Skip to main content

MCP server bridging Claude Code to a browser extension over WS+HMAC

Project description

sallyport

The Python MCP-server half of Sallyport — a security-first bridge between Claude Code (or any MCP client) and your Chrome, with explicit trust boundaries instead of implicit ones.

Claude Code ── MCP/stdio ──▶ daemon (this package) ── WS+HMAC ──▶ extension (MV3) ── CDP ──▶ Chrome

The daemon speaks MCP on stdio and hosts an HMAC-authenticated WebSocket server on 127.0.0.1:10086 that the companion Chrome extension connects into. Every frame is signed (HMAC-SHA256 + timestamp + nonce); the extension enforces a per-domain allowlist and a per-domain opt-in for arbitrary JS.

Install

pip install sallyport

The package installs the sallyport-daemon console command.

Quickstart

sallyport-daemon doctor          # check Python, secret file + perms, port; print the pairing block
claude mcp add sallyport sallyport-daemon   # register with Claude Code

Then load the unpacked extension (or the release zip) from the main repository and paste the pairing block into its popup.

  • sallyport-daemon list-tools — print the tool catalogue (no daemon start)
  • sallyport-daemon serve — WS-only mode (no MCP) for wire testing
  • sallyport-daemon exec <tool> k=v … — fire one tool from the shell

Security

The full threat model, the load-bearing invariants, and known limitations live in SECURITY.md. In short: loopback-only bind, HMAC on every frame, a domain allowlist enforced in the extension, per-domain evaluate opt-in, password-field gates, and daemon-side filesystem sandboxes for upload/save_to_file.

License

MIT — see LICENSE.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sallyport-0.12.0.tar.gz (55.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sallyport-0.12.0-py3-none-any.whl (62.0 kB view details)

Uploaded Python 3

File details

Details for the file sallyport-0.12.0.tar.gz.

File metadata

  • Download URL: sallyport-0.12.0.tar.gz
  • Upload date:
  • Size: 55.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for sallyport-0.12.0.tar.gz
Algorithm Hash digest
SHA256 77aba2f52e84caa11acab40d15ca2ee205974e4a588ede66354d85990bb0adea
MD5 edf1db3f9071668a9addb446d03d03a8
BLAKE2b-256 c5c58907adf53dfd1b20f4bb848eb9204454577880987cd73d3eb9655a58103b

See more details on using hashes here.

Provenance

The following attestation bundles were made for sallyport-0.12.0.tar.gz:

Publisher: publish.yml on ginkida/sallyport

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file sallyport-0.12.0-py3-none-any.whl.

File metadata

  • Download URL: sallyport-0.12.0-py3-none-any.whl
  • Upload date:
  • Size: 62.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for sallyport-0.12.0-py3-none-any.whl
Algorithm Hash digest
SHA256 ddca5704616703068c75b7bddc361ec6fb522aa6a8407207c418cc818a97bac6
MD5 63117b8505c143a89b1bf18a3a85e14a
BLAKE2b-256 f22aeccd33998ac5350ee38be0244f9f44b79b87735422bdbb03b61c909e74ed

See more details on using hashes here.

Provenance

The following attestation bundles were made for sallyport-0.12.0-py3-none-any.whl:

Publisher: publish.yml on ginkida/sallyport

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page