Skip to main content

MCP server bridging Claude Code to a browser extension over WS+HMAC

Project description

sallyport

The Python MCP-server half of Sallyport — a security-first bridge between Claude Code (or any MCP client) and your Chrome, with explicit trust boundaries instead of implicit ones.

Claude Code ── MCP/stdio ──▶ daemon (this package) ── WS+HMAC ──▶ extension (MV3) ── CDP ──▶ Chrome

The daemon speaks MCP on stdio and hosts an HMAC-authenticated WebSocket server on 127.0.0.1:10086 that the companion Chrome extension connects into. Every frame is signed (HMAC-SHA256 + timestamp + nonce); the extension enforces a per-domain allowlist and a per-domain opt-in for arbitrary JS.

Install

pip install sallyport

The package installs the sallyport-daemon console command.

Quickstart

sallyport-daemon doctor          # check Python, secret file + perms, port; print the pairing block
claude mcp add sallyport sallyport-daemon   # register with Claude Code

Then load the unpacked extension (or the release zip) from the main repository and paste the pairing block into its popup.

  • sallyport-daemon list-tools — print the tool catalogue (no daemon start)
  • sallyport-daemon serve — WS-only mode (no MCP) for wire testing
  • sallyport-daemon exec <tool> k=v … — fire one tool from the shell

Security

The full threat model, the load-bearing invariants, and known limitations live in SECURITY.md. In short: loopback-only bind, HMAC on every frame, a domain allowlist enforced in the extension, per-domain evaluate opt-in, password-field gates, and daemon-side filesystem sandboxes for upload/save_to_file.

License

MIT — see LICENSE.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sallyport-0.11.2.tar.gz (40.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sallyport-0.11.2-py3-none-any.whl (44.7 kB view details)

Uploaded Python 3

File details

Details for the file sallyport-0.11.2.tar.gz.

File metadata

  • Download URL: sallyport-0.11.2.tar.gz
  • Upload date:
  • Size: 40.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for sallyport-0.11.2.tar.gz
Algorithm Hash digest
SHA256 359680c735a31e7a495c7bec5f8223f37c367444bef705d585c390ad1cd28ade
MD5 65e29c468fb018bdc06933b974a016eb
BLAKE2b-256 f1236b13133367b6ad5fbdc1e047f023b4b4c069f59dadd58a88dc17a1c692b6

See more details on using hashes here.

Provenance

The following attestation bundles were made for sallyport-0.11.2.tar.gz:

Publisher: publish.yml on ginkida/sallyport

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file sallyport-0.11.2-py3-none-any.whl.

File metadata

  • Download URL: sallyport-0.11.2-py3-none-any.whl
  • Upload date:
  • Size: 44.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for sallyport-0.11.2-py3-none-any.whl
Algorithm Hash digest
SHA256 94ed7b0e5074d68c3c0380f5a8e37c8740ad656462f9d483d0963a70218c7e4b
MD5 07e26c66330cd927fddddc61d4882862
BLAKE2b-256 1913ebebaff35b7117612cdeec13bd21b7cf213eb8aa5c62ac90e3a5c3df2ee8

See more details on using hashes here.

Provenance

The following attestation bundles were made for sallyport-0.11.2-py3-none-any.whl:

Publisher: publish.yml on ginkida/sallyport

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page