windsurf-hooks\\pre-action.cjs") || cmd.includes("windsurf-hooks/post-action.cjs") || cmd.includes("windsurf-hooks\\post-action.cjs");
+}
+function filterOutShieldWindsurfHooks(entries) {
+  if (!Array.isArray(entries)) return [];
+  const out = [];
+  for (const e of entries) {
+    if (typeof e !== "object" || e === null) continue;
+    const rec = e;
+    const cmd = rec["command"];
+    if (typeof cmd !== "string" || isShieldWindsurfHookCommand(cmd)) continue;
+    const powershell = rec["powershell"];
+    const show_output = rec["show_output"];
+    out.push({
+      command: cmd,
+      ...typeof powershell === "string" ? { powershell } : {},
+      ...show_output === true ? { show_output: true } : {}
+    });
+  }
+  return out;
+}
+async function installWindsurfNativeHooks() {
+  const root = multicornShieldPackageRoot();
+  const srcPre = join(root, "plugins", "windsurf", "hooks", "scripts", "pre-action.cjs");
+  const srcPost = join(root, "plugins", "windsurf", "hooks", "scripts", "post-action.cjs");
+  if (!existsSync(srcPre) || !existsSync(srcPost)) {
+    throw new Error(
+      `Could not find Shield Windsurf hook scripts at ${srcPre}. If you use npm, install the latest multicorn-shield package.`
+    );
+  }
+  const installDir = getWindsurfHooksInstallDir();
+  await mkdir(installDir, { recursive: true });
+  const destPre = join(installDir, "pre-action.cjs");
+  const destPost = join(installDir, "post-action.cjs");
+  await copyFile(srcPre, destPre);
+  await copyFile(srcPost, destPost);
+  const preCmd = `node ${JSON.stringify(destPre)}`;
+  const postCmd = `node ${JSON.stringify(destPost)}`;
+  const preEntry = { command: preCmd, powershell: preCmd, show_output: true };
+  const postEntry = { command: postCmd, powershell: postCmd };
+  const hooksPath = getWindsurfCascadeHooksJsonPath();
+  let base = { hooks: {} };
+  try {
+    const raw = await readFile(hooksPath, "utf8");
+    base = JSON.parse(raw);
+  } catch (err) {
+    if (!isErrnoException(err) || err.code !== "ENOENT") {
+      throw err;
+    }
+  }
+  const hooks = base["hooks"] ?? {};
+  const preKeys = [
+    "pre_read_code",
+    "pre_write_code",
+    "pre_run_command",
+    "pre_mcp_tool_use"
+  ];
+  const postKeys = [
+    "post_read_code",
+    "post_write_code",
+    "post_run_command",
+    "post_mcp_tool_use"
+  ];
+  const nextHooks = { ...hooks };
+  for (const k of preKeys) {
+    const merged = filterOutShieldWindsurfHooks(nextHooks[k]);
+    nextHooks[k] = [...merged, preEntry];
+  }
+  for (const k of postKeys) {
+    const merged = filterOutShieldWindsurfHooks(nextHooks[k]);
+    nextHooks[k] = [...merged, postEntry];
+  }
+  base["hooks"] = nextHooks;
+  const hooksDir = dirname(hooksPath);
+  await mkdir(hooksDir, { recursive: true });
+  await writeFile(hooksPath, JSON.stringify(base, null, 2) + "\n", { encoding: "utf8" });
+}
 var PLATFORM_LABELS = ["OpenClaw", "Claude Code", "Cursor", "Windsurf", "Local MCP / Other"];
 var PLATFORM_BY_SELECTION = {
   1: "openclaw",
@@ -430,6 +517,23 @@ async function promptPlatformSelection(ask) {
   }
   return selection;
 }
+async function promptWindsurfIntegrationMode(ask) {
+  process.stderr.write("\n" + style.bold("Windsurf integration") + "\n");
+  process.stderr.write(
+    "  " + style.violet("1") + ". Native plugin (recommended) \u2014 Cascade Hooks see every file, terminal, and MCP action\n"
+  );
+  process.stderr.write(
+    "  " + style.violet("2") + ". Hosted proxy \u2014 govern MCP traffic only (paste proxy URL into mcp_config)\n"
+  );
+  let choice = 0;
+  while (choice === 0) {
+    const input = await ask("Choose integration (1-2): ");
+    const num = parseInt(input.trim(), 10);
+    if (num === 1) choice = 1;
+    if (num === 2) choice = 2;
+  }
+  return choice === 1 ? "native" : "hosted";
+}
 async function promptAgentName(ask, platform) {
   const defaultAgentName = DEFAULT_AGENT_NAMES[platform] ?? "my-agent";
   let agentName = "";
@@ -823,6 +927,80 @@ An agent for ${selectedLabel} already exists: ${style.cyan(existingForPlatform.n
         agentName
       });
       setupSucceeded = true;
+    } else if (selection === 4) {
+      const windsurfMode = await promptWindsurfIntegrationMode(ask);
+      if (windsurfMode === "native") {
+        try {
+          await installWindsurfNativeHooks();
+          process.stderr.write("\n" + style.bold("Shield Windsurf hooks installed") + "\n");
+          process.stderr.write(
+            style.dim("Scripts: ") + style.cyan(getWindsurfHooksInstallDir()) + "\n"
+          );
+          process.stderr.write(
+            style.dim("Hooks config: ") + style.cyan(getWindsurfCascadeHooksJsonPath()) + "\n"
+          );
+          process.stderr.write(
+            "\n" + style.dim(
+              "The Shield hook runs with your user permissions. It intercepts Cascade actions to check permissions and log activity. Review the scripts under "
+            ) + style.cyan("~/.multicorn/windsurf-hooks") + style.dim(" if that is a concern.") + "\n\n"
+          );
+          process.stderr.write(
+            style.dim("Restart Windsurf (quit fully, then reopen) so hooks load.") + "\n"
+          );
+          configuredAgents.push({
+            selection,
+            platform: selectedPlatform,
+            platformLabel: selectedLabel,
+            agentName,
+            windsurfIntegration: "native"
+          });
+          setupSucceeded = true;
+        } catch (error) {
+          const detail = error instanceof Error ? error.message : String(error);
+          process.stderr.write(style.red("\u2717 ") + detail + "\n");
+        }
+      } else {
+        const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
+        let proxyUrl = "";
+        let created = false;
+        while (!created) {
+          const spinner = withSpinner("Creating proxy config...");
+          try {
+            proxyUrl = await createProxyConfig(
+              resolvedBaseUrl,
+              apiKey,
+              agentName,
+              targetUrl,
+              shortName,
+              selectedPlatform
+            );
+            spinner.stop(true, "Proxy config created!");
+            created = true;
+          } catch (error) {
+            const detail = error instanceof Error ? error.message : String(error);
+            spinner.stop(false, detail);
+            const retry = await ask("Try again? (Y/n) ");
+            if (retry.trim().toLowerCase() === "n") {
+              break;
+            }
+          }
+        }
+        if (created && proxyUrl.length > 0) {
+          process.stderr.write("\n" + style.bold("Your Shield proxy URL:") + "\n");
+          process.stderr.write("  " + style.cyan(proxyUrl) + "\n");
+          printPlatformSnippet(selectedPlatform, proxyUrl, shortName, apiKey);
+          configuredAgents.push({
+            selection,
+            platform: selectedPlatform,
+            platformLabel: selectedLabel,
+            agentName,
+            shortName,
+            proxyUrl,
+            windsurfIntegration: "hosted"
+          });
+          setupSucceeded = true;
+        }
+      }
     } else {
       const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
       let proxyUrl = "";
@@ -925,14 +1103,20 @@ An agent for ${selectedLabel} already exists: ${style.cyan(existingForPlatform.n
         "\n" + style.bold("To complete your Cursor setup:") + "\n  1. If you don't have Cursor yet, download it from " + style.cyan("https://cursor.com/downloads") + "\n  2. Open " + style.cyan("~/.cursor/mcp.json") + " and paste the config snippet shown above\n  3. Restart Cursor (or launch it for the first time) to load the new MCP server\n"
       );
     }
-    if (configuredPlatforms.has("windsurf")) {
+    const windsurfNativeConfigured = configuredAgents.some(
+      (a) => a.platform === "windsurf" && a.windsurfIntegration === "native"
+    );
+    const windsurfHostedConfigured = configuredAgents.some(
+      (a) => a.platform === "windsurf" && a.windsurfIntegration === "hosted"
+    );
+    if (windsurfNativeConfigured) {
       blocks.push(
-        "\n" + style.bold("To complete your Windsurf setup:") + "\n  1. If you don't have Windsurf yet, download it from " + style.cyan("https://windsurf.com/download") + "\n  2. Open " + style.cyan("~/.codeium/windsurf/mcp_config.json") + " and paste the config snippet shown above\n  3. Restart Windsurf (or launch it for the first time) to load the new MCP server\n"
+        "\n" + style.bold("To complete native Windsurf (Shield) setup:") + "\n  1. Hook scripts: " + style.cyan(getWindsurfHooksInstallDir()) + "\n  2. Hooks config: " + style.cyan(getWindsurfCascadeHooksJsonPath()) + "\n  3. Restart Windsurf (quit fully, then reopen)\n"
       );
     }
-    if (configuredPlatforms.has("windsurf")) {
+    if (windsurfHostedConfigured) {
       blocks.push(
-        "\n" + style.bold("To complete your Windsurf setup:") + "\n  Config file: " + style.cyan("~/.codeium/windsurf/mcp_config.json") + "\n  Restart Windsurf to load the new MCP server.\n"
+        "\n" + style.bold("To complete your Windsurf hosted-proxy setup:") + "\n  1. If you don't have Windsurf yet, download it from " + style.cyan("https://windsurf.com/download") + "\n  2. Open " + style.cyan("~/.codeium/windsurf/mcp_config.json") + " and paste the config snippet shown above\n  3. Restart Windsurf (or launch it for the first time) to load the new MCP server\n"
       );
     }
     if (blocks.length > 0) {

package/dist/multicorn-shield.js CHANGED Viewed

@@ -3,6 +3,7 @@ import { readFile, mkdir, writeFile } from 'fs/promises';
 import { join, dirname } from 'path';
 import 'fs';
 import { homedir } from 'os';
+import 'url';
 import 'readline';
 var CONFIG_DIR = join(homedir(), ".multicorn");

package/dist/shield-extension.js CHANGED Viewed

@@ -7,6 +7,7 @@ import process3 from 'process';
 import 'stream';
 import { spawn } from 'child_process';
 import { createHash } from 'crypto';
+import 'url';
 import 'readline';
 // Multicorn Shield Claude Desktop Extension - https://multicorn.ai
@@ -22358,7 +22359,7 @@ async function writeExtensionBackup(claudeDesktopConfigPath, mcpServers) {
 // package.json
 var package_default = {
-  version: "0.8.0"};
+  version: "0.10.0"};
 // src/package-meta.ts
 var PACKAGE_VERSION = package_default.version;

package/package.json CHANGED Viewed

@@ -1,8 +1,9 @@
 {
   "name": "multicorn-shield",
-  "version": "0.8.0",
+  "version": "0.10.0",
   "description": "The control layer for AI agents: permissions, consent, spending limits, and audit logging.",
   "license": "MIT",
+  "author": "Multicorn AI Pty Ltd",
   "type": "module",
   "main": "./dist/index.cjs",
   "module": "./dist/index.js",
@@ -35,9 +36,15 @@
   },
   "files": [
     "dist",
+    "plugins/windsurf",
     "LICENSE",
-    "README.md"
+    "README.md",
+    "CHANGELOG.md"
   ],
+  "publishConfig": {
+    "access": "public",
+    "provenance": true
+  },
   "sideEffects": false,
   "engines": {
     "node": ">=20"