ibkr-agent-gateway 0.5.2

Unofficial local-first CLI and MCP gateway for Interactive Brokers workflows.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73

# Testing

The project is validated through Cargo-discoverable tests, fake Client Portal
Gateway fixtures, replay checks, provider snapshots, and local performance
budgets.

## Required Local Gates

```bash
cargo fmt --check
cargo clippy --workspace --all-targets --features unstable-internal-test-support -- -D warnings
cargo test --workspace --features unstable-internal-test-support
cargo test --workspace --features unstable-internal-test-support secret
```

CI also runs documentation and security workflows.

## CPAPI Contracts

Wiremock contract tests lock the Client Portal Gateway HTTP boundary for:

- live and paper writer POST/DELETE/modify requests;
- contextual read paths and query parameters for options, greeks, market depth,
  scanners, news, fundamentals, market sessions/holidays, FX rates, and
  transfer history.

## Fixture Coverage

Fake CPAPI fixtures under `tests/fixtures/cpapi/` cover:

- session usable, missing, expired, keepalive success, and keepalive expiry;
- accounts list;
- portfolio snapshot, PnL, account metadata, and positions;
- stock/ETF contract search and ambiguity;
- live, delayed, and stale market snapshots;
- historical bars;
- read-only orders, order history, order status, and executions;
- options chain, greeks, market depth, scanners, news, fundamentals, market
  session/holidays, FX rates, and transfer history.

Fixtures must not contain tokens, cookies, credentials, sensitive headers, local
secret paths, bearer values, or raw broker session material.

## Feature Coverage

The test suite covers:

- CLI contracts for read commands, audit, preview, paper, and live-gated
  refusals;
- MCP tool discovery, schemas, redaction, keepalive, and scope denials;
- remote OAuth RS256 validation, token redaction, generic auth denials,
  configurable rate limiting, and connection-cap handling;
- order preview, risk checks, paper approval/idempotency, paper modify, live
  limits, live modify, bracket submit, kill switch, and paper-to-live gates;
- sidecar identity, pairing, heartbeat, forwarding safety, and secret scans;
- provider compatibility snapshots and provider SDK dependency boundaries.

## Replay and Performance

Replay tests check audit redaction and secret-scan behavior. Performance tests
assert budgets for fake backend reads, audit append/tail, cached remote OAuth
validation, prepared remote MCP authorization, live gate/risk/idempotency, and
sidecar request safety.

To measure the full offline suite duration locally:

```bash
time cargo test --workspace --features unstable-internal-test-support
```

The security workflow filters tests by `secret` while still enabling
`unstable-internal-test-support`, because several secret/redaction regression
tests intentionally use hidden internal fixtures and helpers.