fix(web): correct two brand strings visible to API/MCP clients

Probing the public API surface on claudepot.com surfaced two
client-visible brand bugs:

1. /api/v1/me returned a 401 problem-detail JSON whose `detail`
   field told callers the token format was `shn_pat_<28 chars>`.
   That's Shannon's Personal Access Token prefix; the rebrand
   should have switched it. No PATs are minted yet (api_tokens is
   empty on the fresh Neon DB), so the prefix change is safe.

   - TOKEN_PREFIX:   shn_pat_ → cdp_pat_ (ClauDepot PAT)
   - TOKEN_FORMAT_RE adjusted to match the new prefix
   - error message + JSDoc + schema.ts comment updated

2. /api/mcp's `initialize` response carried `serverInfo.name =
   "sha.com"` — a mangled remnant from an earlier perl substitution
   that turned a `sha.nnon.ai` snippet into `sha.com` in source.
   MCP clients that connect (e.g. Claude Desktop with the MCP
   integration) would see "sha.com" as the server identity.
   Switched to "claudepot.com".

Migration 0012 (api_tokens) keeps `shn_pat_` in its frozen header
comment — historical, not user-visible. Routes referencing it via
the live constants pick up the new prefix automatically.

Author: xiaolai

web/src/app/api/[transport]/route.ts

@@ -26,7 +26,7 @@ const baseHandler = createMcpHandler(
   },
   {
     serverInfo: {
-      name: "sha.com",
+      name: "claudepot.com",
       version: "0.1.0",
     },
   },

web/src/db/schema.ts

@@ -653,7 +653,7 @@ export const metricsDaily = pgTable("metrics_daily", {
 
 /* ── Public API tokens ──────────────────────────────────────────
  * Per-user Personal Access Tokens for the public REST + MCP API.
- * Plaintext (`shn_pat_<28 random url-safe-base64 chars>`) is shown
+ * Plaintext (`cdp_pat_<28 random url-safe-base64 chars>`) is shown
  * once at creation; only the SHA-256 hex digest is stored.
  *
  * Scopes are an open text array, validated in app code (see

web/src/lib/api/auth.ts

@@ -39,7 +39,7 @@ export type AuthSuccess = { ok: true; token: ApiToken; user: AuthUser };
 export type AuthFailure = { ok: false; problem: Problem };
 
 // Tight upper bound on the bearer value length. Format is
-// `shn_pat_<28 base64url>` (36 chars); cap a touch higher to reject
+// `cdp_pat_<28 base64url>` (36 chars); cap a touch higher to reject
 // pathological inputs before doing any work but still allow future
 // prefix changes without code edits.
 const MAX_BEARER_LEN = 64;
@@ -53,7 +53,7 @@ export async function authenticate(
     return {
       ok: false,
       problem: unauthorized(
-        "Missing or malformed Authorization header. Expected: Authorization: Bearer shn_pat_<28 url-safe-base64 chars>",
+        "Missing or malformed Authorization header. Expected: Authorization: Bearer cdp_pat_<28 url-safe-base64 chars>",
       ),
     };
   }

web/src/lib/api/tokens.ts

@@ -1,7 +1,7 @@
 /**
  * Token generation, hashing, and lookup.
  *
- * Plaintext format: `shn_pat_<28 url-safe-base64 chars>` (168 bits of entropy).
+ * Plaintext format: `cdp_pat_<28 url-safe-base64 chars>` (168 bits of entropy).
  * Storage: SHA-256 hex digest of the full plaintext. The plaintext leaves
  * the server exactly once — at creation time — and is never logged.
  *
@@ -17,16 +17,16 @@ import { eq } from "drizzle-orm";
 import { db } from "@/db/client";
 import { apiTokens } from "@/db/schema";
 
-const TOKEN_PREFIX = "shn_pat_";
+const TOKEN_PREFIX = "cdp_pat_";
 const RANDOM_BYTES = 21; // 21 bytes -> 28 base64url chars
-const DISPLAY_PREFIX_LEN = 12; // "shn_pat_XXXX"
+const DISPLAY_PREFIX_LEN = 12; // "cdp_pat_XXXX"
 
 /**
  * Strict format validator: prefix + exactly 28 URL-safe-base64 chars.
  * Used by auth.ts to reject oversized / malformed bearer values BEFORE
  * paying for a SHA-256 hash and DB query.
  */
-export const TOKEN_FORMAT_RE = /^shn_pat_[A-Za-z0-9_-]{28}$/;
+export const TOKEN_FORMAT_RE = /^cdp_pat_[A-Za-z0-9_-]{28}$/;
 
 export type ApiToken = typeof apiTokens.$inferSelect;