SignalSpore MCP

Public repo: https://github.com/yeahdog/signalspore-mcp Latest tag: https://github.com/yeahdog/signalspore-mcp/releases/tag/v0.1.5 Product docs: https://www.signalspore.com/mcp npm install: npx -y @yeahdog/signalspore-mcp Pinned GitHub tag install: npx -y github:yeahdog/signalspore-mcp#v0.1.5 Agent-runtime install notes: https://github.com/yeahdog/signalspore-mcp/blob/main/llms-install.md

SignalSpore MCP is a public Model Context Protocol (MCP) stdio wrapper for SignalSpore's setup, local gate, preflight, and delta loop.

Why an operator would install this

SignalSpore is a pre-task checkpoint for agents that are about to touch tools, code, deployments, databases, or current information. The wrapper gives the agent a compact execution brief before it starts cold, then records one sanitized post-task delta so the next run gets sharper.

A useful first run should answer at least one operator question:

• Did the gate skip a task that did not need extra context?
• Did preflight surface a stop condition before shell/API/deploy work?
• Did the execution brief narrow the task enough to save tokens or avoid a wrong path?
• Did the delta create a reusable trap or checklist item without leaking private data?

You do not need to post a GitHub receipt to use SignalSpore. Public receipts are only required if you want to be counted as a verified external operator in the 100-agent tracker.

SignalSpore is most useful before risky agent work:

• shell commands
• migrations
• deploys
• database resets
• brittle integrations

This wrapper exposes four tools:

• signalspore_setup
• signalspore_gate
• signalspore_preflight
• signalspore_delta

Repository

• https://github.com/yeahdog/signalspore-mcp

Official MCP Registry readiness

SignalSpore MCP declares its official registry name as io.github.yeahdog/signalspore-mcp in both package.json (mcpName) and root server.json.

Registry canary:

curl 'https://registry.modelcontextprotocol.io/v0/servers?search=signalspore'

The canary should return SignalSpore only after the matching npm package version has been published and mcp-publisher publish has accepted server.json. Until then, npm install and the GitHub tag install remain the canonical runtime paths.

External operator smoke test wanted

If you are trying SignalSpore from an agent runtime outside this repository, please run one real first task and leave the receipt visible on https://www.signalspore.com/live.

Minimal path:

1. Create a policy at https://www.signalspore.com/setup.
2. Add @yeahdog/signalspore-mcp to your MCP client with the returned policy ID and write token.
3. Paste the activation prompt below into your agent.
4. Open https://www.signalspore.com/live and confirm your policy_created, preflight_run or quick_check_run, and delta_submitted receipts appear.

If you do this, a short GitHub issue comment with the live event ID is especially helpful because it proves independent external provenance instead of just non-Hermes metadata.

Install

Fastest mutable path from GitHub:

npx -y @yeahdog/signalspore-mcp

Pinned GitHub tag install when you want an exact version:

npx -y github:yeahdog/signalspore-mcp#v0.1.5

Registry status: npm publication is live. npm view @yeahdog/signalspore-mcp version returns the latest published version, so the preferred install is now npx -y @yeahdog/signalspore-mcp. The pinned GitHub tag remains available for exact source-version installs.

Quick verification before wiring MCP:

npx -y @yeahdog/signalspore-mcp --help
npx -y @yeahdog/signalspore-mcp --doctor

The --doctor check verifies env wiring and whether SignalSpore's public MCP surface is reachable before you hand the wrapper to an agent.

Fastest first live run

1. Create a SignalSpore policy and write token at https://www.signalspore.com/setup or with the setup API example below.
2. Export SIGNALSPORE_AGENT_POLICY_ID and SIGNALSPORE_WRITE_TOKEN in the MCP client environment.
3. Run npx -y @yeahdog/signalspore-mcp --doctor until api_mcp, write_token, and policy_id all pass.
4. Start the MCP server and run signalspore_gate on a real shell, migration, deploy, database-reset, or brittle-integration task.

If you want to verify the public proof loop after the first run, check https://www.signalspore.com/live.

Copy/paste activation prompt

After adding the MCP config to your agent runtime, paste this as the first real test task:

Use SignalSpore before you act. First call signalspore_gate for this task: "Before I run a shell command that changes files, check the current directory and identify the safest command plan." If the gate returns quick_check or full_preflight, call signalspore_preflight. Follow the returned stop conditions. After the task, submit one sanitized signalspore_delta with savings_outcome set to no_material_savings or estimated_savings_reported.

A successful first live run should leave a receipt on https://www.signalspore.com/live with policy_created, preflight_run or quick_check_run, and delta_submitted events.

If --doctor passes but no live receipt appears, check that the MCP client inherited SIGNALSPORE_AGENT_POLICY_ID and SIGNALSPORE_WRITE_TOKEN, then inspect https://www.signalspore.com/api/policy-stats?policy_id=YOUR_POLICY_ID.

Or clone and run locally:

git clone https://github.com/yeahdog/signalspore-mcp.git
cd signalspore-mcp
node ./bin/signalspore-mcp.js

Docker/registry-compatible start path:

docker build -t signalspore-mcp .
docker run --rm -i \
  -e SIGNALSPORE_BASE_URL=https://www.signalspore.com \
  -e SIGNALSPORE_AGENT_POLICY_ID=policy_your_agent_here \
  -e SIGNALSPORE_WRITE_TOKEN=write_token_from_setup_response \
  signalspore-mcp

The Dockerfile is intentionally minimal so MCP directories and validators can start the stdio server and run introspection without depending on npm publication.

Required environment

Create the reusable policy and write token with POST /api/setup first:

curl -X POST https://www.signalspore.com/api/setup \
  -H 'Content-Type: application/json' \
  -d '{
    "agent": {
      "name": "External MCP Operator",
      "framework": "Custom",
      "model_tier": "frontier_reasoning"
    },
    "policy": {
      "mode": "smart_auto",
      "delta_submission_mode": "required"
    }
  }'

Expected setup response shape:

{
  "ok": true,
  "agent_policy_id": "policy_your_agent_here",
  "write_token": "write_token_from_setup_response",
  "install_bundle": "..."
}

Then export the two protected-write values for your MCP client:

export SIGNALSPORE_AGENT_POLICY_ID='policy_your_agent_here'
export SIGNALSPORE_WRITE_TOKEN='write_token_from_setup_response'
export SIGNALSPORE_BASE_URL='https://www.signalspore.com'
export SIGNALSPORE_MODEL_PROVIDER='operator-runtime'
export SIGNALSPORE_MODEL_NAME='external-agent'
export SIGNALSPORE_MODEL_TIER='frontier_reasoning'

• SIGNALSPORE_WRITE_TOKEN
  • required for signalspore_preflight and signalspore_delta
  • get it from SignalSpore setup
• SIGNALSPORE_AGENT_POLICY_ID
  • recommended default policy handle for future calls
• SIGNALSPORE_BASE_URL
  • optional
  • defaults to https://www.signalspore.com
• SIGNALSPORE_FRAMEWORK
  • optional
  • defaults to Custom
• SIGNALSPORE_CONTEXT_BUDGET
  • optional
  • defaults to medium
• SIGNALSPORE_TOOLS
  • optional comma-separated list
  • defaults to terminal,browser
• SIGNALSPORE_MODEL_PROVIDER
  • optional model provider label sent to SignalSpore preflight
  • defaults to operator-runtime
• SIGNALSPORE_MODEL_NAME
  • optional model name label sent to SignalSpore preflight
  • defaults to external-agent
• SIGNALSPORE_MODEL_TIER
  • optional model capability tier sent to SignalSpore preflight
  • defaults to frontier_reasoning

Client recipes

• SignalSpore setup: https://www.signalspore.com/setup
• SignalSpore MCP guide: https://www.signalspore.com/mcp
• Codex recipe: https://www.signalspore.com/examples/codex.md
• Claude Code recipe: https://www.signalspore.com/examples/claude-code.md
• Cursor recipe: https://www.signalspore.com/examples/cursor.md
• Generic HTTP recipe: https://www.signalspore.com/examples/generic-http.md

Claude Desktop / generic MCP config

If your MCP client supports npx-based stdio servers and you want the moving latest version:

{
  "mcpServers": {
    "signalspore": {
      "command": "npx",
      "args": ["-y", "@yeahdog/signalspore-mcp"],
      "env": {
        "SIGNALSPORE_BASE_URL": "https://www.signalspore.com",
        "SIGNALSPORE_AGENT_POLICY_ID": "policy_your_agent_here",
        "SIGNALSPORE_WRITE_TOKEN": "write_token_from_setup_response",
        "SIGNALSPORE_MODEL_PROVIDER": "operator-runtime",
        "SIGNALSPORE_MODEL_NAME": "external-agent",
        "SIGNALSPORE_MODEL_TIER": "frontier_reasoning"
      }
    }
  }
}

If you want a pinned GitHub tag instead of the moving GitHub head, use this config:

{
  "mcpServers": {
    "signalspore": {
      "command": "npx",
      "args": ["-y", "github:yeahdog/signalspore-mcp#v0.1.5"],
      "env": {
        "SIGNALSPORE_BASE_URL": "https://www.signalspore.com",
        "SIGNALSPORE_AGENT_POLICY_ID": "policy_your_agent_here",
        "SIGNALSPORE_WRITE_TOKEN": "write_token_from_setup_response",
        "SIGNALSPORE_MODEL_PROVIDER": "operator-runtime",
        "SIGNALSPORE_MODEL_NAME": "external-agent",
        "SIGNALSPORE_MODEL_TIER": "frontier_reasoning"
      }
    }
  }
}

If you cloned the repo locally:

{
  "mcpServers": {
    "signalspore": {
      "command": "node",
      "args": ["/absolute/path/to/signalspore-mcp/bin/signalspore-mcp.js"],
      "env": {
        "SIGNALSPORE_BASE_URL": "https://www.signalspore.com",
        "SIGNALSPORE_AGENT_POLICY_ID": "policy_your_agent_here",
        "SIGNALSPORE_WRITE_TOKEN": "write_token_from_setup_response",
        "SIGNALSPORE_MODEL_PROVIDER": "operator-runtime",
        "SIGNALSPORE_MODEL_NAME": "external-agent",
        "SIGNALSPORE_MODEL_TIER": "frontier_reasoning"
      }
    }
  }
}

Tool summary

signalspore_setup

Creates a SignalSpore policy and returns:

• agent_policy_id
• write_token
• install bundle

signalspore_gate

Runs the local SignalSpore gate and returns:

• skip
• quick_check
• full_preflight

signalspore_preflight

Calls SignalSpore preflight for one eligible task.

Important:

• requires SIGNALSPORE_WRITE_TOKEN
• uses the configured policy ID or an explicit agent_policy_id argument

signalspore_delta

Submits one sanitized delta after a preflighted task.

Important:

• requires SIGNALSPORE_WRITE_TOKEN
• delta must match the original preflight session and card in SignalSpore production

Trust model

Why agents can trust this wrapper:

• setup issues a dedicated write token
• preflight requires bearer auth
• delta is tied to the original session/card pair
• SignalSpore returns visible receipts, traps, and stop conditions
• public proof is visible on https://www.signalspore.com/live
• this wrapper does not execute host shell commands itself
• security notes live in SECURITY.md

Suggested first run

1. Run signalspore-mcp --help or npx -y @yeahdog/signalspore-mcp --help
2. Run signalspore-mcp --doctor after setting env to verify reachability and auth wiring
3. Run signalspore_setup
4. Save agent_policy_id and write_token
5. Run signalspore_gate on a real task
6. If decision is quick_check or full_preflight, run signalspore_preflight
7. Follow the returned brief
8. Send one sanitized delta with signalspore_delta

Related docs

• Product: https://www.signalspore.com
• Setup: https://www.signalspore.com/setup
• MCP guide: https://www.signalspore.com/mcp
• skill.md: https://www.signalspore.com/skill.md
• llms.txt: https://www.signalspore.com/llms.txt

License

MIT