v3.1.0 — first public release

EVOKORE-MCP v3.1.0 — first public release

EVOKORE-MCP is a multi-server Model Context Protocol
aggregator. One stdio (or HTTP) endpoint fans out to many child MCP servers,
adds skill discovery, human-in-the-loop approval, RBAC, persistent session
continuity, and an opinionated orchestration framework on top.

This is the first publicly released cut of an internal multi-server MCP
aggregator that has been used in real agentic workflows since v3.0. Treat it
as a polished beta — the runtime is stable, but conventions and surfaces will
keep evolving in the open.

Highlights

• Multi-server MCP proxy (mcp.config.json) — fans one stdio/HTTP endpoint
  out to many child MCP servers, with tool-name prefixing and per-server
  rate limits.
• Skill discovery — recursive SKILLS/ indexer with resolve_workflow,
  search_skills, get_skill_help, discover_tools, and a static
  composition graph (scripts/derive-skill-composition.js → skill-graph.json).
• Tool-discovery tiering — EVOKORE_TOOL_DISCOVERY_MODE,
  EVOKORE_DISCOVERY_PROFILE, cursor pagination, and a deferred-schema mode
  to fit tools/list token budgets without breaking older clients.
• Human-in-the-loop approval — _evokore_approval_token flow for
  restricted tools, plus a dashboard /approvals UI.
• RBAC — admin / developer / readonly roles via EVOKORE_ROLE,
  backwards-compatible when unset.
• Session continuity — ~/.evokore/sessions/{sessionId}.json shared
  manifest, replay (JSONL), evidence (JSONL), and tilldone task tracking.
• Orchestration framework — SKILLS/ORCHESTRATION FRAMEWORK/ with the
  panel-of-experts pattern, handoff protocol, AEP framework, and 11 orch-*
  commands.
• Damage-control hook — damage-control-rules.yaml blocks dangerous
  shell commands, force-pushes to protected refs, secret-touching paths,
  and 43+ other classes of mistake before they execute.
• Webhook events — HMAC-SHA256 signed, fire-and-forget delivery for
  tool_call, tool_error, session_*, approval_*, and plugin_* events.

What's in this release

• v3.1.0 source for the MCP runtime, including HTTP server, stdio server,
  proxy manager, plugin loader, OAuth provider, webhook manager, claims
  manager, fleet manager, and orchestration runtime.
• The full curated SKILLS/ corpus (~336 skills/files across 13 framework
  directories).
• Damage-control rule set (DC-01 through DC-43).
• Governance triad — CITATION.cff, SECURITY.md, SUPPORT.md,
  THIRD_PARTY_LICENSES.md, .github/CODEOWNERS, .github/FUNDING.yml,
  and YAML-form issue templates.
• The pinned-upstream mattpocock/skills LICENSE at
  SKILLS/upstream/mattpocock-skills/LICENSE.

Install

npm install -g evokore-mcp
# or, from source:
git clone https://github.com/mattmre/EVOKORE-MCP-PUBLIC.git
cd EVOKORE-MCP-PUBLIC
npm install
npm run build

Wire EVOKORE-MCP into your MCP client of choice (Claude Code, Cursor, Cline,
Claude Desktop, etc.) by pointing at the built dist/index.js.

See README.md for the full setup walkthrough and docs/ for runtime,
configuration, security, and orchestration documentation.

Security and conventions

• Read SECURITY.md for the vulnerability-disclosure policy before reporting
  a CVE-class issue.
• Read RULES.md for the declarative security policies the server enforces.
• Read SOUL.md for behavioral identity and CLAUDE.md for the
  brutal-honesty convention.
• dangerouslySkipPermissions ships off by default. Opt in locally if
  you want the internal-development posture; do not check that flip into a
  fork that other people will install.

Acknowledgements

EVOKORE-MCP vendors and integrates several upstream skill packs under their
original licenses. See THIRD_PARTY_LICENSES.md for the full list and
SKILLS/upstream/UPSTREAM-*.md for pinned commit SHAs.

License

MIT — see LICENSE.