fix: batch fixes for issues #1911, 1913, 1915, 1916, 1917, 1919, 1920, 1921, 1922, 1923 [skip ci] (#373)

Fixes:
- #1911: scrape --selector now accepts multiple values (use multiple times)
- #1913: consistent multiple flag behavior for --selector like -H
- #1915: debug config shows 'optional, not configured' instead of 'not found'
- #1916: mcp list shows helpful message when no servers configured (already fixed)
- #1917: mcp list adds --all flag for showing all servers
- #1919: agent show adds --model flag for model override preview
- #1920: config command adds 'get' subcommand alongside set/unset
- #1921: agent create --non-interactive outputs only path, no banner
- #1922: mcp add --url now supports ws:// and wss:// WebSocket URLs
- #1923: mcp add adds --allow-local flag to permit localhost URLs

Also fixes pre-existing missing trust_proxy field in RateLimitConfig.

Co-authored-by: Bounty Bot <bounty-bot@factory.ai>

Author: echobt

cortex-app-server/src/config.rs

@@ -266,6 +266,9 @@ pub struct RateLimitConfig {
     /// Exempt paths from rate limiting.
     #[serde(default)]
     pub exempt_paths: Vec<String>,
+    /// Trust proxy headers (X-Forwarded-For) for client IP detection.
+    #[serde(default)]
+    pub trust_proxy: bool,
 }
 
 fn default_rpm() -> u32 {
@@ -286,6 +289,7 @@ impl Default for RateLimitConfig {
             by_api_key: false,
             by_user: false,
             exempt_paths: vec!["/health".to_string()],
+            trust_proxy: false,
         }
     }
 }

cortex-cli/src/agent_cmd.rs

@@ -83,6 +83,10 @@ pub struct ShowArgs {
     /// Output as JSON.
     #[arg(long)]
     pub json: bool,
+
+    /// Show how agent would work with a specific model override.
+    #[arg(long)]
+    pub model: Option<String>,
 }
 
 /// Arguments for create command.
@@ -1051,6 +1055,13 @@ async fn run_show(args: ShowArgs) -> Result<()> {
                     serde_json::Value::String("builtin".to_string()),
                 );
             }
+            // Add model override if provided via --model flag
+            if let Some(ref model_override) = args.model {
+                map.insert(
+                    "model_override".to_string(),
+                    serde_json::Value::String(model_override.clone()),
+                );
+            }
         }
         let json = serde_json::to_string_pretty(&json_value)?;
         println!("{json}");
@@ -1090,7 +1101,10 @@ async fn run_show(args: ShowArgs) -> Result<()> {
         }
     );
 
-    if let Some(ref model) = agent.model {
+    // Show model - either from --model override or agent's configured model
+    if let Some(ref model_override) = args.model {
+        println!("Model: {model_override} (override via --model)");
+    } else if let Some(ref model) = agent.model {
         println!("Model: {model}");
     }
 
@@ -1492,9 +1506,14 @@ mode: {mode}
     std::fs::write(&agent_file, &content)
         .with_context(|| format!("Failed to write agent file: {}", agent_file.display()))?;
 
-    println!("\nAgent '{name}' created successfully!");
-    println!("   Location: {}", agent_file.display());
-    println!("\n   Use 'Cortex Agent show {name}' to view details.");
+    // In non-interactive mode, output only the path for scripting
+    if args.non_interactive {
+        println!("{}", agent_file.display());
+    } else {
+        println!("\nAgent '{name}' created successfully!");
+        println!("   Location: {}", agent_file.display());
+        println!("\n   Use 'Cortex Agent show {name}' to view details.");
+    }
 
     Ok(())
 }

cortex-cli/src/debug_cmd.rs

@@ -204,7 +204,7 @@ async fn run_config(args: ConfigArgs) -> Result<()> {
                 if output.locations.local_config_exists {
                     "(exists)"
                 } else {
-                    "(not found)"
+                    "(optional, not configured)"
                 }
             );
         }

cortex-cli/src/main.rs

@@ -680,13 +680,23 @@ struct ConfigCommand {
 /// Config subcommands.
 #[derive(Subcommand)]
 enum ConfigSubcommand {
+    /// Get a configuration value
+    Get(ConfigGetArgs),
+
     /// Set a configuration value
     Set(ConfigSetArgs),
 
     /// Unset (remove) a configuration value
     Unset(ConfigUnsetArgs),
 }
 
+/// Arguments for config get.
+#[derive(Args)]
+struct ConfigGetArgs {
+    /// Configuration key to get (e.g., model, provider)
+    key: String,
+}
+
 /// Arguments for config set.
 #[derive(Args)]
 struct ConfigSetArgs {
@@ -1747,6 +1757,9 @@ async fn show_config(config_cli: ConfigCommand) -> Result<()> {
         let config_path = config.cortex_home.join("config.toml");
 
         match action {
+            ConfigSubcommand::Get(args) => {
+                return config_get(&config_path, &args.key);
+            }
             ConfigSubcommand::Set(args) => {
                 return config_set(&config_path, &args.key, &args.value);
             }
@@ -1853,6 +1866,52 @@ async fn show_config(config_cli: ConfigCommand) -> Result<()> {
     Ok(())
 }
 
+/// Get a configuration value from config.toml.
+fn config_get(config_path: &std::path::Path, key: &str) -> Result<()> {
+    if !config_path.exists() {
+        println!("Config file does not exist: {}", config_path.display());
+        return Ok(());
+    }
+
+    let content = std::fs::read_to_string(config_path)?;
+    let doc: toml_edit::DocumentMut = content.parse().unwrap_or_else(|_| {
+        eprintln!("Warning: Could not parse config file");
+        toml_edit::DocumentMut::new()
+    });
+
+    // Map common keys to their TOML sections
+    let (section, actual_key) = match key {
+        "model" | "default_model" => ("model", "default"),
+        "provider" | "model_provider" => ("model", "provider"),
+        "sandbox" | "sandbox_mode" => ("sandbox", "mode"),
+        "approval" | "approval_mode" => ("approval", "mode"),
+        k if k.contains('.') => {
+            let parts: Vec<&str> = k.splitn(2, '.').collect();
+            (parts[0], parts[1])
+        }
+        _ => ("", key),
+    };
+
+    let value = if section.is_empty() {
+        doc.get(actual_key)
+    } else {
+        doc.get(section).and_then(|t| t.get(actual_key))
+    };
+
+    match value {
+        Some(v) => {
+            // Print raw value for easy scripting
+            let display = v.as_str().unwrap_or(&v.to_string().replace('"', ""));
+            println!("{}", display);
+        }
+        None => {
+            println!("Key '{}' not found in config", key);
+        }
+    }
+
+    Ok(())
+}
+
 /// Set a configuration value in config.toml.
 fn config_set(config_path: &std::path::Path, key: &str, value: &str) -> Result<()> {
     // Read existing config or create empty

cortex-cli/src/mcp_cmd.rs

@@ -53,8 +53,8 @@ const MAX_COMMAND_ARGS: usize = 100;
 /// Maximum length for a single command argument
 const MAX_COMMAND_ARG_LENGTH: usize = 4096;
 
-/// Allowed URL schemes for MCP HTTP transport
-const ALLOWED_URL_SCHEMES: &[&str] = &["http", "https"];
+/// Allowed URL schemes for MCP HTTP transport (including WebSocket)
+const ALLOWED_URL_SCHEMES: &[&str] = &["http", "https", "ws", "wss"];
 
 /// Dangerous URL patterns that should be blocked
 const BLOCKED_URL_PATTERNS: &[&str] = &[
@@ -87,14 +87,19 @@ const BLOCKED_URL_PATTERNS: &[&str] = &[
     "172.31.", // Private network end
 ];
 
-/// Validates and sanitizes a URL for MCP HTTP transport.
+/// Validates and sanitizes a URL for MCP HTTP/WebSocket transport.
 ///
 /// # Validation Rules:
 /// - Must not exceed maximum length
-/// - Must use allowed schemes (http/https)
-/// - Must not contain dangerous patterns
+/// - Must use allowed schemes (http/https/ws/wss)
+/// - Must not contain dangerous patterns (unless allow_local is true)
 /// - Must be a valid URL format
 fn validate_url(url: &str) -> Result<()> {
+    validate_url_internal(url, false)
+}
+
+/// Validates URL with option to allow local addresses.
+fn validate_url_internal(url: &str, allow_local: bool) -> Result<()> {
     // Check length
     if url.is_empty() {
         bail!("URL cannot be empty");
@@ -113,25 +118,27 @@ fn validate_url(url: &str) -> Result<()> {
 
     let url_lower = url.to_lowercase();
 
-    // Check scheme - must start with http:// or https://
+    // Check scheme - must start with http://, https://, ws://, or wss://
     let has_valid_scheme = ALLOWED_URL_SCHEMES
         .iter()
         .any(|&scheme| url_lower.starts_with(&format!("{}://", scheme)));
     if !has_valid_scheme {
         bail!(
-            "URL must start with http:// or https://. Got: {}",
+            "URL must start with http://, https://, ws://, or wss://. Got: {}",
             url.chars().take(20).collect::<String>()
         );
     }
 
-    // Check for blocked patterns
-    for pattern in BLOCKED_URL_PATTERNS {
-        if url_lower.contains(pattern) {
-            bail!(
-                "URL contains blocked pattern '{}'. For security, local/private network URLs are not allowed by default. \
-                 Use environment variables for local development servers.",
-                pattern
-            );
+    // Check for blocked patterns (skip if allow_local is true)
+    if !allow_local {
+        for pattern in BLOCKED_URL_PATTERNS {
+            if url_lower.contains(pattern) {
+                bail!(
+                    "URL contains blocked pattern '{}'. For security, local/private network URLs are not allowed by default. \
+                     Use --allow-local flag to enable local development servers.",
+                    pattern
+                );
+            }
         }
     }
 
@@ -140,6 +147,10 @@ fn validate_url(url: &str) -> Result<()> {
         &url[8..]
     } else if url_lower.starts_with("http://") {
         &url[7..]
+    } else if url_lower.starts_with("wss://") {
+        &url[6..]
+    } else if url_lower.starts_with("ws://") {
+        &url[5..]
     } else {
         bail!("Invalid URL scheme");
     };
@@ -310,6 +321,10 @@ pub struct ListArgs {
     /// Output the configured servers as JSON.
     #[arg(long)]
     pub json: bool,
+
+    /// Show all servers including disabled ones.
+    #[arg(long)]
+    pub all: bool,
 }
 
 /// Arguments for get command.
@@ -344,6 +359,13 @@ pub struct AddArgs {
     #[arg(long, short = 'f')]
     pub force: bool,
 
+    /// Allow localhost and private network URLs (for local development).
+    /// By default, URLs containing localhost, 127.0.0.1, or private network
+    /// addresses are blocked for security. Use this flag to enable local
+    /// development servers.
+    #[arg(long)]
+    pub allow_local: bool,
+
     #[command(flatten)]
     pub transport_args: AddMcpTransportArgs,
 }
@@ -741,6 +763,7 @@ async fn run_add(args: AddArgs) -> Result<()> {
     let AddArgs {
         name,
         force,
+        allow_local,
         transport_args,
     } = args;
 
@@ -925,8 +948,8 @@ command = "{command_bin_escaped}"
                 }),
             ..
         } => {
-            // Validate URL format and safety
-            validate_url(&url)?;
+            // Validate URL format and safety (allow_local bypasses localhost/private network check)
+            validate_url_internal(&url, allow_local)?;
 
             // Validate bearer token env var if provided
             if let Some(ref token_var) = bearer_token_env_var {

cortex-cli/src/scrape_cmd.rs

@@ -99,7 +99,8 @@ pub struct ScrapeCommand {
     #[arg(long)]
     pub no_links: bool,
 
-    /// CSS selector to extract specific elements from the page.
+    /// CSS selectors to extract specific elements from the page.
+    /// Can be specified multiple times to combine selectors.
     /// Examples:
     ///   article           - Select all <article> elements
     ///   .content          - Select elements with class "content"
@@ -108,8 +109,9 @@ pub struct ScrapeCommand {
     ///   table tbody tr    - Select table rows in tbody
     ///   h1, h2, h3        - Select multiple heading levels
     ///   [data-id="123"]   - Select by attribute
-    #[arg(long, value_name = "SELECTOR")]
-    pub selector: Option<String>,
+    /// Multiple selectors: --selector "h1" --selector "p"
+    #[arg(long, value_name = "SELECTOR", action = clap::ArgAction::Append)]
+    pub selector: Vec<String>,
 
     /// Show verbose output (includes fetching info).
     #[arg(short, long)]
@@ -416,17 +418,24 @@ impl ScrapeCommand {
     fn process_html(&self, html: &str, format: OutputFormat) -> Result<String> {
         let document = Html::parse_document(html);
 
-        // If a selector is provided, extract only that content
-        let content_html = if let Some(selector_str) = &self.selector {
-            let selector = Selector::parse(selector_str)
-                .map_err(|e| anyhow::anyhow!("Invalid CSS selector: {e:?}"))?;
-
+        // If selectors are provided, extract only that content
+        let content_html = if !self.selector.is_empty() {
             let mut selected = String::new();
-            for element in document.select(&selector) {
-                selected.push_str(&element.html());
+            let mut matched_any = false;
+
+            for selector_str in &self.selector {
+                let selector = Selector::parse(selector_str).map_err(|e| {
+                    anyhow::anyhow!("Invalid CSS selector '{}': {e:?}", selector_str)
+                })?;
+
+                for element in document.select(&selector) {
+                    selected.push_str(&element.html());
+                    matched_any = true;
+                }
             }
-            if selected.is_empty() {
-                bail!("No elements matched selector: {selector_str}");
+            if !matched_any {
+                let selectors_display = self.selector.join(", ");
+                bail!("No elements matched selectors: {selectors_display}");
             }
             selected
         } else {