UNPKG

locker-mcp

Version:

MCP server for file locking and access control for AI code tools

130 lines (91 loc) 3.19 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# Locker-MCP A minimal Model Context Protocol (MCP) server for file locking and access control in AI code tools. ## Overview Locker-MCP prevents AI coding agents from repeatedly editing the same files by tracking file lock states and providing context-aware access control. When a file is "done," the LLM locks it via MCP, adding a comment header and saving metadata to prevent accidental changes. ## Features - **File State Management**: Track files as `unlocked`, `locked-context`, or `locked` - **Context Tracking**: Store purpose/context descriptions for locked files - **Self-Evaluation**: LLMs must assess confidence (0-100%) before editing locked-context files - **Audit Trail**: Complete history of state transitions with timestamps - **Security**: Path validation and local-only operation ## Installation ```bash npm install locker-mcp ``` ## Usage ### As MCP Server Start the server for use with MCP clients: ```bash npx locker-mcp ``` ### Programmatic Usage ```typescript import { Locker } from 'locker-mcp'; const locker = new Locker(); // Lock a file with context const result = locker.lockFile({ filePath: 'src/auth.ts', context: 'Authentication module implementation' }); // Check file state const state = locker.getFileState({ filePath: 'src/auth.ts' }); console.log(state.state); // 'locked-context' // Update file context locker.updateFile({ filePath: 'src/auth.ts', context: 'Enhanced authentication with 2FA', state: 'locked-context' }); // Finalize file (no further edits) locker.finalizeFile('src/auth.ts'); ``` ## MCP Tools The server exposes these tools for MCP clients: - `getFileState`: Check current lock state of a file - `lockFile`: Lock a file with context description - `unlockFile`: Remove lock state from a file - `updateFile`: Update file context and/or state - `finalizeFile`: Mark file as fully locked - `getAllTrackedFiles`: List all tracked files ## File States - **unlocked**: No restrictions, normal editing allowed - **locked-context**: Locked with context, editable only if change aligns with context (≥80% confidence) - **locked**: Fully locked, no edits allowed ## Workflow Example 1. LLM completes work on a file 2. LLM calls `lockFile` with file path and context description 3. Locker adds `// LOCKED: <UUID> STATE=locked-context` comment to file 4. Metadata saved to `.reporepo/locker/locker.json` 5. Future edit attempts require confidence assessment 6. If confidence ≥80%, edit proceeds; otherwise rejected ## Development ```bash # Install dependencies npm install # Build npm run build # Run tests npm test # Run with coverage npm run test:coverage # Lint npm run lint ``` ## File Structure ``` .reporepo/locker/ └── locker.json # Metadata with file states and history ``` Each entry contains: - `filePath`: File path - `id`: Unique identifier (UUID) - `state`: Current lock state - `context`: Purpose description - `history`: Array of state changes with timestamps ## Security - All file operations are validated for path traversal attacks - Only local project files can be modified - No external network calls - User maintains full control over all operations ## License MIT