Skip to main content

MCP server bridging Claude Code to a browser extension over WS+HMAC

Project description

sallyport

The Python MCP-server half of Sallyport — a security-first bridge between Claude Code (or any MCP client) and your Chrome, with explicit trust boundaries instead of implicit ones.

Claude Code ── MCP/stdio ──▶ daemon (this package) ── WS+HMAC ──▶ extension (MV3) ── CDP ──▶ Chrome

The daemon speaks MCP on stdio and hosts an HMAC-authenticated WebSocket server on 127.0.0.1:10086 that the companion Chrome extension connects into. Every frame is signed (HMAC-SHA256 + timestamp + nonce); the extension enforces a per-domain allowlist and a per-domain opt-in for arbitrary JS.

Install

pip install sallyport

The package installs the sallyport-daemon console command.

Quickstart

sallyport-daemon doctor          # check Python, secret file + perms, port; print the pairing block
claude mcp add sallyport sallyport-daemon   # register with Claude Code

Then load the unpacked extension (or the release zip) from the main repository and paste the pairing block into its popup.

  • sallyport-daemon list-tools — print the tool catalogue (no daemon start)
  • sallyport-daemon serve — WS-only mode (no MCP) for wire testing
  • sallyport-daemon exec <tool> k=v … — fire one tool from the shell

Security

The full threat model, the load-bearing invariants, and known limitations live in SECURITY.md. In short: loopback-only bind, HMAC on every frame, a domain allowlist enforced in the extension, per-domain evaluate opt-in, password-field gates, and daemon-side filesystem sandboxes for upload/save_to_file.

License

MIT — see LICENSE.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sallyport-0.11.1.tar.gz (40.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sallyport-0.11.1-py3-none-any.whl (44.7 kB view details)

Uploaded Python 3

File details

Details for the file sallyport-0.11.1.tar.gz.

File metadata

  • Download URL: sallyport-0.11.1.tar.gz
  • Upload date:
  • Size: 40.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for sallyport-0.11.1.tar.gz
Algorithm Hash digest
SHA256 5c3cde507e24b5d3eacd5f8d7959907839e4248b28afc6d8d70169154ac000b7
MD5 1662ca0fc7dfece143e1e3afa496987d
BLAKE2b-256 137f0bce80c792b1ff38ac10cb28835337da521114ab7341ff64ab1fd5d1a834

See more details on using hashes here.

Provenance

The following attestation bundles were made for sallyport-0.11.1.tar.gz:

Publisher: publish.yml on ginkida/sallyport

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file sallyport-0.11.1-py3-none-any.whl.

File metadata

  • Download URL: sallyport-0.11.1-py3-none-any.whl
  • Upload date:
  • Size: 44.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for sallyport-0.11.1-py3-none-any.whl
Algorithm Hash digest
SHA256 e2e76ca93bbf7c4758bc3eaf6d9728f8841e11d0504729b27811728a2b4605d5
MD5 29e690f4fd79e9193ab673e867090345
BLAKE2b-256 7d1f0b21b236cd20b4d9dc61f11c4224c349a2e2056113703d803ecc125a51ea

See more details on using hashes here.

Provenance

The following attestation bundles were made for sallyport-0.11.1-py3-none-any.whl:

Publisher: publish.yml on ginkida/sallyport

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page