feat: rename @agentkey/mcp → @agentkey/cli in install scripts and docs#47
Merged
Conversation
Companion change to chainbase-labs/AgentKey-Server rename PR. The npm
package has been renamed; this PR updates everything users see.
User-facing
- scripts/install.{sh,ps1}: MCP_PACKAGE/$McpPackage → CLI_PACKAGE/$CliPackage
- scripts/uninstall.{sh,ps1}: sweep BOTH @agentkey/cli and @agentkey/mcp
so users upgrading from v0.x get a clean uninstall
- skills/agentkey/SKILL.md: setup command + manual-config JSON example
- README.md + docs/README_zh.md: every npx @agentkey/mcp command + the
manual-config JSON examples (switched from stale stdio shape to the
remote-HTTP shape that --auth-login actually writes in v1.0)
Internal / protocol docs
- SECURITY.md: file/network audit tables
- protocol/skill-meta-v1.md, docs/SERVER-IMPLEMENTATION.md: clarify the
protocol partner is AgentKey-Server's hosted /v1/mcp endpoint, not a
standalone npm package — these references were already misleading
before the rename
- .claude/CLAUDE.md: keep Claude-session guidance in sync
CHANGELOG.md left untouched (release-please manages history).
lxcong
changed the title
Contributor
|
@claude review |
Contributor
|
🤖 Claude security review requested by @lxcong. Running against HEAD |
|
🤖 Claude security review — HEAD: 1fd8529 Scope: Rename ✅ No security or convention issues found. Spot checks passed:
💡 Suggestion (pre-existing, not introduced here): Review triggered by @lxcong |
lxcong
added a commit
that referenced
this pull request
May 15, 2026
🤖 I have created a release *beep* *boop* --- ## [1.7.0](v1.6.1...v1.7.0) (2026-05-15) ### Features * rename @agentkey/mcp → @agentkey/cli in install scripts and docs ([#47](#47)) ([ab0dba7](ab0dba7)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
5 tasks
lxcong
added a commit
that referenced
this pull request
May 15, 2026
…50) ## Summary The installer's "is AgentKey already configured?" heuristic went stale after #47 / v1.7.0 switched `--auth-login` from a stdio MCP block to a remote-HTTP one. The check still greps for `\"AGENTKEY_API_KEY\": \"ak_...\"` (the old env-shaped field) — but the new config writes `\"Authorization\": \"Bearer ak_...\"` inside `headers` instead. **Observed symptom**: a user with a residual stdio config from an earlier release sees > ✓ AgentKey is already configured in an MCP client config — skipping auth. …the installer exits successfully, but calling any AgentKey MCP tool errors out because the stdio runtime `@agentkey/mcp` is no longer used. The mirror failure also exists: users who **have** successfully re-authed into the new HTTP shape no longer match the regex and would get re-prompted on every installer run. ## Fix Delete the heuristic. `@agentkey/cli --auth-login` already knows whether the local token can be reused or a fresh device-code round-trip is needed — let the CLI decide instead of having the installer second-guess from on-disk shape. **Removed** - \`already_authed()\` in \`scripts/install.sh\` - \`Test-AlreadyAuthed\` in \`scripts/install.ps1\` - \`--force-mcp\` / \`-ForceMcp\` flags (no longer meaningful — auth always runs unless \`--skip-mcp\`) - \`--force-mcp\` documentation in README.md / docs/README_zh.md Net: **-57 / +10 lines** across the four files. ## Test plan - [ ] On a machine with a stale stdio-shaped \`~/.claude.json\` from a pre-1.7 install: \`curl -fsSL https://agentkey.app/install.sh | bash\` now actually re-runs auth-login and the MCP block becomes a working HTTP entry - [ ] On a fresh machine: install still completes auth in one device-code flow (no behavior change) - [ ] On a machine already on the new HTTP shape: re-running the installer still works and the CLI either reuses the token or prompts (CLI's call, not the installer's) - [ ] \`--skip-mcp\` continues to skip the auth step - [ ] \`bash -n scripts/install.sh\` passes (verified) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: lxcong <lxcong@chainbase.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Companion change to chainbase-labs/AgentKey-Server#32. The npm package has been renamed; this PR updates everything users actually see.
User-facing
Internal / protocol docs
`CHANGELOG.md` left untouched (release-please manages history).
Sequencing
Merge this PR after `@agentkey/cli` is published to npm — otherwise the install scripts here will reference a package that doesn't exist yet. Recommended order:
Test plan