tokrepo-mcp-server 2.9.2 → 2.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -1
- package/bin/server.js +71 -1
- package/package.json +5 -3
package/README.md
CHANGED
|
@@ -39,6 +39,7 @@ Once connected, your AI assistant can:
|
|
|
39
39
|
- **Search** 200+ curated AI assets by keyword or category with agent fit signals
|
|
40
40
|
- **Browse** trending assets, filter by type (MCP, Skill, Prompt, Agent, Script)
|
|
41
41
|
- **Get details** — full documentation, install instructions, and metadata
|
|
42
|
+
- **Verify trust** — read-only content hash, install plan hash, permission envelope, policy, trust_score_v2, blockers, and warnings
|
|
42
43
|
- **Plan before install** — get install plan v2 with policy decisions, rollback, and verification
|
|
43
44
|
- **Safe Codex install** — dry-run by default; risky assets must be staged or explicitly approved
|
|
44
45
|
- **Lifecycle control** — list, update, uninstall, and roll back managed Codex installs
|
|
@@ -53,6 +54,7 @@ Once connected, your AI assistant can:
|
|
|
53
54
|
| `tokrepo_discover` | Planning-time capability discovery from a task, environment, and constraints |
|
|
54
55
|
| `tokrepo_search` | Search assets by keyword/tag with `agent_fit` ranking |
|
|
55
56
|
| `tokrepo_detail` | Get full asset details by UUID |
|
|
57
|
+
| `tokrepo_verify` | Verify trust, hashes, permissions, and policy before activation |
|
|
56
58
|
| `tokrepo_install_plan` | Get agent-native install plan v2 |
|
|
57
59
|
| `tokrepo_codex_install` | Dry-run, stage, or install a Codex skill safely |
|
|
58
60
|
| `tokrepo_installed` | List TokRepo-managed Codex installs |
|
|
@@ -71,6 +73,7 @@ You: "What video assets should I install?"
|
|
|
71
73
|
AI: [calls tokrepo_discover] → Finds relevant skills, checks fit and policy, then asks before installing
|
|
72
74
|
|
|
73
75
|
You: "Install that cursor rules asset"
|
|
76
|
+
AI: [calls tokrepo_verify] → Checks trust_score_v2, permissions, blockers, and warnings
|
|
74
77
|
AI: [calls tokrepo_install_plan] → Reviews policy and actions
|
|
75
78
|
AI: [calls tokrepo_codex_install with dry_run=false, confirm=true] → Writes only after explicit confirmation
|
|
76
79
|
AI: [calls tokrepo_rollback with dry_run=true] → Shows exactly what would be removed before rollback
|
|
@@ -95,6 +98,9 @@ Registries and agents can discover this server through:
|
|
|
95
98
|
- Portable agent manifest: [tokrepo.com/.well-known/agent.json](https://tokrepo.com/.well-known/agent.json)
|
|
96
99
|
- A2A agent card: [tokrepo.com/.well-known/agent-card.json](https://tokrepo.com/.well-known/agent-card.json)
|
|
97
100
|
- Tool catalog: [tokrepo.com/.well-known/tool-catalog.json](https://tokrepo.com/.well-known/tool-catalog.json)
|
|
101
|
+
- Trust manifest: [tokrepo.com/.well-known/tokrepo-trust.json](https://tokrepo.com/.well-known/tokrepo-trust.json)
|
|
102
|
+
- Default agent policy pack: [tokrepo.com/policy-packs/default-agent-policy.json](https://tokrepo.com/policy-packs/default-agent-policy.json)
|
|
103
|
+
- Eval evidence: [tokrepo.com/evals/agent-discovery.json](https://tokrepo.com/evals/agent-discovery.json)
|
|
98
104
|
- Agent text entry: [tokrepo.com/agents.txt](https://tokrepo.com/agents.txt)
|
|
99
105
|
- Agent instructions: [tokrepo.com/agent-instructions/tokrepo.md](https://tokrepo.com/agent-instructions/tokrepo.md)
|
|
100
106
|
- Agent ecosystem distribution pack: [tokrepo.com/agent-ecosystem.json](https://tokrepo.com/agent-ecosystem.json)
|
|
@@ -102,7 +108,7 @@ Registries and agents can discover this server through:
|
|
|
102
108
|
|
|
103
109
|
Use `https://tokrepo.com/agent-ecosystem.json` for agent marketplace submissions, starter templates, README snippets, install guides, and example projects. It contains canonical listing copy, ecosystem channels, target project-memory files, and verification commands.
|
|
104
110
|
|
|
105
|
-
TokRepo emits anonymous aggregate funnel events for `tokrepo_discover`, `tokrepo_install_plan`, install dry-runs, installs, handoffs, and pushes. It does not send task text or file contents. Disable with `TOKREPO_TELEMETRY=0`.
|
|
111
|
+
TokRepo emits anonymous aggregate funnel events for `tokrepo_discover`, `tokrepo_verify`, `tokrepo_install_plan`, install dry-runs, installs, handoffs, and pushes. It does not send task text or file contents. Disable with `TOKREPO_TELEMETRY=0`.
|
|
106
112
|
|
|
107
113
|
## Why TokRepo?
|
|
108
114
|
|
package/bin/server.js
CHANGED
|
@@ -20,7 +20,7 @@ const API_BASE = process.env.TOKREPO_API || 'https://api.tokrepo.com';
|
|
|
20
20
|
const TOKREPO_URL = 'https://tokrepo.com';
|
|
21
21
|
const TOKREPO_TOKEN = process.env.TOKREPO_TOKEN || '';
|
|
22
22
|
const TOKREPO_CLI = process.env.TOKREPO_CLI || '';
|
|
23
|
-
const SERVER_VERSION = '2.
|
|
23
|
+
const SERVER_VERSION = '2.10.0';
|
|
24
24
|
|
|
25
25
|
// ─── MCP Protocol (JSON-RPC over stdio) ───
|
|
26
26
|
|
|
@@ -155,6 +155,36 @@ const TOOLS = [
|
|
|
155
155
|
required: ['uuid'],
|
|
156
156
|
},
|
|
157
157
|
},
|
|
158
|
+
{
|
|
159
|
+
name: 'tokrepo_verify',
|
|
160
|
+
description: 'Read-only asset trust verification for agents. Produces content hash, install plan hash, policy decision, permission envelope, trust_score_v2, blockers, warnings, schemas, and safe next actions before activation.',
|
|
161
|
+
inputSchema: {
|
|
162
|
+
type: 'object',
|
|
163
|
+
properties: {
|
|
164
|
+
uuid: {
|
|
165
|
+
type: 'string',
|
|
166
|
+
description: 'Asset UUID, workflow URL slug, or workflow UUID from search/detail results. Ignored when offline=true.',
|
|
167
|
+
},
|
|
168
|
+
target: {
|
|
169
|
+
type: 'string',
|
|
170
|
+
description: 'Verification target adapter.',
|
|
171
|
+
enum: ['codex'],
|
|
172
|
+
default: 'codex',
|
|
173
|
+
},
|
|
174
|
+
strict: {
|
|
175
|
+
type: 'boolean',
|
|
176
|
+
description: 'When true, warnings fail the verification report.',
|
|
177
|
+
default: false,
|
|
178
|
+
},
|
|
179
|
+
offline: {
|
|
180
|
+
type: 'boolean',
|
|
181
|
+
description: 'Use the bundled offline fixture. Intended for agent/toolchain self-tests.',
|
|
182
|
+
default: false,
|
|
183
|
+
},
|
|
184
|
+
},
|
|
185
|
+
required: ['uuid'],
|
|
186
|
+
},
|
|
187
|
+
},
|
|
158
188
|
{
|
|
159
189
|
name: 'tokrepo_codex_install',
|
|
160
190
|
description: 'Safely install a TokRepo asset into local Codex. Defaults to dry_run=true. To write files, set dry_run=false and confirm=true. Risky assets require stage=true or approve_risk=true.',
|
|
@@ -436,6 +466,7 @@ const EXPOSED_TOOL_NAMES = new Set([
|
|
|
436
466
|
'tokrepo_search',
|
|
437
467
|
'tokrepo_detail',
|
|
438
468
|
'tokrepo_install_plan',
|
|
469
|
+
'tokrepo_verify',
|
|
439
470
|
'tokrepo_codex_install',
|
|
440
471
|
'tokrepo_installed',
|
|
441
472
|
'tokrepo_update',
|
|
@@ -473,6 +504,13 @@ const TOOL_ANNOTATIONS = {
|
|
|
473
504
|
idempotentHint: true,
|
|
474
505
|
openWorldHint: true,
|
|
475
506
|
},
|
|
507
|
+
tokrepo_verify: {
|
|
508
|
+
title: 'Verify asset trust, hashes, permissions, and policy before activation',
|
|
509
|
+
readOnlyHint: true,
|
|
510
|
+
destructiveHint: false,
|
|
511
|
+
idempotentHint: true,
|
|
512
|
+
openWorldHint: true,
|
|
513
|
+
},
|
|
476
514
|
tokrepo_codex_install: {
|
|
477
515
|
title: 'Dry-run, stage, or install an asset for Codex',
|
|
478
516
|
readOnlyHint: false,
|
|
@@ -613,6 +651,7 @@ function eventForTool(name, args = {}) {
|
|
|
613
651
|
if (name === 'tokrepo_search') return 'mcp_search';
|
|
614
652
|
if (name === 'tokrepo_detail') return 'mcp_detail';
|
|
615
653
|
if (name === 'tokrepo_install_plan') return 'install_plan';
|
|
654
|
+
if (name === 'tokrepo_verify') return 'verify_asset';
|
|
616
655
|
if (name === 'tokrepo_codex_install') return args.dry_run === false ? 'install_apply' : 'install_dry_run';
|
|
617
656
|
if (name === 'tokrepo_push') return 'push';
|
|
618
657
|
return '';
|
|
@@ -935,10 +974,12 @@ function buildCandidate(item, target, ranking = {}) {
|
|
|
935
974
|
ranking,
|
|
936
975
|
next_mcp_calls: [
|
|
937
976
|
{ tool: 'tokrepo_detail', arguments: { uuid } },
|
|
977
|
+
{ tool: 'tokrepo_verify', arguments: { uuid, target: planTarget } },
|
|
938
978
|
{ tool: 'tokrepo_install_plan', arguments: { uuid, target: planTarget } },
|
|
939
979
|
],
|
|
940
980
|
commands: {
|
|
941
981
|
inspect: `npx tokrepo detail ${uuid} --json`,
|
|
982
|
+
verify: `npx tokrepo verify ${uuid} --target ${planTarget} --json`,
|
|
942
983
|
dry_run_install: planTarget === 'codex'
|
|
943
984
|
? `npx tokrepo install ${uuid} --dry-run --json`
|
|
944
985
|
: `npx tokrepo install ${uuid} --target ${planTarget} --dry-run --json`,
|
|
@@ -946,6 +987,7 @@ function buildCandidate(item, target, ranking = {}) {
|
|
|
946
987
|
agent_use_contract: [
|
|
947
988
|
'Use only if the capability matches the current subtask.',
|
|
948
989
|
'Call tokrepo_detail before install to inspect content and metadata.',
|
|
990
|
+
'Call tokrepo_verify to inspect hashes, permissions, trust_score_v2, blockers, and warnings.',
|
|
949
991
|
'Call tokrepo_install_plan and respect policy_decision before writing files.',
|
|
950
992
|
'Prefer dry-run or stage-only when risk or fit is uncertain.',
|
|
951
993
|
'After using it, verify the original task outcome and record failures.',
|
|
@@ -1179,6 +1221,33 @@ async function handleInstallPlan(args) {
|
|
|
1179
1221
|
};
|
|
1180
1222
|
}
|
|
1181
1223
|
|
|
1224
|
+
async function handleVerify(args) {
|
|
1225
|
+
const {
|
|
1226
|
+
uuid = '00000000-0000-4000-8000-000000000001',
|
|
1227
|
+
target = 'codex',
|
|
1228
|
+
strict = false,
|
|
1229
|
+
offline = false,
|
|
1230
|
+
} = args || {};
|
|
1231
|
+
const cliArgs = ['verify', uuid, '--target', target, '--json'];
|
|
1232
|
+
if (strict) cliArgs.push('--strict');
|
|
1233
|
+
if (offline) cliArgs.push('--offline');
|
|
1234
|
+
const { stdout, stderr } = await runTokrepoCli(cliArgs);
|
|
1235
|
+
let data;
|
|
1236
|
+
try {
|
|
1237
|
+
data = JSON.parse(stdout);
|
|
1238
|
+
} catch {
|
|
1239
|
+
data = { stdout, stderr };
|
|
1240
|
+
}
|
|
1241
|
+
const status = data?.status || 'unknown';
|
|
1242
|
+
return {
|
|
1243
|
+
isError: status === 'fail',
|
|
1244
|
+
content: [{
|
|
1245
|
+
type: 'text',
|
|
1246
|
+
text: jsonText(`TokRepo asset verification (${status})`, data),
|
|
1247
|
+
}],
|
|
1248
|
+
};
|
|
1249
|
+
}
|
|
1250
|
+
|
|
1182
1251
|
async function handleCodexInstall(args) {
|
|
1183
1252
|
const {
|
|
1184
1253
|
uuid,
|
|
@@ -1552,6 +1621,7 @@ async function handleRequest(msg) {
|
|
|
1552
1621
|
case 'tokrepo_detail': result = await handleDetail(args || {}); break;
|
|
1553
1622
|
case 'tokrepo_install': result = await handleInstall(args || {}); break;
|
|
1554
1623
|
case 'tokrepo_install_plan': result = await handleInstallPlan(args || {}); break;
|
|
1624
|
+
case 'tokrepo_verify': result = await handleVerify(args || {}); break;
|
|
1555
1625
|
case 'tokrepo_codex_install': result = await handleCodexInstall(args || {}); break;
|
|
1556
1626
|
case 'tokrepo_clone_plan': result = await handleClonePlan(args || {}); break;
|
|
1557
1627
|
case 'tokrepo_installed': result = await handleInstalled(args || {}); break;
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "tokrepo-mcp-server",
|
|
3
|
-
"version": "2.
|
|
4
|
-
"description": "Agent-native MCP server for TokRepo
|
|
3
|
+
"version": "2.10.0",
|
|
4
|
+
"description": "Agent-native MCP server for TokRepo - discover, verify, plan, safely install, and push AI assets from MCP clients.",
|
|
5
5
|
"mcpName": "io.github.henu-wang/tokrepo-mcp-server",
|
|
6
6
|
"bin": {
|
|
7
7
|
"tokrepo-mcp-server": "bin/server.js"
|
|
@@ -40,7 +40,9 @@
|
|
|
40
40
|
"agent-manifest",
|
|
41
41
|
"a2a-agent-card",
|
|
42
42
|
"tool-discovery",
|
|
43
|
-
"llms-txt"
|
|
43
|
+
"llms-txt",
|
|
44
|
+
"trust-verification",
|
|
45
|
+
"agent-evals"
|
|
44
46
|
],
|
|
45
47
|
"engines": {
|
|
46
48
|
"node": ">=18"
|