troxy-cli 1.3.7 → 1.3.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/init.js +2 -0
- package/src/mcp-server.js +7 -3
package/package.json
CHANGED
package/src/init.js
CHANGED
|
@@ -213,6 +213,8 @@ WantedBy=multi-user.target
|
|
|
213
213
|
<string>${apiKey}</string>
|
|
214
214
|
<key>TROXY_AGENT_NAME</key>
|
|
215
215
|
<string>${agentName}</string>
|
|
216
|
+
<key>PATH</key>
|
|
217
|
+
<string>/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin</string>
|
|
216
218
|
</dict>
|
|
217
219
|
<key>RunAtLoad</key>
|
|
218
220
|
<true/>
|
package/src/mcp-server.js
CHANGED
|
@@ -28,7 +28,7 @@ export async function runMcp() {
|
|
|
28
28
|
'You MUST call the evaluate_payment tool before completing any purchase, payment, or financial transaction. ' +
|
|
29
29
|
'Never submit a payment form, confirm a checkout, or transfer funds without first receiving an ALLOW decision from evaluate_payment. ' +
|
|
30
30
|
'If the decision is BLOCK, abort the transaction and inform the user. ' +
|
|
31
|
-
'If the decision is ESCALATE,
|
|
31
|
+
'If the decision is ESCALATE, the response includes an approval_token. Wait for the user to approve, then call evaluate_payment again with the same payment details PLUS the approval_token field. The second call will return ALLOW without re-escalating. ' +
|
|
32
32
|
'If the decision is NOTIFY, proceed but the user will be notified. ' +
|
|
33
33
|
'When calling evaluate_payment, use the merchant\'s domain name as merchant_name when available (e.g. "amazon.com", "indigobloom.co.il") — this ensures consistent matching against policies.',
|
|
34
34
|
},
|
|
@@ -66,6 +66,10 @@ export async function runMcp() {
|
|
|
66
66
|
type: 'string',
|
|
67
67
|
description: 'Currency code, defaults to USD (optional)',
|
|
68
68
|
},
|
|
69
|
+
approval_token: {
|
|
70
|
+
type: 'string',
|
|
71
|
+
description: 'Approval token from a previous ESCALATE response. Include this to proceed after the user has approved the payment.',
|
|
72
|
+
},
|
|
69
73
|
},
|
|
70
74
|
},
|
|
71
75
|
},
|
|
@@ -88,7 +92,7 @@ export async function runMcp() {
|
|
|
88
92
|
};
|
|
89
93
|
}
|
|
90
94
|
|
|
91
|
-
const { decision, policy, audit_id } = result;
|
|
95
|
+
const { decision, policy, audit_id, approval_token } = result;
|
|
92
96
|
let text;
|
|
93
97
|
|
|
94
98
|
switch (decision) {
|
|
@@ -99,7 +103,7 @@ export async function runMcp() {
|
|
|
99
103
|
text = `✗ Payment blocked by policy "${policy}". Do not proceed with this payment. (audit: ${audit_id})`;
|
|
100
104
|
break;
|
|
101
105
|
case 'ESCALATE':
|
|
102
|
-
text = `⏳ Payment requires human approval — a request has been sent to the account owner. Do not proceed until approved. (audit: ${audit_id})`;
|
|
106
|
+
text = `⏳ Payment requires human approval — a request has been sent to the account owner. Do not proceed until approved.\n\nApproval token: ${approval_token}\n\nOnce the owner approves, call evaluate_payment again with the same payment details and include approval_token: "${approval_token}" to proceed. (audit: ${audit_id})`;
|
|
103
107
|
break;
|
|
104
108
|
case 'NOTIFY':
|
|
105
109
|
text = `✓ Payment approved with notification. Policy matched: "${policy}". (audit: ${audit_id})`;
|