Six surgical scrubs to clear cluster-fingerprint references before the
PyPI release. Per `~/.claude/rules/python.md`'s pre-publish PII audit
section: specific build strings (`15.0.1.12900-234`-style maintenance
release IDs) and cluster role descriptors ("production") narrow the
fingerprint of which deployment the developer tested against. Replaced
with the more accurate Cisco user-facing version ("CUCM 15.0(1)" or
"CUCM 15") and operational descriptor ("live cluster" — same trust
signal without the prod disclosure).
Files:
README.md
"Tested against CUCM 15.0.1.12900" → "Tested against CUCM 15.0(1)"
placeholder host hardened to "cucm-pub.example.com" (RFC-reserved
`.example` TLD per the rule's documented convention)
CHANGELOG.md
"production CUCM 15.0.1.12900 cluster" → "live CUCM 15 cluster"
src/mcaxl/risport.py
Comment: "verified against CUCM 15.0.1.12900 documentation" →
"verified against CUCM 15 RisPort70 docs"
src/mcaxl/route_plan.py
Comment: "the typepatternusage table in CUCM 15.0.1.12900" →
"the typepatternusage table in CUCM 15"
.env.example
Normalized to RFC-reserved values:
cucm-pub → cucm-pub.example.com
AxlUser → axl-readonly (descriptive function, not
a real-account-shape name)
TopSecret... → replace-with-your-password (clearly a placeholder)
Audit verification:
grep -rnE '15\.0\.1\.12900|bingham|SupportedSystems|CCX-AXL|CER-AXL|
CUC-AXL|TabSync|variphy|production|10\.[0-9]+\.[0-9]+\.[0-9]+|
172\.(1[6-9]|2[0-9]|3[01])\.[0-9]+\.[0-9]+|192\.168\.[0-9]+\.[0-9]+'
src/ pyproject.toml README.md CHANGELOG.md .env.example
→ returns empty (verified)
Sdist verification:
tar -tzf dist/mcaxl-2026.4.27.tar.gz | grep -iE 'CLAUDE|axlsqltoolkit|
bingham|tests/'
→ returns empty (verified)
Tests directory IS excluded from sdist via
`[tool.hatch.build.targets.sdist] exclude = ["tests/"]` — important
because test fixtures contain real cluster hostnames in mock SOAP
responses (test_risport.py SAMPLE_RESPONSE). Tests stay in the source
repo for development; they don't ship to PyPI.
Tests still pass: 155/155.
Ready for `uv publish --token …`.
Read-only MCP server for Cisco Unified CM 15 AXL — built for LLM-driven
cluster auditing, with a particular focus on the Route Plan Report:
partitions, calling search spaces, route patterns, translation patterns,
called/calling party transformations, and digit-discard instructions.
Pairs intentionally with the sibling mcp-cisco-docs server (live
cluster state + vendor docs in one LLM context).
Architecture:
- zeep SOAP client to CUCM AXL
- WSDL bootstrap from Cisco's axlsqltoolkit.zip (auto-extract on
first launch; zip is gitignored, vendor-licensed)
- SQLite response cache at ~/.cache/mcp-cucm-axl/responses/
- Schema-grounded prompts that pull chunks from the sibling
cisco-docs index (docs_loader.py)
Read-only by structural guarantee — never registers AXL write methods
(no executeSQLUpdate, no add*/update*/remove*/apply*/reset*/restart*
tools). SQL queries also client-side validated (sql_validator.py) to
begin with SELECT or WITH.
Tools exposed:
Foundational: axl_version, axl_sql, axl_list_tables,
axl_describe_table, cache_stats, cache_clear
Route plan: route_partitions, route_calling_search_spaces,
route_patterns, route_inspect_pattern,
route_lists_and_groups, route_translation_chain,
route_digit_discard_instructions
Prompts (schema-grounded):
route_plan_overview, investigate_pattern, audit_routing,
cucm_sql_help
Tests cover cache, docs_loader, normalize, sql_validator, wildcard.
