omnikey-cli 1.0.39 → 1.0.41

package/backend-dist/agent/mcpRuntime.js

@@ -0,0 +1,245 @@
+"use strict";
+// MCP client runtime.
+//
+// Maintains long-lived connections to each user-configured MCP server and
+// exposes their tools to the agent as `AITool` entries. The agent's tool
+// dispatcher routes any tool call whose name starts with `MCP_TOOL_PREFIX`
+// back here so it is forwarded to the originating MCP server.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MCP_TOOL_PREFIX = void 0;
+exports.getMcpToolsForSubscription = getMcpToolsForSubscription;
+exports.executeMcpTool = executeMcpTool;
+exports.invalidateMcpRuntimeForServer = invalidateMcpRuntimeForServer;
+exports.shutdownAllMcpClients = shutdownAllMcpClients;
+const index_js_1 = require("@modelcontextprotocol/sdk/client/index.js");
+const stdio_js_1 = require("@modelcontextprotocol/sdk/client/stdio.js");
+const sse_js_1 = require("@modelcontextprotocol/sdk/client/sse.js");
+const streamableHttp_js_1 = require("@modelcontextprotocol/sdk/client/streamableHttp.js");
+const config_1 = require("../config");
+const mcpServer_1 = require("../models/mcpServer");
+exports.MCP_TOOL_PREFIX = 'mcp_';
+const MAX_TOOL_NAME_LEN = 64;
+const CONNECT_TIMEOUT_MS = 15000;
+const clients = new Map(); // by MCPServer.id
+function slug(s) {
+    return s
+        .toLowerCase()
+        .replace(/[^a-z0-9]+/g, '_')
+        .replace(/^_+|_+$/g, '')
+        .slice(0, 30);
+}
+function buildToolName(serverName, toolName) {
+    const candidate = `${exports.MCP_TOOL_PREFIX}${slug(serverName)}__${slug(toolName)}`;
+    return candidate.slice(0, MAX_TOOL_NAME_LEN);
+}
+function isStdioAllowed() {
+    // Spawning arbitrary child processes is only safe in single-tenant (self-hosted)
+    // deployments. On a shared SaaS backend, stdio servers are disabled — only
+    // outbound HTTP/SSE transports are permitted.
+    return config_1.config.isSelfHosted === true || config_1.config.isLocal === true;
+}
+async function connectOne(server, log) {
+    try {
+        if (server.transport === 'stdio' && !isStdioAllowed()) {
+            throw new Error('stdio MCP transport is disabled in this deployment.');
+        }
+        const client = new index_js_1.Client({ name: 'omnikey-agent', version: '1.0.0' }, { capabilities: {} });
+        if (server.transport === 'stdio') {
+            if (!server.command)
+                throw new Error('command is required for stdio transport');
+            const transport = new stdio_js_1.StdioClientTransport({
+                command: server.command,
+                args: server.args ?? [],
+                // Pass-through the user-provided env in addition to a safe default set.
+                env: { ...process.env, ...(server.env ?? {}) },
+                stderr: 'pipe',
+            });
+            await withTimeout(client.connect(transport), CONNECT_TIMEOUT_MS, 'MCP stdio connect');
+        }
+        else if (server.transport === 'http') {
+            if (!server.url)
+                throw new Error('url is required for http transport');
+            const transport = new streamableHttp_js_1.StreamableHTTPClientTransport(new URL(server.url), {
+                requestInit: { headers: server.headers ?? {} },
+            });
+            await withTimeout(client.connect(transport), CONNECT_TIMEOUT_MS, 'MCP http connect');
+        }
+        else {
+            if (!server.url)
+                throw new Error('url is required for sse transport');
+            const transport = new sse_js_1.SSEClientTransport(new URL(server.url), {
+                requestInit: { headers: server.headers ?? {} },
+            });
+            await withTimeout(client.connect(transport), CONNECT_TIMEOUT_MS, 'MCP sse connect');
+        }
+        const listed = await withTimeout(client.listTools(), CONNECT_TIMEOUT_MS, 'MCP listTools');
+        const tools = (listed.tools ?? []).map((t) => ({
+            name: t.name,
+            description: t.description,
+            inputSchema: (t.inputSchema ?? { type: 'object', properties: {} }),
+        }));
+        await mcpServer_1.MCPServer.update({ lastConnectedAt: new Date(), lastError: null }, { where: { id: server.id } }).catch(() => undefined);
+        log.info('Connected to MCP server', {
+            mcpServerId: server.id,
+            mcpServerName: server.name,
+            transport: server.transport,
+            toolCount: tools.length,
+        });
+        return { serverId: server.id, serverName: server.name, client, tools };
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        log.warn('Failed to connect to MCP server', {
+            mcpServerId: server.id,
+            mcpServerName: server.name,
+            transport: server.transport,
+            error: message,
+        });
+        await mcpServer_1.MCPServer.update({ lastError: message }, { where: { id: server.id } }).catch(() => undefined);
+        return null;
+    }
+}
+async function getOrConnect(server, log) {
+    const cached = clients.get(server.id);
+    if (cached)
+        return cached;
+    const connected = await connectOne(server, log);
+    if (connected)
+        clients.set(server.id, connected);
+    return connected;
+}
+/**
+ * Builds the set of AI tool definitions exposed to the LLM for one subscription.
+ * Returns both the tool definitions and a dispatch map used by `executeMcpTool`
+ * to route a tool call back to the right (server, mcpToolName) pair.
+ */
+async function getMcpToolsForSubscription(subscriptionId, log) {
+    const aiTools = [];
+    const dispatch = new Map();
+    let servers;
+    try {
+        servers = await mcpServer_1.MCPServer.findAll({
+            where: { subscriptionId, isEnabled: true },
+        });
+    }
+    catch (err) {
+        log.error('Failed to load MCP servers for runtime', { error: err });
+        return { aiTools, dispatch };
+    }
+    // Connect / re-use clients in parallel.
+    const connected = await Promise.all(servers.map((s) => getOrConnect(s, log)));
+    for (const c of connected) {
+        if (!c)
+            continue;
+        for (const tool of c.tools) {
+            const toolName = buildToolName(c.serverName, tool.name);
+            if (dispatch.has(toolName)) {
+                log.warn('MCP tool name collision — skipping', {
+                    toolName,
+                    mcpServerName: c.serverName,
+                    mcpToolName: tool.name,
+                });
+                continue;
+            }
+            dispatch.set(toolName, { serverId: c.serverId, mcpToolName: tool.name });
+            aiTools.push({
+                name: toolName,
+                description: tool.description
+                    ? `[${c.serverName}] ${tool.description}`
+                    : `[${c.serverName}] MCP tool ${tool.name}`,
+                parameters: tool.inputSchema,
+            });
+        }
+    }
+    return { aiTools, dispatch };
+}
+/**
+ * Executes a previously-advertised MCP tool. `dispatch` must be the same map
+ * produced by `getMcpToolsForSubscription` for this turn (so we know which
+ * server and underlying tool name to forward to).
+ */
+async function executeMcpTool(toolName, args, dispatch, log) {
+    const entry = dispatch.get(toolName);
+    if (!entry) {
+        return `Error: unknown MCP tool "${toolName}".`;
+    }
+    const client = clients.get(entry.serverId);
+    if (!client) {
+        return `Error: MCP server for tool "${toolName}" is not connected.`;
+    }
+    try {
+        const result = await withTimeout(client.client.callTool({ name: entry.mcpToolName, arguments: args }), 60000, `MCP callTool ${toolName}`);
+        return stringifyMcpToolResult(result);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        log.warn('MCP tool call failed', {
+            toolName,
+            mcpServerId: entry.serverId,
+            mcpToolName: entry.mcpToolName,
+            error: message,
+        });
+        return `Error invoking MCP tool ${toolName}: ${message}`;
+    }
+}
+/**
+ * Disconnect (and forget) any cached client for the given MCP server id. Called
+ * by the CRUD routes after an MCP server row is updated or deleted so the next
+ * agent turn picks up the new config.
+ */
+async function invalidateMcpRuntimeForServer(serverId) {
+    const existing = clients.get(serverId);
+    if (!existing)
+        return;
+    clients.delete(serverId);
+    try {
+        await existing.client.close();
+    }
+    catch {
+        // ignore — the client may already be torn down.
+    }
+}
+/**
+ * Disconnect every cached client. Intended for graceful shutdown and tests.
+ */
+async function shutdownAllMcpClients() {
+    const all = Array.from(clients.values());
+    clients.clear();
+    await Promise.all(all.map((c) => c.client.close().catch(() => {
+        // ignore
+    })));
+}
+function stringifyMcpToolResult(result) {
+    if (!result || typeof result !== 'object')
+        return String(result ?? '');
+    const r = result;
+    if (Array.isArray(r.content)) {
+        const parts = r.content.map((item) => {
+            if (item && typeof item === 'object' && 'type' in item) {
+                const i = item;
+                if (i.type === 'text' && typeof i.text === 'string')
+                    return i.text;
+                if (i.type === 'image')
+                    return `[image: ${i.mimeType ?? 'unknown'}]`;
+                if (i.type === 'resource')
+                    return `[resource]`;
+            }
+            return JSON.stringify(item);
+        });
+        const joined = parts.join('\n');
+        return r.isError ? `Error from MCP tool: ${joined}` : joined;
+    }
+    return JSON.stringify(result);
+}
+function withTimeout(p, ms, label) {
+    return new Promise((resolve, reject) => {
+        const t = setTimeout(() => reject(new Error(`${label} timed out after ${ms}ms`)), ms);
+        p.then((v) => {
+            clearTimeout(t);
+            resolve(v);
+        }, (e) => {
+            clearTimeout(t);
+            reject(e);
+        });
+    });
+}

package/backend-dist/agent/utils.js

@@ -18,8 +18,8 @@ const imageTool_1 = require("./imageTool");
  *
  * @returns An array of `AITool` definitions ready to pass to the AI client.
  */
-function buildAvailableTools() {
-    return [web_search_provider_1.WEB_FETCH_TOOL, web_search_provider_1.WEB_SEARCH_TOOL, imageTool_1.IMAGE_GENERATE_TOOL];
+function buildAvailableTools(extraTools = []) {
+    return [web_search_provider_1.WEB_FETCH_TOOL, web_search_provider_1.WEB_SEARCH_TOOL, imageTool_1.IMAGE_GENERATE_TOOL, ...extraTools];
 }
 /**
  * Strips the `@omniagent` mention from user-supplied content.

package/backend-dist/index.js

@@ -14,12 +14,14 @@ const db_1 = require("./db");
 const logger_1 = require("./logger");
 const taskInstructionRoutes_1 = require("./taskInstructionRoutes");
 const scheduledJobRoutes_1 = require("./scheduledJobRoutes");
+const mcpServerRoutes_1 = require("./mcpServerRoutes");
 const scheduledJobExecutor_1 = require("./scheduledJobExecutor");
 const config_1 = require("./config");
 const agentServer_1 = require("./agent/agentServer");
 // Importing AgentSession and ScheduledJob ensures the models are registered with Sequelize before initDatabase().
 require("./models/agentSession");
 require("./models/scheduledJob");
+require("./models/mcpServer");
 const bucket_adapter_1 = require("./bucket-adapter");
 const app = (0, express_1.default)();
 const PORT = Number(config_1.config.port);
@@ -32,6 +34,7 @@ app.use('/api/subscription', (0, subscriptionRoutes_1.createSubscriptionRouter)(
 app.use('/api/feature', (0, featureRoutes_1.createFeatureRouter)());
 app.use('/api/instructions', (0, taskInstructionRoutes_1.taskInstructionRouter)());
 app.use('/api/scheduled-jobs', (0, scheduledJobRoutes_1.scheduledJobRouter)());
+app.use('/api/mcp-servers', (0, mcpServerRoutes_1.mcpServerRouter)());
 app.use('/api/agent', (0, agentServer_1.createAgentRouter)());
 app.get('/macos/download', (_req, res) => {
     const dmgPath = path_1.default.join(process.cwd(), 'macOS', 'OmniKeyAI.dmg');
@@ -74,8 +77,8 @@ app.get('/macos/appcast', (req, res) => {
     const appcastUrl = `${baseUrl}/macos/appcast`;
     // These should match the values embedded into the macOS app
     // Info.plist in macOS/build_release_dmg.sh.
-    const bundleVersion = '26';
-    const shortVersion = '1.0.25';
+    const bundleVersion = '29';
+    const shortVersion = '1.0.28';
     const xml = `<?xml version="1.0" encoding="utf-8"?>
 <rss version="2.0"
      xmlns:sparkle="http://www.andymatuschak.org/xml-namespaces/sparkle"
@@ -103,7 +106,7 @@ app.get('/macos/appcast', (req, res) => {
 // ── Windows distribution endpoints ───────────────────────────────────────────
 // These should match the values in windows/OmniKey.Windows.csproj
 // <Version> and windows/build_release_zip.ps1 $APP_VERSION.
-const WIN_VERSION = '1.9';
+const WIN_VERSION = '1.11';
 const WIN_ZIP_FILENAME = 'OmniKeyAI-windows-win-x64.zip';
 const WIN_ZIP_PATH = path_1.default.join(process.cwd(), 'windows', WIN_ZIP_FILENAME);
 // Serves the pre-built ZIP produced by windows/build_release_zip.ps1.
@@ -145,7 +148,7 @@ app.get('/windows/update', (req, res) => {
         version: WIN_VERSION,
         downloadUrl: `${baseUrl}/windows/download`,
         fileSize,
-        releaseNotes: `What's new in ${WIN_VERSION}\n\n• New cron job automation (Scheduled Jobs) — create recurring jobs with cron-style schedules or one-time jobs to run prompts automatically in the background.\n• Scheduled Jobs controls — add jobs, activate/deactivate them, run now on demand, refresh status, and view last-run history in the app.\n• OmniAgent session management — choose to start a new session or resume an existing one each time you run @omniAgent. Save a default to skip the picker automatically on future runs.\n• History button in the OmniAgent window — change your default session at any time without re-running the agent.\n• OmniAgent Session tray menu item — open session settings directly from the system tray.\n• Left-clicking the tray icon now opens the menu (previously right-click only).\n• Manual updated with detailed OmniAgent, session management, web search provider, and LLM provider documentation.`,
+        releaseNotes: `What's new in ${WIN_VERSION}\n\n• OmniAgent flow improvements\n• Bug fixes and performance enhancements\n\n Support for MCP servers now you can add any custom MCP server to OmniKeyAI using CLI or Windows app.`,
     });
 });
 app.get('/downloads/stats', async (_req, res) => {

package/backend-dist/mcpServerRoutes.js

@@ -0,0 +1,222 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.mcpServerRouter = mcpServerRouter;
+const express_1 = __importDefault(require("express"));
+const zod_1 = __importDefault(require("zod"));
+const authMiddleware_1 = require("./authMiddleware");
+const mcpServer_1 = require("./models/mcpServer");
+const mcpPromptCache_1 = require("./agent/mcpPromptCache");
+const mcpRuntime_1 = require("./agent/mcpRuntime");
+const transportEnum = zod_1.default.enum(['stdio', 'http', 'sse']);
+const urlSchema = zod_1.default
+    .string()
+    .max(1000)
+    .url({ message: 'url must be a valid URL.' })
+    .refine((v) => /^https?:\/\//i.test(v), {
+    message: 'url must use http:// or https:// scheme.',
+});
+const baseSchema = zod_1.default.object({
+    name: zod_1.default.string().min(1).max(100),
+    description: zod_1.default.string().max(500).nullable().optional(),
+    transport: transportEnum.optional(),
+    command: zod_1.default.string().max(500).nullable().optional(),
+    args: zod_1.default.array(zod_1.default.string()).optional(),
+    env: zod_1.default.record(zod_1.default.string(), zod_1.default.string()).optional(),
+    url: urlSchema.nullable().optional(),
+    headers: zod_1.default.record(zod_1.default.string(), zod_1.default.string()).optional(),
+    isEnabled: zod_1.default.boolean().optional(),
+});
+function validateTransportFields(transport, command, url) {
+    if (transport === 'stdio') {
+        if (!command || !command.trim())
+            return 'command is required when transport is "stdio".';
+    }
+    else {
+        if (!url || !url.trim())
+            return `url is required when transport is "${transport}".`;
+    }
+    return null;
+}
+// NOTE: `env` and `headers` may contain secrets (API tokens, credentials, etc.). They are
+// stored at rest in the application database and should be treated as sensitive. List
+// responses redact secret values by default to reduce accidental disclosure; single-record
+// reads return full values so that edit UIs can round-trip the configuration.
+const REDACTED = '***';
+function redactDict(dict) {
+    if (!dict)
+        return {};
+    const out = {};
+    for (const key of Object.keys(dict)) {
+        out[key] = REDACTED;
+    }
+    return out;
+}
+function formatServer(server, options = {}) {
+    const redact = options.redactSecrets === true;
+    return {
+        id: server.id,
+        name: server.name,
+        description: server.description,
+        transport: server.transport,
+        command: server.command,
+        args: server.args,
+        env: redact ? redactDict(server.env) : server.env,
+        url: server.url,
+        headers: redact ? redactDict(server.headers) : server.headers,
+        isEnabled: server.isEnabled,
+        lastConnectedAt: server.lastConnectedAt,
+        lastError: server.lastError,
+        createdAt: server.createdAt,
+        updatedAt: server.updatedAt,
+    };
+}
+function mcpServerRouter() {
+    const router = express_1.default.Router();
+    router.get('/', authMiddleware_1.authMiddleware, async (_req, res) => {
+        const { logger, subscription } = res.locals;
+        try {
+            const servers = await mcpServer_1.MCPServer.findAll({
+                where: { subscriptionId: subscription.id },
+                order: [['name', 'ASC']],
+            });
+            res.json({ servers: servers.map((s) => formatServer(s, { redactSecrets: true })) });
+        }
+        catch (err) {
+            logger.error('Error retrieving MCP servers.', { error: err });
+            res.status(500).json({ error: 'Failed to retrieve MCP servers.' });
+        }
+    });
+    router.post('/', authMiddleware_1.authMiddleware, async (req, res) => {
+        const { logger, subscription } = res.locals;
+        try {
+            const parsed = baseSchema.parse(req.body);
+            const transport = parsed.transport ?? 'stdio';
+            const command = parsed.command ?? null;
+            const url = parsed.url ?? null;
+            const validationError = validateTransportFields(transport, command, url);
+            if (validationError) {
+                return res.status(400).json({ error: validationError });
+            }
+            const server = await mcpServer_1.MCPServer.create({
+                subscriptionId: subscription.id,
+                name: parsed.name.trim(),
+                description: parsed.description ?? null,
+                transport,
+                command,
+                args: parsed.args ?? [],
+                env: parsed.env ?? {},
+                url,
+                headers: parsed.headers ?? {},
+                isEnabled: parsed.isEnabled ?? true,
+            });
+            (0, mcpPromptCache_1.invalidatePromptMcps)(subscription.id);
+            void (0, mcpRuntime_1.invalidateMcpRuntimeForServer)(server.id);
+            res.status(201).json(formatServer(server));
+        }
+        catch (err) {
+            logger.error('Error creating MCP server.', { error: err });
+            if (err instanceof zod_1.default.ZodError) {
+                return res.status(400).json({ error: 'Invalid MCP server data.' });
+            }
+            if (err?.name === 'SequelizeUniqueConstraintError') {
+                return res.status(409).json({ error: 'An MCP server with that name already exists.' });
+            }
+            res.status(500).json({ error: 'Failed to create MCP server.' });
+        }
+    });
+    router.get('/:id', authMiddleware_1.authMiddleware, async (req, res) => {
+        const { logger, subscription } = res.locals;
+        const { id } = req.params;
+        try {
+            const server = await mcpServer_1.MCPServer.findOne({
+                where: { id, subscriptionId: subscription.id },
+            });
+            if (!server) {
+                return res.status(404).json({ error: 'MCP server not found.' });
+            }
+            res.json(formatServer(server));
+        }
+        catch (err) {
+            logger.error('Error retrieving MCP server.', { error: err });
+            res.status(500).json({ error: 'Failed to retrieve MCP server.' });
+        }
+    });
+    router.patch('/:id', authMiddleware_1.authMiddleware, async (req, res) => {
+        const { logger, subscription } = res.locals;
+        const { id } = req.params;
+        try {
+            const parsed = baseSchema.partial().parse(req.body);
+            const server = await mcpServer_1.MCPServer.findOne({
+                where: { id, subscriptionId: subscription.id },
+            });
+            if (!server) {
+                return res.status(404).json({ error: 'MCP server not found.' });
+            }
+            const transport = parsed.transport ?? server.transport;
+            const transportChanged = parsed.transport !== undefined && parsed.transport !== server.transport;
+            // When transport changes, clear fields incompatible with the new transport so
+            // stale credentials/config never persist across a transport switch.
+            const command = transportChanged
+                ? (transport === 'stdio' ? (parsed.command !== undefined ? parsed.command : server.command) : null)
+                : (parsed.command !== undefined ? parsed.command : server.command);
+            const url = transportChanged
+                ? (transport !== 'stdio' ? (parsed.url !== undefined ? parsed.url : server.url) : null)
+                : (parsed.url !== undefined ? parsed.url : server.url);
+            const args = transportChanged && transport !== 'stdio' ? [] : (parsed.args ?? server.args);
+            const env = transportChanged && transport !== 'stdio' ? {} : (parsed.env ?? server.env);
+            const headers = transportChanged && transport === 'stdio' ? {} : (parsed.headers ?? server.headers);
+            const validationError = validateTransportFields(transport, command, url);
+            if (validationError) {
+                return res.status(400).json({ error: validationError });
+            }
+            await server.update({
+                name: parsed.name !== undefined ? parsed.name.trim() : server.name,
+                description: parsed.description !== undefined ? parsed.description : server.description,
+                transport,
+                command,
+                args,
+                env,
+                url,
+                headers,
+                isEnabled: parsed.isEnabled ?? server.isEnabled,
+            });
+            (0, mcpPromptCache_1.invalidatePromptMcps)(subscription.id);
+            void (0, mcpRuntime_1.invalidateMcpRuntimeForServer)(server.id);
+            res.json(formatServer(server));
+        }
+        catch (err) {
+            logger.error('Error updating MCP server.', { error: err });
+            if (err instanceof zod_1.default.ZodError) {
+                return res.status(400).json({ error: 'Invalid MCP server data.' });
+            }
+            if (err?.name === 'SequelizeUniqueConstraintError') {
+                return res.status(409).json({ error: 'An MCP server with that name already exists.' });
+            }
+            res.status(500).json({ error: 'Failed to update MCP server.' });
+        }
+    });
+    router.delete('/:id', authMiddleware_1.authMiddleware, async (req, res) => {
+        const { logger, subscription } = res.locals;
+        const { id } = req.params;
+        try {
+            const server = await mcpServer_1.MCPServer.findOne({
+                where: { id, subscriptionId: subscription.id },
+            });
+            if (!server) {
+                return res.status(404).json({ error: 'MCP server not found.' });
+            }
+            await server.destroy();
+            (0, mcpPromptCache_1.invalidatePromptMcps)(subscription.id);
+            void (0, mcpRuntime_1.invalidateMcpRuntimeForServer)(server.id);
+            res.status(204).send();
+        }
+        catch (err) {
+            logger.error('Error deleting MCP server.', { error: err });
+            res.status(500).json({ error: 'Failed to delete MCP server.' });
+        }
+    });
+    return router;
+}

package/backend-dist/models/mcpServer.js

@@ -0,0 +1,102 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MCPServer = void 0;
+const sequelize_1 = require("sequelize");
+const cuid_1 = __importDefault(require("cuid"));
+const db_1 = require("../db");
+const subscription_1 = require("./subscription");
+class MCPServer extends sequelize_1.Model {
+}
+exports.MCPServer = MCPServer;
+MCPServer.init({
+    id: {
+        type: sequelize_1.DataTypes.STRING,
+        primaryKey: true,
+        allowNull: false,
+        defaultValue: () => (0, cuid_1.default)(),
+    },
+    subscriptionId: {
+        type: sequelize_1.DataTypes.STRING,
+        allowNull: false,
+        field: 'subscription_id',
+        references: {
+            model: subscription_1.Subscription,
+            key: 'id',
+        },
+        onDelete: 'CASCADE',
+        onUpdate: 'CASCADE',
+    },
+    name: {
+        type: sequelize_1.DataTypes.STRING(100),
+        allowNull: false,
+    },
+    description: {
+        type: sequelize_1.DataTypes.STRING(500),
+        allowNull: true,
+    },
+    transport: {
+        type: sequelize_1.DataTypes.STRING(16),
+        allowNull: false,
+        defaultValue: 'stdio',
+    },
+    command: {
+        type: sequelize_1.DataTypes.STRING(500),
+        allowNull: true,
+    },
+    args: {
+        type: sequelize_1.DataTypes.JSON,
+        allowNull: false,
+        defaultValue: [],
+    },
+    env: {
+        type: sequelize_1.DataTypes.JSON,
+        allowNull: false,
+        defaultValue: {},
+    },
+    url: {
+        type: sequelize_1.DataTypes.STRING(1000),
+        allowNull: true,
+    },
+    headers: {
+        type: sequelize_1.DataTypes.JSON,
+        allowNull: false,
+        defaultValue: {},
+    },
+    isEnabled: {
+        type: sequelize_1.DataTypes.BOOLEAN,
+        allowNull: false,
+        defaultValue: true,
+        field: 'is_enabled',
+    },
+    lastConnectedAt: {
+        type: sequelize_1.DataTypes.DATE,
+        allowNull: true,
+        field: 'last_connected_at',
+    },
+    lastError: {
+        type: sequelize_1.DataTypes.TEXT,
+        allowNull: true,
+        field: 'last_error',
+    },
+}, {
+    sequelize: db_1.sequelize,
+    tableName: 'mcp_servers',
+    modelName: 'MCPServer',
+    indexes: [
+        {
+            unique: true,
+            fields: ['subscription_id', 'name'],
+        },
+    ],
+});
+subscription_1.Subscription.hasMany(MCPServer, {
+    foreignKey: 'subscriptionId',
+    as: 'mcpServers',
+});
+MCPServer.belongsTo(subscription_1.Subscription, {
+    foreignKey: 'subscriptionId',
+    as: 'subscription',
+});