fix(mcp): tighten stdio server logging and error semantics#1790
Merged
Conversation
Four polish items on top of tinyhumansai#1760: - Always install the tracing subscriber when running `openhuman-core mcp`, defaulting to `warn`. Previously `init_for_cli_run` only ran with `--verbose`, so `log::error!` / `log::warn!` events were silently dropped when the server ran as a subprocess of Claude Desktop / Cursor. A user-set `RUST_LOG` still wins. - Route `print_help` through `eprintln!`. The `mcp` subcommand suppresses the banner to keep stdout protocol-only; help output should follow the same contract. - Add `ToolCallError::Internal` and a `code()` / `jsonrpc_message()` dispatcher. Config-load failures inside `enforce_read_policy` now surface as `-32603 Internal error` instead of being mis-labelled as `-32602 Invalid params`. Policy denials remain `InvalidParams` so the caller still sees actionable reason text. - Reject `k > MAX_LIMIT` in `memory.search` / `memory.recall` instead of silently clamping. The schema advertises `maximum: 50`; clamping made the LLM believe it received the page size it requested and prevented the corrective feedback loop.
Contributor
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughThe PR refactors MCP server error handling to distinguish invalid client parameters from server-side failures. ChangesMCP Error Classification and Validation
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Tip 💬 Introducing Slack Agent: The best way for teams to turn conversations into code.Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.
Built for teams:
One agent for your entire SDLC. Right inside Slack. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
🧹 Nitpick comments (1)
src/openhuman/mcp_server/tools.rs (1)
288-302: ⚡ Quick winAdd debug logging when config load fails.
The coding guidelines require verbose diagnostics logging for external calls and error handling paths. The
load_config_with_timeout()call at line 292 is an external call, and the new error classification (Internal vs InvalidParams) is a behavior change that should be logged for debugging and operational visibility.📊 Suggested logging addition
async fn enforce_read_policy(tool_name: &str) -> Result<(), ToolCallError> { // Config-load failure is an internal/server issue (disk error, corrupt // config), not bad client input — report it as `-32603 Internal error` // rather than `-32602 Invalid params`. - let config = config_rpc::load_config_with_timeout() - .await - .map_err(|err| ToolCallError::Internal(format!("failed to load config: {err}")))?; + let config = match config_rpc::load_config_with_timeout().await { + Ok(config) => config, + Err(err) => { + log::warn!( + "[mcp_server] enforce_read_policy config load failed tool={} error={}", + tool_name, + err + ); + return Err(ToolCallError::Internal(format!("failed to load config: {err}"))); + } + }; let policy = SecurityPolicy::from_config(&config.autonomy, &config.workspace_dir);As per coding guidelines: "In Rust, use
log/tracingatdebugortracelevel for development-oriented diagnostics on new/changed flows, including logs at entry/exit points, branch decisions, external calls, retries/timeouts, state transitions, and error handling paths."🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/openhuman/mcp_server/tools.rs` around lines 288 - 302, enforce_read_policy currently classifies a config-load failure as ToolCallError::Internal but does not emit diagnostic logs; add debug-level tracing around the external call to config_rpc::load_config_with_timeout() (e.g., a trace/debug before the call and a debug on error) so the failure and the decision to map it to Internal are visible; specifically, inside enforce_read_policy log the call attempt, and in the map_err closure log the error details and the fact you are returning ToolCallError::Internal (use tracing::debug or log::debug and include err and tool_name to aid debugging).
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@src/openhuman/mcp_server/tools.rs`:
- Around line 288-302: enforce_read_policy currently classifies a config-load
failure as ToolCallError::Internal but does not emit diagnostic logs; add
debug-level tracing around the external call to
config_rpc::load_config_with_timeout() (e.g., a trace/debug before the call and
a debug on error) so the failure and the decision to map it to Internal are
visible; specifically, inside enforce_read_policy log the call attempt, and in
the map_err closure log the error details and the fact you are returning
ToolCallError::Internal (use tracing::debug or log::debug and include err and
tool_name to aid debugging).
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: cd3b3c89-e35e-4eb9-b995-a765003186e4
📒 Files selected for processing (3)
src/openhuman/mcp_server/protocol.rssrc/openhuman/mcp_server/stdio.rssrc/openhuman/mcp_server/tools.rs
Contributor
Author
|
Heads-up: the two red rust checks are blocked on what looks like a regression The failing test:
Recent CI runs on The third red is Happy to re-trigger CI once |
Surface the external call's failure through `log::warn!` so `-32603 Internal error` returns are observable on the stderr diagnostic stream (addresses CodeRabbit nitpick on tools.rs:288).
Contributor
Author
|
Thanks for the merge |
This was referenced May 16, 2026
13 tasks
12 tasks
senamakel
added a commit
that referenced
this pull request
May 20, 2026
## Summary Adds MCP `ToolAnnotations` (spec 2025-03-26+) to every tool advertised by `openhuman-core mcp`. Clients use `readOnlyHint` / `destructiveHint` / `idempotentHint` / `openWorldHint` to surface accurate safety affordances — e.g. Claude Desktop's "this tool can take destructive actions" confirmation gate. ## Problem `tools/list` today returns the curated tool surface but says nothing about each tool's behavior class. The MCP spec defines `ToolAnnotations` precisely for this — without them: - Claude Desktop / Cursor can't render confirmation gates for destructive actions. - Humans inspecting the tool list (e.g. via MCP Inspector) can't see at a glance which tools are safe to retry. - `agent.run_subagent` — the one Act-policy surface on the MCP server today — looks identical to `memory.search` to clients, even though it can call further tools (including potentially destructive ones) through any sub-agent it spawns. ## Solution - Added `annotations: Value` to `McpToolSpec` (always present, serialized into each tool's `annotations` field in the `tools/list` response). - All read-only tools share a `read_only_local_annotations()` helper (`readOnlyHint: true`, `openWorldHint: false`). - `agent.run_subagent` gets explicit annotations: `readOnlyHint: false / destructiveHint: true / idempotentHint: false / openWorldHint: true`. Sub-agent execution can call further tools, isn't a no-op on repeat, and reaches into the broader OpenHuman environment. - Updated `mcp_server/mod.rs` docstring to no longer claim the surface is purely read-only — it's curated, with `agent.run_subagent` as the one Act-policy surface. - Per spec, `destructiveHint` / `idempotentHint` are only meaningful when `readOnlyHint == false`, so the read-only helper omits them. ## Submission Checklist - [x] Tests added — `list_tools_emits_annotations_for_every_tool` asserts every entry serializes a non-null `annotations` object; a second test pins the read-only / destructive split to each tool's actual behavior. `cargo test --lib mcp_server::` runs 38/38 locally. - [x] **Diff coverage ≥ 80%** — new code is mostly literal annotations + a 6-line helper; both the "every tool has annotations" and "read-only vs destructive" axes are covered. - [x] Coverage matrix updated — `N/A: extends row 11.1.4 (MCP stdio server) rather than adding a new feature.` - [x] All affected feature IDs listed under `## Related` - [x] No new external network dependencies introduced - [x] Manual smoke checklist — `N/A: extends existing MCP surface, not a release-cut path.` - [x] Linked issue closed via `Closes #NNN` — `N/A: capability extension, no issue tracking this.` ## Impact - **Runtime**: `openhuman-core mcp` only. No HTTP RPC, web, or mobile impact. - **Compatibility**: Backward compatible — older MCP clients that don't read `annotations` ignore the field; newer clients pick up the safety affordances. - **Performance**: Negligible — one extra static `Value` per tool, serialized on each `tools/list` call (low frequency). - **Security**: No policy change. `agent.run_subagent` still goes through `enforce_act_policy`; the annotation is an advertised hint, not an enforcement point. ## Related - Feature IDs: `11.1.4` (MCP stdio server) - Spec: https://modelcontextprotocol.io/specification/2025-03-26/server/tools/#tool-annotations - Builds on: #1760, #1790, #1974 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Tools now include detailed security annotations (readOnly, destructive, idempotent, openWorld hints) so MCP clients can better understand safety and behavior. * Most tools are advertised as read-only; the subagent tool is explicitly advertised as act-capable/destructive, and one search tool is advertised as read-only but open-world. * **Tests** * Added tests ensuring each tool includes annotations and that read-only vs. destructive/open-world hints are correctly serialized. <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/tinyhumansai/openhuman/pull/2268?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: justin <justin80605@gmail.com> Co-authored-by: Steven Enamakel <enamakel@tinyhumans.ai>
senamakel
added a commit
that referenced
this pull request
May 21, 2026
## Summary - Adds a **MCP Server** panel under Settings → Developer Options so users can configure external MCP clients without hand-editing JSON files - New Tauri commands `mcp_resolve_binary_path` (returns binary path + OS) and `mcp_open_client_config` (opens the client's config file in the system editor) - Generates correct per-client JSON snippets for Claude Desktop, Cursor, Codex, and Zed — OS-aware config file paths for macOS, Windows, and Linux - Copy-to-clipboard and "Open Config File" (Tauri-only) buttons eliminate the manual setup steps that were blocking non-developer adoption ## Problem - The `openhuman-core mcp` stdio server ships 10 memory/tree tools but has zero UI surface — users must locate the binary, find the per-client config file path, and hand-write the JSON - Conversion drops to near-zero outside of developers; this is the bottleneck on MCP adoption for the features already merged in #1760, #1790, #1974 ## Solution - `app/src-tauri/src/mcp_commands.rs`: two new Tauri shell commands with OS-aware path resolution, auto-create config dirs/files if absent, and platform-specific `open`/`explorer`/`xdg-open` dispatch - `McpServerPanel.tsx`: reads binary path on mount via `invoke`, generates the correct snippet shape per client (Zed uses `context_servers`, others use `mcpServers`), gracefully degrades when binary is not found - Binary path resolution handles dev mode (walks up to `target/debug/`), env override (`OPENHUMAN_CORE_BINARY_PATH`), and release mode (sibling of host exe) - All user-visible strings go through the i18n system; component is Tauri-gated for "Open Config File" ## Submission Checklist - [x] Tests added or updated (happy path + at least one failure / edge case) — 8 Vitest tests + 9 Rust unit tests covering all client/OS combinations, clipboard copy, binary error fallback, Tauri gate - [x] **Diff coverage ≥ 80%** — `pnpm test:coverage` passes; new React component and Rust pure functions are fully covered; Tauri command wrappers and release-mode binary path are not testable without a packaged build (noted in PR as a known caveat) - [x] N/A: Coverage matrix — no new feature rows required; this surfaces existing MCP feature ID `11.1.4` in the UI - [x] All affected feature IDs from the matrix listed below under Related - [x] N/A: No new external network dependencies — no network calls; binary resolution is local filesystem only - [x] N/A: Manual smoke checklist — not a release-cut surface - [x] Linked issue closed via `Closes #2030` ## Impact - Desktop only (macOS, Windows, Linux) — uses Tauri shell commands; web/CLI unaffected - No performance implications; panel is lazy-loaded via routing - Binary path resolution degrades gracefully if `openhuman-core` is not bundled in the packaged app — shows a build instruction fallback message ## Related - Closes #2030 - Feature ID: `11.1.4` (MCP stdio server) - Builds on: #1760, #1790, #1974 - Follow-up: verify `openhuman-core` binary is included in the packaged `.app` bundle (sidecar was removed in #1061; if the binary is not bundled the panel will show the fallback message in production) --- ## AI Authored PR Metadata (required for Codex/Linear PRs) ### Linear Issue - Key: N/A - URL: N/A ### Commit & Branch - Branch: `feat/mcp-settings-panel` - Commit SHA: 85e091d ### Validation Run - [x] `pnpm --filter openhuman-app format:check` - [x] `pnpm typecheck` - [x] Focused tests: `pnpm debug unit McpServerPanel.test.tsx` — 8/8 passed - [x] Rust fmt/check (if changed): `cargo fmt --check` + `cargo check --manifest-path app/src-tauri/Cargo.toml` — clean - [x] Tauri fmt/check (if changed): included above ### Validation Blocked - `command:` N/A - `error:` N/A - `impact:` N/A ### Behavior Changes - Intended behavior change: Adds MCP Server panel to Settings → Developer Options with snippet generator and config file opener - User-visible effect: Users can now configure Claude Desktop, Cursor, Codex, or Zed to use OpenHuman's MCP server in a few clicks instead of hand-editing JSON ### Parity Contract - Legacy behavior preserved: No existing behavior changed; purely additive - Guard/fallback/dispatch parity checks: `isTauri()` guard on "Open Config File" button; binary-not-found degrades to placeholder with build instructions ### Duplicate / Superseded PR Handling - Duplicate PR(s): None - Canonical PR: This PR - Resolution: N/A <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added an "MCP Server" settings panel under Developer Options with tabs for multiple clients (Claude Desktop, Cursor, Codex, Zed) * Shows resolved MCP/OpenHuman binary status, generates client-specific JSON snippets, copy-to-clipboard, and an "Open Config File" action when available * **Tests** * Added UI tests for rendering, snippet content, copy behavior, binary-failure fallback, and open-config action * **Localization** * Added translations for the MCP Server UI across many languages <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/tinyhumansai/openhuman/pull/2355?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: M3gA-Mind <megamind@mahadao.com> Co-authored-by: Steven Enamakel <enamakel@tinyhumans.ai>
mtkik
pushed a commit
to mtkik/openhuman-meet
that referenced
this pull request
May 21, 2026
## Summary Adds MCP `ToolAnnotations` (spec 2025-03-26+) to every tool advertised by `openhuman-core mcp`. Clients use `readOnlyHint` / `destructiveHint` / `idempotentHint` / `openWorldHint` to surface accurate safety affordances — e.g. Claude Desktop's "this tool can take destructive actions" confirmation gate. ## Problem `tools/list` today returns the curated tool surface but says nothing about each tool's behavior class. The MCP spec defines `ToolAnnotations` precisely for this — without them: - Claude Desktop / Cursor can't render confirmation gates for destructive actions. - Humans inspecting the tool list (e.g. via MCP Inspector) can't see at a glance which tools are safe to retry. - `agent.run_subagent` — the one Act-policy surface on the MCP server today — looks identical to `memory.search` to clients, even though it can call further tools (including potentially destructive ones) through any sub-agent it spawns. ## Solution - Added `annotations: Value` to `McpToolSpec` (always present, serialized into each tool's `annotations` field in the `tools/list` response). - All read-only tools share a `read_only_local_annotations()` helper (`readOnlyHint: true`, `openWorldHint: false`). - `agent.run_subagent` gets explicit annotations: `readOnlyHint: false / destructiveHint: true / idempotentHint: false / openWorldHint: true`. Sub-agent execution can call further tools, isn't a no-op on repeat, and reaches into the broader OpenHuman environment. - Updated `mcp_server/mod.rs` docstring to no longer claim the surface is purely read-only — it's curated, with `agent.run_subagent` as the one Act-policy surface. - Per spec, `destructiveHint` / `idempotentHint` are only meaningful when `readOnlyHint == false`, so the read-only helper omits them. ## Submission Checklist - [x] Tests added — `list_tools_emits_annotations_for_every_tool` asserts every entry serializes a non-null `annotations` object; a second test pins the read-only / destructive split to each tool's actual behavior. `cargo test --lib mcp_server::` runs 38/38 locally. - [x] **Diff coverage ≥ 80%** — new code is mostly literal annotations + a 6-line helper; both the "every tool has annotations" and "read-only vs destructive" axes are covered. - [x] Coverage matrix updated — `N/A: extends row 11.1.4 (MCP stdio server) rather than adding a new feature.` - [x] All affected feature IDs listed under `## Related` - [x] No new external network dependencies introduced - [x] Manual smoke checklist — `N/A: extends existing MCP surface, not a release-cut path.` - [x] Linked issue closed via `Closes #NNN` — `N/A: capability extension, no issue tracking this.` ## Impact - **Runtime**: `openhuman-core mcp` only. No HTTP RPC, web, or mobile impact. - **Compatibility**: Backward compatible — older MCP clients that don't read `annotations` ignore the field; newer clients pick up the safety affordances. - **Performance**: Negligible — one extra static `Value` per tool, serialized on each `tools/list` call (low frequency). - **Security**: No policy change. `agent.run_subagent` still goes through `enforce_act_policy`; the annotation is an advertised hint, not an enforcement point. ## Related - Feature IDs: `11.1.4` (MCP stdio server) - Spec: https://modelcontextprotocol.io/specification/2025-03-26/server/tools/#tool-annotations - Builds on: tinyhumansai#1760, tinyhumansai#1790, tinyhumansai#1974 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Tools now include detailed security annotations (readOnly, destructive, idempotent, openWorld hints) so MCP clients can better understand safety and behavior. * Most tools are advertised as read-only; the subagent tool is explicitly advertised as act-capable/destructive, and one search tool is advertised as read-only but open-world. * **Tests** * Added tests ensuring each tool includes annotations and that read-only vs. destructive/open-world hints are correctly serialized. <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/tinyhumansai/openhuman/pull/2268?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: justin <justin80605@gmail.com> Co-authored-by: Steven Enamakel <enamakel@tinyhumans.ai>
mtkik
pushed a commit
to mtkik/openhuman-meet
that referenced
this pull request
May 21, 2026
## Summary - Adds a **MCP Server** panel under Settings → Developer Options so users can configure external MCP clients without hand-editing JSON files - New Tauri commands `mcp_resolve_binary_path` (returns binary path + OS) and `mcp_open_client_config` (opens the client's config file in the system editor) - Generates correct per-client JSON snippets for Claude Desktop, Cursor, Codex, and Zed — OS-aware config file paths for macOS, Windows, and Linux - Copy-to-clipboard and "Open Config File" (Tauri-only) buttons eliminate the manual setup steps that were blocking non-developer adoption ## Problem - The `openhuman-core mcp` stdio server ships 10 memory/tree tools but has zero UI surface — users must locate the binary, find the per-client config file path, and hand-write the JSON - Conversion drops to near-zero outside of developers; this is the bottleneck on MCP adoption for the features already merged in tinyhumansai#1760, tinyhumansai#1790, tinyhumansai#1974 ## Solution - `app/src-tauri/src/mcp_commands.rs`: two new Tauri shell commands with OS-aware path resolution, auto-create config dirs/files if absent, and platform-specific `open`/`explorer`/`xdg-open` dispatch - `McpServerPanel.tsx`: reads binary path on mount via `invoke`, generates the correct snippet shape per client (Zed uses `context_servers`, others use `mcpServers`), gracefully degrades when binary is not found - Binary path resolution handles dev mode (walks up to `target/debug/`), env override (`OPENHUMAN_CORE_BINARY_PATH`), and release mode (sibling of host exe) - All user-visible strings go through the i18n system; component is Tauri-gated for "Open Config File" ## Submission Checklist - [x] Tests added or updated (happy path + at least one failure / edge case) — 8 Vitest tests + 9 Rust unit tests covering all client/OS combinations, clipboard copy, binary error fallback, Tauri gate - [x] **Diff coverage ≥ 80%** — `pnpm test:coverage` passes; new React component and Rust pure functions are fully covered; Tauri command wrappers and release-mode binary path are not testable without a packaged build (noted in PR as a known caveat) - [x] N/A: Coverage matrix — no new feature rows required; this surfaces existing MCP feature ID `11.1.4` in the UI - [x] All affected feature IDs from the matrix listed below under Related - [x] N/A: No new external network dependencies — no network calls; binary resolution is local filesystem only - [x] N/A: Manual smoke checklist — not a release-cut surface - [x] Linked issue closed via `Closes tinyhumansai#2030` ## Impact - Desktop only (macOS, Windows, Linux) — uses Tauri shell commands; web/CLI unaffected - No performance implications; panel is lazy-loaded via routing - Binary path resolution degrades gracefully if `openhuman-core` is not bundled in the packaged app — shows a build instruction fallback message ## Related - Closes tinyhumansai#2030 - Feature ID: `11.1.4` (MCP stdio server) - Builds on: tinyhumansai#1760, tinyhumansai#1790, tinyhumansai#1974 - Follow-up: verify `openhuman-core` binary is included in the packaged `.app` bundle (sidecar was removed in tinyhumansai#1061; if the binary is not bundled the panel will show the fallback message in production) --- ## AI Authored PR Metadata (required for Codex/Linear PRs) ### Linear Issue - Key: N/A - URL: N/A ### Commit & Branch - Branch: `feat/mcp-settings-panel` - Commit SHA: 85e091d ### Validation Run - [x] `pnpm --filter openhuman-app format:check` - [x] `pnpm typecheck` - [x] Focused tests: `pnpm debug unit McpServerPanel.test.tsx` — 8/8 passed - [x] Rust fmt/check (if changed): `cargo fmt --check` + `cargo check --manifest-path app/src-tauri/Cargo.toml` — clean - [x] Tauri fmt/check (if changed): included above ### Validation Blocked - `command:` N/A - `error:` N/A - `impact:` N/A ### Behavior Changes - Intended behavior change: Adds MCP Server panel to Settings → Developer Options with snippet generator and config file opener - User-visible effect: Users can now configure Claude Desktop, Cursor, Codex, or Zed to use OpenHuman's MCP server in a few clicks instead of hand-editing JSON ### Parity Contract - Legacy behavior preserved: No existing behavior changed; purely additive - Guard/fallback/dispatch parity checks: `isTauri()` guard on "Open Config File" button; binary-not-found degrades to placeholder with build instructions ### Duplicate / Superseded PR Handling - Duplicate PR(s): None - Canonical PR: This PR - Resolution: N/A <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added an "MCP Server" settings panel under Developer Options with tabs for multiple clients (Claude Desktop, Cursor, Codex, Zed) * Shows resolved MCP/OpenHuman binary status, generates client-specific JSON snippets, copy-to-clipboard, and an "Open Config File" action when available * **Tests** * Added UI tests for rendering, snippet content, copy behavior, binary-failure fallback, and open-config action * **Localization** * Added translations for the MCP Server UI across many languages <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/tinyhumansai/openhuman/pull/2355?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: M3gA-Mind <megamind@mahadao.com> Co-authored-by: Steven Enamakel <enamakel@tinyhumans.ai>
CodeGhost21
pushed a commit
to CodeGhost21/openhuman
that referenced
this pull request
May 22, 2026
## Summary Adds MCP `ToolAnnotations` (spec 2025-03-26+) to every tool advertised by `openhuman-core mcp`. Clients use `readOnlyHint` / `destructiveHint` / `idempotentHint` / `openWorldHint` to surface accurate safety affordances — e.g. Claude Desktop's "this tool can take destructive actions" confirmation gate. ## Problem `tools/list` today returns the curated tool surface but says nothing about each tool's behavior class. The MCP spec defines `ToolAnnotations` precisely for this — without them: - Claude Desktop / Cursor can't render confirmation gates for destructive actions. - Humans inspecting the tool list (e.g. via MCP Inspector) can't see at a glance which tools are safe to retry. - `agent.run_subagent` — the one Act-policy surface on the MCP server today — looks identical to `memory.search` to clients, even though it can call further tools (including potentially destructive ones) through any sub-agent it spawns. ## Solution - Added `annotations: Value` to `McpToolSpec` (always present, serialized into each tool's `annotations` field in the `tools/list` response). - All read-only tools share a `read_only_local_annotations()` helper (`readOnlyHint: true`, `openWorldHint: false`). - `agent.run_subagent` gets explicit annotations: `readOnlyHint: false / destructiveHint: true / idempotentHint: false / openWorldHint: true`. Sub-agent execution can call further tools, isn't a no-op on repeat, and reaches into the broader OpenHuman environment. - Updated `mcp_server/mod.rs` docstring to no longer claim the surface is purely read-only — it's curated, with `agent.run_subagent` as the one Act-policy surface. - Per spec, `destructiveHint` / `idempotentHint` are only meaningful when `readOnlyHint == false`, so the read-only helper omits them. ## Submission Checklist - [x] Tests added — `list_tools_emits_annotations_for_every_tool` asserts every entry serializes a non-null `annotations` object; a second test pins the read-only / destructive split to each tool's actual behavior. `cargo test --lib mcp_server::` runs 38/38 locally. - [x] **Diff coverage ≥ 80%** — new code is mostly literal annotations + a 6-line helper; both the "every tool has annotations" and "read-only vs destructive" axes are covered. - [x] Coverage matrix updated — `N/A: extends row 11.1.4 (MCP stdio server) rather than adding a new feature.` - [x] All affected feature IDs listed under `## Related` - [x] No new external network dependencies introduced - [x] Manual smoke checklist — `N/A: extends existing MCP surface, not a release-cut path.` - [x] Linked issue closed via `Closes #NNN` — `N/A: capability extension, no issue tracking this.` ## Impact - **Runtime**: `openhuman-core mcp` only. No HTTP RPC, web, or mobile impact. - **Compatibility**: Backward compatible — older MCP clients that don't read `annotations` ignore the field; newer clients pick up the safety affordances. - **Performance**: Negligible — one extra static `Value` per tool, serialized on each `tools/list` call (low frequency). - **Security**: No policy change. `agent.run_subagent` still goes through `enforce_act_policy`; the annotation is an advertised hint, not an enforcement point. ## Related - Feature IDs: `11.1.4` (MCP stdio server) - Spec: https://modelcontextprotocol.io/specification/2025-03-26/server/tools/#tool-annotations - Builds on: tinyhumansai#1760, tinyhumansai#1790, tinyhumansai#1974 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Tools now include detailed security annotations (readOnly, destructive, idempotent, openWorld hints) so MCP clients can better understand safety and behavior. * Most tools are advertised as read-only; the subagent tool is explicitly advertised as act-capable/destructive, and one search tool is advertised as read-only but open-world. * **Tests** * Added tests ensuring each tool includes annotations and that read-only vs. destructive/open-world hints are correctly serialized. <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/tinyhumansai/openhuman/pull/2268?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: justin <justin80605@gmail.com> Co-authored-by: Steven Enamakel <enamakel@tinyhumans.ai>
CodeGhost21
pushed a commit
to CodeGhost21/openhuman
that referenced
this pull request
May 22, 2026
## Summary - Adds a **MCP Server** panel under Settings → Developer Options so users can configure external MCP clients without hand-editing JSON files - New Tauri commands `mcp_resolve_binary_path` (returns binary path + OS) and `mcp_open_client_config` (opens the client's config file in the system editor) - Generates correct per-client JSON snippets for Claude Desktop, Cursor, Codex, and Zed — OS-aware config file paths for macOS, Windows, and Linux - Copy-to-clipboard and "Open Config File" (Tauri-only) buttons eliminate the manual setup steps that were blocking non-developer adoption ## Problem - The `openhuman-core mcp` stdio server ships 10 memory/tree tools but has zero UI surface — users must locate the binary, find the per-client config file path, and hand-write the JSON - Conversion drops to near-zero outside of developers; this is the bottleneck on MCP adoption for the features already merged in tinyhumansai#1760, tinyhumansai#1790, tinyhumansai#1974 ## Solution - `app/src-tauri/src/mcp_commands.rs`: two new Tauri shell commands with OS-aware path resolution, auto-create config dirs/files if absent, and platform-specific `open`/`explorer`/`xdg-open` dispatch - `McpServerPanel.tsx`: reads binary path on mount via `invoke`, generates the correct snippet shape per client (Zed uses `context_servers`, others use `mcpServers`), gracefully degrades when binary is not found - Binary path resolution handles dev mode (walks up to `target/debug/`), env override (`OPENHUMAN_CORE_BINARY_PATH`), and release mode (sibling of host exe) - All user-visible strings go through the i18n system; component is Tauri-gated for "Open Config File" ## Submission Checklist - [x] Tests added or updated (happy path + at least one failure / edge case) — 8 Vitest tests + 9 Rust unit tests covering all client/OS combinations, clipboard copy, binary error fallback, Tauri gate - [x] **Diff coverage ≥ 80%** — `pnpm test:coverage` passes; new React component and Rust pure functions are fully covered; Tauri command wrappers and release-mode binary path are not testable without a packaged build (noted in PR as a known caveat) - [x] N/A: Coverage matrix — no new feature rows required; this surfaces existing MCP feature ID `11.1.4` in the UI - [x] All affected feature IDs from the matrix listed below under Related - [x] N/A: No new external network dependencies — no network calls; binary resolution is local filesystem only - [x] N/A: Manual smoke checklist — not a release-cut surface - [x] Linked issue closed via `Closes tinyhumansai#2030` ## Impact - Desktop only (macOS, Windows, Linux) — uses Tauri shell commands; web/CLI unaffected - No performance implications; panel is lazy-loaded via routing - Binary path resolution degrades gracefully if `openhuman-core` is not bundled in the packaged app — shows a build instruction fallback message ## Related - Closes tinyhumansai#2030 - Feature ID: `11.1.4` (MCP stdio server) - Builds on: tinyhumansai#1760, tinyhumansai#1790, tinyhumansai#1974 - Follow-up: verify `openhuman-core` binary is included in the packaged `.app` bundle (sidecar was removed in tinyhumansai#1061; if the binary is not bundled the panel will show the fallback message in production) --- ## AI Authored PR Metadata (required for Codex/Linear PRs) ### Linear Issue - Key: N/A - URL: N/A ### Commit & Branch - Branch: `feat/mcp-settings-panel` - Commit SHA: 85e091d ### Validation Run - [x] `pnpm --filter openhuman-app format:check` - [x] `pnpm typecheck` - [x] Focused tests: `pnpm debug unit McpServerPanel.test.tsx` — 8/8 passed - [x] Rust fmt/check (if changed): `cargo fmt --check` + `cargo check --manifest-path app/src-tauri/Cargo.toml` — clean - [x] Tauri fmt/check (if changed): included above ### Validation Blocked - `command:` N/A - `error:` N/A - `impact:` N/A ### Behavior Changes - Intended behavior change: Adds MCP Server panel to Settings → Developer Options with snippet generator and config file opener - User-visible effect: Users can now configure Claude Desktop, Cursor, Codex, or Zed to use OpenHuman's MCP server in a few clicks instead of hand-editing JSON ### Parity Contract - Legacy behavior preserved: No existing behavior changed; purely additive - Guard/fallback/dispatch parity checks: `isTauri()` guard on "Open Config File" button; binary-not-found degrades to placeholder with build instructions ### Duplicate / Superseded PR Handling - Duplicate PR(s): None - Canonical PR: This PR - Resolution: N/A <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added an "MCP Server" settings panel under Developer Options with tabs for multiple clients (Claude Desktop, Cursor, Codex, Zed) * Shows resolved MCP/OpenHuman binary status, generates client-specific JSON snippets, copy-to-clipboard, and an "Open Config File" action when available * **Tests** * Added UI tests for rendering, snippet content, copy behavior, binary-failure fallback, and open-config action * **Localization** * Added translations for the MCP Server UI across many languages <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/tinyhumansai/openhuman/pull/2355?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: M3gA-Mind <megamind@mahadao.com> Co-authored-by: Steven Enamakel <enamakel@tinyhumans.ai>
12 tasks
AusAgentSmith
pushed a commit
to AusAgentSmith/openhuman
that referenced
this pull request
May 23, 2026
…sai#1790) Co-authored-by: Steven Enamakel <enamakel@tinyhumans.ai>
AusAgentSmith
pushed a commit
to AusAgentSmith/openhuman
that referenced
this pull request
May 23, 2026
## Summary Adds MCP `ToolAnnotations` (spec 2025-03-26+) to every tool advertised by `openhuman-core mcp`. Clients use `readOnlyHint` / `destructiveHint` / `idempotentHint` / `openWorldHint` to surface accurate safety affordances — e.g. Claude Desktop's "this tool can take destructive actions" confirmation gate. ## Problem `tools/list` today returns the curated tool surface but says nothing about each tool's behavior class. The MCP spec defines `ToolAnnotations` precisely for this — without them: - Claude Desktop / Cursor can't render confirmation gates for destructive actions. - Humans inspecting the tool list (e.g. via MCP Inspector) can't see at a glance which tools are safe to retry. - `agent.run_subagent` — the one Act-policy surface on the MCP server today — looks identical to `memory.search` to clients, even though it can call further tools (including potentially destructive ones) through any sub-agent it spawns. ## Solution - Added `annotations: Value` to `McpToolSpec` (always present, serialized into each tool's `annotations` field in the `tools/list` response). - All read-only tools share a `read_only_local_annotations()` helper (`readOnlyHint: true`, `openWorldHint: false`). - `agent.run_subagent` gets explicit annotations: `readOnlyHint: false / destructiveHint: true / idempotentHint: false / openWorldHint: true`. Sub-agent execution can call further tools, isn't a no-op on repeat, and reaches into the broader OpenHuman environment. - Updated `mcp_server/mod.rs` docstring to no longer claim the surface is purely read-only — it's curated, with `agent.run_subagent` as the one Act-policy surface. - Per spec, `destructiveHint` / `idempotentHint` are only meaningful when `readOnlyHint == false`, so the read-only helper omits them. ## Submission Checklist - [x] Tests added — `list_tools_emits_annotations_for_every_tool` asserts every entry serializes a non-null `annotations` object; a second test pins the read-only / destructive split to each tool's actual behavior. `cargo test --lib mcp_server::` runs 38/38 locally. - [x] **Diff coverage ≥ 80%** — new code is mostly literal annotations + a 6-line helper; both the "every tool has annotations" and "read-only vs destructive" axes are covered. - [x] Coverage matrix updated — `N/A: extends row 11.1.4 (MCP stdio server) rather than adding a new feature.` - [x] All affected feature IDs listed under `## Related` - [x] No new external network dependencies introduced - [x] Manual smoke checklist — `N/A: extends existing MCP surface, not a release-cut path.` - [x] Linked issue closed via `Closes #NNN` — `N/A: capability extension, no issue tracking this.` ## Impact - **Runtime**: `openhuman-core mcp` only. No HTTP RPC, web, or mobile impact. - **Compatibility**: Backward compatible — older MCP clients that don't read `annotations` ignore the field; newer clients pick up the safety affordances. - **Performance**: Negligible — one extra static `Value` per tool, serialized on each `tools/list` call (low frequency). - **Security**: No policy change. `agent.run_subagent` still goes through `enforce_act_policy`; the annotation is an advertised hint, not an enforcement point. ## Related - Feature IDs: `11.1.4` (MCP stdio server) - Spec: https://modelcontextprotocol.io/specification/2025-03-26/server/tools/#tool-annotations - Builds on: tinyhumansai#1760, tinyhumansai#1790, tinyhumansai#1974 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Tools now include detailed security annotations (readOnly, destructive, idempotent, openWorld hints) so MCP clients can better understand safety and behavior. * Most tools are advertised as read-only; the subagent tool is explicitly advertised as act-capable/destructive, and one search tool is advertised as read-only but open-world. * **Tests** * Added tests ensuring each tool includes annotations and that read-only vs. destructive/open-world hints are correctly serialized. <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/tinyhumansai/openhuman/pull/2268?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: justin <justin80605@gmail.com> Co-authored-by: Steven Enamakel <enamakel@tinyhumans.ai>
AusAgentSmith
pushed a commit
to AusAgentSmith/openhuman
that referenced
this pull request
May 23, 2026
## Summary - Adds a **MCP Server** panel under Settings → Developer Options so users can configure external MCP clients without hand-editing JSON files - New Tauri commands `mcp_resolve_binary_path` (returns binary path + OS) and `mcp_open_client_config` (opens the client's config file in the system editor) - Generates correct per-client JSON snippets for Claude Desktop, Cursor, Codex, and Zed — OS-aware config file paths for macOS, Windows, and Linux - Copy-to-clipboard and "Open Config File" (Tauri-only) buttons eliminate the manual setup steps that were blocking non-developer adoption ## Problem - The `openhuman-core mcp` stdio server ships 10 memory/tree tools but has zero UI surface — users must locate the binary, find the per-client config file path, and hand-write the JSON - Conversion drops to near-zero outside of developers; this is the bottleneck on MCP adoption for the features already merged in tinyhumansai#1760, tinyhumansai#1790, tinyhumansai#1974 ## Solution - `app/src-tauri/src/mcp_commands.rs`: two new Tauri shell commands with OS-aware path resolution, auto-create config dirs/files if absent, and platform-specific `open`/`explorer`/`xdg-open` dispatch - `McpServerPanel.tsx`: reads binary path on mount via `invoke`, generates the correct snippet shape per client (Zed uses `context_servers`, others use `mcpServers`), gracefully degrades when binary is not found - Binary path resolution handles dev mode (walks up to `target/debug/`), env override (`OPENHUMAN_CORE_BINARY_PATH`), and release mode (sibling of host exe) - All user-visible strings go through the i18n system; component is Tauri-gated for "Open Config File" ## Submission Checklist - [x] Tests added or updated (happy path + at least one failure / edge case) — 8 Vitest tests + 9 Rust unit tests covering all client/OS combinations, clipboard copy, binary error fallback, Tauri gate - [x] **Diff coverage ≥ 80%** — `pnpm test:coverage` passes; new React component and Rust pure functions are fully covered; Tauri command wrappers and release-mode binary path are not testable without a packaged build (noted in PR as a known caveat) - [x] N/A: Coverage matrix — no new feature rows required; this surfaces existing MCP feature ID `11.1.4` in the UI - [x] All affected feature IDs from the matrix listed below under Related - [x] N/A: No new external network dependencies — no network calls; binary resolution is local filesystem only - [x] N/A: Manual smoke checklist — not a release-cut surface - [x] Linked issue closed via `Closes tinyhumansai#2030` ## Impact - Desktop only (macOS, Windows, Linux) — uses Tauri shell commands; web/CLI unaffected - No performance implications; panel is lazy-loaded via routing - Binary path resolution degrades gracefully if `openhuman-core` is not bundled in the packaged app — shows a build instruction fallback message ## Related - Closes tinyhumansai#2030 - Feature ID: `11.1.4` (MCP stdio server) - Builds on: tinyhumansai#1760, tinyhumansai#1790, tinyhumansai#1974 - Follow-up: verify `openhuman-core` binary is included in the packaged `.app` bundle (sidecar was removed in tinyhumansai#1061; if the binary is not bundled the panel will show the fallback message in production) --- ## AI Authored PR Metadata (required for Codex/Linear PRs) ### Linear Issue - Key: N/A - URL: N/A ### Commit & Branch - Branch: `feat/mcp-settings-panel` - Commit SHA: 85e091d ### Validation Run - [x] `pnpm --filter openhuman-app format:check` - [x] `pnpm typecheck` - [x] Focused tests: `pnpm debug unit McpServerPanel.test.tsx` — 8/8 passed - [x] Rust fmt/check (if changed): `cargo fmt --check` + `cargo check --manifest-path app/src-tauri/Cargo.toml` — clean - [x] Tauri fmt/check (if changed): included above ### Validation Blocked - `command:` N/A - `error:` N/A - `impact:` N/A ### Behavior Changes - Intended behavior change: Adds MCP Server panel to Settings → Developer Options with snippet generator and config file opener - User-visible effect: Users can now configure Claude Desktop, Cursor, Codex, or Zed to use OpenHuman's MCP server in a few clicks instead of hand-editing JSON ### Parity Contract - Legacy behavior preserved: No existing behavior changed; purely additive - Guard/fallback/dispatch parity checks: `isTauri()` guard on "Open Config File" button; binary-not-found degrades to placeholder with build instructions ### Duplicate / Superseded PR Handling - Duplicate PR(s): None - Canonical PR: This PR - Resolution: N/A <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added an "MCP Server" settings panel under Developer Options with tabs for multiple clients (Claude Desktop, Cursor, Codex, Zed) * Shows resolved MCP/OpenHuman binary status, generates client-specific JSON snippets, copy-to-clipboard, and an "Open Config File" action when available * **Tests** * Added UI tests for rendering, snippet content, copy behavior, binary-failure fallback, and open-config action * **Localization** * Added translations for the MCP Server UI across many languages <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/tinyhumansai/openhuman/pull/2355?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: M3gA-Mind <megamind@mahadao.com> Co-authored-by: Steven Enamakel <enamakel@tinyhumans.ai>
](https://app.coderabbit.ai/change-stack/tinyhumansai/openhuman/pull/2268?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack){kind=link}
](https://app.coderabbit.ai/change-stack/tinyhumansai/openhuman/pull/2355?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack){kind=link}
5 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
openhuman-core mcp, defaulting towarn, so production errors reach stderr without--verbose.print_helpthrougheprintln!to keep stdout protocol-only, matching the banner-suppression contract.ToolCallError::Internalso config-load failures surface as JSON-RPC-32603 Internal errorinstead of being mis-labelled-32602 Invalid params.k > MAX_LIMITinmemory.search/memory.recallinstead of silently clamping, so the LLM can self-correct on the next call.Problem
Four follow-ups on the Phase 1 MCP server (#1760) noticed during review:
init_for_cli_runran only when--verbosewas passed, solog::error!/log::warn!events were dropped when the server ran as a subprocess of Claude Desktop / Cursor — exactly the contexts where field-debugging requires those events.print_helpusedprintln!while the banner suppression incore/cli.rskeeps stdout clean for JSON-RPC frames. Inconsistent, and a footgun if anyone later wires help into a non-exit path.enforce_read_policywere mapped toToolCallError::InvalidParams, surfacing as-32602 Invalid params. Clients then mis-attribute server-side problems to bad caller arguments.optional_limitclampedk > 50to 50 without telling the caller. The schema advertisesmaximum: 50, so a higher value is a client bug; silent clamping prevents the LLM's corrective feedback loop.Solution
init_mcp_loggingalways installs the subscriber; default level iswarn,--verbosepromotes todebug, and a user-setRUST_LOGalways wins.print_helpnow useseprintln!.ToolCallError::Internal(String)added withcode()+jsonrpc_message()dispatchers.enforce_read_policyusesInternalfor config-load failures and keepsInvalidParamsfor policy denials (which are actionable to the caller).optional_limitreturnsInvalidParams("argumentkmust not exceed N (got M)")fork > MAX_LIMIT.Submission Checklist
tools.rs; the replacedmemory_search_params_default_and_clamp_know becomesmemory_search_params_trim_query_and_use_default_k+memory_search_rejects_k_above_max+memory_search_accepts_k_at_max(boundary).cargo test --lib mcp_server::runs 20 tests (0 failed). New error/clamp paths each have dedicated coverage. CI will confirm the gate.N/A: behaviour-only polish on existing row 11.1.4## RelatedN/A: opt-in MCP server, not on release-cut pathCloses #NNNin the## Relatedsection —N/A: phase 1 (#1760) is the headline implementation; this PR is polish, not the closing PR for #1586Impact
openhuman-core mcpsubcommand only. No HTTP RPC, web, or mobile impact.kvalidation. The schema-advertisedmaximum: 50was already public, so well-behaved clients are unaffected.optional_limit, one subscriber installed earlier in startup.SecurityPolicygate untouched.Related
11.1.4(MCP stdio server)AI Authored PR Metadata (required for Codex/Linear PRs)
Linear Issue
Commit & Branch
Validation Run
pnpm --filter openhuman-app format:check— N/A (no JS/TS changes)pnpm typecheck— N/A (no JS/TS changes)cargo test --lib mcp_server::— 20 passed, 0 failedcargo fmt --checkclean;cargo check --libcompiles;cargo clippy --lib --no-depsno mcp_server warningsapp/src-taurichanges)Validation Blocked
command:N/Aerror:N/Aimpact:N/ABehavior Changes
error/warnlogs reach stderr by default;k > 50returns an error instead of silent clamp; config-load failures surface as-32603.Parity Contract
initialize,ping,tools/list,tools/callunchanged. All existing Phase 1 tests still pass.--verbosestill bumps to debug;ToolCallError::InvalidParamscallers unchanged.Duplicate / Superseded PR Handling
Summary by CodeRabbit
Bug Fixes
Improvements
Tests