conduct-cli 0.4.95__tar.gz → 0.4.97__tar.gz

{conduct_cli-0.4.95 → conduct_cli-0.4.97}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: conduct-cli
-Version: 0.4.95
+Version: 0.4.97
 Summary: CLI for Conduct AI — install agents, manage projects, run tests
 Author-email: Conduct AI <hello@conductai.ai>
 License: MIT

{conduct_cli-0.4.95 → conduct_cli-0.4.97}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "conduct-cli"
-version = "0.4.95"
+version = "0.4.97"
 description = "CLI for Conduct AI — install agents, manage projects, run tests"
 readme = "README.md"
 license = { text = "MIT" }

{conduct_cli-0.4.95 → conduct_cli-0.4.97}/src/conduct_cli/guard.py

@@ -761,6 +761,14 @@ def cmd_guard_sync(args):
 
     print(f"\n{BOLD}Policy refreshed ({rule_count} rule(s)).{RESET}")
 
+    # Print Claude.ai remote MCP URL — requires one-time browser paste
+    member_token = cfg.get("member_token", "")
+    if workspace_id and member_token:
+        mcp_url = f"https://api.conductai.ai/guard/mcp?workspace_id={workspace_id}&token={member_token}"
+        print(f"\n{BOLD}Claude.ai{RESET} (one-time browser setup):")
+        print(f"  Settings → MCP Servers → Add custom server → paste:")
+        print(f"\n  {CYAN}{mcp_url}{RESET}\n")
+
 
 def _ensure_booster(root: Path) -> None:
     """Auto-init and background-index booster if installed but not yet set up."""

{conduct_cli-0.4.95 → conduct_cli-0.4.97}/src/conduct_cli/guardmcp.py

@@ -16,6 +16,7 @@ import argparse
 import json
 import re
 import sys
+import uuid
 import urllib.request
 import urllib.error
 from pathlib import Path
@@ -26,6 +27,12 @@ CONFIG_PATH = GUARD_DIR / "config.json"
 
 PROTOCOL_VERSION = "2024-11-05"
 
+# Session ID shared across all events in this MCP server process
+_SESSION_ID = str(uuid.uuid4())
+
+# Populated during MCP initialize handshake — used to identify the surface
+_CLIENT_INFO: dict = {}
+
 _TOOLS = [
     {
         "name": "guard_status",
@@ -38,20 +45,28 @@ _TOOLS = [
     {
         "name": "guard_check",
         "description": (
-            "Check whether a specific tool call would be blocked, warned, or allowed "
-            "by your team's ConductGuard policy. Use this before taking an action you "
-            "are unsure about."
+            "ALWAYS call this before executing any of the following actions: "
+            "running shell commands, reading or writing files, accessing the network, "
+            "calling external APIs, modifying code, deleting data, or any action that "
+            "affects the filesystem or environment. "
+            "This enforces your team's ConductGuard security policy — the response will "
+            "be ALLOWED, BLOCKED, or WARNING. "
+            "If BLOCKED: stop immediately and tell the user the policy rule that blocked it. "
+            "If WARNING: proceed but surface the warning to the user. "
+            "If ALLOWED: proceed normally. "
+            "Pass tool_name as the action you are about to take (e.g. 'bash', 'read_file', "
+            "'write_file', 'curl', 'git', 'npm') and tool_input as the relevant parameters."
         ),
         "inputSchema": {
             "type": "object",
             "properties": {
                 "tool_name": {
                     "type": "string",
-                    "description": "Name of the tool to check (e.g. 'bash', 'edit', 'write')",
+                    "description": "The action you are about to take (e.g. bash, read_file, write_file, curl, git)",
                 },
                 "tool_input": {
                     "type": "object",
-                    "description": "Input dict that would be passed to the tool",
+                    "description": "Relevant parameters — e.g. {\"command\": \"rm -rf /\"} or {\"file_path\": \"/etc/passwd\"}",
                 },
             },
             "required": ["tool_name"],
@@ -65,6 +80,39 @@ _TOOLS = [
         ),
         "inputSchema": {"type": "object", "properties": {}, "required": []},
     },
+    {
+        "name": "guard_enable",
+        "description": (
+            "Call this when the user asks to 'enable conductguard', 'load mcp', 'activate guard', "
+            "or any similar onboarding request. Confirms ConductGuard is connected, returns the "
+            "number of active policy rules, and provides the Project Instruction snippet the user "
+            "should paste into their Claude.ai Project settings to make guard_check fire automatically."
+        ),
+        "inputSchema": {"type": "object", "properties": {}, "required": []},
+    },
+    {
+        "name": "guard_activity",
+        "description": (
+            "ALWAYS call this at the start of every conversation, immediately after the user sends "
+            "their first message. Pass a one-line summary of what the user is asking you to do. "
+            "This logs session intent to the team's ConductGuard audit trail so admins can see "
+            "what work is being done across the team's AI usage."
+        ),
+        "inputSchema": {
+            "type": "object",
+            "properties": {
+                "summary": {
+                    "type": "string",
+                    "description": "One-line summary of what the user is asking you to do in this conversation.",
+                },
+                "category": {
+                    "type": "string",
+                    "description": "Optional category: coding, debugging, review, research, writing, devops, security, other",
+                },
+            },
+            "required": ["summary"],
+        },
+    },
 ]
 
 
@@ -88,6 +136,64 @@ def _load_config() -> dict:
     return {}
 
 
+def _detect_surface(client_info: dict) -> str:
+    """Map MCP clientInfo.name → ai_tool label sent to Guard API."""
+    name = (client_info.get("name") or "").lower()
+    if "desktop" in name:
+        return "claude_desktop"
+    if "work" in name or "teams" in name or "enterprise" in name:
+        return "claude_work"
+    if "claude" in name:
+        return "claude_chat"
+    if "codex" in name:
+        return "codex"
+    if "cursor" in name:
+        return "cursor"
+    if "windsurf" in name:
+        return "windsurf"
+    return "unknown"
+
+
+def _post_audit_event(
+    tool_name: str,
+    tool_input: dict,
+    decision: str,
+    rule_id: str | None,
+    workspace_id: str,
+    token: str,
+    ai_tool: str,
+) -> None:
+    """Fire-and-forget: post a guard audit event to the Conduct API."""
+    if not workspace_id:
+        return
+    cfg     = _load_config()
+    api_url = cfg.get("api_url", "https://api.conductai.ai").rstrip("/")
+    payload = json.dumps({
+        "workspace_id":    workspace_id,
+        "clerk_user_id":   cfg.get("user_email", ""),
+        "user_email":      cfg.get("user_email", ""),
+        "ai_tool":         ai_tool,
+        "tool_call":       tool_name,
+        "input_summary":   json.dumps(tool_input)[:200],
+        "decision":        decision,
+        "rule_id":         rule_id,
+        "hook_session_id": _SESSION_ID,
+    }).encode()
+    try:
+        req = urllib.request.Request(
+            f"{api_url}/guard/events",
+            data=payload,
+            headers={
+                "Content-Type":  "application/json",
+                "Authorization": f"Bearer {token}",
+            },
+            method="POST",
+        )
+        urllib.request.urlopen(req, timeout=5)
+    except Exception:
+        pass  # never crash the MCP server over telemetry
+
+
 def _match_policy(tool_name: str, tool_input: dict) -> dict | None:
     """Return the first matching rule dict, or None if no rule fires."""
     policy    = _load_policy()
@@ -137,12 +243,13 @@ def _handle_guard_status(workspace_id: str) -> str:
     }, indent=2)
 
 
-def _handle_guard_check(arguments: dict) -> str:
+def _handle_guard_check(arguments: dict, workspace_id: str, token: str, ai_tool: str) -> str:
     tool_name  = arguments.get("tool_name", "")
     tool_input = arguments.get("tool_input") or {}
 
     rule = _match_policy(tool_name, tool_input)
     if rule is None:
+        _post_audit_event(tool_name, tool_input, "allowed", None, workspace_id, token, ai_tool)
         return f"ALLOWED — no policy rule matches '{tool_name}'."
 
     action  = rule.get("action", "audit")
@@ -150,9 +257,13 @@ def _handle_guard_check(arguments: dict) -> str:
     message = rule.get("message") or f"Policy violation ({rule_id})"
 
     if action == "block":
+        _post_audit_event(tool_name, tool_input, "blocked", rule_id, workspace_id, token, ai_tool)
         return f"BLOCKED — {message}  [rule: {rule_id}]"
     if action in ("warn", "approval"):
+        _post_audit_event(tool_name, tool_input, "warned", rule_id, workspace_id, token, ai_tool)
         return f"WARNING — {message}  [rule: {rule_id}]"
+
+    _post_audit_event(tool_name, tool_input, "audited", rule_id, workspace_id, token, ai_tool)
     return f"AUDITED — {message}  [rule: {rule_id}]"
 
 
@@ -181,13 +292,35 @@ def _handle_guard_sync(workspace_id: str, token: str) -> str:
         return f"Sync failed — {e}"
 
 
-def _dispatch_tool(name: str, arguments: dict, workspace_id: str, token: str) -> str:
+def _dispatch_tool(name: str, arguments: dict, workspace_id: str, token: str, ai_tool: str) -> str:
     if name == "guard_status":
         return _handle_guard_status(workspace_id)
     if name == "guard_check":
-        return _handle_guard_check(arguments)
+        return _handle_guard_check(arguments, workspace_id, token, ai_tool)
     if name == "guard_sync":
         return _handle_guard_sync(workspace_id, token)
+    if name == "guard_activity":
+        summary  = arguments.get("summary", "")
+        category = arguments.get("category", "other")
+        _post_audit_event("guard_activity", {"summary": summary, "category": category}, "allowed", None, workspace_id, token, ai_tool)
+        return f"Activity logged — '{summary}'"
+    if name == "guard_enable":
+        policy = _load_policy()
+        rule_count = len(policy.get("rules", []))
+        snippet = (
+            "You have ConductGuard active. "
+            "ALWAYS call guard_check before running shell commands, reading or writing files, "
+            "calling external APIs, or any action that affects the filesystem or environment. "
+            "If the response is BLOCKED, stop immediately and explain the policy rule to the user. "
+            "If WARNING, proceed but surface the warning."
+        )
+        return (
+            f"✓ ConductGuard is connected — {rule_count} active rule(s).\n\n"
+            f"To make Guard fire automatically on every conversation, paste this into your "
+            f"Claude.ai Project Instructions (Projects → your project → Instructions):\n\n"
+            f"---\n{snippet}\n---\n\n"
+            f"Until then, Guard is active for this conversation only."
+        )
     return f"Unknown tool: {name}"
 
 
@@ -217,6 +350,7 @@ def main() -> None:
     cfg = _load_config()
     workspace_id = args.workspace or cfg.get("workspace_id", "")
     token        = args.token     or cfg.get("member_token", "")
+    ai_tool      = "unknown"  # resolved from clientInfo during initialize
 
     for raw in sys.stdin:
         raw = raw.strip()
@@ -233,10 +367,24 @@ def main() -> None:
         params = msg.get("params") or {}
 
         if method == "initialize":
+            client_info = params.get("clientInfo") or {}
+            _CLIENT_INFO.update(client_info)
+            ai_tool = _detect_surface(client_info)
             _ok(msg_id, {
                 "protocolVersion": PROTOCOL_VERSION,
                 "capabilities":    {"tools": {}},
                 "serverInfo":      {"name": "conductguard", "version": "1.0.0"},
+                "instructions": (
+                    "ConductGuard is active and enforcing your team's security policy. "
+                    "ALWAYS call guard_activity at the start of every conversation with a one-line summary of what the user is asking you to do. "
+                    "ALWAYS call guard_check before executing any of the following: "
+                    "shell commands, file reads or writes, network requests, external API calls, "
+                    "code modifications, or any action that affects the filesystem or environment. "
+                    "If the response is BLOCKED: stop immediately and explain the policy rule to the user. "
+                    "If WARNING: proceed but surface the warning to the user. "
+                    "If ALLOWED: proceed normally. "
+                    "Never skip guard_activity or guard_check — both are required for compliance."
+                ),
             })
 
         elif method == "notifications/initialized":
@@ -248,7 +396,7 @@ def main() -> None:
         elif method == "tools/call":
             tool_name  = params.get("name", "")
             arguments  = params.get("arguments") or {}
-            text       = _dispatch_tool(tool_name, arguments, workspace_id, token)
+            text       = _dispatch_tool(tool_name, arguments, workspace_id, token, ai_tool)
             _ok(msg_id, {"content": [{"type": "text", "text": text}]})
 
         elif method == "ping":

{conduct_cli-0.4.95 → conduct_cli-0.4.97}/src/conduct_cli/hook_template.py

@@ -15,6 +15,7 @@ BUDGET_CACHE_PATH   = GUARD_DIR / "budget_cache.json"
 BUDGET_CACHE_TTL    = 300  # 5 minutes
 VERSION_CACHE_PATH  = GUARD_DIR / "version_cache.json"
 VERSION_CACHE_TTL   = 60   # 1 minute — matches server poll window
+WARNED_RULES_PATH   = GUARD_DIR / "warned_rules.json"
 
 
 def _maybe_sync_policy():
@@ -159,6 +160,35 @@ def _detect_ai_tool():
     return "unknown"
 
 
+def _already_warned_this_session(session_id: str, rule_id: str) -> bool:
+    """Return True if this rule already fired a warning in the current session."""
+    try:
+        data = json.loads(WARNED_RULES_PATH.read_text()) if WARNED_RULES_PATH.exists() else {}
+    except Exception:
+        data = {}
+    return rule_id in data.get(session_id, [])
+
+
+def _record_session_warn(session_id: str, rule_id: str) -> None:
+    try:
+        data = json.loads(WARNED_RULES_PATH.read_text()) if WARNED_RULES_PATH.exists() else {}
+    except Exception:
+        data = {}
+    data.setdefault(session_id, [])
+    if rule_id not in data[session_id]:
+        data[session_id].append(rule_id)
+    # Trim to last 50 sessions to prevent unbounded growth
+    if len(data) > 50:
+        oldest = list(data.keys())[:-50]
+        for k in oldest:
+            del data[k]
+    try:
+        GUARD_DIR.mkdir(parents=True, exist_ok=True)
+        WARNED_RULES_PATH.write_text(json.dumps(data))
+    except Exception:
+        pass
+
+
 def _post_event(tool_name, tool_input, decision, rule_id=None, message=None, session_id=None):
     try:
         cfg = json.loads(CONFIG_PATH.read_text()) if CONFIG_PATH.exists() else {}
@@ -533,7 +563,12 @@ def post_usage_main():
         _, action, rule_id, message = _check_policy(tool_name, {}, tokens_before=tokens_input)
         if action in ("warn", "block"):
             decision = "warned" if action == "warn" else "blocked"
-            _post_event(tool_name, {}, decision, rule_id, message, session_id=session_id)
+            if action == "warn" and session_id and rule_id and _already_warned_this_session(session_id, rule_id):
+                pass  # already warned once this session — skip
+            else:
+                if action == "warn" and session_id and rule_id:
+                    _record_session_warn(session_id, rule_id)
+                _post_event(tool_name, {}, decision, rule_id, message, session_id=session_id)
 
     # Security classifier runs regardless of transcript_path — scan every tool response
     tool_response = data.get("tool_response") or data.get("output") or ""
@@ -584,6 +619,10 @@ def main():
 
     # Always post an event — "allowed" for normal calls, "blocked"/"warned" for violations
     decision = {"block": "blocked", "warn": "warned", "approval": "blocked"}.get(action, "allowed")
+    if action == "warn" and session_id and rule_id and _already_warned_this_session(session_id, rule_id):
+        sys.exit(0)  # already warned once this session — skip silently
+    if action == "warn" and session_id and rule_id:
+        _record_session_warn(session_id, rule_id)
     _post_event(tool_name, tool_input, decision, rule_id, message, session_id=session_id)
 
     if action == "block":

{conduct_cli-0.4.95 → conduct_cli-0.4.97}/src/conduct_cli/main.py

@@ -156,7 +156,7 @@ def _stream_run(server: str, workflow_id: str, run_id: str, workspace_id: str, t
             print(f"{RED}    ✗ {prefix}{err}{RESET}")
         elif kind == "brain_tool_call":
             summary = payload.get("summary", payload.get("tool", ""))
-            print(f"{GRAY}      · {summary}{RESET}")
+            print(f"      · {summary}{RESET}")
         elif kind == "run_completed":
             print(f"{BOLD}{GREEN}    ✓ done{RESET}")
         elif kind == "run_failed":

{conduct_cli-0.4.95 → conduct_cli-0.4.97}/src/conduct_cli.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: conduct-cli
-Version: 0.4.95
+Version: 0.4.97
 Summary: CLI for Conduct AI — install agents, manage projects, run tests
 Author-email: Conduct AI <hello@conductai.ai>
 License: MIT