fix: properly finalize MCP tool calls in native protocol mode

daniel-lxs · daniel-lxs · commit 652f19ad8085 · 2025-11-25T11:17:00.000-05:00
- Simplify MCP tool schema to pass arguments directly (no toolInputProps wrapper)
- Extract server_name/tool_name from function name (mcp_serverName_toolName)
- Add finalizeRawChunks() call after stream ends to properly convert MCP tools
- Add dynamic MCP tool validation against mcp group in mode permissions
- Fix NativeToolCallParser to support string names for dynamic MCP tools
diff --git a/src/core/assistant-message/NativeToolCallParser.ts b/src/core/assistant-message/NativeToolCallParser.ts
@@ -47,11 +47,12 @@ export type ToolCallStreamEvent = ApiStreamToolCallStartChunk | ApiStreamToolCal
  */
 export class NativeToolCallParser {
 	// Streaming state management for argument accumulation (keyed by tool call id)
+	// Note: name is string to accommodate dynamic MCP tools (mcp_serverName_toolName)
 	private static streamingToolCalls = new Map<
 		string,
 		{
 			id: string
-			name: ToolName
+			name: string
 			argumentsAccumulator: string
 		}
 	>()
@@ -194,8 +195,9 @@ export class NativeToolCallParser {
 	/**
 	 * Start streaming a new tool call.
 	 * Initializes tracking for incremental argument parsing.
+	 * Accepts string to support both ToolName and dynamic MCP tools (mcp_serverName_toolName).
 	 */
-	public static startStreamingToolCall(id: string, name: ToolName): void {
+	public static startStreamingToolCall(id: string, name: string): void {
 		this.streamingToolCalls.set(id, {
 			id,
 			name,
@@ -235,6 +237,11 @@ export class NativeToolCallParser {
 		// Accumulate the JSON string
 		toolCall.argumentsAccumulator += chunk
 
+		// For dynamic MCP tools, we don't return partial updates - wait for final
+		if (toolCall.name.startsWith("mcp_")) {
+			return null
+		}
+
 		// Parse whatever we can from the incomplete JSON!
 		// partial-json-parser extracts partial values (strings, arrays, objects) immediately
 		try {
@@ -243,7 +250,7 @@ export class NativeToolCallParser {
 			// Create partial ToolUse with extracted values
 			return this.createPartialToolUse(
 				toolCall.id,
-				toolCall.name,
+				toolCall.name as ToolName,
 				partialArgs || {},
 				true, // partial
 			)
@@ -266,9 +273,10 @@ export class NativeToolCallParser {
 		}
 
 		// Parse the complete accumulated JSON
+		// Cast to any for the name since parseToolCall handles both ToolName and dynamic MCP tools
 		const finalToolUse = this.parseToolCall({
 			id: toolCall.id,
-			name: toolCall.name,
+			name: toolCall.name as ToolName,
 			arguments: toolCall.argumentsAccumulator,
 		})
 
@@ -592,6 +600,15 @@ export class NativeToolCallParser {
 					}
 					break
 
+				case "access_mcp_resource":
+					if (args.server_name !== undefined && args.uri !== undefined) {
+						nativeArgs = {
+							server_name: args.server_name,
+							uri: args.uri,
+						} as NativeArgsFor<TName>
+					}
+					break
+
 				default:
 					break
 			}
@@ -623,16 +640,23 @@ export class NativeToolCallParser {
 	 */
 	public static parseDynamicMcpTool(toolCall: { id: string; name: string; arguments: string }): McpToolUse | null {
 		try {
-			const args = JSON.parse(toolCall.arguments)
+			// Parse the arguments - these are the actual tool arguments passed directly
+			const args = JSON.parse(toolCall.arguments || "{}")
+
+			// Extract server_name and tool_name from the tool name itself
+			// Format: mcp_serverName_toolName
+			const nameParts = toolCall.name.split("_")
+			if (nameParts.length < 3 || nameParts[0] !== "mcp") {
+				console.error(`Invalid dynamic MCP tool name format: ${toolCall.name}`)
+				return null
+			}
 
-			// Extract server_name and tool_name from the arguments
-			// The dynamic tool schema includes these as const properties
-			const serverName = args.server_name
-			const toolName = args.tool_name
-			const toolInputProps = args.toolInputProps || {}
+			// Server name is the second part, tool name is everything after
+			const serverName = nameParts[1]
+			const toolName = nameParts.slice(2).join("_")
 
 			if (!serverName || !toolName) {
-				console.error(`Missing server_name or tool_name in dynamic MCP tool`)
+				console.error(`Could not extract server_name or tool_name from: ${toolCall.name}`)
 				return null
 			}
 
@@ -643,7 +667,7 @@ export class NativeToolCallParser {
 				name: toolCall.name,
 				serverName,
 				toolName,
-				arguments: toolInputProps,
+				arguments: args,
 				partial: false,
 			}
 
diff --git a/src/core/prompts/tools/native-tools/mcp_server.ts b/src/core/prompts/tools/native-tools/mcp_server.ts
@@ -29,37 +29,21 @@ export function getMcpServerTools(mcpHub?: McpHub): OpenAI.Chat.ChatCompletionTo
 			const toolInputProps = originalSchema?.properties ?? {}
 			const toolInputRequired = (originalSchema?.required ?? []) as string[]
 
-			// Create a proper JSON Schema object for toolInputProps
-			const toolInputPropsSchema: Record<string, any> = {
+			// Build parameters directly from the tool's input schema.
+			// The server_name and tool_name are encoded in the function name itself
+			// (e.g., mcp_serverName_toolName), so they don't need to be in the arguments.
+			const parameters: OpenAI.FunctionParameters = {
 				type: "object",
 				properties: toolInputProps,
 				additionalProperties: false,
 			}
 
 			// Only add required if there are required fields
 			if (toolInputRequired.length > 0) {
-				toolInputPropsSchema.required = toolInputRequired
+				parameters.required = toolInputRequired
 			}
 
-			// Build parameters with all properties defined before adding required array
-			const parameters = {
-				type: "object",
-				properties: {
-					toolInputProps: toolInputPropsSchema,
-					server_name: {
-						type: "string",
-						const: server.name,
-					},
-					tool_name: {
-						type: "string",
-						const: tool.name,
-					},
-				},
-				required: ["server_name", "tool_name", "toolInputProps"],
-				additionalProperties: false,
-			} as OpenAI.FunctionParameters
-
-			// Use triple underscores as separator to allow underscores in tool and server names
+			// Use mcp_ prefix to identify dynamic MCP tools
 			const toolDefinition: OpenAI.Chat.ChatCompletionTool = {
 				type: "function",
 				function: {
diff --git a/src/core/task/Task.ts b/src/core/task/Task.ts
@@ -2538,6 +2538,37 @@ export class Task extends EventEmitter<TaskEvents> implements TaskLike {
 						}
 					}
 
+					// Finalize any remaining streaming tool calls that weren't explicitly ended
+					// This is critical for MCP tools which need tool_call_end events to be properly
+					// converted from ToolUse to McpToolUse via finalizeStreamingToolCall()
+					const finalizeEvents = NativeToolCallParser.finalizeRawChunks()
+					for (const event of finalizeEvents) {
+						if (event.type === "tool_call_end") {
+							// Finalize the streaming tool call
+							const finalToolUse = NativeToolCallParser.finalizeStreamingToolCall(event.id)
+
+							if (finalToolUse) {
+								// Store the tool call ID
+								;(finalToolUse as any).id = event.id
+
+								// Get the index and replace partial with final
+								const toolUseIndex = this.streamingToolCallIndices.get(event.id)
+								if (toolUseIndex !== undefined) {
+									this.assistantMessageContent[toolUseIndex] = finalToolUse
+								}
+
+								// Clean up tracking
+								this.streamingToolCallIndices.delete(event.id)
+
+								// Mark that we have new content to process
+								this.userMessageContentReady = false
+
+								// Present the finalized tool call
+								presentAssistantMessage(this)
+							}
+						}
+					}
+
 					// Create a copy of current token values to avoid race conditions
 					const currentTokens = {
 						input: inputTokens,
@@ -2879,17 +2910,14 @@ export class Task extends EventEmitter<TaskEvents> implements TaskLike {
 					for (const block of toolUseBlocks) {
 						if (block.type === "mcp_tool_use") {
 							// McpToolUse already has the original tool name (e.g., "mcp_serverName_toolName")
+							// The arguments are the raw tool arguments (matching the simplified schema)
 							const mcpBlock = block as import("../../shared/tools").McpToolUse
 							if (mcpBlock.id) {
 								assistantContent.push({
 									type: "tool_use" as const,
 									id: mcpBlock.id,
 									name: mcpBlock.name, // Original dynamic name
-									input: {
-										server_name: mcpBlock.serverName,
-										tool_name: mcpBlock.toolName,
-										toolInputProps: mcpBlock.arguments,
-									},
+									input: mcpBlock.arguments, // Direct tool arguments
 								})
 							}
 						} else {
diff --git a/src/core/tools/__tests__/validateToolUse.spec.ts b/src/core/tools/__tests__/validateToolUse.spec.ts
@@ -103,6 +103,42 @@ describe("mode-validator", () => {
 			})
 		})
 
+		describe("dynamic MCP tools", () => {
+			it("allows dynamic MCP tools when mcp group is in mode groups", () => {
+				// Code mode has mcp group, so dynamic MCP tools should be allowed
+				expect(isToolAllowedForMode("mcp_context7_resolve-library-id", codeMode, [])).toBe(true)
+				expect(isToolAllowedForMode("mcp_serverName_toolName", codeMode, [])).toBe(true)
+			})
+
+			it("disallows dynamic MCP tools when mcp group is not in mode groups", () => {
+				const customModes: ModeConfig[] = [
+					{
+						slug: "no-mcp-mode",
+						name: "No MCP Mode",
+						roleDefinition: "Custom role",
+						groups: ["read", "edit"] as const,
+					},
+				]
+				// Custom mode without mcp group should not allow dynamic MCP tools
+				expect(isToolAllowedForMode("mcp_context7_resolve-library-id", "no-mcp-mode", customModes)).toBe(false)
+				expect(isToolAllowedForMode("mcp_serverName_toolName", "no-mcp-mode", customModes)).toBe(false)
+			})
+
+			it("allows dynamic MCP tools in custom mode with mcp group", () => {
+				const customModes: ModeConfig[] = [
+					{
+						slug: "custom-mcp-mode",
+						name: "Custom MCP Mode",
+						roleDefinition: "Custom role",
+						groups: ["read", "mcp"] as const,
+					},
+				]
+				expect(isToolAllowedForMode("mcp_context7_resolve-library-id", "custom-mcp-mode", customModes)).toBe(
+					true,
+				)
+			})
+		})
+
 		describe("tool requirements", () => {
 			it("respects tool requirements when provided", () => {
 				const requirements = { apply_diff: false }
diff --git a/src/shared/modes.ts b/src/shared/modes.ts
@@ -176,6 +176,10 @@ export function isToolAllowedForMode(
 	if (ALWAYS_AVAILABLE_TOOLS.includes(tool as any)) {
 		return true
 	}
+
+	// Check if this is a dynamic MCP tool (mcp_serverName_toolName)
+	// These should be allowed if the mcp group is allowed for the mode
+	const isDynamicMcpTool = tool.startsWith("mcp_")
 	if (experiments && Object.values(EXPERIMENT_IDS).includes(tool as ExperimentId)) {
 		if (!experiments[tool]) {
 			return false
@@ -204,6 +208,12 @@ export function isToolAllowedForMode(
 
 		const groupConfig = TOOL_GROUPS[groupName]
 
+		// Check if this is a dynamic MCP tool and the mcp group is allowed
+		if (isDynamicMcpTool && groupName === "mcp") {
+			// Dynamic MCP tools are allowed if the mcp group is in the mode's groups
+			return true
+		}
+
 		// If the tool isn't in this group's tools, continue to next group
 		if (!groupConfig.tools.includes(tool)) {
 			continue
