JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 1125
  • Score
    100M100P100Q117638F
  • License MIT

stdio-to-HTTP bridge connecting any MCP client to Aerostack Workspaces

Package Exports

  • @aerostack/gateway
  • @aerostack/gateway/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@aerostack/gateway) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

@aerostack/gateway

Connect any MCP client (Claude Desktop, Cline, Cursor, Goose, Windsurf, and more) to an Aerostack Workspace — one URL, all your tools, with built-in human approval gates.

License: MIT npm

Why?

Many MCP clients only support stdio transport. Aerostack Workspaces use HTTP. This bridge connects them — no code required.

Instead of configuring dozens of separate MCP servers in your AI tool, point at one Aerostack Workspace and get:

  • All tools in one place — composed from multiple MCP servers
  • Centralized OAuth — 27+ providers managed by Aerostack, not your agent
  • Human approval gates — sensitive tools require your approval before executing
  • Local Guardian — approval gates for local operations (file delete, shell, git push, deploy)
  • Per-tool permissions — workspace tokens scope exactly which tools are accessible
  • Usage tracking & audit — every tool call logged and metered
  • Rate limiting — per-token, plan-tiered

Quick Start

1. Get a workspace token

In your Aerostack Admin Dashboard, open your workspace and generate a token (mwt_...).

2. Configure your AI tool

Claude Desktop — edit ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "aerostack": {
      "command": "npx",
      "args": ["-y", "@aerostack/gateway"],
      "env": {
        "AEROSTACK_WORKSPACE_URL": "https://api.aerostack.dev/api/gateway/ws/my-workspace",
        "AEROSTACK_TOKEN": "mwt_your_token_here"
      }
    }
  }
}

Cline (VS Code) — add to VS Code settings under cline.mcpServers:

{
  "aerostack": {
    "command": "npx",
    "args": ["-y", "@aerostack/gateway"],
    "env": {
      "AEROSTACK_WORKSPACE_URL": "https://api.aerostack.dev/api/gateway/ws/my-workspace",
      "AEROSTACK_TOKEN": "mwt_your_token_here"
    }
  }
}

Cursor / Goose / HTTP-native clients — use the workspace URL directly (no bridge needed):

URL:   https://api.aerostack.dev/api/gateway/ws/my-workspace
Token: mwt_your_token_here  (Authorization: Bearer header)

3. Use it

You: Create a GitHub issue for the login bug
AI:  [calls github__create_issue via Aerostack workspace]

Tools are namespaced as {server}__{tool} (e.g., github__create_issue, slack__send_message).

How It Works

Your AI tool (stdio) → @aerostack/gateway → HTTPS → Aerostack Workspace
                                                           ↓
                                              ┌────────────────────────┐
                                              │ Fan-out to MCP servers │
                                              │ GitHub, Slack, Gmail,  │
                                              │ custom Workers, etc.   │
                                              └────────────────────────┘

The bridge:

  1. Starts as a stdio MCP server (what your AI tool expects)
  2. Forwards all JSON-RPC requests to your workspace over HTTPS
  3. Handles SSE streaming responses transparently
  4. Manages the approval gate flow automatically

Approval Gates

When your workspace has approval rules configured, the bridge handles them transparently:

AI calls dangerous_tool
  → Bridge forwards to workspace
  → Workspace returns "needs approval" (-32050)
  → Bridge waits via WebSocket (instant) or polls as fallback
  → You approve/reject in dashboard or mobile app
  → Bridge retries on approval, returns error on rejection

Your AI agent sees either a successful result or a clear error — no special handling needed.

Local Guardian

Approval gates for local operations — file deletion, destructive shell commands, git push, deploys. The agent asks for approval before acting on your machine.

The bridge injects an aerostack__local_guardian tool. When the LLM is about to perform a risky local operation, it calls this tool first. You get a push notification and can approve or reject from the dashboard or your phone.

Agent wants to: rm -rf ./old-config/
  → Agent calls aerostack__local_guardian
  → You get push notification on your phone
  → Tap Approve or Reject
  → Agent proceeds or stops
Category What it covers
file_delete Deleting or overwriting files
shell_destructive rm -rf, DROP TABLE, etc.
git_push git push, force push, git reset --hard
config_modify .env, credentials, production configs
deploy Deploy, publish, release to any environment
database Direct database mutations outside migrations

Configuration

Variable Required Default Description
AEROSTACK_WORKSPACE_URL Yes Full workspace endpoint URL
AEROSTACK_TOKEN Yes Workspace token (mwt_...)
AEROSTACK_APPROVAL_POLL_MS No 3000 Approval polling interval (ms)
AEROSTACK_APPROVAL_TIMEOUT_MS No 300000 Max approval wait time (5 min)
AEROSTACK_REQUEST_TIMEOUT_MS No 30000 HTTP request timeout (30s)
AEROSTACK_LOCAL_GUARDIAN No true Set false to disable Local Guardian
AEROSTACK_LOG_LEVEL No info Log level: debug, info, warn, error

Supported MCP Methods

Method Description
tools/list List all tools from all workspace servers
tools/call Call a namespaced tool (with approval handling)
resources/list List resources from all workspace servers
resources/read Read a specific resource
prompts/list List prompts from all workspace servers
prompts/get Get a prompt with arguments

Requirements

  • Node.js 18+
  • An Aerostack account with a configured workspace
  • A workspace token (mwt_...)

License

MIT