promptforge-mcp 0.1.0__tar.gz

promptforge_mcp-0.1.0/.claude/settings.local.json

@@ -0,0 +1,9 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(test:*)",
+      "Bash(python -m build:*)",
+      "Bash(pip install:*)"
+    ]
+  }
+}

promptforge_mcp-0.1.0/.gitignore

@@ -0,0 +1,36 @@
+# Python bytecode
+__pycache__/
+*.py[cod]
+*$py.class
+
+# Virtual environments
+.venv/
+venv/
+env/
+ENV/
+
+# Environment files
+.env
+.env.*
+!.env.example
+!.env.sample
+
+# Testing and tooling caches
+.pytest_cache/
+.mypy_cache/
+.ruff_cache/
+.cache/
+.coverage
+coverage.xml
+htmlcov/
+.tox/
+.nox/
+
+# Packaging artifacts
+build/
+dist/
+*.egg-info/
+.eggs/
+
+# Logs
+*.log

promptforge_mcp-0.1.0/Dockerfile

@@ -0,0 +1,20 @@
+# Prompt Forge MCP server Dockerfile
+FROM python:3.11-slim
+
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+
+WORKDIR /app
+
+COPY pyproject.toml README.md LICENSE ./
+COPY promptforge_mcp ./promptforge_mcp
+
+RUN pip install --no-cache-dir .
+
+ENV MCP_TRANSPORT=http
+ENV MCP_HOST=0.0.0.0
+ENV MCP_PORT=8765
+
+EXPOSE 8765
+
+CMD ["python", "-m", "promptforge_mcp.server"]

promptforge_mcp-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Prompt Forge
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

promptforge_mcp-0.1.0/PKG-INFO

@@ -0,0 +1,145 @@
+Metadata-Version: 2.4
+Name: promptforge-mcp
+Version: 0.1.0
+Summary: Prompt Forge MCP server for secure LLM gateway access
+Project-URL: Homepage, https://secureprompt.tech
+Project-URL: Documentation, https://docs.secureprompt.tech
+Project-URL: Repository, https://github.com/promptforge/promptforge-mcp
+Project-URL: Issues, https://github.com/promptforge/promptforge-mcp/issues
+Author-email: Prompt Forge <support@secureprompt.tech>
+License: MIT License
+        
+        Copyright (c) 2026 Prompt Forge
+        
+        Permission is hereby granted, free of charge, to any person obtaining a copy
+        of this software and associated documentation files (the "Software"), to deal
+        in the Software without restriction, including without limitation the rights
+        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+        copies of the Software, and to permit persons to whom the Software is
+        furnished to do so, subject to the following conditions:
+        
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+License-File: LICENSE
+Keywords: gateway,llm,mcp,promptforge,security
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Requires-Python: >=3.9
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: mcp<1.0,>=0.9.1
+Requires-Dist: uvicorn>=0.27.0
+Provides-Extra: dev
+Requires-Dist: mypy>=1.8.0; extra == 'dev'
+Requires-Dist: pytest-asyncio>=0.23.0; extra == 'dev'
+Requires-Dist: pytest>=8.0.0; extra == 'dev'
+Requires-Dist: ruff>=0.2.0; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# Prompt Forge MCP Server
+
+Python MCP server that exposes [Prompt Forge](https://secureprompt.tech) secure gateway tools over the [Model Context Protocol](https://modelcontextprotocol.io/).
+
+## Install
+
+```bash
+pip install promptforge-mcp
+```
+
+## Quick Start
+
+### Claude Desktop
+
+Add to your `claude_desktop_config.json`:
+
+```json
+{
+  "mcpServers": {
+    "promptforge": {
+      "command": "promptforge-mcp",
+      "env": {
+        "PROMPTFORGE_API_KEY": "your-api-key",
+        "PROMPTFORGE_ORG_ID": "your-org-id",
+        "PROMPTFORGE_ADMIN_TOKEN": "your-admin-token"
+      }
+    }
+  }
+}
+```
+
+### Claude Code
+
+```bash
+claude mcp add promptforge -- promptforge-mcp
+```
+
+Then set environment variables in your shell before launching.
+
+### Run directly (stdio)
+
+```bash
+export PROMPTFORGE_API_KEY="your-api-key"
+promptforge-mcp
+```
+
+### Run as HTTP/SSE server
+
+```bash
+promptforge-mcp --http
+# or
+MCP_TRANSPORT=http MCP_PORT=8765 promptforge-mcp
+```
+
+## Environment Variables
+
+| Variable | Required | Default | Description |
+|---|---|---|---|
+| `PROMPTFORGE_API_KEY` | Yes (for gateway) | — | API key for gateway requests |
+| `PROMPTFORGE_ADMIN_TOKEN` | Yes (for admin tools) | — | Token for secure mode and audit tools |
+| `PROMPTFORGE_ORG_ID` | Yes (for admin tools) | — | Organization ID |
+| `PROMPTFORGE_API_BASE` | No | `https://api.secureprompt.tech` | API base URL |
+| `PROMPTFORGE_GATEWAY_URL` | No | `{API_BASE}/v1/gateway/requests` | Gateway endpoint |
+| `PROMPTFORGE_TIMEOUT` | No | `30` | Request timeout in seconds |
+| `PROMPTFORGE_MCP_TOOLS_PATH` | No | — | Override path for tool definitions JSON |
+| `MCP_RATE_LIMIT_PER_MINUTE` | No | `60` | Rate limit per minute |
+| `MCP_TRANSPORT` | No | `stdio` | Transport mode (`stdio` or `http`) |
+| `MCP_HOST` | No | `0.0.0.0` | SSE server host |
+| `MCP_PORT` | No | `8765` | SSE server port |
+
+## MCP Tools
+
+| Tool | Description |
+|---|---|
+| `promptforge.secure_generate` | Send a request through the secure LLM gateway |
+| `promptforge.redact_and_tokenize` | Tokenize sensitive entities using Secure Mode |
+| `promptforge.policy_dry_run` | Evaluate an egress policy without executing a call |
+| `promptforge.audit_query` | Query audit logs (admin-only) |
+| `promptforge.detokenize` | Detokenize content with a token vault reference |
+
+## Docker
+
+```bash
+docker build -t promptforge-mcp .
+docker run -p 8765:8765 \
+  -e PROMPTFORGE_API_KEY=your-key \
+  -e PROMPTFORGE_ORG_ID=your-org \
+  -e PROMPTFORGE_ADMIN_TOKEN=your-token \
+  promptforge-mcp
+```
+
+## License
+
+MIT

promptforge_mcp-0.1.0/README.md

@@ -0,0 +1,94 @@
+# Prompt Forge MCP Server
+
+Python MCP server that exposes [Prompt Forge](https://secureprompt.tech) secure gateway tools over the [Model Context Protocol](https://modelcontextprotocol.io/).
+
+## Install
+
+```bash
+pip install promptforge-mcp
+```
+
+## Quick Start
+
+### Claude Desktop
+
+Add to your `claude_desktop_config.json`:
+
+```json
+{
+  "mcpServers": {
+    "promptforge": {
+      "command": "promptforge-mcp",
+      "env": {
+        "PROMPTFORGE_API_KEY": "your-api-key",
+        "PROMPTFORGE_ORG_ID": "your-org-id",
+        "PROMPTFORGE_ADMIN_TOKEN": "your-admin-token"
+      }
+    }
+  }
+}
+```
+
+### Claude Code
+
+```bash
+claude mcp add promptforge -- promptforge-mcp
+```
+
+Then set environment variables in your shell before launching.
+
+### Run directly (stdio)
+
+```bash
+export PROMPTFORGE_API_KEY="your-api-key"
+promptforge-mcp
+```
+
+### Run as HTTP/SSE server
+
+```bash
+promptforge-mcp --http
+# or
+MCP_TRANSPORT=http MCP_PORT=8765 promptforge-mcp
+```
+
+## Environment Variables
+
+| Variable | Required | Default | Description |
+|---|---|---|---|
+| `PROMPTFORGE_API_KEY` | Yes (for gateway) | — | API key for gateway requests |
+| `PROMPTFORGE_ADMIN_TOKEN` | Yes (for admin tools) | — | Token for secure mode and audit tools |
+| `PROMPTFORGE_ORG_ID` | Yes (for admin tools) | — | Organization ID |
+| `PROMPTFORGE_API_BASE` | No | `https://api.secureprompt.tech` | API base URL |
+| `PROMPTFORGE_GATEWAY_URL` | No | `{API_BASE}/v1/gateway/requests` | Gateway endpoint |
+| `PROMPTFORGE_TIMEOUT` | No | `30` | Request timeout in seconds |
+| `PROMPTFORGE_MCP_TOOLS_PATH` | No | — | Override path for tool definitions JSON |
+| `MCP_RATE_LIMIT_PER_MINUTE` | No | `60` | Rate limit per minute |
+| `MCP_TRANSPORT` | No | `stdio` | Transport mode (`stdio` or `http`) |
+| `MCP_HOST` | No | `0.0.0.0` | SSE server host |
+| `MCP_PORT` | No | `8765` | SSE server port |
+
+## MCP Tools
+
+| Tool | Description |
+|---|---|
+| `promptforge.secure_generate` | Send a request through the secure LLM gateway |
+| `promptforge.redact_and_tokenize` | Tokenize sensitive entities using Secure Mode |
+| `promptforge.policy_dry_run` | Evaluate an egress policy without executing a call |
+| `promptforge.audit_query` | Query audit logs (admin-only) |
+| `promptforge.detokenize` | Detokenize content with a token vault reference |
+
+## Docker
+
+```bash
+docker build -t promptforge-mcp .
+docker run -p 8765:8765 \
+  -e PROMPTFORGE_API_KEY=your-key \
+  -e PROMPTFORGE_ORG_ID=your-org \
+  -e PROMPTFORGE_ADMIN_TOKEN=your-token \
+  promptforge-mcp
+```
+
+## License
+
+MIT

promptforge_mcp-0.1.0/promptforge_mcp/__init__.py

@@ -0,0 +1,10 @@
+"""Prompt Forge MCP server package."""
+
+__version__ = "0.1.0"
+
+def main():
+    """Entry point for the MCP server."""
+    from promptforge_mcp.server import main as _main
+    _main()
+
+__all__ = ["main", "__version__"]

promptforge_mcp-0.1.0/promptforge_mcp/server.py

@@ -0,0 +1,245 @@
+"""Prompt Forge MCP server (stdio)."""
+from __future__ import annotations
+
+import asyncio
+import json
+import os
+import sys
+import time
+from collections import defaultdict
+from dataclasses import dataclass
+from typing import Any
+from urllib.parse import urlencode
+
+import httpx
+import mcp.server.stdio
+import mcp.types as types
+from mcp.server import Server
+
+from promptforge_mcp.tools import load_tools
+
+
+# Rate limiting
+class RateLimiter:
+    def __init__(self, max_requests_per_minute: int = 60):
+        self.max_requests = max_requests_per_minute
+        self.requests = defaultdict(list)
+
+    def check_rate_limit(self, client_id: str = "default") -> bool:
+        """Check if client is within rate limit. Returns True if allowed."""
+        now = time.time()
+        minute_ago = now - 60
+
+        # Clean old requests
+        self.requests[client_id] = [
+            req_time for req_time in self.requests[client_id]
+            if req_time > minute_ago
+        ]
+
+        # Check limit
+        if len(self.requests[client_id]) >= self.max_requests:
+            return False
+
+        # Record this request
+        self.requests[client_id].append(now)
+        return True
+
+
+rate_limiter = RateLimiter(
+    max_requests_per_minute=int(os.getenv("MCP_RATE_LIMIT_PER_MINUTE", "60"))
+)
+
+
+@dataclass(frozen=True)
+class MCPConfig:
+    api_base: str
+    gateway_url: str
+    api_key: str | None
+    admin_token: str | None
+    org_id: str | None
+    timeout: float
+
+    @staticmethod
+    def from_env() -> "MCPConfig":
+        api_base = os.getenv("PROMPTFORGE_API_BASE", "https://api.secureprompt.tech")
+        gateway_url = os.getenv("PROMPTFORGE_GATEWAY_URL", f"{api_base}/v1/gateway/requests")
+        return MCPConfig(
+            api_base=api_base,
+            gateway_url=gateway_url,
+            api_key=os.getenv("PROMPTFORGE_API_KEY"),
+            admin_token=os.getenv("PROMPTFORGE_ADMIN_TOKEN"),
+            org_id=os.getenv("PROMPTFORGE_ORG_ID"),
+            timeout=float(os.getenv("PROMPTFORGE_TIMEOUT", "30")),
+        )
+
+
+TOOLS = load_tools()
+TOOLS_BY_NAME = {tool["name"]: tool for tool in TOOLS}
+
+server = Server("promptforge-mcp")
+
+
+@server.list_tools()
+async def list_tools() -> list[types.Tool]:
+    return [
+        types.Tool(
+            name=tool["name"],
+            description=tool.get("description", ""),
+            inputSchema=tool.get("input_schema") or tool.get("inputSchema") or {},
+        )
+        for tool in TOOLS
+    ]
+
+
+async def _request_json(
+    method: str,
+    url: str,
+    *,
+    headers: dict[str, str] | None = None,
+    payload: dict[str, Any] | None = None,
+    timeout: float = 30,
+) -> dict[str, Any]:
+    async with httpx.AsyncClient(timeout=timeout) as client:
+        response = await client.request(method, url, json=payload, headers=headers)
+        if response.status_code >= 400:
+            raise ValueError(f"API request failed (HTTP {response.status_code})")
+        return response.json()
+
+
+def _resolve_org_id(config: MCPConfig, arguments: dict[str, Any]) -> str | None:
+    return arguments.get("org_id") or config.org_id
+
+
+@server.call_tool()
+async def call_tool(name: str, arguments: dict[str, Any]) -> list[types.TextContent]:
+    # Rate limiting check
+    if not rate_limiter.check_rate_limit():
+        raise ValueError("Rate limit exceeded. Please try again later.")
+
+    config = MCPConfig.from_env()
+    tool = TOOLS_BY_NAME.get(name)
+    if not tool:
+        raise ValueError(f"Unknown tool: {name}")
+
+    if name == "promptforge.secure_generate":
+        if not config.api_key:
+            raise ValueError("PROMPTFORGE_API_KEY is required")
+        headers = {"X-API-Key": config.api_key}
+        result = await _request_json(
+            "POST",
+            config.gateway_url,
+            headers=headers,
+            payload=arguments,
+            timeout=config.timeout,
+        )
+        return [types.TextContent(type="text", text=json.dumps(result))]
+
+    if name == "promptforge.redact_and_tokenize":
+        org_id = _resolve_org_id(config, arguments)
+        if not config.admin_token or not org_id:
+            raise ValueError("PROMPTFORGE_ADMIN_TOKEN and PROMPTFORGE_ORG_ID are required")
+        payload = dict(arguments)
+        payload.pop("org_id", None)
+        headers = {"Authorization": f"Bearer {config.admin_token}"}
+        url = f"{config.api_base}/v1/secure-mode/tokenize?org_id={org_id}"
+        result = await _request_json("POST", url, headers=headers, payload=payload, timeout=config.timeout)
+        return [types.TextContent(type="text", text=json.dumps(result))]
+
+    if name == "promptforge.policy_dry_run":
+        org_id = _resolve_org_id(config, arguments)
+        if not config.admin_token or not org_id:
+            raise ValueError("PROMPTFORGE_ADMIN_TOKEN and PROMPTFORGE_ORG_ID are required")
+        payload = dict(arguments)
+        payload.pop("org_id", None)
+        headers = {"Authorization": f"Bearer {config.admin_token}"}
+        url = f"{config.api_base}/v1/policies/dry-run?org_id={org_id}"
+        result = await _request_json("POST", url, headers=headers, payload=payload, timeout=config.timeout)
+        return [types.TextContent(type="text", text=json.dumps(result))]
+
+    if name == "promptforge.audit_query":
+        org_id = _resolve_org_id(config, arguments)
+        if not config.admin_token or not org_id:
+            raise ValueError("PROMPTFORGE_ADMIN_TOKEN and PROMPTFORGE_ORG_ID are required")
+        params = {"org_id": org_id}
+        for key in ["start_date", "end_date", "action", "user_id", "limit", "cursor"]:
+            if key in arguments and arguments[key] is not None:
+                params[key] = arguments[key]
+        headers = {"Authorization": f"Bearer {config.admin_token}"}
+        url = f"{config.api_base}/v1/audit-logs?{urlencode(params)}"
+        result = await _request_json("GET", url, headers=headers, timeout=config.timeout)
+        return [types.TextContent(type="text", text=json.dumps(result))]
+
+    if name == "promptforge.detokenize":
+        org_id = _resolve_org_id(config, arguments)
+        if not config.admin_token or not org_id:
+            raise ValueError("PROMPTFORGE_ADMIN_TOKEN and PROMPTFORGE_ORG_ID are required")
+        payload = dict(arguments)
+        payload.pop("org_id", None)
+        headers = {"Authorization": f"Bearer {config.admin_token}"}
+        url = f"{config.api_base}/v1/secure-mode/detokenize?org_id={org_id}"
+        result = await _request_json("POST", url, headers=headers, payload=payload, timeout=config.timeout)
+        return [types.TextContent(type="text", text=json.dumps(result))]
+
+    raise ValueError(f"Unhandled tool: {name}")
+
+
+async def run_stdio() -> None:
+    async with mcp.server.stdio.stdio_server() as (read_stream, write_stream):
+        await server.run(
+            read_stream,
+            write_stream,
+            server.create_initialization_options(),
+        )
+
+
+async def run_sse(host: str = "0.0.0.0", port: int = 8765) -> None:
+    import uvicorn
+    from mcp.server.sse import SseServerTransport
+
+    transport = SseServerTransport("/messages")
+
+    async def app(scope, receive, send):
+        if scope["type"] != "http":
+            return
+        path = scope.get("path", "")
+        if path == "/sse":
+            async with transport.connect_sse(scope, receive, send) as (read_stream, write_stream):
+                await server.run(
+                    read_stream,
+                    write_stream,
+                    server.create_initialization_options(),
+                )
+        elif path == "/messages":
+            await transport.handle_post_message(scope, receive, send)
+        else:
+            await send({"type": "http.response.start", "status": 404, "headers": [(b"content-type", b"text/plain")]})
+            await send({"type": "http.response.body", "body": b"Not Found"})
+
+    max_connections = int(os.getenv("MCP_MAX_CONNECTIONS", "100"))
+    config = uvicorn.Config(
+        app,
+        host=host,
+        port=port,
+        log_level="info",
+        limit_concurrency=max_connections,
+        timeout_keep_alive=30,
+    )
+    srv = uvicorn.Server(config)
+    await srv.serve()
+
+
+def main() -> None:
+    mode = os.getenv("MCP_TRANSPORT", "stdio")
+    if "--http" in sys.argv:
+        mode = "http"
+    host = os.getenv("MCP_HOST", "0.0.0.0")
+    port = int(os.getenv("MCP_PORT", "8765"))
+
+    if mode == "http":
+        asyncio.run(run_sse(host=host, port=port))
+    else:
+        asyncio.run(run_stdio())
+
+
+if __name__ == "__main__":
+    main()

promptforge_mcp-0.1.0/promptforge_mcp/tools.py

@@ -0,0 +1,168 @@
+"""MCP tool definitions for Prompt Forge."""
+from __future__ import annotations
+
+import json
+import os
+from pathlib import Path
+
+DEFAULT_TOOLS = [
+    {
+        "name": "promptforge.secure_generate",
+        "description": "Send a request through the Prompt Forge secure gateway.",
+        "input_schema": {
+            "type": "object",
+            "required": ["provider", "model", "messages"],
+            "properties": {
+                "provider": {"type": "string"},
+                "model": {"type": "string"},
+                "messages": {
+                    "type": "array",
+                    "items": {
+                        "type": "object",
+                        "required": ["role", "content"],
+                        "properties": {
+                            "role": {"type": "string"},
+                            "content": {"type": "string"},
+                        },
+                    },
+                },
+                "temperature": {"type": "number"},
+                "top_p": {"type": "number"},
+                "max_tokens": {"type": "integer"},
+                "stream": {"type": "boolean"},
+                "tools": {"type": "array", "items": {"type": "object"}},
+                "tool_choice": {"oneOf": [{"type": "string"}, {"type": "object"}]},
+                "user": {"type": "string"},
+                "use_case": {"type": "string"},
+                "metadata": {"type": "object"},
+                "trace_id": {"type": "string", "format": "uuid"},
+                "policy_id": {"type": "string", "format": "uuid"},
+            },
+        },
+        "output_schema": {
+            "type": "object",
+            "required": ["id", "provider", "model"],
+            "properties": {
+                "id": {"type": "string", "format": "uuid"},
+                "provider": {"type": "string"},
+                "model": {"type": "string"},
+                "output_text": {"type": "string"},
+                "choices": {"type": "array", "items": {"type": "object"}},
+                "usage": {"type": "object"},
+                "latency_ms": {"type": "integer"},
+                "cost_usd": {"type": "number"},
+                "security": {"type": "object"},
+                "trace_id": {"type": "string", "format": "uuid"},
+                "request_id": {"type": "string"},
+            },
+        },
+    },
+    {
+        "name": "promptforge.redact_and_tokenize",
+        "description": "Tokenize sensitive entities using Secure Mode.",
+        "input_schema": {
+            "type": "object",
+            "required": ["text"],
+            "properties": {
+                "text": {"type": "string"},
+                "entity_types": {"type": "array", "items": {"type": "string"}},
+                "fail_closed": {"type": "boolean"},
+                "metadata": {"type": "object"},
+            },
+        },
+        "output_schema": {
+            "type": "object",
+            "required": ["tokenized_text", "token_vault_id", "entity_counts"],
+            "properties": {
+                "tokenized_text": {"type": "string"},
+                "token_vault_id": {"type": "string", "format": "uuid"},
+                "entity_counts": {"type": "object"},
+            },
+        },
+    },
+    {
+        "name": "promptforge.policy_dry_run",
+        "description": "Evaluate an egress policy decision without executing a provider call.",
+        "input_schema": {
+            "type": "object",
+            "required": ["provider", "model"],
+            "properties": {
+                "provider": {"type": "string"},
+                "model": {"type": "string"},
+                "region": {"type": "string"},
+                "policy_id": {"type": "string", "format": "uuid"},
+            },
+        },
+        "output_schema": {
+            "type": "object",
+            "required": ["allowed", "fail_closed"],
+            "properties": {
+                "allowed": {"type": "boolean"},
+                "reason": {"type": "string"},
+                "policy_id": {"type": "string", "format": "uuid"},
+                "rule_ids": {"type": "array", "items": {"type": "string"}},
+                "fail_closed": {"type": "boolean"},
+                "retention_days": {"type": "integer"},
+            },
+        },
+    },
+    {
+        "name": "promptforge.audit_query",
+        "description": "Query audit logs (admin-only).",
+        "input_schema": {
+            "type": "object",
+            "properties": {
+                "org_id": {"type": "string", "format": "uuid"},
+                "start_date": {"type": "string", "format": "date-time"},
+                "end_date": {"type": "string", "format": "date-time"},
+                "action": {"type": "string"},
+                "user_id": {"type": "string", "format": "uuid"},
+                "limit": {"type": "integer"},
+                "cursor": {"type": "string"},
+            },
+        },
+        "output_schema": {
+            "type": "object",
+            "properties": {
+                "logs": {"type": "array", "items": {"type": "object"}},
+                "next_cursor": {"type": "string"},
+            },
+        },
+    },
+    {
+        "name": "promptforge.detokenize",
+        "description": "Detokenize content with an authorized token vault reference.",
+        "input_schema": {
+            "type": "object",
+            "required": ["token_vault_id", "text"],
+            "properties": {
+                "token_vault_id": {"type": "string", "format": "uuid"},
+                "text": {"type": "string"},
+            },
+        },
+        "output_schema": {
+            "type": "object",
+            "required": ["text"],
+            "properties": {
+                "text": {"type": "string"},
+            },
+        },
+    },
+]
+
+
+def load_tools() -> list[dict]:
+    """Load tool definitions from disk if available."""
+    override = os.getenv("PROMPTFORGE_MCP_TOOLS_PATH")
+    if override and Path(override).exists():
+        with open(override, "r", encoding="utf-8") as handle:
+            data = json.load(handle)
+            return data.get("tools", DEFAULT_TOOLS)
+
+    candidate = Path(__file__).resolve().parents[2] / "promptforge-schemas" / "mcp" / "tools.v1.json"
+    if candidate.exists():
+        with open(candidate, "r", encoding="utf-8") as handle:
+            data = json.load(handle)
+            return data.get("tools", DEFAULT_TOOLS)
+
+    return DEFAULT_TOOLS

promptforge_mcp-0.1.0/pyproject.toml

@@ -0,0 +1,62 @@
+[project]
+name = "promptforge-mcp"
+version = "0.1.0"
+description = "Prompt Forge MCP server for secure LLM gateway access"
+readme = {file = "README.md", content-type = "text/markdown"}
+license = { file = "LICENSE" }
+requires-python = ">=3.9"
+authors = [
+    { name = "Prompt Forge", email = "support@secureprompt.tech" }
+]
+keywords = ["mcp", "llm", "security", "gateway", "promptforge"]
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.9",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+]
+dependencies = [
+    "httpx>=0.27.0",
+    "mcp>=0.9.1,<1.0",
+    "uvicorn>=0.27.0",
+]
+
+[project.optional-dependencies]
+dev = [
+    "pytest>=8.0.0",
+    "pytest-asyncio>=0.23.0",
+    "ruff>=0.2.0",
+    "mypy>=1.8.0",
+]
+
+[project.scripts]
+promptforge-mcp = "promptforge_mcp:main"
+
+[project.urls]
+Homepage = "https://secureprompt.tech"
+Documentation = "https://docs.secureprompt.tech"
+Repository = "https://github.com/promptforge/promptforge-mcp"
+Issues = "https://github.com/promptforge/promptforge-mcp/issues"
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[tool.hatch.build.targets.wheel]
+packages = ["promptforge_mcp"]
+
+[tool.pytest.ini_options]
+asyncio_mode = "auto"
+testpaths = ["tests"]
+
+[tool.ruff]
+line-length = 100
+target-version = "py39"
+
+[tool.mypy]
+python_version = "3.9"
+strict = true