multicorn-shield 1.4.1 → 1.6.0

package/CHANGELOG.md

@@ -9,6 +9,25 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Bump `version` in `package.json` before publishing to npm.
 
+## [1.5.0] - 2026-05-10
+
+### Added
+
+- Claude Code promotion note when selecting Cursor in the CLI
+- Example usage prompt in CLI "Next steps" output
+- `--version` flag prints version number and exits
+- Consent-required errors now display a clear multi-line message with the approval URL on its own line
+
+### Changed
+
+- Auth prompt detects token pasted at the y/N confirmation and treats it as the token value directly
+- Single-item arrow select skips the interactive picker and selects immediately
+- Blocked response message reformatted for clarity
+
+### Fixed
+
+- Hosted proxy blocks `.well-known` OAuth discovery probes to prevent `mcp-remote` entering OAuth mode
+
 ## [1.4.1] - 2026-05-09
 
 ### Changed

package/dist/multicorn-proxy.js

@@ -1411,6 +1411,12 @@ async function promptWindsurfIntegrationMode(ask) {
   return choice === 1 ? "native" : "hosted";
 }
 async function arrowSelect(options, ask, fallbackLabel) {
+  if (options.length === 1) {
+    const only = options[0] ?? "";
+    process.stderr.write(`${style.violet("\u276F")} ${style.cyan(only)}
+`);
+    return 0;
+  }
   const canRaw = process.stdin.isTTY && typeof process.stdin.setRawMode === "function";
   if (!canRaw) {
     for (let i = 0; i < options.length; i++) {
@@ -1463,7 +1469,7 @@ async function arrowSelect(options, ask, fallbackLabel) {
         cleanup();
         clearLines();
         const chosen = options.at(idx);
-        if (chosen !== void 0) {
+        if (chosen !== void 0 && options.length > 1) {
           process.stderr.write(`${style.violet("\u276F")} ${style.cyan(chosen)}
 `);
         }
@@ -2813,6 +2819,14 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
   }
   rl.close();
   if (configuredAgents.length > 0) {
+    let mcpPromptLabel2 = function(platformSlug) {
+      const rows = configuredAgents.filter((a) => a.platform === platformSlug);
+      const last = rows[rows.length - 1];
+      if (last === void 0) return "shield-mcp";
+      const s = typeof last.shortName === "string" ? last.shortName.trim() : "";
+      if (s.length > 0) return s;
+      return last.agentName.trim().length > 0 ? last.agentName.trim() : "shield-mcp";
+    };
     process.stderr.write("\n" + style.bold(style.violet("Setup complete")) + "\n\n");
     for (const agent of configuredAgents) {
       const namePart = agent.agentName.length > 0 ? ` - ${style.cyan(agent.agentName)}` : "";
@@ -2824,14 +2838,6 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
     }
     process.stderr.write("\n");
     const configuredPlatforms = new Set(configuredAgents.map((a) => a.platform));
-    const cursorMcpPromptLabel = (() => {
-      const rows = configuredAgents.filter((a) => a.platform === "cursor");
-      const last = rows[rows.length - 1];
-      if (last === void 0) return "shield-mcp";
-      const s = typeof last.shortName === "string" ? last.shortName.trim() : "";
-      if (s.length > 0) return s;
-      return last.agentName.trim().length > 0 ? last.agentName.trim() : "shield-mcp";
-    })();
     const blocks = [];
     if (configuredPlatforms.has("openclaw")) {
       blocks.push(
@@ -2844,13 +2850,15 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
       );
     }
     if (configuredPlatforms.has("claude-desktop")) {
+      const cdLabel = mcpPromptLabel2("claude-desktop");
       blocks.push(
-        "\n" + style.bold("Claude Desktop") + "\n  \u2192 Restart Claude Desktop to pick up config changes\n  \u2192 Try it: make a request in Claude Desktop - Shield will intercept the first tool call and ask for your consent\n"
+        "\n" + style.bold("Claude Desktop") + '\n  \u2192 Restart Claude Desktop to load the updated configuration\n  \u2192 Confirm connection: click your profile (bottom-left) \u2192 Settings \u2192 Developer\n    Check that "' + cdLabel + '" shows a green "running" status\n  \u2192 Try it: paste this into Claude Desktop:\n    "Use the ' + cdLabel + ' MCP server to list my GitHub repositories"\n'
       );
     }
     if (configuredPlatforms.has("cursor")) {
+      const cursorLabel = mcpPromptLabel2("cursor");
       blocks.push(
-        "\n" + style.bold("Cursor") + "\n  \u2192 If needed, download Cursor from " + style.cyan("https://www.cursor.com/downloads") + '\n  \u2192 Restart Cursor so it loads the MCP server\n  \u2192 Try it: make a request in Cursor - Shield will intercept the first tool call and ask for your consent\n  \u2192 Example: "Use the ' + cursorMcpPromptLabel + ' MCP server to list my GitHub repositories"\n'
+        "\n" + style.bold("Cursor") + "\n  \u2192 If needed, download Cursor from " + style.cyan("https://www.cursor.com/downloads") + '\n  \u2192 Restart Cursor so it loads the MCP server\n  \u2192 Confirm connection: open Settings \u2192 Tools & MCPs\n    Check that "' + cursorLabel + '" shows a green status indicator\n  \u2192 Try it: paste this into Cursor:\n    "Use the ' + cursorLabel + ' MCP server to list my GitHub repositories"\n'
       );
     }
     if (configuredPlatforms.has("kilo-code")) {
@@ -3438,9 +3446,13 @@ function extractToolCallParams(request) {
   if (typeof args !== "object" || args === null) return null;
   return { name, arguments: args };
 }
-function buildBlockedResponse(id, service, permissionLevel, dashboardUrl) {
+function buildBlockedResponse(id, service, _permissionLevel, dashboardUrl) {
   const displayService = capitalize(service);
-  const message = `Action blocked by Multicorn Shield: agent does not have ${permissionLevel} access to ${displayService}. Configure permissions at ${dashboardUrl}`;
+  const message = `Action blocked by Shield
+
+This agent cannot use ${displayService}.
+
+Configure permissions: ${dashboardUrl}`;
   return {
     jsonrpc: "2.0",
     id,
@@ -3974,6 +3986,192 @@ var init_restore = __esm({
   }
 });
 
+// package.json
+var package_default;
+var init_package = __esm({
+  "package.json"() {
+    package_default = {
+      name: "multicorn-shield",
+      version: "1.6.0",
+      description: "The control layer for AI agents: permissions, consent, spending limits, and audit logging.",
+      license: "MIT",
+      author: "Multicorn AI Pty Ltd",
+      type: "module",
+      main: "./dist/index.cjs",
+      module: "./dist/index.js",
+      types: "./dist/index.d.ts",
+      exports: {
+        ".": {
+          import: {
+            types: "./dist/index.d.ts",
+            default: "./dist/index.js"
+          },
+          require: {
+            types: "./dist/index.d.cts",
+            default: "./dist/index.cjs"
+          }
+        },
+        "./proxy": {
+          import: {
+            types: "./dist/proxy.d.ts",
+            default: "./dist/proxy.js"
+          },
+          require: {
+            types: "./dist/proxy.d.cts",
+            default: "./dist/proxy.cjs"
+          }
+        }
+      },
+      bin: {
+        "multicorn-shield": "./dist/multicorn-shield.js",
+        "multicorn-proxy": "./dist/multicorn-proxy.js"
+      },
+      files: [
+        "dist",
+        "plugins/multicorn-shield",
+        "plugins/windsurf",
+        "plugins/cline",
+        "plugins/gemini-cli",
+        "LICENSE",
+        "README.md",
+        "CHANGELOG.md"
+      ],
+      publishConfig: {
+        access: "public",
+        provenance: true
+      },
+      sideEffects: [
+        "dist/index.js",
+        "dist/index.cjs",
+        "dist/badge.js",
+        "src/badge/multicorn-badge.ts"
+      ],
+      engines: {
+        node: ">=20"
+      },
+      scripts: {
+        build: "tsup",
+        dev: "tsup --watch",
+        lint: "eslint . --no-warn-ignored && prettier --check .",
+        "lint:fix": "eslint --fix . --no-warn-ignored && prettier --write .",
+        test: "vitest run",
+        "test:watch": "vitest",
+        "test:coverage": "vitest run --coverage",
+        typecheck: "tsc --noEmit",
+        docs: "typedoc",
+        clean: "rm -rf dist coverage docs/api extension-pack",
+        "stage-extension-pack": "rm -rf extension-pack && mkdir -p extension-pack/server && cp manifest.json extension-pack/ && cp icon.png extension-pack/ && cp dist/shield-extension.js extension-pack/server/index.js",
+        "validate:extension": "pnpm run stage-extension-pack && mcpb validate extension-pack/manifest.json",
+        "build:extension": "tsup",
+        "pack:extension": "pnpm run build && pnpm run stage-extension-pack && mcpb validate extension-pack/manifest.json && mcpb pack extension-pack dist/multicorn-shield.mcpb",
+        size: "size-limit",
+        prepublishOnly: "pnpm run clean && pnpm run typecheck && pnpm run lint && pnpm run test && pnpm run build",
+        prepare: "husky || true",
+        "release:patch": "npm version patch && pnpm publish",
+        "release:minor": "npm version minor && pnpm publish",
+        "release:major": "npm version major && pnpm publish"
+      },
+      "lint-staged": {
+        "*.ts": [
+          "eslint --fix --no-warn-ignored",
+          "prettier --write"
+        ],
+        "*.{json,md}": [
+          "prettier --write"
+        ]
+      },
+      dependencies: {
+        "@modelcontextprotocol/sdk": "^1.27.1",
+        lit: "^3.2.0",
+        zod: "^4.3.6"
+      },
+      devDependencies: {
+        "@anthropic-ai/mcpb": "^2.1.2",
+        "@eslint/js": "^9.19.0",
+        "@open-wc/testing-helpers": "^3.0.1",
+        "@size-limit/file": "^11.1.6",
+        "@types/node": "^22.0.0",
+        "@vitest/coverage-v8": "^3.0.5",
+        eslint: "^9.19.0",
+        "eslint-config-prettier": "^10.0.1",
+        "eslint-plugin-unicorn": "^57.0.0",
+        globals: "^15.14.0",
+        husky: "^9.1.7",
+        jiti: "^2.4.2",
+        jsdom: "^25.0.1",
+        "lint-staged": "^16.2.7",
+        prettier: "^3.4.2",
+        "size-limit": "^11.1.6",
+        tsup: "^8.3.6",
+        typedoc: "^0.28.17",
+        typescript: "^5.7.3",
+        "typescript-eslint": "^8.22.0",
+        vite: "^7.3.2",
+        vitest: "^3.0.5"
+      },
+      "size-limit": [
+        {
+          path: "dist/index.js",
+          limit: "50 kB",
+          gzip: true
+        },
+        {
+          path: "dist/index.cjs",
+          limit: "50 kB",
+          gzip: true
+        },
+        {
+          path: "dist/badge.js",
+          limit: "5 kB",
+          gzip: true
+        }
+      ],
+      keywords: [
+        "ai",
+        "agents",
+        "permissions",
+        "sdk",
+        "typescript",
+        "consent",
+        "spending-limits",
+        "audit-log",
+        "mcp",
+        "shield",
+        "multicorn"
+      ],
+      repository: {
+        type: "git",
+        url: "git+https://github.com/Multicorn-AI/multicorn-shield.git"
+      },
+      bugs: {
+        url: "https://github.com/Multicorn-AI/multicorn-shield/issues"
+      },
+      homepage: "https://multicorn.ai",
+      pnpm: {
+        overrides: {
+          vite: ">=7.3.2",
+          flatted: ">=3.4.2",
+          minimatch: ">=10.2.3",
+          rollup: ">=4.59.0",
+          picomatch: ">=4.0.4",
+          "path-to-regexp": ">=8.4.0",
+          "node-forge": ">=1.4.0",
+          "fast-uri": ">=3.1.2"
+        }
+      }
+    };
+  }
+});
+
+// src/package-meta.ts
+var PACKAGE_VERSION;
+var init_package_meta = __esm({
+  "src/package-meta.ts"() {
+    init_package();
+    PACKAGE_VERSION = package_default.version;
+  }
+});
+
 // bin/multicorn-shield.ts
 var multicorn_shield_exports = {};
 __export(multicorn_shield_exports, {
@@ -4132,6 +4330,7 @@ function printHelp() {
       "      Shield's permission layer.",
       "",
       "Options:",
+      "  --version, -v        Print version and exit",
       "  --verbose, --debug   Print extra diagnostics during init (menu selection, agent counts)",
       "  --api-key <key>       Multicorn API key (overrides MULTICORN_API_KEY env var and config file)",
       "  --log-level <level>   Log level: debug | info | warn | error  (default: info)",
@@ -4156,6 +4355,11 @@ async function runCli() {
     );
     return;
   }
+  if (first === "--version" || first === "-v") {
+    process.stdout.write(`${PACKAGE_VERSION}
+`);
+    process.exit(0);
+  }
   const cli = parseArgs(process.argv);
   const logger = createLogger(cli.logLevel);
   if (cli.subcommand === "help") {
@@ -4302,6 +4506,7 @@ var init_multicorn_shield = __esm({
     init_logger();
     init_consent();
     init_restore();
+    init_package_meta();
     isDirectRun = process.argv[1] !== void 0 && (import.meta.url.endsWith(process.argv[1]) || import.meta.url === `file://${process.argv[1]}` || import.meta.url.endsWith("/multicorn-shield.js") || import.meta.url.endsWith("/multicorn-shield.ts"));
     if (isDirectRun && process.env["VITEST"] === void 0) {
       runCli().catch((error) => {

package/dist/multicorn-shield.js

@@ -1483,6 +1483,12 @@ async function promptWindsurfIntegrationMode(ask) {
   return choice === 1 ? "native" : "hosted";
 }
 async function arrowSelect(options, ask, fallbackLabel) {
+  if (options.length === 1) {
+    const only = options[0] ?? "";
+    process.stderr.write(`${style.violet("\u276F")} ${style.cyan(only)}
+`);
+    return 0;
+  }
   const canRaw = process.stdin.isTTY && typeof process.stdin.setRawMode === "function";
   if (!canRaw) {
     for (let i = 0; i < options.length; i++) {
@@ -1535,7 +1541,7 @@ async function arrowSelect(options, ask, fallbackLabel) {
         cleanup();
         clearLines();
         const chosen = options.at(idx);
-        if (chosen !== void 0) {
+        if (chosen !== void 0 && options.length > 1) {
           process.stderr.write(`${style.violet("\u276F")} ${style.cyan(chosen)}
 `);
         }
@@ -2894,6 +2900,14 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
   }
   rl.close();
   if (configuredAgents.length > 0) {
+    let mcpPromptLabel2 = function(platformSlug) {
+      const rows = configuredAgents.filter((a) => a.platform === platformSlug);
+      const last = rows[rows.length - 1];
+      if (last === void 0) return "shield-mcp";
+      const s = typeof last.shortName === "string" ? last.shortName.trim() : "";
+      if (s.length > 0) return s;
+      return last.agentName.trim().length > 0 ? last.agentName.trim() : "shield-mcp";
+    };
     process.stderr.write("\n" + style.bold(style.violet("Setup complete")) + "\n\n");
     for (const agent of configuredAgents) {
       const namePart = agent.agentName.length > 0 ? ` - ${style.cyan(agent.agentName)}` : "";
@@ -2905,14 +2919,6 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
     }
     process.stderr.write("\n");
     const configuredPlatforms = new Set(configuredAgents.map((a) => a.platform));
-    const cursorMcpPromptLabel = (() => {
-      const rows = configuredAgents.filter((a) => a.platform === "cursor");
-      const last = rows[rows.length - 1];
-      if (last === void 0) return "shield-mcp";
-      const s = typeof last.shortName === "string" ? last.shortName.trim() : "";
-      if (s.length > 0) return s;
-      return last.agentName.trim().length > 0 ? last.agentName.trim() : "shield-mcp";
-    })();
     const blocks = [];
     if (configuredPlatforms.has("openclaw")) {
       blocks.push(
@@ -2925,13 +2931,15 @@ You have ${String(agentsForPlatform.length)} agent(s) connected for ${selectedLa
       );
     }
     if (configuredPlatforms.has("claude-desktop")) {
+      const cdLabel = mcpPromptLabel2("claude-desktop");
       blocks.push(
-        "\n" + style.bold("Claude Desktop") + "\n  \u2192 Restart Claude Desktop to pick up config changes\n  \u2192 Try it: make a request in Claude Desktop - Shield will intercept the first tool call and ask for your consent\n"
+        "\n" + style.bold("Claude Desktop") + '\n  \u2192 Restart Claude Desktop to load the updated configuration\n  \u2192 Confirm connection: click your profile (bottom-left) \u2192 Settings \u2192 Developer\n    Check that "' + cdLabel + '" shows a green "running" status\n  \u2192 Try it: paste this into Claude Desktop:\n    "Use the ' + cdLabel + ' MCP server to list my GitHub repositories"\n'
       );
     }
     if (configuredPlatforms.has("cursor")) {
+      const cursorLabel = mcpPromptLabel2("cursor");
       blocks.push(
-        "\n" + style.bold("Cursor") + "\n  \u2192 If needed, download Cursor from " + style.cyan("https://www.cursor.com/downloads") + '\n  \u2192 Restart Cursor so it loads the MCP server\n  \u2192 Try it: make a request in Cursor - Shield will intercept the first tool call and ask for your consent\n  \u2192 Example: "Use the ' + cursorMcpPromptLabel + ' MCP server to list my GitHub repositories"\n'
+        "\n" + style.bold("Cursor") + "\n  \u2192 If needed, download Cursor from " + style.cyan("https://www.cursor.com/downloads") + '\n  \u2192 Restart Cursor so it loads the MCP server\n  \u2192 Confirm connection: open Settings \u2192 Tools & MCPs\n    Check that "' + cursorLabel + '" shows a green status indicator\n  \u2192 Try it: paste this into Cursor:\n    "Use the ' + cursorLabel + ' MCP server to list my GitHub repositories"\n'
       );
     }
     if (configuredPlatforms.has("kilo-code")) {
@@ -3397,9 +3405,13 @@ function extractToolCallParams(request) {
   if (typeof args !== "object" || args === null) return null;
   return { name, arguments: args };
 }
-function buildBlockedResponse(id, service, permissionLevel, dashboardUrl) {
+function buildBlockedResponse(id, service, _permissionLevel, dashboardUrl) {
   const displayService = capitalize(service);
-  const message = `Action blocked by Multicorn Shield: agent does not have ${permissionLevel} access to ${displayService}. Configure permissions at ${dashboardUrl}`;
+  const message = `Action blocked by Shield
+
+This agent cannot use ${displayService}.
+
+Configure permissions: ${dashboardUrl}`;
   return {
     jsonrpc: "2.0",
     id,
@@ -3901,6 +3913,13 @@ async function restoreClaudeDesktopMcpFromBackup() {
   });
 }
 
+// package.json
+var package_default = {
+  version: "1.6.0"};
+
+// src/package-meta.ts
+var PACKAGE_VERSION = package_default.version;
+
 // bin/multicorn-shield.ts
 function parseArgs(argv) {
   const args = argv.slice(2);
@@ -4053,6 +4072,7 @@ function printHelp() {
       "      Shield's permission layer.",
       "",
       "Options:",
+      "  --version, -v        Print version and exit",
       "  --verbose, --debug   Print extra diagnostics during init (menu selection, agent counts)",
       "  --api-key <key>       Multicorn API key (overrides MULTICORN_API_KEY env var and config file)",
       "  --log-level <level>   Log level: debug | info | warn | error  (default: info)",
@@ -4077,6 +4097,11 @@ async function runCli() {
     );
     return;
   }
+  if (first === "--version" || first === "-v") {
+    process.stdout.write(`${PACKAGE_VERSION}
+`);
+    process.exit(0);
+  }
   const cli = parseArgs(process.argv);
   const logger = createLogger(cli.logLevel);
   if (cli.subcommand === "help") {

package/dist/proxy.cjs

@@ -30,9 +30,13 @@ function extractToolCallParams(request) {
   if (typeof args !== "object" || args === null) return null;
   return { name, arguments: args };
 }
-function buildBlockedResponse(id, service, permissionLevel, dashboardUrl) {
+function buildBlockedResponse(id, service, _permissionLevel, dashboardUrl) {
   const displayService = capitalize(service);
-  const message = `Action blocked by Multicorn Shield: agent does not have ${permissionLevel} access to ${displayService}. Configure permissions at ${dashboardUrl}`;
+  const message = `Action blocked by Shield
+
+This agent cannot use ${displayService}.
+
+Configure permissions: ${dashboardUrl}`;
   return {
     jsonrpc: "2.0",
     id,

package/dist/proxy.d.cts

@@ -31,7 +31,7 @@ interface ToolCallParams {
 }
 declare function parseJsonRpcLine(line: string): JsonRpcRequest | null;
 declare function extractToolCallParams(request: JsonRpcRequest): ToolCallParams | null;
-declare function buildBlockedResponse(id: string | number | null, service: string, permissionLevel: string, dashboardUrl: string): JsonRpcResponse;
+declare function buildBlockedResponse(id: string | number | null, service: string, _permissionLevel: string, dashboardUrl: string): JsonRpcResponse;
 declare function buildSpendingBlockedResponse(id: string | number | null, reason: string, dashboardUrl: string): JsonRpcResponse;
 /**
  * Internal error: Shield could not verify permissions due to an exception.

package/dist/proxy.d.ts

@@ -31,7 +31,7 @@ interface ToolCallParams {
 }
 declare function parseJsonRpcLine(line: string): JsonRpcRequest | null;
 declare function extractToolCallParams(request: JsonRpcRequest): ToolCallParams | null;
-declare function buildBlockedResponse(id: string | number | null, service: string, permissionLevel: string, dashboardUrl: string): JsonRpcResponse;
+declare function buildBlockedResponse(id: string | number | null, service: string, _permissionLevel: string, dashboardUrl: string): JsonRpcResponse;
 declare function buildSpendingBlockedResponse(id: string | number | null, reason: string, dashboardUrl: string): JsonRpcResponse;
 /**
  * Internal error: Shield could not verify permissions due to an exception.

package/dist/proxy.js

@@ -28,9 +28,13 @@ function extractToolCallParams(request) {
   if (typeof args !== "object" || args === null) return null;
   return { name, arguments: args };
 }
-function buildBlockedResponse(id, service, permissionLevel, dashboardUrl) {
+function buildBlockedResponse(id, service, _permissionLevel, dashboardUrl) {
   const displayService = capitalize(service);
-  const message = `Action blocked by Multicorn Shield: agent does not have ${permissionLevel} access to ${displayService}. Configure permissions at ${dashboardUrl}`;
+  const message = `Action blocked by Shield
+
+This agent cannot use ${displayService}.
+
+Configure permissions: ${dashboardUrl}`;
   return {
     jsonrpc: "2.0",
     id,

package/dist/shield-extension.js

@@ -22504,7 +22504,7 @@ async function writeExtensionBackup(claudeDesktopConfigPath, mcpServers) {
 
 // package.json
 var package_default = {
-  version: "1.4.1"};
+  version: "1.6.0"};
 
 // src/package-meta.ts
 var PACKAGE_VERSION = package_default.version;
@@ -23067,7 +23067,7 @@ function resultSuggestsConsentNeeded(result) {
     return false;
   }
   const t = first.text;
-  return t.includes("Action blocked by Multicorn Shield") || t.includes("does not have") && t.includes("access to") || t.includes("Configure permissions at");
+  return t.includes("Action blocked by Shield") || t.includes("Permission required") || t.includes("This agent cannot use") || t.includes("does not have") && t.includes("access to") || t.includes("Configure permissions:");
 }
 
 // src/types/index.ts
@@ -23290,9 +23290,13 @@ function sleep2(ms) {
 var BLOCKED_ERROR_CODE = -32e3;
 var INTERNAL_ERROR_CODE = -32002;
 var SERVICE_UNREACHABLE_ERROR_CODE = -32003;
-function buildBlockedResponse(id, service, permissionLevel, dashboardUrl) {
+function buildBlockedResponse(id, service, _permissionLevel, dashboardUrl) {
   const displayService = capitalize(service);
-  const message = `Action blocked by Multicorn Shield: agent does not have ${permissionLevel} access to ${displayService}. Configure permissions at ${dashboardUrl}`;
+  const message = `Action blocked by Shield
+
+This agent cannot use ${displayService}.
+
+Configure permissions: ${dashboardUrl}`;
   return {
     jsonrpc: "2.0",
     id,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "multicorn-shield",
-  "version": "1.4.1",
+  "version": "1.6.0",
   "description": "The control layer for AI agents: permissions, consent, spending limits, and audit logging.",
   "license": "MIT",
   "author": "Multicorn AI Pty Ltd",