aster-server 0.11.0

Aster - An AI agent framework
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

IMPORTANT: currently aster_ALLOWLIST is used in main.ts in ui/desktop, and not in aster-server. The following is for reference in case it is used on the server side for launch time enforcement.

# aster Extension Allowlist

The allowlist feature provides a security mechanism for controlling which MCP commands can be used by aster. 
By default, aster will let you run any MCP via any command, which isn't always desired.

## How It Works

1. When enabled, aster will only allow execution of commands that match entries in the allowlist
2. Commands not in the allowlist will be rejected with an error message
3. The allowlist is fetched from a URL specified by the `aster_ALLOWLIST` environment variable and cached while running.

## Setup

Set the `aster_ALLOWLIST` environment variable to the URL of your allowlist YAML file:

```bash
export aster_ALLOWLIST=https://example.com/aster-allowlist.yaml
```

If this environment variable is not set, no allowlist restrictions will be applied (all commands will be allowed).

## Bypassing the Allowlist

In certain development or testing scenarios, you may need to bypass the allowlist restrictions. You can do this by setting the `aster_ALLOWLIST_BYPASS` environment variable to `true`:

```bash
# For the GUI, you can have it show a warning instead of blocking (but it will always show a warning):
export aster_ALLOWLIST_WARNING=true
```


When this environment variable is set to `true` (case insensitive), the allowlist check will be bypassed and all commands will be allowed, even if the `aster_ALLOWLIST` environment variable is set.

## Allowlist File Format

The allowlist file should be a YAML file with the following structure:

```yaml
extensions:
  - id: extension-id-1
    command: command-name-1
  - id: extension-id-2
    command: command-name-2
```

Example:

```yaml
extensions:
  - id: slack
    command: uvx mcp_slack
  - id: github
    command: uvx mcp_github
  - id: jira
    command: uvx mcp_jira
```

Note that the command should be the full command to launch the MCP (environment variables are provided for context by aster). Additional arguments will be rejected (to avoid injection attacks)