Stage colibri-mcp in operator USB by default (Sam & Codex)

Makes colibri-mcp a required Colibri artifact for the live operator USB, copies it into the image, documents the read-only default and explicit trusted COLIBRI_MCP_WRITE profile, and updates ISO build handoff docs.\n\nChecks: ./scripts/check-format.sh; sh -n build.sh scripts/stage-colibri-iso.sh; git diff --check
2026-06-13 19:29:31 +02:00 · 2026-06-13 19:29:31 +02:00 · 368e663965
commit 368e663965
parent 4f4a244915
8 changed files with 25 additions and 6 deletions
--- a/AGENTS.md
+++ b/AGENTS.md
@ -104,9 +104,10 @@ the ISO does **not** build Rust while the image is mounted.
  skill (§Colibri artifact preflight).
 - Staging layout (installed paths, rc.d, directory ownership) is owned by
  Colibri `docs/ISO-INTEGRATION-PLAN.md`.
- Required by ISO preflight: `colibri-daemon`, `colibri`, `colibri-smoke-agent`.
+- Required by ISO preflight: `colibri-daemon`, `colibri`, `colibri-smoke-agent`,
+  and `colibri-mcp`.
  `colibri-tui` is optional in staging code but desired for this USB target and
-  should be verified alongside the other three.
+  should be verified alongside the required binaries.

 **Invariant:** do not `cargo clean` `/home/clawdie/ai/colibri` until the ISO
 preflight/build has consumed `/home/clawdie/ai/colibri/target/release`.
--- a/BUILD.md
+++ b/BUILD.md
@ -83,6 +83,7 @@ Colibri-backed. The image includes:
 /usr/local/bin/colibri-daemon
 /usr/local/bin/colibri
 /usr/local/bin/colibri-smoke-agent
+/usr/local/bin/colibri-mcp              # MCP bridge for Zed/Claude Code/Cursor
 /usr/local/bin/colibri-tui              # if present in the artifact dir
 /usr/local/etc/rc.d/colibri_daemon
 /var/db/colibri
@ -95,6 +96,10 @@ values for `colibri_daemon_enable`, paths, and `colibri_cost_mode`. Operator USB
 validation builds enable `colibri_daemon_enable=YES`; the service starts after
 the login milestone and is the lightweight control plane for the live USB.

+`colibri-mcp` is staged out of the box for MCP-capable editors and assistants.
+It defaults to read-only tools; launch it with `COLIBRI_MCP_WRITE=1` only for a
+trusted write-capable MCP profile.
+
 ### Colibri vs. Clawdie service names

 ```text
--- a/README.md
+++ b/README.md
@ -52,6 +52,7 @@ Live operator USB
  SDDM/XFCE desktop
    └── colibri_daemon      # lightweight control plane, enabled on USB
          ├── colibri CLI / colibri-tui
+          ├── colibri-mcp       # MCP bridge for editor/assistant clients
          └── agent harness     # Colibri's bundled agent (staged with the
                                # daemon); pi available as a spawnable backend

--- a/build.sh
+++ b/build.sh
@ -325,7 +325,7 @@ preflight_colibri_artifacts() {
        echo "       Set COLIBRI_REPO=/path/to/colibri or FEATURE_COLIBRI=NO."
        exit 1
    fi
-    for _colibri_bin in colibri-daemon colibri colibri-smoke-agent; do
+    for _colibri_bin in colibri-daemon colibri colibri-smoke-agent colibri-mcp; do
        if [ ! -x "${_resolved_colibri_artifact_dir}/${_colibri_bin}" ]; then
            echo "ERROR: Colibri release binary missing: ${_resolved_colibri_artifact_dir}/${_colibri_bin}"
            echo "       Build first: (cd ${_resolved_colibri_repo} && cargo build --workspace --release)"
@ -802,7 +802,9 @@ install_colibri_service() {
    set_config_line "${MOUNT_POINT}/etc/rc.conf" 'colibri_daemon_host="$(hostname)"'
    set_config_line "${MOUNT_POINT}/etc/rc.conf" "colibri_cost_mode=\"${COLIBRI_COST_MODE:-smart}\""

-    if [ ! -x "${MOUNT_POINT}/usr/local/bin/colibri-daemon" ] || [ ! -x "${MOUNT_POINT}/usr/local/bin/colibri" ]; then
+    if [ ! -x "${MOUNT_POINT}/usr/local/bin/colibri-daemon" ] || \
+       [ ! -x "${MOUNT_POINT}/usr/local/bin/colibri" ] || \
+       [ ! -x "${MOUNT_POINT}/usr/local/bin/colibri-mcp" ]; then
        echo "ERROR: Colibri binaries missing from live image"
        exit 1
    fi
--- a/docs/POUDRIERE-BUILD-SERVER.md
+++ b/docs/POUDRIERE-BUILD-SERVER.md
@ -231,6 +231,7 @@ This gives us:
 - `colibri-daemon`
 - `colibri-tui`
 - `colibri-smoke-agent`
+- `colibri-mcp`

 All with proper pkg metadata, upgradeable, with dependencies tracked.

--- a/live/operator-session/bootstrap.html
+++ b/live/operator-session/bootstrap.html
@ -89,6 +89,7 @@
          <li>XFCE desktop — dual-monitor, panel, wallpaper</li>
          <li><code>colibri-daemon</code> — agent supervisor, skills catalog, Glasspane state machine</li>
          <li><code>colibri-tui</code> — live ratatui dashboard (agent states, spawn/kill, sessions)</li>
+          <li><code>colibri-mcp</code> — MCP bridge for Zed, Claude Code, Cursor, and other MCP clients</li>
          <li>Firefox browser</li>
          <li>Tailscale package (needs auth key)</li>
          <li><code>pi</code> coding agent harness (npm global)</li>
@ -117,6 +118,8 @@ colibri status
 colibri snapshot           # Glasspane agent states
 colibri list-tasks         # Coordination board
 colibri list-skills        # Skills catalog
+colibri-mcp tools          # MCP bridge, read-only by default
+COLIBRI_MCP_WRITE=1 colibri-mcp tools  # trusted write-capable profile
 colibri create-task --title "check network"
 colibri list-tasks --status queued</pre>

--- a/scripts/stage-colibri-iso.sh
+++ b/scripts/stage-colibri-iso.sh
@ -61,6 +61,7 @@ mkdir -p "${BIN_DIR}" "${RC_DIR}" "${ETC_DIR}" "${NEWSYSLOG_DIR}" "${DB_DIR}" "$
 copy_bin colibri-daemon
 copy_bin colibri
 copy_bin colibri-smoke-agent
+copy_bin colibri-mcp

 if [ "${COLIBRI_STAGE_INCLUDE_TUI}" != "0" ] && [ -x "${COLIBRI_ARTIFACT_DIR}/colibri-tui" ]; then
    copy_bin colibri-tui
@ -142,6 +143,8 @@ Runtime validation:
  colibri status
  colibri create-task --title "iso smoke"
  colibri list-tasks --status queued
+  colibri-mcp tools
+  COLIBRI_MCP_WRITE=1 colibri-mcp tools   # trusted write-capable MCP profile
  service colibri_daemon stop
 EOF

--- a/skills/iso-build/SKILL.md
+++ b/skills/iso-build/SKILL.md
@ -151,11 +151,13 @@ cargo build --workspace --release
 ls -lh target/release/colibri-daemon \
       target/release/colibri \
       target/release/colibri-smoke-agent \
+       target/release/colibri-mcp \
       target/release/colibri-tui

 file target/release/colibri-daemon \
     target/release/colibri \
     target/release/colibri-smoke-agent \
+     target/release/colibri-mcp \
     target/release/colibri-tui

 target/release/colibri --help | head
@ -183,8 +185,9 @@ cargo clean
 rm -rf /tmp/colibri-*
 ```

-`colibri-tui` is optional in the staging script, but desired for this operator
-USB target and should be verified with the other three binaries.
+`colibri-mcp` is part of the out-of-the-box operator USB. `colibri-tui` is
+optional in the staging script, but desired for this operator USB target and
+should be verified with the required binaries.

 ### Deployed-system Clawdie service boundary