overmind-mcp 2.8.22 → 2.8.24

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "overmind-mcp",
-  "version": "2.8.22",
+  "version": "2.8.24",
   "description": "Orchestrateur universel agents IA multi-modeles via MCP. Inclut le protocole 'Custom-Nickname' pour identifier vos agents avec des surnoms originaux (The Chaos Prophet, Shadow Sniper, etc.), l'isolation mémoire (Private Memory Context) et le support pour QwenCli et Nous Hermes. Installation automatique des dépendances Docker (PostgreSQL, pgvector) inclus.",
   "type": "module",
   "main": "dist/index.js",
@@ -18,6 +18,10 @@
       "import": "./dist/index.js",
       "types": "./dist/index.d.ts"
     },
+    "./bridge": {
+      "import": "./dist/bridge/index.js",
+      "types": "./dist/bridge/index.d.ts"
+    },
     "./package.json": "./package.json"
   },
   "files": [

package/scripts/bridge-smoke-test.sh

@@ -1,10 +1,10 @@
 #!/usr/bin/env bash
-# ════════════════════════════════════════════════════════════════════
-# Overmind Bridge — Smoke Test (post-install validation)
-# ════════════════════════════════════════════════════════════════════
+# ============================================================================
+# Overmind Bridge - Smoke Test (post-install validation)
+# ============================================================================
 #
-# Vérifie en moins de 10 secondes qu'un bridge nouvellement installé
-# répond correctement. À lancer après `systemctl start overmind-bridge`.
+# Verifie en moins de 10s qu'un bridge nouvellement installe repond
+# correctement. A lancer apres "systemctl start overmind-bridge".
 #
 # Usage:
 #   ./scripts/bridge-smoke-test.sh
@@ -13,21 +13,21 @@
 #
 # Exit codes:
 #   0 = tous les tests OK
-#   1 = au moins un test a échoué
+#   1 = au moins un test a echoue
 #
-# Dépendances : bash 4+, curl, jq (optionnel mais recommandé)
-# ════════════════════════════════════════════════════════════════════
+# Dependances : bash 4+, curl, jq (optionnel)
+# ============================================================================
 
 set -uo pipefail
 
-# ─── Defaults ──────────────────────────────────────────────────────
+# === Defaults ===
 HOST="127.0.0.1"
 PORT="3100"
-TOKEN=""
+AUTH_TOKEN_VAL=""
 ENV_FILE="/etc/overmind/bridge.env"
 TIMEOUT=5
 
-# ─── Couleurs (auto-désactivées si pas TTY) ────────────────────────
+# === Couleurs, auto-desactivees si pas TTY ===
 if [[ -t 1 ]]; then
   C_RED=$'\033[0;31m'
   C_GREEN=$'\033[0;32m'
@@ -36,16 +36,22 @@ if [[ -t 1 ]]; then
   C_BOLD=$'\033[1m'
   C_RESET=$'\033[0m'
 else
-  C_RED="" C_GREEN="" C_YELLOW="" C_BLUE="" C_BOLD="" C_RESET=""
+  C_RED=""
+  C_GREEN=""
+  C_YELLOW=""
+  C_BLUE=""
+  C_BOLD=""
+  C_RESET=""
 fi
 
-# ─── Args parsing ─────────────────────────────────────────────────
+# === Args parsing ===
 while [[ $# -gt 0 ]]; do
   case "$1" in
-    --host)         HOST="$2"; shift 2 ;;
-    --port)         PORT="$2"; shift 2 ;;
-    --auth-token)   TOKEN="$2"; shift 2 ;;
-    --env-file)     ENV_FILE="$2"; shift 2 ;;
+    --host)       HOST="$2"; shift 2 ;;
+    --port)       PORT="$2"; shift 2 ;;
+    --auth-token) AUTH_TOKEN_VAL="$2"; shift 2 ;;
+    --env-file)   ENV_FILE="$2"; shift 2 ;;
+    --timeout)    TIMEOUT="$2"; shift 2 ;;
     -h|--help)
       sed -n '2,20p' "$0" | sed 's/^# *//'
       exit 0
@@ -57,55 +63,56 @@ while [[ $# -gt 0 ]]; do
   esac
 done
 
-# ─── Load token from env file si pas fourni ───────────────────────
-if [[ -z "$TOKEN" && -f "$ENV_FILE" ]]; then
-  TOKEN=$(grep '^BRIDGE_AUTH_TOKEN=' "$ENV_FILE" | cut -d= -f2- | tr -d '"' | tr -d "'" || true)
+# === Load token from env file si pas fourni ===
+if [[ -z "${AUTH_TOKEN_VAL:-}" && -f "$ENV_FILE" ]]; then
+  AUTH_TOKEN_VAL="$(grep '^BRIDGE_AUTH_TOKEN=' "$ENV_FILE" | cut -d= -f2- | tr -d '"' | tr -d "'" || true)"
 fi
 
 BASE_URL="http://${HOST}:${PORT}"
 PASS=0
 FAIL=0
 
-# ─── Helpers ──────────────────────────────────────────────────────
+# === Helpers ===
 have_jq() { command -v jq >/dev/null 2>&1; }
 
 check() {
   local name="$1"
   local result="$2"
   if [[ "$result" == "ok" ]]; then
-    echo -e "  ${C_GREEN}✓${C_RESET} $name"
+    echo -e "  ${C_GREEN}OK${C_RESET} $name"
     PASS=$((PASS + 1))
   else
-    echo -e "  ${C_RED}✗${C_RESET} $name"
+    echo -e "  ${C_RED}FAIL${C_RESET} $name"
     FAIL=$((FAIL + 1))
   fi
 }
 
 section() {
   echo
-  echo -e "${C_BOLD}${C_BLUE}▶ $1${C_RESET}"
+  echo -e "${C_BOLD}${C_BLUE}>> $1${C_RESET}"
 }
 
-# ─── Banner ───────────────────────────────────────────────────────
-echo -e "${C_BOLD}═══════════════════════════════════════════════════════${C_RESET}"
-echo -e "${C_BOLD}  Overmind Bridge — Smoke Test${C_RESET}"
+# === Banner ===
+echo -e "${C_BOLD}=======================================================${C_RESET}"
+echo -e "${C_BOLD}  Overmind Bridge - Smoke Test${C_RESET}"
 echo -e "${C_BOLD}  Target: ${BASE_URL}${C_RESET}"
-echo -e "${C_BOLD}═══════════════════════════════════════════════════════${C_RESET}"
+echo -e "${C_BOLD}=======================================================${C_RESET}"
 
-# ─── Test 1 : service joignable (TCP) ─────────────────────────────
+# === Test 1 : service joignable ===
 section "1. Reachability"
-if curl -sS --max-time "$TIMEOUT" -o /dev/null -w "%{http_code}" \
-    "$BASE_URL/health" 2>/dev/null | grep -qE '^(200|401|403)$'; then
-  check "HTTP /health répond (200/401/403)" ok
+HTTP_CODE=$(curl -sS --max-time "$TIMEOUT" -o /dev/null -w "%{http_code}" \
+    "$BASE_URL/health" 2>/dev/null || echo "000")
+if echo "$HTTP_CODE" | grep -qE '^(200|401|403)$'; then
+  check "HTTP /health repond [200/401/403]" ok
 else
-  check "HTTP /health ne répond pas — bridge down ?" fail
+  check "HTTP /health ne repond pas - bridge down" fail
   echo
-  echo -e "${C_RED}✗ Bridge inaccessible. Abandon.${C_RESET}"
-  echo -e "  Vérifier : ${C_YELLOW}systemctl status overmind-bridge${C_RESET}"
+  echo -e "${C_RED}Bridge inaccessible. Abandon.${C_RESET}"
+  echo -e "  Verifier : ${C_YELLOW}systemctl status overmind-bridge${C_RESET}"
   exit 1
 fi
 
-# ─── Test 2 : /health retourne un JSON valide ────────────────────
+# === Test 2 : /health retourne un JSON valide ===
 section "2. /health endpoint"
 HEALTH_BODY=$(curl -sS --max-time "$TIMEOUT" "$BASE_URL/health" 2>/dev/null || true)
 
@@ -115,30 +122,30 @@ else
   HEALTH_STATUS=$(echo "$HEALTH_BODY" | grep -oE '"status"[[:space:]]*:[[:space:]]*"[^"]+"' | head -1 | cut -d'"' -f4)
 fi
 
-if [[ -n "$HEALTH_STATUS" && "$HEALTH_STATUS" != "missing" ]]; then
-  check "/health expose un status ($HEALTH_STATUS)" ok
+if [[ -n "${HEALTH_STATUS:-}" && "$HEALTH_STATUS" != "missing" ]]; then
+  check "/health expose un status : $HEALTH_STATUS" ok
 else
-  check "/health n'expose pas de status — endpoint cassé ?" fail
+  check "/health n expose pas de status - endpoint casse" fail
 fi
 
-# ─── Build AUTH_HEADER array for reuse ───────────────────────────
+# === Build AUTH_HEADER array for reuse ===
 AUTH_HEADER=()
-if [[ -n "$TOKEN" ]]; then
-  AUTH_HEADER=(-H "Authorization: Bearer $TOKEN")
+if [[ -n "${AUTH_TOKEN_VAL:-}" ]]; then
+  AUTH_HEADER=(-H "Authorization: Bearer ${AUTH_TOKEN_VAL}")
 fi
 
-# ─── Test 3 : auth requise si token configuré ────────────────────
+# === Test 3 : auth requise si token configure ===
 section "3. Authentication"
-if [[ -n "$TOKEN" ]]; then
+if [[ -n "${AUTH_TOKEN_VAL:-}" ]]; then
   HTTP_NO_AUTH=$(curl -sS --max-time "$TIMEOUT" -o /dev/null -w "%{http_code}" \
     -X POST "$BASE_URL/rpc" \
     -H 'Content-Type: application/json' \
     -d '{"jsonrpc":"2.0","id":1,"method":"health.ping","params":{}}' 2>/dev/null || echo "000")
 
   if [[ "$HTTP_NO_AUTH" == "401" ]]; then
-    check "Sans token → 401 (auth actif)" ok
+    check "Sans token -> 401, auth actif" ok
   else
-    check "Sans token → $HTTP_NO_AUTH (attendu: 401)" fail
+    check "Sans token -> $HTTP_NO_AUTH [attendu: 401]" fail
   fi
 
   HTTP_WITH_AUTH=$(curl -sS --max-time "$TIMEOUT" -o /dev/null -w "%{http_code}" \
@@ -148,9 +155,9 @@ if [[ -n "$TOKEN" ]]; then
     -d '{"jsonrpc":"2.0","id":1,"method":"health.ping","params":{}}' 2>/dev/null || echo "000")
 
   if [[ "$HTTP_WITH_AUTH" == "200" ]]; then
-    check "Avec token → 200 (auth OK)" ok
+    check "Avec token -> 200, auth OK" ok
   else
-    check "Avec token → $HTTP_WITH_AUTH (attendu: 200)" fail
+    check "Avec token -> $HTTP_WITH_AUTH [attendu: 200]" fail
   fi
 else
   HTTP_OPEN=$(curl -sS --max-time "$TIMEOUT" -o /dev/null -w "%{http_code}" \
@@ -159,13 +166,13 @@ else
     -d '{"jsonrpc":"2.0","id":1,"method":"health.ping","params":{}}' 2>/dev/null || echo "000")
 
   if [[ "$HTTP_OPEN" == "200" ]]; then
-    check "/rpc ouvert (auth non configurée)" ok
+    check "/rpc ouvert, auth non configuree" ok
   else
-    check "/rpc ouvert → $HTTP_OPEN (attendu: 200)" fail
+    check "/rpc ouvert -> $HTTP_OPEN [attendu: 200]" fail
   fi
 fi
 
-# ─── Test 4 : health.ping RPC ────────────────────────────────────
+# === Test 4 : health.ping RPC ===
 section "4. JSON-RPC methods"
 PING_BODY=$(curl -sS --max-time "$TIMEOUT" \
   "${AUTH_HEADER[@]}" \
@@ -174,12 +181,12 @@ PING_BODY=$(curl -sS --max-time "$TIMEOUT" \
   -d '{"jsonrpc":"2.0","id":1,"method":"health.ping","params":{}}' 2>/dev/null || true)
 
 if echo "$PING_BODY" | grep -q '"pong"[[:space:]]*:[[:space:]]*true'; then
-  check "RPC health.ping répond" ok
+  check "RPC health.ping repond" ok
 else
-  check "RPC health.ping échoue — body: ${PING_BODY:0:100}" fail
+  check "RPC health.ping echoue - body: ${PING_BODY:0:100}" fail
 fi
 
-# ─── Test 5 : JSON-RPC validation (params invalides) ─────────────
+# === Test 5 : JSON-RPC validation (params invalides) ===
 section "5. Error handling"
 INVALID_BODY=$(curl -sS --max-time "$TIMEOUT" \
   "${AUTH_HEADER[@]}" \
@@ -188,44 +195,44 @@ INVALID_BODY=$(curl -sS --max-time "$TIMEOUT" \
   -d '{"jsonrpc":"2.0","id":1,"method":"agent.run","params":{}}' 2>/dev/null || true)
 
 if echo "$INVALID_BODY" | grep -q '"code"[[:space:]]*:[[:space:]]*-32602'; then
-  check "Params invalides → -32602 (Invalid params)" ok
+  check "Params invalides -> -32602 Invalid params" ok
 else
-  check "Params invalides — code attendu: -32602, reçu: $INVALID_BODY" fail
+  check "Params invalides - code attendu: -32602, recu: $INVALID_BODY" fail
 fi
 
-# ─── Test 6 : batch request ──────────────────────────────────────
+# === Test 6 : batch request ===
 section "6. Batch RPC"
 BATCH_BODY=$(curl -sS --max-time "$TIMEOUT" \
   "${AUTH_HEADER[@]}" \
   -H 'Content-Type: application/json' \
   -X POST "$BASE_URL/rpc" \
-  -d '[
-    {"jsonrpc":"2.0","id":1,"method":"health.ping","params":{}},
-    {"jsonrpc":"2.0","id":2,"method":"health.ping","params":{}}
+  -d '[\
+    {"jsonrpc":"2.0","id":1,"method":"health.ping","params":{}},\
+    {"jsonrpc":"2.0","id":2,"method":"health.ping","params":{}}\
   ]' 2>/dev/null || true)
 
 BATCH_COUNT=$(echo "$BATCH_BODY" | grep -oE '"id"[[:space:]]*:[[:space:]]*[12]' | wc -l | tr -d ' ')
 if [[ "$BATCH_COUNT" == "2" ]]; then
-  check "Batch RPC retourne 2 réponses" ok
+  check "Batch RPC retourne 2 reponses" ok
 else
-  check "Batch RPC — reçu: $BATCH_COUNT réponses (attendu: 2)" fail
+  check "Batch RPC - recu: $BATCH_COUNT reponses [attendu: 2]" fail
 fi
 
-# ─── Résumé ───────────────────────────────────────────────────────
+# === Resume ===
 echo
-echo -e "${C_BOLD}═══════════════════════════════════════════════════════${C_RESET}"
+echo -e "${C_BOLD}=======================================================${C_RESET}"
 if [[ $FAIL -eq 0 ]]; then
-  echo -e "${C_GREEN}${C_BOLD}  ✓ $PASS tests OK, 0 échec${C_RESET}"
-  echo -e "${C_GREEN}  Bridge opérationnel sur ${BASE_URL}${C_RESET}"
-  echo -e "${C_BOLD}═══════════════════════════════════════════════════════${C_RESET}"
+  echo -e "${C_GREEN}${C_BOLD}  OK $PASS tests OK, 0 echec${C_RESET}"
+  echo -e "${C_GREEN}  Bridge operationnel sur ${BASE_URL}${C_RESET}"
+  echo -e "${C_BOLD}=======================================================${C_RESET}"
   exit 0
 else
-  echo -e "${C_RED}${C_BOLD}  ✗ $FAIL échec(s), $PASS tests OK${C_RESET}"
+  echo -e "${C_RED}${C_BOLD}  FAIL $FAIL echec(s), $PASS tests OK${C_RESET}"
   echo
   echo -e "  ${C_YELLOW}Diagnostic :${C_RESET}"
   echo -e "    1. ${C_YELLOW}systemctl status overmind-bridge${C_RESET}"
   echo -e "    2. ${C_YELLOW}journalctl -u overmind-bridge -n 100${C_RESET}"
   echo -e "    3. ${C_YELLOW}curl -v $BASE_URL/health${C_RESET}"
-  echo -e "${C_BOLD}═══════════════════════════════════════════════════════${C_RESET}"
+  echo -e "${C_BOLD}=======================================================${C_RESET}"
   exit 1
 fi

package/scripts/post-bridge-embed.py

@@ -0,0 +1,179 @@
+#!/usr/bin/env python3
+"""Post l'embed du wrapper Overmind Bridge sur Discord."""
+import os
+import json
+import urllib.request
+import urllib.error
+
+# Récupère le token depuis .env
+env_path = r"C:\Users\Deamon\Desktop\Backup\Serveur MCP\discord_llm\.env"
+TOKEN_PREFIX = "DISCORD_BOT_TOKEN"
+token = None
+with open(env_path, 'r', encoding='utf-8') as f:
+    for line in f:
+        if line.startswith(TOKEN_PREFIX + "="):
+            token = line.split('=', 1)[1].strip()
+            break
+if not token:
+    raise SystemExit("Token non trouve dans .env")
+
+CHANNEL_ID = "1491078210279182500"
+
+embed = {
+    "title": "🌉 Overmind Bridge — Couche RPC unifiée",
+    "description": (
+        "Couche **JSON-RPC 2.0** stable au-dessus du serveur MCP Overmind.\n"
+        "Transforme n'importe quel client HTTP (curl, Discord, SMS, autre agent) "
+        "en orchestrateur multi-agents avec **15 methodes RPC**, session store, "
+        "circuit breaker, retry, et webhook adapter prets a l'emploi.\n\n"
+        "Paquetage prod : `import { ... } from 'overmind-mcp/bridge'`"
+    ),
+    "color": 0x5865F2,
+    "fields": [
+        {
+            "name": "⚡ Demarrage rapide",
+            "value": (
+                "```\n"
+                "POST /rpc\n"
+                "Content-Type: application/json\n\n"
+                "{\n"
+                '  "jsonrpc": "2.0",\n'
+                '  "id": 1,\n'
+                '  "method": "agent.run",\n'
+                '  "params": {\n'
+                '    "agentName": "sniperbot_analyst",\n'
+                '    "runner": "hermes",\n'
+                '    "prompt": "...",\n'
+                '    "externalKey": "+1418..."\n'
+                "  }\n"
+                "}\n"
+                "```"
+            ),
+            "inline": False
+        },
+        {
+            "name": "📚 15 methodes RPC (5 categories)",
+            "value": (
+                "▸ **Health** : `health.ping`\n"
+                "▸ **Agent** : `agent.run` · `agent.a2a` · `agent.status` · `agent.list` · `agent.kill`\n"
+                "▸ **MessageLog** : `message.history` · `message.get` · `message.replay` · `message.stats`\n"
+                "▸ **Session** : `session.get` · `session.list` · `session.delete` · `session.stats`\n"
+                "▸ **Webhook** : `webhook.sms` (voipms · twilio · discord · generic)"
+            ),
+            "inline": False
+        },
+        {
+            "name": "🛡️ Features production",
+            "value": (
+                "✅ Circuit breaker (5 echecs → open 30s)\n"
+                "✅ Triple timeout (connect + body + per-chunk)\n"
+                "✅ Retry auto sur ETIMEDOUT/EBODYREAD/ECONNRESET\n"
+                "✅ SessionStore multi-tenant (phone, userId, channelId)\n"
+                "✅ DirectiveParser (auto-update SESSION_ID: reponse)\n"
+                "✅ AgentRegistry + mutex (1 run par agent)\n"
+                "✅ MessageLog Postgres (optionnel)\n"
+                "✅ Path traversal bloque\n"
+                "✅ JSON-RPC 2.0 strict (batch + error codes)"
+            ),
+            "inline": False
+        },
+        {
+            "name": "🏗️ Architecture (3 couches)",
+            "value": (
+                "```\n"
+                "Client → BridgeProxy\n"
+                "            ↓\n"
+                "        OverBridgeService (session + types)\n"
+                "            ↓\n"
+                "        OverBridgeServer (HTTP + /rpc + /webhook)\n"
+                "            ↓\n"
+                "        Overmind MCP :3099 (run_agent)\n"
+                "```"
+            ),
+            "inline": False
+        },
+        {
+            "name": "📊 Codes d'erreur (JSON-RPC 2.0)",
+            "value": (
+                "▸ `-32700` PARSE_ERROR (JSON malforme)\n"
+                "▸ `-32600` INVALID_REQUEST\n"
+                "▸ `-32601` METHOD_NOT_FOUND\n"
+                "▸ `-32602` INVALID_PARAMS\n"
+                "▸ `-32603` INTERNAL_ERROR\n"
+                "▸ `-32003` FEATURE_DISABLED (ex: MessageLog off)\n"
+                "▸ `-32004` NOT_FOUND (ex: UUID inconnu)"
+            ),
+            "inline": False
+        },
+        {
+            "name": "🔌 Endpoints HTTP",
+            "value": (
+                "▸ `POST /rpc` — JSON-RPC 2.0 principal\n"
+                "▸ `GET  /health` — Liveness probe (K8s/Docker)\n"
+                "▸ `POST /webhook/:provider` — voipms/twilio/discord/generic\n"
+                "▸ `GET  /f/:filename` — Static files (path traversal bloque)"
+            ),
+            "inline": False
+        },
+        {
+            "name": "🚀 Clients deja migres",
+            "value": (
+                "✅ **discord_llm v5.0** — 100% aligne sur le wrapper, expose `/rpc` + 11 methodes testees sur sniperbot_analyst\n"
+                "🔄 **bt-sms** — migration prevue (copy-paste du pattern discord_llm)"
+            ),
+            "inline": False
+        },
+        {
+            "name": "🧪 Test live (sniperbot_analyst)",
+            "value": (
+                "```bash\n"
+                "# 1. Run agent avec session multi-tenant\n"
+                "curl -X POST http://127.0.0.1:3001/rpc -d '...agent.run...'\n"
+                "# 2. A2A loopback\n"
+                "curl -X POST http://127.0.0.1:3001/rpc -d '...agent.a2a...'\n"
+                "# 3. Webhook VoIP.ms → auto-dispatch\n"
+                "curl -X POST http://127.0.0.1:3001/rpc -d '...webhook.sms...'\n"
+                "```\n"
+                "Tous testes ✅ sur discord_llm v5.0"
+            ),
+            "inline": False
+        }
+    ],
+    "footer": {
+        "text": "Overmind Bridge v5.0 · discord_llm v5.0 · sniperbot_analyst sur runner=hermes (glm-5.1)"
+    }
+}
+
+payload = {"embeds": [embed]}
+data = json.dumps(payload).encode('utf-8')
+
+req = urllib.request.Request(
+    f"https://discord.com/api/v10/channels/{CHANNEL_ID}/messages",
+    data=data,
+    method='POST',
+    headers={
+        'Authorization': f'Bot {token}',
+        'Content-Type': 'application/json',
+        'User-Agent': 'DiscordBot (overmind-bridge, 5.0.0)',
+    }
+)
+
+try:
+    with urllib.request.urlopen(req, timeout=30) as resp:
+        body = resp.read().decode('utf-8')
+        result = json.loads(body)
+        print(f"OK: embed poste")
+        print(f"  message_id = {result.get('id')}")
+        print(f"  channel_id = {result.get('channel_id')}")
+        guild = result.get('guild_id')
+        if guild:
+            print(f"  url        = https://discord.com/channels/{guild}/{result.get('channel_id')}/{result.get('id')}")
+        else:
+            print(f"  url        = https://discord.com/channels/@me/{result.get('channel_id')}/{result.get('id')}")
+except urllib.error.HTTPError as e:
+    print(f"ERREUR HTTP {e.code}: {e.reason}")
+    try:
+        print(f"  body: {e.read().decode('utf-8')[:1000]}")
+    except: pass
+except Exception as e:
+    print(f"ERREUR: {e}")

package/scripts/test-wrapper-rpc.mjs

@@ -0,0 +1,234 @@
+#!/usr/bin/env node
+/**
+ * Test standalone des nouvelles fonctionnalités RPC du wrapper.
+ *
+ * Lance un OverBridgeServer sur :3100 qui pointe vers le MCP live (:3099)
+ * et exerce chaque méthode RPC documentée.
+ *
+ * Usage: node scripts/test-wrapper-rpc.mjs
+ */
+
+import { OverBridgeService, OverBridgeServer } from '../dist/bridge/index.js';
+
+const WRAPPER_PORT = 3100;
+const UPSTREAM_MCP = process.env.MCP_URL || 'http://localhost:3099/mcp';
+const BASE = `http://127.0.0.1:${WRAPPER_PORT}`;
+let pass = 0;
+let fail = 0;
+const results = [];
+
+const service = new OverBridgeService(
+  { mcpUrl: UPSTREAM_MCP, defaultTimeoutMs: 60_000, agentTimeoutMs: 180_000 },
+  {
+    debug: (m) => console.log(`  [debug] ${m}`),
+    info: (m) => console.log(`  [info] ${m}`),
+    warn: (m) => console.log(`  [warn] ${m}`),
+    error: (m) => console.log(`  [error] ${m}`),
+  },
+);
+
+const server = new OverBridgeServer(
+  service,
+  {
+    port: WRAPPER_PORT,
+    host: '127.0.0.1',
+    postgres: {
+      host: 'localhost', port: 5432, user: 'postgres', password: '', database: 'overmind_memory',
+    },
+    enableMessageLog: false,    // on désactive MessageLog (pas de Postgres ici)
+    enableSessionStore: true,    // multi-tenant (in-memory)
+    enableDirectives: true,
+    enableWebhooks: true,
+    healthCheckIntervalMs: 0,    // pas de heartbeat
+    jsonBodyLimit: '5mb',
+  },
+  {
+    debug: () => {},
+    info: (m) => console.log(`  [server] ${m}`),
+    warn: (m) => console.log(`  [server.warn] ${m}`),
+    error: (m) => console.log(`  [server.error] ${m}`),
+  },
+);
+
+async function rpc(method, params = {}, id = 1) {
+  const res = await fetch(`${BASE}/rpc`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json', 'Accept': 'application/json' },
+    body: JSON.stringify({ jsonrpc: '2.0', id, method, params }),
+  });
+  return await res.json();
+}
+
+function check(name, ok, detail = '') {
+  if (ok) { pass++; results.push(`  PASS  ${name}${detail ? ' - ' + detail : ''}`); }
+  else    { fail++; results.push(`  FAIL  ${name}${detail ? ' - ' + detail : ''}`); }
+}
+
+async function main() {
+  console.log('═══════════════════════════════════════════════════════');
+  console.log('  Test Standalone - Wrapper RPC');
+  console.log(`  Wrapper: ${BASE}/rpc`);
+  console.log(`  Upstream MCP: ${UPSTREAM_MCP}`);
+  console.log('═══════════════════════════════════════════════════════');
+
+  await server.start();
+  console.log('');
+
+  // ─── 1. health.ping ──────────────────────────────────────────
+  {
+    const r = await rpc('health.ping');
+    check('health.ping', r.result?.pong === true, `pong=${r.result?.pong}`);
+  }
+
+  // ─── 2. agent.list (filtre runner=hermes) ───────────────────
+  {
+    const r = await rpc('agent.list', { runner: 'hermes' });
+    const agents = JSON.parse(r.result?.agents?.[0] || '[]');
+    // Le retour est wrappé dans content[0].text (format MCP).
+    // On accepte si pas d'erreur.
+    check('agent.list (runner=hermes)', !r.error, `agents.length=${r.result?.stats?.total}`);
+  }
+
+  // ─── 3. agent.status (state local) ──────────────────────────
+  {
+    const r = await rpc('agent.status', { agentName: 'sniperbot_analyst' });
+    const hasLocal = r.result?.local !== undefined;
+    check('agent.status', hasLocal, hasLocal ? `status=${r.result.local.status}` : JSON.stringify(r).slice(0,200));
+  }
+
+  // ─── 4. agent.run AVEC externalKey (SessionStore) ──────────
+  {
+    const r = await rpc('agent.run', {
+      agentName: 'sniperbot_analyst',
+      runner: 'hermes',
+      prompt: 'Test SessionStore — reponds juste OK',
+      externalKey: 'sniper-test-phone-001',
+    });
+    const hasSession = r.result?.sessionId !== undefined;
+    check('agent.run + externalKey', hasSession && !r.error?.message?.includes('Invalid'),
+      `sessionId=${r.result?.sessionId}, content[0]=${r.result?.content?.[0]?.text?.slice(0,80)}`);
+  }
+
+  // ─── 5. session.get ───────────────────────────────────────
+  {
+    const r = await rpc('session.get', {
+      externalKey: 'sniper-test-phone-001',
+      agentName: 'sniperbot_analyst',
+    });
+    const found = r.result?.session !== null && r.result?.session !== undefined;
+    check('session.get', found, `sessionId=${r.result?.session?.sessionId?.slice(0,20)}...`);
+  }
+
+  // ─── 6. session.list ──────────────────────────────────────
+  {
+    const r = await rpc('session.list', {});
+    const list = r.result?.sessions || [];
+    check('session.list', Array.isArray(list) && list.length > 0, `count=${list.length}`);
+  }
+
+  // ─── 7. session.stats ─────────────────────────────────────
+  {
+    const r = await rpc('session.stats', {});
+    const total = r.result?.total;
+    check('session.stats', typeof total === 'number', `total=${total}, byAgent=${JSON.stringify(r.result?.byAgent)}`);
+  }
+
+  // ─── 8. webhook.sms avec autoDispatch (voipms → sniperbot) ─
+  {
+    const r = await rpc('webhook.sms', {
+      provider: 'voipms',
+      payload: {
+        from: '+14181234567',
+        to: '+14187654321',
+        message: 'BTC test via webhook',
+        id: 'msg-test-001',
+        date: new Date().toISOString(),
+      },
+      externalKey: 'sniper-test-phone-001',
+      autoDispatch: {
+        agentName: 'sniperbot_analyst',
+        runner: 'hermes',
+      },
+    });
+    const dispatched = r.result?.messageId !== undefined || r.result?.content !== undefined;
+    check('webhook.sms + autoDispatch', dispatched || !r.error,
+      dispatched ? `messageId=${r.result?.messageId?.slice(0,8)}...` : JSON.stringify(r).slice(0,200));
+  }
+
+  // ─── 9. batch RPC (array de 3 requêtes) ───────────────────
+  {
+    const batch = await fetch(`${BASE}/rpc`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify([
+        { jsonrpc: '2.0', id: 1, method: 'health.ping', params: {} },
+        { jsonrpc: '2.0', id: 2, method: 'health.ping', params: {} },
+        { jsonrpc: '2.0', id: 3, method: 'health.ping', params: {} },
+      ]),
+    });
+    const arr = await batch.json();
+    const allOk = Array.isArray(arr) && arr.length === 3 && arr.every((r) => r.result?.pong === true);
+    check('batch RPC (3 requêtes)', allOk, `count=${arr.length}`);
+  }
+
+  // ─── 10. method unknown → -32601 ──────────────────────────
+  {
+    const r = await rpc('does.not.exist', {});
+    check('method unknown → -32601', r.error?.code === -32601, `code=${r.error?.code}`);
+  }
+
+  // ─── 11. params invalides → -32602 ────────────────────────
+  {
+    const r = await rpc('agent.run', {});  // manque agentName, runner, prompt
+    check('params invalides → -32602', r.error?.code === -32602, `code=${r.error?.code}, issues=${r.error?.data?.length || 0}`);
+  }
+
+  // ─── 12. /health endpoint HTTP ────────────────────────────
+  {
+    const r = await fetch(`${BASE}/health`).then((r) => r.json());
+    const hasFields = r.status && r.mcp && r.features !== undefined;
+    check('GET /health', hasFields, `status=${r.status}, features.sessionStore=${r.features?.sessionStore}`);
+  }
+
+  // ─── 13. /webhook/:provider endpoint HTTP ───────────────────
+  {
+    const r = await fetch(`${BASE}/webhook/voipms`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ from: '+14181112222', message: 'hi', id: 'm1' }),
+    });
+    const j = await r.json();
+    check('POST /webhook/voipms', j.received === true, `provider=${j.provider}, externalKey=${j.externalKey}`);
+  }
+
+  // ─── 14. path traversal bloqué sur /f/ ────────────────────
+  {
+    const r = await fetch(`${BASE}/f/..%2Fetc%2Fpasswd`);
+    const status = r.status;
+    check('path traversal bloqué', status === 403 || status === 400, `status=${status}`);
+  }
+
+  // ─── 15. session.delete ───────────────────────────────────
+  {
+    const r = await rpc('session.delete', {
+      externalKey: 'sniper-test-phone-001',
+      agentName: 'sniperbot_analyst',
+    });
+    check('session.delete', r.result?.deleted === true, `deleted=${r.result?.deleted}`);
+  }
+
+  // ─── Cleanup ─────────────────────────────────────────────
+  await server.stop();
+  console.log('');
+  console.log('═══════════════════════════════════════════════════════');
+  for (const line of results) console.log(line);
+  console.log('═══════════════════════════════════════════════════════');
+  console.log(`  ${pass} pass, ${fail} fail`);
+  console.log('═══════════════════════════════════════════════════════');
+  process.exit(fail > 0 ? 1 : 0);
+}
+
+main().catch((err) => {
+  console.error('FATAL:', err);
+  process.exit(1);
+});