PullMD v2.4.1 Adds Native MCP Connector for claude.ai Web and Multi-User Auth
PullMD v2.4.1 is out, and the headline feature is native support for claude.ai web's custom connector dialog (and Claude Desktop). Two weeks after the initial post — 385 upvotes, 60 comments, ~20 GitHub issues, and 7 releases — here's what shipped.
claude.ai Web Connector Works Natively
You can now point claude.ai web at your own self-hosted PullMD instance. The custom-connector dialog discovers the server, registers it, and walks you through OAuth consent. Setup is two env vars:
OAUTH_JWT_SECRET=$(openssl rand -hex 32)
PUBLIC_URL=https://your-host.example.comRestart, then go to claude.ai web → Settings → Connectors → Add custom and point at https://your-host.example.com/mcp. Same flow works in Claude Desktop.
Under the hood: standard OAuth 2.1 Authorization Code flow with PKCE-S256 and Dynamic Client Registration (RFC-compliant). If OAUTH_JWT_SECRET isn't set, behavior falls back to v1.x.
Three Auth Modes via PULLMD_AUTH_MODE
Until v2.0, PullMD was effectively single-tenant. v2.0 introduces three modes:
- disabled (default) — no login, no API key. Same as v1.x. Use on a trusted network.
- single-admin — one user, password-protected, no self-signup. Good for homelab with GUI gating.
- multi-user — self-signup at
/signup, per-user history isolation, per-user API keys (pmd_<32-char-base62>sent asAuthorization: Bearer pmd_xxx). Share links (/s/:id) remain public.
Minimal config for a shared instance:
PULLMD_AUTH_MODE=multi-user
[email protected]
PULLMD_ADMIN_PASSWORD=change-me-pleaseImproved Site Compatibility
Several fixes landed since v1.2/v2.2 that closed gaps where PullMD returned half-articles or empty bodies:
- Future PLC family (windowscentral.com, tomshardware.com, techradar.com, pcgamer.com, gamesradar.com, t3.com) — site recipes now strip recommendation widgets and
aria-hiddenpaywall patterns that confused Readability. - GitHub Issues pages — default recipe for
*/*/issues/*forces Playwright withwait_for: .js-comment-bodyto capture the full JS-rendered comment thread. - UA fingerprinting sites — the hardcoded Chrome 131 UA has been replaced with a real-world UA pool that rotates.
📖 Read the full source: r/ClaudeAI
👀 See Also
Cloudflare Dynamic Worker Loader: Sandboxing AI Agents with Isolates
Cloudflare's Dynamic Worker Loader API, now in open beta, allows Workers to instantiate new Workers with runtime-specified code in isolated sandboxes using V8 isolates, offering 100x faster startup than containers and no global concurrency limits.
TextGen (text-generation-webui) Becomes Native Desktop App with Portable Builds
TextGen, the open-source alternative to LM Studio, has evolved from a web UI to a no-install desktop app for Windows, Linux, and macOS with portable builds, full privacy, and advanced quantization support.
OpenClaw Context Meter Plugin Shows Telegram Token Usage Percentage
A new OpenClaw plugin displays token usage percentage after every Telegram bot response, showing values like '45k / 200k (22%)' and detecting compaction events. The plugin avoids OOM issues by hardcoding context windows instead of using execSync.
Traversable Skill Graph for Persistent AI Agent Memory in Codebases
A developer built a three-layer skill graph system that lives inside a codebase, enabling AI coding assistants to maintain persistent memory across sessions. The system uses progressive disclosure with self-directing instructions instead of monolithic context files.