agentnode-sdk 0.16.0__tar.gz → 0.17.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/CHANGELOG.md +25 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/PKG-INFO +1 -1
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/__init__.py +1 -1
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/commands.py +11 -2
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/main.py +425 -412
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/mcp_commands.py +280 -170
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/client.py +10 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/installer.py +224 -1
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/lock_integrity.py +245 -230
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/runner.py +6 -1
- agentnode_sdk-0.17.0/agentnode_sdk/runtimes/mcp_consent.py +207 -0
- agentnode_sdk-0.17.0/agentnode_sdk/runtimes/mcp_consent_store.py +264 -0
- agentnode_sdk-0.17.0/agentnode_sdk/runtimes/mcp_runner.py +768 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/sandbox/container_backend.py +350 -266
- agentnode_sdk-0.17.0/agentnode_sdk/sandbox/domain_policy.py +83 -0
- agentnode_sdk-0.17.0/agentnode_sdk/sandbox/egress.py +178 -0
- agentnode_sdk-0.17.0/agentnode_sdk/sandbox/egress_proxy.py +223 -0
- agentnode_sdk-0.17.0/agentnode_sdk/sandbox/mcp_preinstall.py +182 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/sandbox/types.py +78 -52
- agentnode_sdk-0.17.0/data/compatibility/current.json +5061 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/pyproject.toml +4 -1
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/scripts/generate_compatibility_artifacts.py +95 -31
- agentnode_sdk-0.17.0/scripts/merge_batches.py +196 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/conftest.py +20 -0
- agentnode_sdk-0.17.0/tests/data/allowed_domains_vectors.json +41 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_cli_run_resolution.py +36 -36
- agentnode_sdk-0.17.0/tests/test_consent_prompt.py +84 -0
- agentnode_sdk-0.17.0/tests/test_domain_policy.py +50 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_e2e_runtime.py +8 -0
- agentnode_sdk-0.17.0/tests/test_egress_domain_validation.py +52 -0
- agentnode_sdk-0.17.0/tests/test_egress_e2e.py +94 -0
- agentnode_sdk-0.17.0/tests/test_egress_lifecycle.py +123 -0
- agentnode_sdk-0.17.0/tests/test_egress_proxy_unit.py +152 -0
- agentnode_sdk-0.17.0/tests/test_egress_wrap.py +112 -0
- agentnode_sdk-0.17.0/tests/test_env_passthrough_wrap.py +106 -0
- agentnode_sdk-0.17.0/tests/test_mcp_allowed_domains_seal.py +122 -0
- agentnode_sdk-0.17.0/tests/test_mcp_consent.py +125 -0
- agentnode_sdk-0.17.0/tests/test_mcp_consent_resolver.py +186 -0
- agentnode_sdk-0.17.0/tests/test_mcp_consent_store.py +187 -0
- agentnode_sdk-0.17.0/tests/test_mcp_credentialed_launch.py +626 -0
- agentnode_sdk-0.17.0/tests/test_mcp_preinstall.py +308 -0
- agentnode_sdk-0.17.0/tests/test_mcp_preinstall_run.py +417 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_mcp_sandbox.py +170 -175
- agentnode_sdk-0.16.0/agentnode_sdk/runtimes/mcp_runner.py +0 -429
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/.env.example +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/.gitignore +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/README.md +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/REGISTRY_SIGNING_ACTIVATION.md +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/REGISTRY_SIGNING_SPEC.md +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/THREAT_MODEL.md +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/TRUST_STACK.md +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode.lock +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/_fileutil.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/async_client.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/capability_graph.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/capability_taxonomy.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/__init__.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/__main__.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/audit.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/auth.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/cassette_audit.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/complements.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/init.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/mcp_status.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/mcp_submit.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/mcp_verify.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/output.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/publish.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/record_cases.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/sandbox_commands.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/serve.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/setup_wizard.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/smart_run.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/templates.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/validate.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/cli/verify_local.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/compatibility.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/config.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/credential_handle.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/credential_resolver.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/credential_store.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/detect.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/exceptions.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/guard.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/input_guard.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/key_status.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/llm_providers.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/mcp_server.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/models.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/planner.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/policy.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/references.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/registry_trust.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/resolve.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/resource_provider.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/risk_profile.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/run_log.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/runtime.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/runtimes/__init__.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/runtimes/agent_llm_broker.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/runtimes/agent_llm_policy.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/runtimes/agent_runner.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/runtimes/agent_sandbox.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/runtimes/python_runner.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/runtimes/remote_runner.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/sandbox/__init__.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/sandbox/agent_container_wrapper.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/sandbox/agent_rpc.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/sandbox/agent_session.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/sandbox/backend.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/sandbox/policy.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/signature.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/signing_key.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/agentnode_sdk/skill.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/sandbox-image/Dockerfile +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/sandbox-image/README.md +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/scripts/analyze_scores.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/scripts/batch_verify.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/scripts/ci_smoke_test.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/scripts/verify_toolcalls.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/scripts/weekly_retest.sh +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/spikes/agent_sandbox_routing/README.md +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/spikes/agent_sandbox_routing/__init__.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/spikes/agent_sandbox_routing/container_agent_wrapper.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/spikes/agent_sandbox_routing/fake_llm.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/spikes/agent_sandbox_routing/host_driver.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/spikes/agent_sandbox_routing/trivial_agent.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/__init__.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_agent_llm_broker.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_agent_llm_policy.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_agent_rpc.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_agent_runner.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_agent_sandbox_e2e.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_agent_sandbox_routing.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_agent_sandbox_spike.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_agent_session_container.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_async_client.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_audit_ux.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_auth_cli_vault.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_auto_upgrade_policy.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_cli.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_cli_lock.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_client.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_client_json_guard.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_client_sprint_b.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_config.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_credential_handle.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_credential_integration.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_credential_resolver.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_credential_store.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_credential_vault.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_detect.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_detect_and_install.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_edge_cases.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard_check.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard_config_cache.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard_policy.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard_preview.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard_schema.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard_set.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard_status.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard_tool_override.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard_tool_override_audit.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard_tool_override_cli.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_guard_ux.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_input_guard.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_input_guard_escalation.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_install_hardening.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_installer_sprint_b.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_intelligence.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_key_status.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_llm_binding.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_llm_call_runlog.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_llm_providers.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_llm_vault_binding.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_lock_integrity.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_lock_runtime.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_mcp_audit.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_mcp_doctor.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_mcp_server.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_observability.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_planner.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_policy.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_policy_integration.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_prompt_specs.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_provider_matrix.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_publish.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_references.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_registry_trust.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_remote_hardening.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_remote_runner.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_resource_provider.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_resource_specs.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_risk_profile.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_run_log.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_runner.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_runtime.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_runtime_audit.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_sandbox_backend.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_sandbox_doctor.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_sandbox_e2e.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_sandbox_gate.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_security_hardening.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_setup_wizard.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_signature.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_signing_key.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_skill.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_smart.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_stability.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_toolpack_sandbox.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_v02.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_validate.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/test_validate_skill.py +0 -0
- {agentnode_sdk-0.16.0 → agentnode_sdk-0.17.0}/tests/validation_lockfile.json +0 -0
|
@@ -1,5 +1,30 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 0.17.0 — MCP network isolation
|
|
4
|
+
|
|
5
|
+
### Changed
|
|
6
|
+
|
|
7
|
+
- Community MCP servers now run only when pinned and preinstalled into a sealed
|
|
8
|
+
volume. Preinstalled community MCPs run with no network by default, or behind a
|
|
9
|
+
sealed egress allowlist when `mcp_allowed_domains` are declared.
|
|
10
|
+
|
|
11
|
+
### Hardened
|
|
12
|
+
|
|
13
|
+
- Removed the open-network runtime-fetch path for community MCPs. Non-preinstalled
|
|
14
|
+
or floating community MCPs — including `npx`, `uvx`, `latest`, git, or URL-based
|
|
15
|
+
runtime fetches — are now refused fail-closed. The old `network_level`
|
|
16
|
+
open-network grant path is no longer honored for community MCP runtime execution.
|
|
17
|
+
|
|
18
|
+
### BREAKING / Upgrade Notes
|
|
19
|
+
|
|
20
|
+
- Community MCPs that ship only an `mcp_command` are now refused instead of running
|
|
21
|
+
with an open network. To migrate, declare an exact pinned `mcp_install` so the MCP
|
|
22
|
+
is preinstalled into a sealed volume. If runtime network access is required,
|
|
23
|
+
declare `mcp_allowed_domains`; without declared allowed domains, the MCP runs with
|
|
24
|
+
no network.
|
|
25
|
+
- The credentialed MCP secret flow is unchanged. Curated/trusted MCP behavior is
|
|
26
|
+
unchanged.
|
|
27
|
+
|
|
3
28
|
## 0.16.0 — Registry providers in auth CLI and setup wizard
|
|
4
29
|
|
|
5
30
|
### Added
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: agentnode-sdk
|
|
3
|
-
Version: 0.
|
|
3
|
+
Version: 0.17.0
|
|
4
4
|
Summary: Python SDK for AgentNode — the open upgrade and discovery infrastructure for AI agents.
|
|
5
5
|
Project-URL: Homepage, https://agentnode.net
|
|
6
6
|
Project-URL: Repository, https://github.com/agentnode-ai/agentnode
|
|
@@ -878,11 +878,16 @@ def cmd_run(
|
|
|
878
878
|
try:
|
|
879
879
|
from agentnode_sdk.runner import run_tool
|
|
880
880
|
from agentnode_sdk.guard import cli_confirmation_callback
|
|
881
|
+
from agentnode_sdk.cli.mcp_commands import cli_consent_callback
|
|
881
882
|
|
|
882
883
|
is_interactive = os.environ.get("AGENTNODE_NON_INTERACTIVE", "").lower() not in ("true", "1")
|
|
883
884
|
callback = cli_confirmation_callback if is_interactive else None
|
|
885
|
+
# Stage 3B-2b: dedicated consent callback for credentialed MCPs (separate from the guard
|
|
886
|
+
# bool callback). None when non-TTY ⇒ resolver requires a valid stored grant (fail-closed).
|
|
887
|
+
consent_cb = cli_consent_callback if is_interactive else None
|
|
884
888
|
|
|
885
|
-
result = run_tool(slug, tool_name=tool_name, confirmation_callback=callback,
|
|
889
|
+
result = run_tool(slug, tool_name=tool_name, confirmation_callback=callback,
|
|
890
|
+
mcp_consent_callback=consent_cb, **data)
|
|
886
891
|
|
|
887
892
|
if result.mode_used == "policy_denied" and result.policy:
|
|
888
893
|
_print_guard_block(slug, tool_name, result)
|
|
@@ -1148,11 +1153,15 @@ def _cmd_run_smart(
|
|
|
1148
1153
|
try:
|
|
1149
1154
|
from agentnode_sdk.runner import run_tool
|
|
1150
1155
|
from agentnode_sdk.guard import cli_confirmation_callback
|
|
1156
|
+
from agentnode_sdk.cli.mcp_commands import cli_consent_callback
|
|
1151
1157
|
|
|
1152
1158
|
is_interactive_run = os.environ.get("AGENTNODE_NON_INTERACTIVE", "").lower() not in ("true", "1")
|
|
1153
1159
|
callback = cli_confirmation_callback if is_interactive_run else None
|
|
1160
|
+
# Stage 3B-2b: dedicated consent callback for credentialed MCPs (separate from guard bool).
|
|
1161
|
+
consent_cb = cli_consent_callback if is_interactive_run else None
|
|
1154
1162
|
|
|
1155
|
-
result = run_tool(target_slug, confirmation_callback=callback,
|
|
1163
|
+
result = run_tool(target_slug, confirmation_callback=callback,
|
|
1164
|
+
mcp_consent_callback=consent_cb, **parsed.input_args)
|
|
1156
1165
|
|
|
1157
1166
|
if result.mode_used == "policy_denied" and result.policy:
|
|
1158
1167
|
_print_guard_block(target_slug, None, result)
|