@cellar-door/mcp-server
Give any MCP-compatible AI the ability to create and verify agent departure records.
README
@cellar-door/mcp-server
𓉸 Passage Protocol · exit-door · entry-door · mcp · langchain · vercel · eliza · eas · erc-8004 · sign · python
⚠️ Pre-release software — no formal security audit has been conducted. This project is published for transparency, review, and community feedback. It should not be used in production systems where security guarantees are required. If you find a vulnerability, please report it to hawthornhollows@gmail.com.
Give any MCP-compatible AI (Claude, Cursor, Windsurf) the ability to create and verify agent departure records.
Ecosystem
| Package | Language | Description |
|---|---|---|
| cellar-door-exit | TypeScript | Core protocol (reference impl) |
| cellar-door-exit | Python | Core protocol |
| cellar-door-entry | TypeScript | Arrival/entry markers |
| @cellar-door/langchain | TypeScript | LangChain integration |
| cellar-door-langchain | Python | LangChain integration |
| @cellar-door/vercel-ai-sdk | TypeScript | Vercel AI SDK |
| @cellar-door/mcp-server | TypeScript | MCP server ← you are here |
| @cellar-door/eliza | TypeScript | ElizaOS plugin |
| @cellar-door/eas | TypeScript | EAS attestation anchoring |
| @cellar-door/erc-8004 | TypeScript | ERC-8004 identity/reputation |
| @cellar-door/sign-protocol | TypeScript | Sign Protocol attestation |
Quick Start
Claude Desktop
Add to your Claude Desktop config (~/Library/Application Support/Claude/claude_desktop_config.json on macOS):
{
"mcpServers": {
"cellar-door": {
"command": "npx",
"args": ["@cellar-door/mcp-server"],
"env": {
"CELLAR_DOOR_SERVER_POLICY": "STRICT"
}
}
}
}
Restart Claude Desktop. You can now say:
"Create a departure record for my agent leaving platform-x.example.com"
Claude will call the quick_exit tool and return a signed, verifiable EXIT marker.
Cursor / Windsurf
npm install @cellar-door/mcp-server
Point your MCP client at the server. It exposes 7 tools automatically.
Tools
EXIT Tools
| Tool | Description |
|---|---|
generate_identity |
Generate an Ed25519 DID keypair for signing |
quick_exit |
One-shot: create + sign a departure marker |
create_exit_marker |
Create and sign a marker with full options |
verify_exit_marker |
Verify a marker from JSON |
ENTRY Tools
| Tool | Description |
|---|---|
verify_and_admit |
Verify EXIT marker, evaluate admission policy, create arrival |
evaluate_admission |
Check if EXIT marker meets an admission policy |
verify_transfer |
Verify a complete EXIT→ENTRY transfer chain |
list_admission_policies |
List available admission policy presets |
⚠️ Security: Admission Policy
IMPORTANT: By default, the server uses
STRICTadmission policy when no policy is specified by the LLM. This is intentional; an LLM can freely choose the most permissive policy (OPEN_DOOR) or omit the parameter entirely to bypass admission checks.For production deployments, always set a server-side policy override using one of:
- Environment variable:
CELLAR_DOOR_SERVER_POLICY=STRICT(orEMERGENCY_ONLY)- Constructor option:
createServer({ serverPolicy: "STRICT" })When
serverPolicyis set, any LLM-providedadmissionPolicyparameter is ignored.
| Policy | Behavior |
|---|---|
OPEN_DOOR |
Accept any departure with a valid signature |
STRICT |
Voluntary only, <24h old, requires lineage + stateSnapshot modules |
EMERGENCY_ONLY |
Accept only emergency exits |
Sample Conversation (Claude Desktop)
User: I need to leave Platform X. Can you create a departure record?
Claude: I'll create a signed EXIT marker for your departure from Platform X.
→ Calls: quick_exit({ origin: "did:web:platform-x.example.com", reason: "Migrating to new platform" })
Claude: Here's your signed departure marker:
- ID: exit:abc123...
- Subject: did:key:z6Mk...
- Origin: did:web:platform-x.example.com
- Exit Type: Voluntary
- Signature: ✅ Verified
User: Now verify this on Platform Y and create my arrival.
→ Calls: verify_and_admit({
exitMarkerJson: "{...}",
destination: "did:web:platform-y.example.com",
admissionPolicy: "STRICT"
})
Claude: ✅ Admitted. Arrival marker created with continuity verified.
Programmatic Usage
import { createServer } from "@cellar-door/mcp-server";
const server = createServer({
serverPolicy: "STRICT", // Lock admission policy server-side
});
Example Tool Calls
Quick Exit
{
"name": "quick_exit",
"arguments": { "origin": "did:example:my-agent", "reason": "Task complete" }
}
Verify and Admit
{
"name": "verify_and_admit",
"arguments": {
"exitMarkerJson": "{...exit marker JSON...}",
"destination": "did:example:new-platform",
"admissionPolicy": "OPEN_DOOR"
}
}
Verify Transfer
{
"name": "verify_transfer",
"arguments": {
"exitMarkerJson": "{...exit marker...}",
"arrivalMarkerJson": "{...arrival marker...}"
}
}
Production Deployment
⚠️ Authentication: The MCP server does not include built-in authentication. In production, deploy behind an authenticated reverse proxy or API gateway. Do not expose MCP tools directly to untrusted clients.
⚠️ Disclaimer
WARNING: Automated admission decisions should be reviewed by platform operators. This integration does not constitute legal advice. Platforms are responsible for their own admission policies and the consequences of admitting agents.
License
Apache-2.0
推荐服务器
Baidu Map
百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
Playwright MCP Server
一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。
Magic Component Platform (MCP)
一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。
Audiense Insights MCP Server
通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。
VeyraX
一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。
graphlit-mcp-server
模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。
Kagi MCP Server
一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。
e2b-mcp-server
使用 MCP 通过 e2b 运行代码。
Neon MCP Server
用于与 Neon 管理 API 和数据库交互的 MCP 服务器
Exa MCP Server
模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。