multicorn-shield 1.3.6 → 1.4.1

package/CHANGELOG.md

@@ -9,6 +9,34 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Bump `version` in `package.json` before publishing to npm.
 
+## [1.4.1] - 2026-05-09
+
+### Changed
+
+- Upstream auth prompt accepts a raw API token (`Bearer` added automatically) or a full Authorization-style value (`Bearer`, `Basic`, `Token`, `ApiKey` prefixes are passed through unchanged)
+
+### Fixed
+
+- CLI replace flow no longer shows duplicate agent entries
+
+## [1.4.0] - 2026-05-08
+
+### Added
+
+- Hosted proxy wizard now prompts for upstream MCP server authentication (header name and value) when the target server requires credentials
+- Helpful examples shown during hosted proxy setup: common MCP server URLs (GitHub, Supabase, Atlassian, Stripe) with links to where to find tokens
+- Upstream auth headers are stored encrypted and forwarded by the proxy to the target MCP server on every request
+
+### Changed
+
+- Target MCP server URL prompt now shows common examples instead of a generic placeholder
+- "govern" replaced with "control" in all user-facing copy
+- "upstream auth" replaced with "server credentials" in all user-facing copy
+
+### Fixed
+
+- Hosted proxy connections to MCP servers requiring authentication (e.g. GitHub, Supabase) now work end-to-end - previously the proxy forwarded requests without credentials
+
 ## [1.3.6] - 2026-05-08
 
 ### Fixed

package/dist/multicorn-proxy.js

@@ -420,6 +420,17 @@ function stripAnsi(str) {
 function normalizeAgentName(raw) {
   return raw.toLowerCase().replace(/\s+/g, "-").replace(/[^a-z0-9-]/g, "").replace(/-{2,}/g, "-").replace(/^-+|-+$/g, "").slice(0, 50);
 }
+function formatUpstreamAuthorizationBearerHeader(raw) {
+  const t = raw.trim();
+  if (t.length === 0) return void 0;
+  if (UPSTREAM_AUTH_KNOWN_SCHEME_WITH_PAYLOAD.test(t)) {
+    return t;
+  }
+  if (/^(Bearer|Basic|Token|ApiKey)$/i.test(t)) {
+    return void 0;
+  }
+  return `Bearer ${t}`;
+}
 function isErrnoException(e) {
   return typeof e === "object" && e !== null && "code" in e;
 }
@@ -1500,8 +1511,8 @@ async function promptProxyConfig(ask, agentName) {
   while (targetUrl.length === 0) {
     process.stderr.write(
       "\n" + style.bold("Target MCP server URL:") + "\n" + style.dim(
-        "The URL of the MCP server you want Shield to protect. Example: https://your-server.example.com/mcp"
-      ) + "\n"
+        "This is the URL of the MCP server you want Shield to control. Common examples:"
+      ) + "\n" + style.dim("  GitHub:     https://api.githubcopilot.com/mcp/") + "\n" + style.dim("  Supabase:   https://mcp.supabase.com/sse") + "\n" + style.dim("  Atlassian:  https://mcp.atlassian.com/v1/sse") + "\n" + style.dim("  Stripe:     https://mcp.stripe.com/v1/sse") + "\n" + style.dim("Check your MCP server's documentation for the correct URL.") + "\n"
     );
     const input = await ask("URL: ");
     if (input.trim().length === 0) {
@@ -1521,10 +1532,44 @@ async function promptProxyConfig(ask, agentName) {
     targetUrl = input.trim();
   }
   const shortName = normalizeAgentName(agentName) || "shield-mcp";
-  return { targetUrl, shortName };
+  process.stderr.write(
+    "\n" + style.bold("Does this MCP server require authentication?") + "\n" + style.dim(
+      "Most MCP servers need a token or API key. Check the server's docs for how to get one:"
+    ) + "\n" + style.dim("  GitHub:     Settings > Developer Settings > Personal Access Tokens") + "\n" + style.dim(
+      "  Supabase:   Project Settings > API > anon or scoped key (service role bypasses RLS; avoid for most MCP)"
+    ) + "\n" + style.dim("  Atlassian:  id.atlassian.com > API Tokens") + "\n" + style.dim("  Stripe:     Dashboard > Developers > API Keys") + "\n"
+  );
+  const authReply = await ask("(y/N): ");
+  const authNorm = authReply.trim().toLowerCase();
+  const wantsAuth = authNorm === "y" || authNorm === "yes";
+  let upstreamHeaders;
+  if (wantsAuth) {
+    process.stderr.write(
+      "\n" + style.bold("Enter your API token or full Authorization header value.") + "\n" + style.dim("  Bearer tokens: ghp_xxxxxxxxxxxx (Bearer is added automatically)") + "\n" + style.dim("  Other schemes:  Basic dXNlcjpwYXNz (passed as-is)") + "\n"
+    );
+    const headerVal = await ask("Value: ");
+    const authHeader = formatUpstreamAuthorizationBearerHeader(headerVal);
+    if (authHeader !== void 0) {
+      upstreamHeaders = { Authorization: authHeader };
+    }
+  }
+  return {
+    targetUrl,
+    shortName,
+    ...upstreamHeaders !== void 0 ? { upstreamHeaders } : {}
+  };
 }
-async function createProxyConfig(baseUrl, apiKey, agentName, targetUrl, serverName, platform) {
+async function createProxyConfig(baseUrl, apiKey, agentName, targetUrl, serverName, platform, upstreamHeaders) {
   let response;
+  const body = {
+    server_name: serverName,
+    target_url: targetUrl,
+    platform,
+    agent_name: agentName
+  };
+  if (upstreamHeaders !== void 0 && Object.keys(upstreamHeaders).length > 0) {
+    body["upstream_headers"] = upstreamHeaders;
+  }
   try {
     response = await fetch(`${baseUrl}/api/v1/proxy/config`, {
       method: "POST",
@@ -1532,12 +1577,7 @@ async function createProxyConfig(baseUrl, apiKey, agentName, targetUrl, serverNa
         "Content-Type": "application/json",
         "X-Multicorn-Key": apiKey
       },
-      body: JSON.stringify({
-        server_name: serverName,
-        target_url: targetUrl,
-        platform,
-        agent_name: agentName
-      }),
+      body: JSON.stringify(body),
       signal: AbortSignal.timeout(1e4)
     });
   } catch (error) {
@@ -2035,7 +2075,7 @@ function printPlatformSnippet(platform, routingToken, shortName, apiKey) {
   }
 }
 function agentDisplayNameDedupeKey(name) {
-  return name.trim().toLowerCase();
+  return name.trim().normalize("NFKC").toLowerCase();
 }
 function normalizeAgentEntryForMerge(a) {
   const name = a.name.trim();
@@ -2262,6 +2302,9 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
         const victim = agentsForPlatform[replaceIdx];
         if (victim !== void 0) {
           removeAgentNameBeforeSave = victim.name;
+          process.stderr.write(
+            "\n" + style.dim("Replacing agent ") + style.cyan(victim.name) + style.dim("...") + "\n"
+          );
         }
       }
     }
@@ -2445,7 +2488,7 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
           }
         }
       } else {
-        const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
+        const { targetUrl, shortName, upstreamHeaders } = await promptProxyConfig(ask, agentName);
         let proxyUrl = "";
         let created = false;
         while (!created) {
@@ -2457,7 +2500,8 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
               agentName,
               targetUrl,
               shortName,
-              selectedPlatform
+              selectedPlatform,
+              upstreamHeaders
             );
             spinner.stop(true, "Proxy config created!");
             created = true;
@@ -2538,7 +2582,7 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
           }
         }
       } else {
-        const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
+        const { targetUrl, shortName, upstreamHeaders } = await promptProxyConfig(ask, agentName);
         let proxyUrl = "";
         let created = false;
         while (!created) {
@@ -2550,7 +2594,8 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
               agentName,
               targetUrl,
               shortName,
-              selectedPlatform
+              selectedPlatform,
+              upstreamHeaders
             );
             spinner.stop(true, "Proxy config created!");
             created = true;
@@ -2625,7 +2670,7 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
           }
         }
       } else {
-        const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
+        const { targetUrl, shortName, upstreamHeaders } = await promptProxyConfig(ask, agentName);
         let proxyUrl = "";
         let created = false;
         while (!created) {
@@ -2637,7 +2682,8 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
               agentName,
               targetUrl,
               shortName,
-              selectedPlatform
+              selectedPlatform,
+              upstreamHeaders
             );
             spinner.stop(true, "Proxy config created!");
             created = true;
@@ -2675,7 +2721,7 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
         }
       }
     } else {
-      const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
+      const { targetUrl, shortName, upstreamHeaders } = await promptProxyConfig(ask, agentName);
       let proxyUrl = "";
       let created = false;
       while (!created) {
@@ -2687,7 +2733,8 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
             agentName,
             targetUrl,
             shortName,
-            selectedPlatform
+            selectedPlatform,
+            upstreamHeaders
           );
           spinner.stop(true, "Proxy config created!");
           created = true;
@@ -2777,6 +2824,14 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
     }
     process.stderr.write("\n");
     const configuredPlatforms = new Set(configuredAgents.map((a) => a.platform));
+    const cursorMcpPromptLabel = (() => {
+      const rows = configuredAgents.filter((a) => a.platform === "cursor");
+      const last = rows[rows.length - 1];
+      if (last === void 0) return "shield-mcp";
+      const s = typeof last.shortName === "string" ? last.shortName.trim() : "";
+      if (s.length > 0) return s;
+      return last.agentName.trim().length > 0 ? last.agentName.trim() : "shield-mcp";
+    })();
     const blocks = [];
     if (configuredPlatforms.has("openclaw")) {
       blocks.push(
@@ -2795,7 +2850,7 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
     }
     if (configuredPlatforms.has("cursor")) {
       blocks.push(
-        "\n" + style.bold("Cursor") + "\n  \u2192 If needed, download Cursor from " + style.cyan("https://www.cursor.com/downloads") + "\n  \u2192 Restart Cursor so it loads the MCP server\n  \u2192 Try it: make a request in Cursor - Shield will intercept the first tool call and ask for your consent\n"
+        "\n" + style.bold("Cursor") + "\n  \u2192 If needed, download Cursor from " + style.cyan("https://www.cursor.com/downloads") + '\n  \u2192 Restart Cursor so it loads the MCP server\n  \u2192 Try it: make a request in Cursor - Shield will intercept the first tool call and ask for your consent\n  \u2192 Example: "Use the ' + cursorMcpPromptLabel + ' MCP server to list my GitHub repositories"\n'
       );
     }
     if (configuredPlatforms.has("kilo-code")) {
@@ -2885,7 +2940,7 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
   }
   return lastConfig;
 }
-var SECRET_JSON_FILE_OPTIONS, style, BANNER, NativePluginPrerequisiteMissingError, CONFIG_DIR, CONFIG_PATH, OPENCLAW_CONFIG_PATH, ANSI_PATTERN, OPENCLAW_MIN_VERSION, INIT_WIZARD_PLATFORM_REGISTRY, INIT_WIZARD_MENU_SECTIONS, INIT_WIZARD_SELECTION_MAX, PLATFORM_BY_SELECTION, HOSTED_PROXY_PLATFORMS_WITH_URL_KEY, DEFAULT_SHIELD_API_BASE_URL;
+var SECRET_JSON_FILE_OPTIONS, style, BANNER, NativePluginPrerequisiteMissingError, CONFIG_DIR, CONFIG_PATH, OPENCLAW_CONFIG_PATH, ANSI_PATTERN, UPSTREAM_AUTH_KNOWN_SCHEME_WITH_PAYLOAD, OPENCLAW_MIN_VERSION, INIT_WIZARD_PLATFORM_REGISTRY, INIT_WIZARD_MENU_SECTIONS, INIT_WIZARD_SELECTION_MAX, PLATFORM_BY_SELECTION, HOSTED_PROXY_PLATFORMS_WITH_URL_KEY, DEFAULT_SHIELD_API_BASE_URL;
 var init_config = __esm({
   "src/proxy/config.ts"() {
     init_consent();
@@ -2917,6 +2972,7 @@ var init_config = __esm({
     CONFIG_PATH = join(CONFIG_DIR, "config.json");
     OPENCLAW_CONFIG_PATH = join(homedir(), ".openclaw", "openclaw.json");
     ANSI_PATTERN = new RegExp(String.fromCharCode(27) + "\\[[0-9;]*[a-zA-Z]", "g");
+    UPSTREAM_AUTH_KNOWN_SCHEME_WITH_PAYLOAD = /^(Bearer|Basic|Token|ApiKey)(\s+)(.+)$/is;
     OPENCLAW_MIN_VERSION = "2026.2.26";
     INIT_WIZARD_PLATFORM_REGISTRY = [
       { slug: "openclaw", displayName: "OpenClaw", section: "native" },

package/dist/multicorn-shield.js

@@ -432,6 +432,18 @@ function stripAnsi(str) {
 function normalizeAgentName(raw) {
   return raw.toLowerCase().replace(/\s+/g, "-").replace(/[^a-z0-9-]/g, "").replace(/-{2,}/g, "-").replace(/^-+|-+$/g, "").slice(0, 50);
 }
+var UPSTREAM_AUTH_KNOWN_SCHEME_WITH_PAYLOAD = /^(Bearer|Basic|Token|ApiKey)(\s+)(.+)$/is;
+function formatUpstreamAuthorizationBearerHeader(raw) {
+  const t = raw.trim();
+  if (t.length === 0) return void 0;
+  if (UPSTREAM_AUTH_KNOWN_SCHEME_WITH_PAYLOAD.test(t)) {
+    return t;
+  }
+  if (/^(Bearer|Basic|Token|ApiKey)$/i.test(t)) {
+    return void 0;
+  }
+  return `Bearer ${t}`;
+}
 function isErrnoException(e) {
   return typeof e === "object" && e !== null && "code" in e;
 }
@@ -1571,8 +1583,8 @@ async function promptProxyConfig(ask, agentName) {
   while (targetUrl.length === 0) {
     process.stderr.write(
       "\n" + style.bold("Target MCP server URL:") + "\n" + style.dim(
-        "The URL of the MCP server you want Shield to protect. Example: https://your-server.example.com/mcp"
-      ) + "\n"
+        "This is the URL of the MCP server you want Shield to control. Common examples:"
+      ) + "\n" + style.dim("  GitHub:     https://api.githubcopilot.com/mcp/") + "\n" + style.dim("  Supabase:   https://mcp.supabase.com/sse") + "\n" + style.dim("  Atlassian:  https://mcp.atlassian.com/v1/sse") + "\n" + style.dim("  Stripe:     https://mcp.stripe.com/v1/sse") + "\n" + style.dim("Check your MCP server's documentation for the correct URL.") + "\n"
     );
     const input = await ask("URL: ");
     if (input.trim().length === 0) {
@@ -1592,10 +1604,44 @@ async function promptProxyConfig(ask, agentName) {
     targetUrl = input.trim();
   }
   const shortName = normalizeAgentName(agentName) || "shield-mcp";
-  return { targetUrl, shortName };
+  process.stderr.write(
+    "\n" + style.bold("Does this MCP server require authentication?") + "\n" + style.dim(
+      "Most MCP servers need a token or API key. Check the server's docs for how to get one:"
+    ) + "\n" + style.dim("  GitHub:     Settings > Developer Settings > Personal Access Tokens") + "\n" + style.dim(
+      "  Supabase:   Project Settings > API > anon or scoped key (service role bypasses RLS; avoid for most MCP)"
+    ) + "\n" + style.dim("  Atlassian:  id.atlassian.com > API Tokens") + "\n" + style.dim("  Stripe:     Dashboard > Developers > API Keys") + "\n"
+  );
+  const authReply = await ask("(y/N): ");
+  const authNorm = authReply.trim().toLowerCase();
+  const wantsAuth = authNorm === "y" || authNorm === "yes";
+  let upstreamHeaders;
+  if (wantsAuth) {
+    process.stderr.write(
+      "\n" + style.bold("Enter your API token or full Authorization header value.") + "\n" + style.dim("  Bearer tokens: ghp_xxxxxxxxxxxx (Bearer is added automatically)") + "\n" + style.dim("  Other schemes:  Basic dXNlcjpwYXNz (passed as-is)") + "\n"
+    );
+    const headerVal = await ask("Value: ");
+    const authHeader = formatUpstreamAuthorizationBearerHeader(headerVal);
+    if (authHeader !== void 0) {
+      upstreamHeaders = { Authorization: authHeader };
+    }
+  }
+  return {
+    targetUrl,
+    shortName,
+    ...upstreamHeaders !== void 0 ? { upstreamHeaders } : {}
+  };
 }
-async function createProxyConfig(baseUrl, apiKey, agentName, targetUrl, serverName, platform) {
+async function createProxyConfig(baseUrl, apiKey, agentName, targetUrl, serverName, platform, upstreamHeaders) {
   let response;
+  const body = {
+    server_name: serverName,
+    target_url: targetUrl,
+    platform,
+    agent_name: agentName
+  };
+  if (upstreamHeaders !== void 0 && Object.keys(upstreamHeaders).length > 0) {
+    body["upstream_headers"] = upstreamHeaders;
+  }
   try {
     response = await fetch(`${baseUrl}/api/v1/proxy/config`, {
       method: "POST",
@@ -1603,12 +1649,7 @@ async function createProxyConfig(baseUrl, apiKey, agentName, targetUrl, serverNa
         "Content-Type": "application/json",
         "X-Multicorn-Key": apiKey
       },
-      body: JSON.stringify({
-        server_name: serverName,
-        target_url: targetUrl,
-        platform,
-        agent_name: agentName
-      }),
+      body: JSON.stringify(body),
       signal: AbortSignal.timeout(1e4)
     });
   } catch (error) {
@@ -2114,7 +2155,7 @@ function printPlatformSnippet(platform, routingToken, shortName, apiKey) {
   }
 }
 function agentDisplayNameDedupeKey(name) {
-  return name.trim().toLowerCase();
+  return name.trim().normalize("NFKC").toLowerCase();
 }
 function normalizeAgentEntryForMerge(a) {
   const name = a.name.trim();
@@ -2342,6 +2383,9 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
         const victim = agentsForPlatform[replaceIdx];
         if (victim !== void 0) {
           removeAgentNameBeforeSave = victim.name;
+          process.stderr.write(
+            "\n" + style.dim("Replacing agent ") + style.cyan(victim.name) + style.dim("...") + "\n"
+          );
         }
       }
     }
@@ -2525,7 +2569,7 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
           }
         }
       } else {
-        const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
+        const { targetUrl, shortName, upstreamHeaders } = await promptProxyConfig(ask, agentName);
         let proxyUrl = "";
         let created = false;
         while (!created) {
@@ -2537,7 +2581,8 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
               agentName,
               targetUrl,
               shortName,
-              selectedPlatform
+              selectedPlatform,
+              upstreamHeaders
             );
             spinner.stop(true, "Proxy config created!");
             created = true;
@@ -2618,7 +2663,7 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
           }
         }
       } else {
-        const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
+        const { targetUrl, shortName, upstreamHeaders } = await promptProxyConfig(ask, agentName);
         let proxyUrl = "";
         let created = false;
         while (!created) {
@@ -2630,7 +2675,8 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
               agentName,
               targetUrl,
               shortName,
-              selectedPlatform
+              selectedPlatform,
+              upstreamHeaders
             );
             spinner.stop(true, "Proxy config created!");
             created = true;
@@ -2705,7 +2751,7 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
           }
         }
       } else {
-        const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
+        const { targetUrl, shortName, upstreamHeaders } = await promptProxyConfig(ask, agentName);
         let proxyUrl = "";
         let created = false;
         while (!created) {
@@ -2717,7 +2763,8 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
               agentName,
               targetUrl,
               shortName,
-              selectedPlatform
+              selectedPlatform,
+              upstreamHeaders
             );
             spinner.stop(true, "Proxy config created!");
             created = true;
@@ -2755,7 +2802,7 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
         }
       }
     } else {
-      const { targetUrl, shortName } = await promptProxyConfig(ask, agentName);
+      const { targetUrl, shortName, upstreamHeaders } = await promptProxyConfig(ask, agentName);
       let proxyUrl = "";
       let created = false;
       while (!created) {
@@ -2767,7 +2814,8 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
             agentName,
             targetUrl,
             shortName,
-            selectedPlatform
+            selectedPlatform,
+            upstreamHeaders
           );
           spinner.stop(true, "Proxy config created!");
           created = true;
@@ -2857,6 +2905,14 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
     }
     process.stderr.write("\n");
     const configuredPlatforms = new Set(configuredAgents.map((a) => a.platform));
+    const cursorMcpPromptLabel = (() => {
+      const rows = configuredAgents.filter((a) => a.platform === "cursor");
+      const last = rows[rows.length - 1];
+      if (last === void 0) return "shield-mcp";
+      const s = typeof last.shortName === "string" ? last.shortName.trim() : "";
+      if (s.length > 0) return s;
+      return last.agentName.trim().length > 0 ? last.agentName.trim() : "shield-mcp";
+    })();
     const blocks = [];
     if (configuredPlatforms.has("openclaw")) {
       blocks.push(
@@ -2875,7 +2931,7 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
     }
     if (configuredPlatforms.has("cursor")) {
       blocks.push(
-        "\n" + style.bold("Cursor") + "\n  \u2192 If needed, download Cursor from " + style.cyan("https://www.cursor.com/downloads") + "\n  \u2192 Restart Cursor so it loads the MCP server\n  \u2192 Try it: make a request in Cursor - Shield will intercept the first tool call and ask for your consent\n"
+        "\n" + style.bold("Cursor") + "\n  \u2192 If needed, download Cursor from " + style.cyan("https://www.cursor.com/downloads") + '\n  \u2192 Restart Cursor so it loads the MCP server\n  \u2192 Try it: make a request in Cursor - Shield will intercept the first tool call and ask for your consent\n  \u2192 Example: "Use the ' + cursorMcpPromptLabel + ' MCP server to list my GitHub repositories"\n'
       );
     }
     if (configuredPlatforms.has("kilo-code")) {

package/dist/shield-extension.js

@@ -3090,11 +3090,14 @@ var require_data = __commonJS({
   }
 });
 
-// node_modules/.pnpm/fast-uri@3.1.0/node_modules/fast-uri/lib/utils.js
+// node_modules/.pnpm/fast-uri@3.1.2/node_modules/fast-uri/lib/utils.js
 var require_utils = __commonJS({
-  "node_modules/.pnpm/fast-uri@3.1.0/node_modules/fast-uri/lib/utils.js"(exports$1, module) {
+  "node_modules/.pnpm/fast-uri@3.1.2/node_modules/fast-uri/lib/utils.js"(exports$1, module) {
     var isUUID = RegExp.prototype.test.bind(/^[\da-f]{8}-[\da-f]{4}-[\da-f]{4}-[\da-f]{4}-[\da-f]{12}$/iu);
     var isIPv4 = RegExp.prototype.test.bind(/^(?:(?:25[0-5]|2[0-4]\d|1\d{2}|[1-9]\d|\d)\.){3}(?:25[0-5]|2[0-4]\d|1\d{2}|[1-9]\d|\d)$/u);
+    var isHexPair = RegExp.prototype.test.bind(/^[\da-f]{2}$/iu);
+    var isUnreserved = RegExp.prototype.test.bind(/^[\da-z\-._~]$/iu);
+    var isPathCharacter = RegExp.prototype.test.bind(/^[\da-z\-._~!$&'()*+,;=:@/]$/iu);
     function stringArrayToHexStripped(input) {
       let acc = "";
       let code = 0;
@@ -3287,27 +3290,77 @@ var require_utils = __commonJS({
       }
       return output.join("");
     }
-    function normalizeComponentEncoding(component, esc2) {
-      const func = esc2 !== true ? escape : unescape;
-      if (component.scheme !== void 0) {
-        component.scheme = func(component.scheme);
-      }
-      if (component.userinfo !== void 0) {
-        component.userinfo = func(component.userinfo);
-      }
-      if (component.host !== void 0) {
-        component.host = func(component.host);
+    var HOST_DELIMS = { "@": "%40", "/": "%2F", "?": "%3F", "#": "%23", ":": "%3A" };
+    var HOST_DELIM_RE = /[@/?#:]/g;
+    var HOST_DELIM_NO_COLON_RE = /[@/?#]/g;
+    function reescapeHostDelimiters(host, isIP) {
+      const re = isIP ? HOST_DELIM_NO_COLON_RE : HOST_DELIM_RE;
+      re.lastIndex = 0;
+      return host.replace(re, (ch) => HOST_DELIMS[ch]);
+    }
+    function normalizePercentEncoding(input, decodeUnreserved = false) {
+      if (input.indexOf("%") === -1) {
+        return input;
       }
-      if (component.path !== void 0) {
-        component.path = func(component.path);
+      let output = "";
+      for (let i = 0; i < input.length; i++) {
+        if (input[i] === "%" && i + 2 < input.length) {
+          const hex3 = input.slice(i + 1, i + 3);
+          if (isHexPair(hex3)) {
+            const normalizedHex = hex3.toUpperCase();
+            const decoded = String.fromCharCode(parseInt(normalizedHex, 16));
+            if (decodeUnreserved && isUnreserved(decoded)) {
+              output += decoded;
+            } else {
+              output += "%" + normalizedHex;
+            }
+            i += 2;
+            continue;
+          }
+        }
+        output += input[i];
       }
-      if (component.query !== void 0) {
-        component.query = func(component.query);
+      return output;
+    }
+    function normalizePathEncoding(input) {
+      let output = "";
+      for (let i = 0; i < input.length; i++) {
+        if (input[i] === "%" && i + 2 < input.length) {
+          const hex3 = input.slice(i + 1, i + 3);
+          if (isHexPair(hex3)) {
+            const normalizedHex = hex3.toUpperCase();
+            const decoded = String.fromCharCode(parseInt(normalizedHex, 16));
+            if (decoded !== "." && isUnreserved(decoded)) {
+              output += decoded;
+            } else {
+              output += "%" + normalizedHex;
+            }
+            i += 2;
+            continue;
+          }
+        }
+        if (isPathCharacter(input[i])) {
+          output += input[i];
+        } else {
+          output += escape(input[i]);
+        }
       }
-      if (component.fragment !== void 0) {
-        component.fragment = func(component.fragment);
+      return output;
+    }
+    function escapePreservingEscapes(input) {
+      let output = "";
+      for (let i = 0; i < input.length; i++) {
+        if (input[i] === "%" && i + 2 < input.length) {
+          const hex3 = input.slice(i + 1, i + 3);
+          if (isHexPair(hex3)) {
+            output += "%" + hex3.toUpperCase();
+            i += 2;
+            continue;
+          }
+        }
+        output += escape(input[i]);
       }
-      return component;
+      return output;
     }
     function recomposeAuthority(component) {
       const uriTokens = [];
@@ -3322,7 +3375,7 @@ var require_utils = __commonJS({
           if (ipV6res.isIPV6 === true) {
             host = `[${ipV6res.escapedHost}]`;
           } else {
-            host = component.host;
+            host = reescapeHostDelimiters(host, false);
           }
         }
         uriTokens.push(host);
@@ -3336,7 +3389,10 @@ var require_utils = __commonJS({
     module.exports = {
       nonSimpleDomain,
       recomposeAuthority,
-      normalizeComponentEncoding,
+      reescapeHostDelimiters,
+      normalizePercentEncoding,
+      normalizePathEncoding,
+      escapePreservingEscapes,
       removeDotSegments,
       isIPv4,
       isUUID,
@@ -3346,9 +3402,9 @@ var require_utils = __commonJS({
   }
 });
 
-// node_modules/.pnpm/fast-uri@3.1.0/node_modules/fast-uri/lib/schemes.js
+// node_modules/.pnpm/fast-uri@3.1.2/node_modules/fast-uri/lib/schemes.js
 var require_schemes = __commonJS({
-  "node_modules/.pnpm/fast-uri@3.1.0/node_modules/fast-uri/lib/schemes.js"(exports$1, module) {
+  "node_modules/.pnpm/fast-uri@3.1.2/node_modules/fast-uri/lib/schemes.js"(exports$1, module) {
     var { isUUID } = require_utils();
     var URN_REG = /([\da-z][\d\-a-z]{0,31}):((?:[\w!$'()*+,\-.:;=@]|%[\da-f]{2})+)/iu;
     var supportedSchemeNames = (
@@ -3555,15 +3611,15 @@ var require_schemes = __commonJS({
   }
 });
 
-// node_modules/.pnpm/fast-uri@3.1.0/node_modules/fast-uri/index.js
+// node_modules/.pnpm/fast-uri@3.1.2/node_modules/fast-uri/index.js
 var require_fast_uri = __commonJS({
-  "node_modules/.pnpm/fast-uri@3.1.0/node_modules/fast-uri/index.js"(exports$1, module) {
-    var { normalizeIPv6, removeDotSegments, recomposeAuthority, normalizeComponentEncoding, isIPv4, nonSimpleDomain } = require_utils();
+  "node_modules/.pnpm/fast-uri@3.1.2/node_modules/fast-uri/index.js"(exports$1, module) {
+    var { normalizeIPv6, removeDotSegments, recomposeAuthority, normalizePercentEncoding, normalizePathEncoding, escapePreservingEscapes, reescapeHostDelimiters, isIPv4, nonSimpleDomain } = require_utils();
     var { SCHEMES, getSchemeHandler } = require_schemes();
     function normalize(uri, options) {
       if (typeof uri === "string") {
         uri = /** @type {T} */
-        serialize(parse3(uri, options), options);
+        normalizeString(uri, options);
       } else if (typeof uri === "object") {
         uri = /** @type {T} */
         parse3(serialize(uri, options), options);
@@ -3630,19 +3686,9 @@ var require_fast_uri = __commonJS({
       return target;
     }
     function equal(uriA, uriB, options) {
-      if (typeof uriA === "string") {
-        uriA = unescape(uriA);
-        uriA = serialize(normalizeComponentEncoding(parse3(uriA, options), true), { ...options, skipEscape: true });
-      } else if (typeof uriA === "object") {
-        uriA = serialize(normalizeComponentEncoding(uriA, true), { ...options, skipEscape: true });
-      }
-      if (typeof uriB === "string") {
-        uriB = unescape(uriB);
-        uriB = serialize(normalizeComponentEncoding(parse3(uriB, options), true), { ...options, skipEscape: true });
-      } else if (typeof uriB === "object") {
-        uriB = serialize(normalizeComponentEncoding(uriB, true), { ...options, skipEscape: true });
-      }
-      return uriA.toLowerCase() === uriB.toLowerCase();
+      const normalizedA = normalizeComparableURI(uriA, options);
+      const normalizedB = normalizeComparableURI(uriB, options);
+      return normalizedA !== void 0 && normalizedB !== void 0 && normalizedA.toLowerCase() === normalizedB.toLowerCase();
     }
     function serialize(cmpts, opts) {
       const component = {
@@ -3667,12 +3713,12 @@ var require_fast_uri = __commonJS({
       if (schemeHandler && schemeHandler.serialize) schemeHandler.serialize(component, options);
       if (component.path !== void 0) {
         if (!options.skipEscape) {
-          component.path = escape(component.path);
+          component.path = escapePreservingEscapes(component.path);
           if (component.scheme !== void 0) {
             component.path = component.path.split("%3A").join(":");
           }
         } else {
-          component.path = unescape(component.path);
+          component.path = normalizePercentEncoding(component.path);
         }
       }
       if (options.reference !== "suffix" && component.scheme) {
@@ -3707,7 +3753,16 @@ var require_fast_uri = __commonJS({
       return uriTokens.join("");
     }
     var URI_PARSE = /^(?:([^#/:?]+):)?(?:\/\/((?:([^#/?@]*)@)?(\[[^#/?\]]+\]|[^#/:?]*)(?::(\d*))?))?([^#?]*)(?:\?([^#]*))?(?:#((?:.|[\n\r])*))?/u;
-    function parse3(uri, opts) {
+    function getParseError(parsed, matches) {
+      if (matches[2] !== void 0 && parsed.path && parsed.path[0] !== "/") {
+        return 'URI path must start with "/" when authority is present.';
+      }
+      if (typeof parsed.port === "number" && (parsed.port < 0 || parsed.port > 65535)) {
+        return "URI port is malformed.";
+      }
+      return void 0;
+    }
+    function parseWithStatus(uri, opts) {
       const options = Object.assign({}, opts);
       const parsed = {
         scheme: void 0,
@@ -3718,6 +3773,7 @@ var require_fast_uri = __commonJS({
         query: void 0,
         fragment: void 0
       };
+      let malformedAuthorityOrPort = false;
       let isIP = false;
       if (options.reference === "suffix") {
         if (options.scheme) {
@@ -3738,6 +3794,11 @@ var require_fast_uri = __commonJS({
         if (isNaN(parsed.port)) {
           parsed.port = matches[5];
         }
+        const parseError = getParseError(parsed, matches);
+        if (parseError !== void 0) {
+          parsed.error = parsed.error || parseError;
+          malformedAuthorityOrPort = true;
+        }
         if (parsed.host) {
           const ipv4result = isIPv4(parsed.host);
           if (ipv4result === false) {
@@ -3776,14 +3837,18 @@ var require_fast_uri = __commonJS({
               parsed.scheme = unescape(parsed.scheme);
             }
             if (parsed.host !== void 0) {
-              parsed.host = unescape(parsed.host);
+              parsed.host = reescapeHostDelimiters(unescape(parsed.host), isIP);
             }
           }
           if (parsed.path) {
-            parsed.path = escape(unescape(parsed.path));
+            parsed.path = normalizePathEncoding(parsed.path);
           }
           if (parsed.fragment) {
-            parsed.fragment = encodeURI(decodeURIComponent(parsed.fragment));
+            try {
+              parsed.fragment = encodeURI(decodeURIComponent(parsed.fragment));
+            } catch {
+              parsed.error = parsed.error || "URI malformed";
+            }
           }
         }
         if (schemeHandler && schemeHandler.parse) {
@@ -3792,7 +3857,29 @@ var require_fast_uri = __commonJS({
       } else {
         parsed.error = parsed.error || "URI can not be parsed.";
       }
-      return parsed;
+      return { parsed, malformedAuthorityOrPort };
+    }
+    function parse3(uri, opts) {
+      return parseWithStatus(uri, opts).parsed;
+    }
+    function normalizeString(uri, opts) {
+      return normalizeStringWithStatus(uri, opts).normalized;
+    }
+    function normalizeStringWithStatus(uri, opts) {
+      const { parsed, malformedAuthorityOrPort } = parseWithStatus(uri, opts);
+      return {
+        normalized: malformedAuthorityOrPort ? uri : serialize(parsed, opts),
+        malformedAuthorityOrPort
+      };
+    }
+    function normalizeComparableURI(uri, opts) {
+      if (typeof uri === "string") {
+        const { normalized, malformedAuthorityOrPort } = normalizeStringWithStatus(uri, opts);
+        return malformedAuthorityOrPort ? void 0 : normalized;
+      }
+      if (typeof uri === "object") {
+        return serialize(uri, opts);
+      }
     }
     var fastUri = {
       SCHEMES,
@@ -22417,7 +22504,7 @@ async function writeExtensionBackup(claudeDesktopConfigPath, mcpServers) {
 
 // package.json
 var package_default = {
-  version: "1.3.6"};
+  version: "1.4.1"};
 
 // src/package-meta.ts
 var PACKAGE_VERSION = package_default.version;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "multicorn-shield",
-  "version": "1.3.6",
+  "version": "1.4.1",
   "description": "The control layer for AI agents: permissions, consent, spending limits, and audit logging.",
   "license": "MIT",
   "author": "Multicorn AI Pty Ltd",