feat(plugin-spec): support local (stdio) MCP provisioning#78
Merged
Conversation
Extend requires.externalMcp to a transport-tagged schema so the spec can
describe MCP servers launched locally on the user's machine, not just
remote hosted servers.
- requires.externalMcp: { name, transport, ... } where transport is
http|sse (remote, needs url) or stdio (local, needs command/args/env)
- new MCP Provisioning section documenting both transports, with the
install snippet shape for each
- new local-exec risk tag, required whenever externalMcp.transport: stdio
- stdio guardrails: pin the package version (no @latest), list env var
names only (never values), and stop on shell-less/chat-only surfaces
- cliPackage clarified as a per-call CLI, distinct from a registered
stdio MCP server
- authoring checklist + skeleton updated
Collaborator
✅ Heimdall Review Status
|
…wards compatibility
- transport is optional for remote MCPs and defaults to http when url is
present, so the legacy externalMcp: { name, url } shape stays valid
- transport remains required for stdio
- add a Backwards compatibility note: additive schema, migrate on next
meaningful edit, validator should infer (warn) not error on missing transport
…cts in MCP examples
apexethdev
added a commit
to veildotcash/skills
that referenced
this pull request
Jun 5, 2026
- Revert maintainer-owned registry/inventory edits per review: fully revert SKILL.md; in plugin-spec.md restore the "7 native plugins" conformance table (drop Veil row) and the version line. Keep only the privacy/shielded-payments tag-vocabulary additions. - Rewrite veil.md frontmatter to the base#78 transport: stdio schema (command/args/env, shell: required, risk += local-exec); add a ### local-exec Risks subsection. - Make register-before-deposit an explicit hard prerequisite in ## Orchestration > Deposit (a deposit before register reverts). - Pin the global-install command to @0.2.1. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
montycheese
approved these changes
Jun 5, 2026
youssefea
approved these changes
Jun 9, 2026
Collaborator
|
Review Error for youssefea @ 2026-06-09 13:33:45 UTC |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Extends the plugin spec so
external-mcpplugins can declare an MCP server that runs locally on the user's machine (stdio), not just a remote hosted server. Todayrequires.externalMcpis{ name, url }, which only models a remote URL — there's no clean way to describe an MCP launched vianpx/uvxover stdio (which has a command, not a URL). Authors have had to resort tourl: null, andcliPackage(meant for per-call CLIs) is the wrong fit.Changes
requires.externalMcp:{ name, transport, … }wheretransportis:http/sse— remote, hosted; needsurl.stdio— local, launched on the user's machine; needscommand,args, and optionalenv.## MCP Provisioningsection documenting both transports with the install-snippet shape for each.local-execrisk tag, required wheneverexternalMcp.transport: stdio(running partner code locally is a larger trust surface than a remote MCP orhttp-api).@latest), listenvvar names only (never values), and## Surface Routingmust stop on shell-less / chat-only surfaces.cliPackageclarified as a CLI the agent shells out to per call, distinct from a registered stdio MCP server.## Installationand Runtime Routing Primitives cross-reference the new section.Why
Several MCP integrations ship as local stdio servers (npx/uvx packages). Without a first-class way to express that, the frontmatter can't drive correct installation, risk signalling, or surface routing. This makes the local vs remote distinction explicit and adds the guardrails that local execution warrants.
Notes
Spec/docs only — no plugin behavior changes. Existing remote
external-mcpplugins map totransport: httpwith their currenturl.