npm - protect-mcp - Versions diffs - 0.4.2 → 0.4.3 - Mend

protect-mcp 0.4.2 → 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/README.md +1 -1
package/dist/{chunk-7HBHIKLN.mjs → chunk-VF3OCG4D.mjs} +422 -9
package/dist/{chunk-VWUN6AI6.mjs → chunk-VIA2B65K.mjs} +1 -1
package/dist/cli.js +690 -93
package/dist/cli.mjs +183 -7
package/dist/{http-transport-RIVV2RVQ.mjs → http-transport-VLIPOPIC.mjs} +1 -1
package/dist/index.d.mts +1429 -2
package/dist/index.d.ts +1429 -2
package/dist/index.js +1728 -25
package/dist/index.mjs +1273 -3
package/package.json +4 -3
package/policies/cedar/clinejection.cedar +50 -0
package/policies/cedar/terraform-destroy.cedar +44 -0
package/policies/clinejection.json +6 -0
package/policies/data-exfiltration.json +6 -0
package/policies/financial-safe.json +8 -0
package/policies/github-mcp-hijack.json +6 -0
package/policies/terraform-destroy.json +6 -0

package/dist/cli.mjs CHANGED Viewed

@@ -3,13 +3,15 @@ import {
   formatSimulation,
   parseLogFile,
   simulate
-} from "./chunk-VWUN6AI6.mjs";
+} from "./chunk-VIA2B65K.mjs";
 import {
   ProtectGateway,
   initSigning,
+  isCedarAvailable,
+  loadCedarPolicies,
   loadPolicy,
   validateCredentials
-} from "./chunk-7HBHIKLN.mjs";
+} from "./chunk-VF3OCG4D.mjs";
 // src/cli.ts
 function printHelp() {
@@ -31,6 +33,7 @@ Usage:
 Options:
   --policy <path>   Policy/config JSON file (default: allow-all)
+  --cedar <dir>     Cedar policy directory (alternative to --policy, evaluates locally via WASM)
   --slug <slug>     ScopeBlind tenant slug (optional)
   --enforce         Enable enforcement mode (default: shadow mode)
   --http            Start HTTP/SSE server instead of stdio proxy
@@ -42,6 +45,7 @@ Commands:
   quickstart        Zero-config onboarding: init + demo + show receipts in one command
   init              Generate config template, Ed25519 keypair, and sample policy
   demo              Start a demo server wrapped with protect-mcp (see receipts instantly)
+  doctor            Check your setup: keys, policies, verifier, API connectivity
   trace <id>        Visualize the receipt DAG from a given receipt_id (ASCII tree)
   status            Show tool call statistics from the local decision log
   digest            Generate a human-readable summary of agent activity
@@ -64,6 +68,7 @@ Examples:
 }
 function parseArgs(argv) {
   let policyPath;
+  let cedarDir;
   let slug;
   let enforce = false;
   let verbose = false;
@@ -88,6 +93,8 @@ function parseArgs(argv) {
       process.exit(0);
     } else if (arg === "--policy" && i + 1 < options.length) {
       policyPath = options[++i];
+    } else if (arg === "--cedar" && i + 1 < options.length) {
+      cedarDir = options[++i];
     } else if (arg === "--slug" && i + 1 < options.length) {
       slug = options[++i];
     } else if (arg === "--enforce") {
@@ -99,7 +106,7 @@ function parseArgs(argv) {
 `);
     }
   }
-  return { policyPath, slug, enforce, verbose, childCommand };
+  return { policyPath, cedarDir, slug, enforce, verbose, childCommand };
 }
 async function handleInit(argv) {
   const { writeFileSync, existsSync, mkdirSync } = await import("fs");
@@ -733,7 +740,7 @@ async function handleTrace(argv) {
     process.stderr.write("[PROTECT_MCP] Usage: protect-mcp trace <receipt_id> [--endpoint <url>] [--depth <n>]\n");
     process.exit(1);
   }
-  let endpoint = "https://evidence-indexer.tomjwxf.workers.dev";
+  let endpoint = "https://api.scopeblind.com/evidence";
   let depth = 3;
   for (let i = 1; i < argv.length; i++) {
     if (argv[i] === "--endpoint" && argv[i + 1]) {
@@ -983,12 +990,57 @@ async function main() {
     await handleReport(args.slice(1));
     process.exit(0);
   }
-  const { policyPath, slug, enforce, verbose, childCommand } = parseArgs(args);
+  if (args[0] === "doctor") {
+    await handleDoctor();
+    process.exit(0);
+  }
+  const { policyPath, cedarDir, slug, enforce, verbose, childCommand } = parseArgs(args);
   let policy = null;
   let policyDigest = "none";
   let credentials;
   let signing;
-  if (policyPath) {
+  let cedarPolicySet = null;
+  let effectiveCedarDir = cedarDir;
+  if (!effectiveCedarDir && !policyPath) {
+    const { existsSync, readdirSync } = await import("fs");
+    for (const candidate of ["cedar", "policies", "."]) {
+      try {
+        if (existsSync(candidate) && readdirSync(candidate).some((f) => f.endsWith(".cedar"))) {
+          effectiveCedarDir = candidate;
+          process.stderr.write(`[PROTECT_MCP] Auto-detected Cedar policies in ./${candidate}/
+`);
+          break;
+        }
+      } catch {
+      }
+    }
+  }
+  if (effectiveCedarDir) {
+    try {
+      const cedarAvailable = await isCedarAvailable();
+      if (!cedarAvailable) {
+        process.stderr.write("[PROTECT_MCP] Warning: @cedar-policy/cedar-wasm not installed. Install with: npm install @cedar-policy/cedar-wasm\n");
+        process.stderr.write("[PROTECT_MCP] Cedar policies will be loaded but evaluated with fallback (allow-all).\n");
+      }
+      cedarPolicySet = loadCedarPolicies(effectiveCedarDir);
+      policyDigest = cedarPolicySet.digest;
+      policy = {
+        tools: { "*": { require: "any" } },
+        policy_engine: "cedar",
+        cedar_dir: effectiveCedarDir
+      };
+      process.stderr.write(`[PROTECT_MCP] Cedar policy engine: loaded ${cedarPolicySet.fileCount} policies from ${effectiveCedarDir} (digest: ${policyDigest})
+`);
+      if (verbose) {
+        process.stderr.write(`[PROTECT_MCP] Cedar files: ${cedarPolicySet.files.join(", ")}
+`);
+      }
+    } catch (err) {
+      process.stderr.write(`[PROTECT_MCP] Error loading Cedar policies: ${err instanceof Error ? err.message : err}
+`);
+      process.exit(1);
+    }
+  } else if (policyPath) {
     try {
       const loaded = loadPolicy(policyPath);
       policy = loaded.policy;
@@ -1034,11 +1086,14 @@ async function main() {
   if (useHttp) {
     const portIdx = args.indexOf("--port");
     const httpPort = portIdx >= 0 && args[portIdx + 1] ? parseInt(args[portIdx + 1]) : 3e3;
-    const { startHttpTransport } = await import("./http-transport-RIVV2RVQ.mjs");
+    const { startHttpTransport } = await import("./http-transport-VLIPOPIC.mjs");
     startHttpTransport({ port: httpPort, config, serverCommand: childCommand });
     return;
   }
   const gateway = new ProtectGateway(config);
+  if (cedarPolicySet) {
+    gateway.setCedarPolicies(cedarPolicySet);
+  }
   await gateway.start();
 }
 async function handleSimulate(args) {
@@ -1083,6 +1138,127 @@ async function handleSimulate(args) {
     process.stdout.write(formatSimulation(summary) + "\n");
   }
 }
+async function handleDoctor() {
+  const { existsSync, readFileSync, readdirSync } = await import("fs");
+  const { join } = await import("path");
+  const { execSync } = await import("child_process");
+  const green2 = (s) => `\x1B[32m\u2713\x1B[0m ${s}`;
+  const red2 = (s) => `\x1B[31m\u2717\x1B[0m ${s}`;
+  const yellow2 = (s) => `\x1B[33m\u26A0\x1B[0m ${s}`;
+  const dim2 = (s) => `\x1B[2m${s}\x1B[0m`;
+  process.stdout.write("\n\x1B[1mprotect-mcp doctor\x1B[0m\n");
+  process.stdout.write(dim2("Checking your ScopeBlind setup...\n\n"));
+  let issues = 0;
+  const nodeVersion = process.version;
+  const major = parseInt(nodeVersion.slice(1));
+  if (major >= 18) {
+    process.stdout.write(green2(`Node.js ${nodeVersion}
+`));
+  } else {
+    process.stdout.write(red2(`Node.js ${nodeVersion} \u2014 requires >= 18
+`));
+    issues++;
+  }
+  const configPath = join(process.cwd(), "scopeblind.config.json");
+  if (existsSync(configPath)) {
+    try {
+      const config = JSON.parse(readFileSync(configPath, "utf-8"));
+      if (config.signing?.private_key || config.signing?.key_file) {
+        process.stdout.write(green2("Signing keys configured\n"));
+      } else {
+        process.stdout.write(yellow2("Config found but no signing keys \u2014 run: protect-mcp init\n"));
+        issues++;
+      }
+    } catch {
+      process.stdout.write(red2("Invalid scopeblind.config.json\n"));
+      issues++;
+    }
+  } else {
+    process.stdout.write(yellow2("No scopeblind.config.json \u2014 run: protect-mcp init\n"));
+  }
+  let policyFound = false;
+  for (const dir of ["cedar", "policies", "."]) {
+    try {
+      if (existsSync(dir) && readdirSync(dir).some((f) => f.endsWith(".cedar"))) {
+        process.stdout.write(green2(`Cedar policies found in ./${dir}/
+`));
+        policyFound = true;
+        break;
+      }
+    } catch {
+    }
+  }
+  if (!policyFound) {
+    for (const name of ["policy.json", "protect-mcp.policy.json", "scopeblind-policy.json"]) {
+      if (existsSync(name)) {
+        process.stdout.write(green2(`JSON policy found: ${name}
+`));
+        policyFound = true;
+        break;
+      }
+    }
+  }
+  if (!policyFound) {
+    process.stdout.write(yellow2("No policy files found \u2014 running in shadow mode (allow all)\n"));
+  }
+  try {
+    const cedarAvailable = await isCedarAvailable();
+    if (cedarAvailable) {
+      process.stdout.write(green2("Cedar WASM engine available\n"));
+    } else {
+      process.stdout.write(dim2("  Cedar WASM not installed \u2014 install: npm install @cedar-policy/cedar-wasm\n"));
+    }
+  } catch {
+    process.stdout.write(dim2("  Cedar WASM not installed\n"));
+  }
+  const logFile = join(process.cwd(), "protect-mcp-decisions.jsonl");
+  const receiptFile = join(process.cwd(), "protect-mcp-receipts.jsonl");
+  if (existsSync(logFile)) {
+    try {
+      const lines = readFileSync(logFile, "utf-8").trim().split("\n").length;
+      process.stdout.write(green2(`Decision log: ${lines} entries
+`));
+    } catch {
+      process.stdout.write(green2("Decision log exists\n"));
+    }
+  } else {
+    process.stdout.write(dim2("  No decision log yet \u2014 will be created on first tool call\n"));
+  }
+  if (existsSync(receiptFile)) {
+    try {
+      const lines = readFileSync(receiptFile, "utf-8").trim().split("\n").length;
+      process.stdout.write(green2(`Receipt file: ${lines} signed receipts
+`));
+    } catch {
+      process.stdout.write(green2("Receipt file exists\n"));
+    }
+  }
+  try {
+    execSync("npx @veritasacta/verify --version 2>/dev/null", { stdio: "pipe", timeout: 1e4 });
+    process.stdout.write(green2("Verifier available: @veritasacta/verify\n"));
+  } catch {
+    process.stdout.write(dim2("  Verifier not cached \u2014 install: npm install -g @veritasacta/verify\n"));
+  }
+  try {
+    const res = await fetch("https://api.scopeblind.com/health", { signal: AbortSignal.timeout(5e3) });
+    if (res.ok) {
+      process.stdout.write(green2("ScopeBlind API reachable\n"));
+    } else {
+      process.stdout.write(yellow2("ScopeBlind API returned non-200 \u2014 receipts will be stored locally\n"));
+    }
+  } catch {
+    process.stdout.write(dim2("  ScopeBlind API not reachable \u2014 offline mode (receipts stored locally)\n"));
+  }
+  process.stdout.write("\n");
+  if (issues === 0) {
+    process.stdout.write("\x1B[32m\x1B[1mAll checks passed.\x1B[0m Ready to wrap MCP servers.\n");
+    process.stdout.write(dim2("\n  npx protect-mcp -- node your-server.js\n\n"));
+  } else {
+    process.stdout.write(`\x1B[33m\x1B[1m${issues} issue(s) found.\x1B[0m Fix them and run doctor again.
+`);
+  }
+}
 async function handleReport(args) {
   let period = 30;
   let format = "json";

package/dist/{http-transport-RIVV2RVQ.mjs → http-transport-VLIPOPIC.mjs} RENAMED Viewed

@@ -1,6 +1,6 @@
 import {
   ProtectGateway
-} from "./chunk-7HBHIKLN.mjs";
+} from "./chunk-VF3OCG4D.mjs";
 // src/http-transport.ts
 import { createServer } from "http";