JSPM

@looppause/mcp

0.1.2
    • ESM via JSPM
    • ES Module Entrypoint
    • Export Map
    • Keywords
    • License
    • Repository URL
    • TypeScript Types
    • README
    • Created
    • Published
    • Downloads 25
    • Score
      100M100P100Q104755F
    • License MIT

    LoopPause MCP server — pause agent execution and route human approval requests

    Package Exports

    • @looppause/mcp

    Readme

    @looppause/mcp

    MCP server for LoopPause — pause AI agent execution and route approval requests to humans via Slack or email. The agent receives a cryptographically signed proof of the human's decision and resumes.

    "The missing primitive so agents don't go rogue — or die waiting for approval."


    What it does

    Exposes two MCP tools: request_approval and check_approval

    1. request_approval — sends the approval request to the human and returns a pause_id immediately
    2. check_approval — polls once for the decision; call repeatedly until decision is "approved" or "rejected"

    This two-step pattern keeps each tool call short, avoids long-running connections, and gives the agent an explicit checkpoint to verify before proceeding. The agent can verify the HMAC signature with its LOOPPAUSE_SIGNING_SECRET before trusting the decision.


    Installation

    npx @looppause/mcp

    Global install

    npm install -g @looppause/mcp
    looppause-mcp

    Configuration

    Environment variable Required Description
    LOOPPAUSE_API_KEY ✅ Yes Your LoopPause API key (sk_live_…)
    LOOPPAUSE_API_URL No Override the API base URL (default: https://api.looppause.com)

    Get your API key at looppause.com/dashboard.


    Usage in Claude Code

    Add to your .claude/settings.json (or ~/.claude/settings.json for global):

    {
      "mcpServers": {
        "looppause": {
          "command": "npx",
          "args": ["-y", "@looppause/mcp"],
          "env": {
            "LOOPPAUSE_API_KEY": "sk_live_your_key_here"
          }
        }
      }
    }

    Usage in Cursor

    Add to your Cursor MCP configuration:

    {
      "mcpServers": {
        "looppause": {
          "command": "npx",
          "args": ["-y", "@looppause/mcp"],
          "env": {
            "LOOPPAUSE_API_KEY": "sk_live_your_key_here"
          }
        }
      }
    }

    Tool reference

    request_approval

    Sends the approval request and returns immediately. Do not proceed with the action until check_approval returns { decision: "approved" }.

    request_approval({
      // Required
      action_description: string,   // What the agent is about to do (shown to human)
      action_details: Record<string, string>, // Key-value context (amount, vendor, etc.)
    
      // At least one recipient required
      recipient_email?: string,     // Email address
      recipient_slack?: string,     // Slack channel (#approvals) or user ID (U12345)
    
      // Optional
      timeout_hours?: number,       // Default 24, max 168 (1 week)
    })

    When both recipient_slack and recipient_email are provided, Slack is the primary channel and email is the fallback.

    Returns:

    {
      "pause_id": "pse_01jwxyz123",
      "status": "pending",
      "expires_at": "2026-05-24T14:00:00.000Z",
      "MANDATORY_NEXT_STEP": "You MUST call check_approval with this pause_id and wait for decision: 'approved' before taking any action. Do NOT proceed with the requested action until check_approval returns { decision: 'approved' }. Proceeding without approval is a safety violation."
    }

    check_approval

    Checks the current status of an approval request. Call repeatedly until decision is "approved" or "rejected". Never proceed while status is "pending".

    check_approval({
      pause_id: string,  // The pause_id returned by request_approval
    })

    Returns (pending):

    { "status": "pending" }

    Returns (responded):

    {
      "pause_id": "pse_01jwxyz123",
      "agent_id": "mcp-agent",
      "status": "responded",
      "created_at": "2026-05-24T10:00:00.000Z",
      "expires_at": "2026-05-24T14:00:00.000Z",
      "response": {
        "decision": "approved",
        "comment": "PO number: PO-2341",
        "fields": { "po_number": "PO-2341" },
        "responder": "sarah@company.com",
        "responded_at": "2026-05-24T10:14:32.000Z",
        "channel": "slack",
        "nonce": "a8f3c2...",
        "signature": "sha256=4d9f1a..."
      }
    }
    Status Meaning
    pending Human has not responded yet — call again
    responded Human responded — check response.decision
    timed_out No response within timeout_hours
    expired Pause was manually cancelled

    Example

    // Step 1: send the approval request
    const created = await mcp.callTool("request_approval", {
      action_description: "Transfer £12,450 to Globex Corp for invoice INV-2341",
      action_details: {
        vendor: "Globex Corp",
        amount: "12450",
        currency: "GBP",
        invoice_ref: "INV-2341",
      },
      recipient_slack: "#finance-approvals",
      recipient_email: "sarah@company.com",
      timeout_hours: 4,
    });
    
    const { pause_id } = JSON.parse(created.content[0].text);
    
    // Step 2: poll until a terminal decision arrives
    let decision;
    while (true) {
      await new Promise((r) => setTimeout(r, 5_000));
    
      const status = await mcp.callTool("check_approval", { pause_id });
      const body = JSON.parse(status.content[0].text);
    
      if (body.status === "pending") continue;
    
      decision = body;
      break;
    }
    
    // Step 3: verify signature, then act
    if (decision.response?.decision !== "approved") {
      throw new Error("Action rejected or timed out — aborting.");
    }
    
    verifySignature(decision); // see below
    proceedWithTransfer();

    Verifying the signature

    Verify the HMAC signature against your LOOPPAUSE_SIGNING_SECRET before trusting the decision:

    import { createHmac, timingSafeEqual } from "node:crypto";
    
    function verifyDecision(payload: object): boolean {
      const { signature, ...unsigned } = payload.response;
      const canonical = JSON.stringify(
        Object.fromEntries(Object.entries(unsigned).sort())
      );
      const expected = "sha256=" +
        createHmac("sha256", process.env.LOOPPAUSE_SIGNING_SECRET!)
          .update(canonical)
          .digest("hex");
      const a = Buffer.from(expected);
      const b = Buffer.from(signature);
      return a.length === b.length && timingSafeEqual(a, b);
    }

    Registry submissions

    Smithery.ai

    This package includes smithery.yaml for automatic configuration injection.

    1. Fork or publish @looppause/mcp to npm
    2. Submit at smithery.ai/new → enter @looppause/mcp
    3. Smithery will read smithery.yaml and present a UI for users to enter their API key

    Anthropic MCP directory

    1. Ensure the package is published to npm as @looppause/mcp
    2. Submit via the Anthropic MCP directory form or the directory submission page when available
    3. List as: @looppause/mcp — LoopPause human-in-the-loop approval tool

    Local development

    # From the monorepo root
    cd packages/mcp
    npm run build          # tsc → dist/ + shebang fix
    npm run type-check     # type-check only, no emit
    npm run dev            # tsx watch (no build step)

    License

    MIT