README.md
Unified MCP server for agent observability, safety control, and behavior evolution.
Maple
Unified MCP server for agent observability, safety control, and behavior evolution.
Maple is the "Sentry + Git" layer for high-agency agents:
- Observe every step
- Replay/fork risky branches
- Audit and intervene with guardrails
- Learn from anonymized traces to evolve safer skills
Built with mcp-use + Apps SDK widgets.
What Is Implemented
1) Observability + Control
observe_session: capture and render timeline widgetreplay_fork: branch from any step and simulate forwardaudit_risk: rule + anomaly risk dashboardguard_action: allow/block/pending with quarantine supportingest_session_event: stream external bridge events into active trace
2) ML Anomaly Detection (Simple Embeddings)
ml_anomaly_report: embedding-based behavior outlier detection- Lightweight hash embeddings + cosine similarity baseline
- Supports community baseline from anonymized shared traces
3) Network Effects
share_trace_anon: anonymize and publish trace patterns to shared poolsuggest_evolved_skills: generate evolved skill suggestions from shared traces- Behavior signatures + shared dataset create compound data advantage
4) YC App Layer (Moat / Traction / Revenue)
yc_app_brief: live YC-ready narrative generated from product metrics- Emphasizes:
- Moat: trace + fork + risk label data flywheel
- Traction: OpenClaw integration and safety intervention activity
- Revenue: freemium ladder (Free, Pro $9, Team $29, Enterprise $99)
MCP Tools
observe_sessionreplay_forkaudit_riskml_anomaly_reportguard_actioningest_session_eventshare_trace_anonsuggest_evolved_skillsyc_app_brieflist_tracesexport_trace
API Endpoints
GET /healthGET /judge(judge standalone page)GET /api/tracesGET /api/traces/:traceIdGET /api/community/statsGET /api/community/tracesGET /api/yc/brief?focus=full|moat|traction|revenueGET /api/firewall/statePOST /api/firewall/chatPOST /api/firewall/decision(strict pre-execution allow/block gate)
Key Project Files
index.ts: tool + route orchestrationsrc/core/risk-engine.ts: rule engine + embedding anomaly integrationsrc/ml/embeddings.ts: simple embedding implementationsrc/ml/anomaly-detector.ts: cosine-sim anomaly detectionsrc/network/anonymizer.ts: anonymized trace transformationsrc/network/shared-trace-store.ts: community pool + skill suggestionssrc/strategy/yc-narrative.ts: moat/traction/revenue narrative builderresources/trace-timeline/widget.tsxresources/replay-simulator/widget.tsxresources/risk-dashboard/widget.tsx
Quick Start
npm install
npm run dev
Inspector: http://localhost:3000/inspector
Hardcoded Demo Stack (OpenClaw + Maple)
This repo now includes a one-command hardcoded demo setup:
- OpenClaw gateway on
ws://127.0.0.1:19001 - OpenClaw bridge adapter on
http://127.0.0.1:8787 - Maple gateway auth disabled in this build
- Bridge token generated at startup (or provided via env)
OPENCLAW_VERSION= npm run demo:install-openclaw
npm run demo:up
Then open:
- Judge GUI:
http://localhost:3000/judge - Inspector:
http://localhost:3000/inspector
Guided Demo Mode (No Manual JSON)
The Judge GUI now has Guided Demo Controls so you can run the full flow without Inspector copy/paste:
- Open
/judgeand wait for auto-connect - Click
Run Full Flow
Or step through:
1) Start2) Audit3) Block4) Fork
Judge page now includes Firewall Chat in Control view:
- Ask natural-language questions ("status update", "why blocked?", "what should we do next?")
- Chat replies are generated from live firewall context (
/api/firewall/state)
This uses internal demo APIs:
POST /api/demo/startPOST /api/demo/auditPOST /api/demo/blockPOST /api/demo/forkPOST /api/demo/full
demo:up also auto-opens both pages on macOS (set DEMO_OPEN_BROWSER=0 to disable).
Single-Trace Agent Action Logging (Hackathon)
For a reliable judge demo, run one stable trace and append every action to it.
npm run trace:demo
What this does:
- Starts (or reuses) one trace for a stable
sessionId - Logs all agent actions through
POST /api/openclaw/eventsusing the sametraceId - Includes
type,actor,prompt/message,command,url,toolName, and uniqueeventId - Runs a preflight firewall preview and logs Maple's block/allow message into the same trace
Open http://localhost:3000/judge, then select the printed trace ID to see #0, #1, #2....
If you want to integrate this into your own runtime, use:
scripts/maple-trace-logger.mjslogAction(...)for generic eventslogWebGet(...),logMarketplaceSearch(...),logMarketplaceToolCall(...)wrappers
Example:
import { createMapleTraceLogger } from "./scripts/maple-trace-logger.mjs";
const logger = createMapleTraceLogge
Tools (9)
observe_sessionCapture and render timeline widget for agent sessions.replay_forkBranch from any step and simulate forward.audit_riskRule and anomaly risk dashboard.guard_actionAllow, block, or pending action with quarantine support.ingest_session_eventStream external bridge events into active trace.ml_anomaly_reportEmbedding-based behavior outlier detection.share_trace_anonAnonymize and publish trace patterns to shared pool.suggest_evolved_skillsGenerate evolved skill suggestions from shared traces.yc_app_briefGenerate a live YC-ready narrative from product metrics.Environment Variables
DEMO_OPEN_BROWSERControls if the demo browser opens automatically on macOS.Configuration
claude_desktop_config.json
{"mcpServers": {"maple": {"command": "node", "args": ["/path/to/maple/index.js"]}}}Try it
→Observe the current agent session and render the timeline.
→Run an audit on the recent agent actions to check for risk anomalies.
→Fork the current agent branch to simulate a different outcome.
→Generate a YC-ready narrative brief based on my current agent metrics.
→Check for any anomalous behavior in the latest trace using the ML report tool.