Skip to content

fix: validate MCP tool exists before execution #7632

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mrubens merged 4 commits into from
Sep 4, 2025
Merged

fix: validate MCP tool exists before execution #7632

mrubens merged 4 commits into from
Sep 4, 2025

Conversation

@roomote
Copy link
Contributor

@roomote roomote bot commented Sep 3, 2025
edited by ellipsis-dev bot
Loading

Summary

This PR addresses Issue #7631 by adding validation to prevent Roo from calling MCP tools that don't exist on a server.

Problem

Previously, when the model requested a non-existent tool on an MCP server, the request would be sent to the server anyway, resulting in a raw error response being displayed to the user.

Solution

Added validation that checks if the requested tool exists on the MCP server before attempting to execute it. If the tool doesn't exist:

  • The request is rejected immediately without contacting the MCP server
  • A helpful error message is displayed listing all available tools on that server
  • The model can then retry with a valid tool name

Changes

  • Added validateToolExists function in useMcpToolTool.ts to check tool availability
  • Integrated validation into the tool execution flow
  • Added comprehensive error messages with available tool listings
  • Added i18n support for the new error messages
  • Added unit tests covering multiple scenarios (unknown tools, servers with no tools, valid tools)

Testing

  • ✅ All existing tests pass
  • ✅ Added 3 new test cases for tool validation
  • ✅ Manually tested with MCP servers
  • ✅ Type checking passes
  • ✅ Linting passes

Fixes #7631

Important

Adds validation in useMcpToolTool.ts to check MCP tool existence before execution, with error handling and i18n support.

  • Behavior:
    • Adds validateToolExists in useMcpToolTool.ts to check tool existence on MCP server before execution.
    • Rejects requests for non-existent tools with error messages listing available tools.
    • Handles unknown servers by listing available servers.
  • Error Handling:
    • Displays error messages for unknown tools and servers in responses.ts.
    • Adds i18n support for error messages in multiple languages.
  • Testing:
    • Adds unit tests in useMcpToolTool.spec.ts for tool validation scenarios (unknown tools, no tools, valid tools).
    • Ensures all existing tests pass.

This description was created by Ellipsis for 97945bd. You can customize this summary. It will automatically update as commits are pushed.

@roomote
fix: validate MCP tool exists before execution
3a30a21 
- Add validation to check if requested tool exists on the MCP server
- Provide helpful error messages with list of available tools
- Prevent sending requests for non-existent tools to MCP servers
- Add comprehensive tests for the new validation logic

Fixes #7631
@roomote roomote bot requested review from cte, jr and mrubens as code owners September 3, 2025 16:48
@dosubot dosubot bot added size:L This PR changes 100-499 lines, ignoring generated files. bug Something isn't working labels Sep 3, 2025
roomote[bot]
roomote bot commented Sep 3, 2025
View reviewed changes
Copy link
Contributor Author

@roomote roomote bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed my own code. Found it disturbingly functional. Clearly a glitch in the matrix.

src/core/tools/useMcpToolTool.ts Outdated

if (!server) {
// Server not found - this will be caught later in the flow
return { isValid: true }
Copy link
Contributor Author

@roomote roomote bot Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this intentional? When the server is not found, returning { isValid: true } allows execution to continue. Should we fail validation here instead to prevent unnecessary API calls?

src/core/tools/useMcpToolTool.ts
} catch (error) {
// If there's an error during validation, log it but don't block the tool execution
// The actual tool call might still fail with a proper error
console.error("Error validating MCP tool existence:", error)
Copy link
Contributor Author

@roomote roomote bot Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider surfacing validation errors to users for better debugging visibility. The error is only logged to console which might make troubleshooting harder.

src/core/tools/__tests__/useMcpToolTool.spec.ts
expect(mockHandleError).toHaveBeenCalledWith("executing MCP tool", error)
})

it("should reject unknown tool names", async () => {
Copy link
Contributor Author

@roomote roomote bot Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider adding a test case for when the MCP hub itself is unavailable to ensure the fallback behavior works correctly.

@roomote roomote bot mentioned this pull request Sep 3, 2025
Closed
@hannesrudolph hannesrudolph added the Issue/PR - Triage New issue. Needs quick review to confirm validity and assign labels. label Sep 3, 2025
@daniel-lxs daniel-lxs moved this from Triage to PR [Needs Prelim Review] in Roo Code Roadmap Sep 4, 2025
@hannesrudolph hannesrudolph added PR - Needs Preliminary Review and removed Issue/PR - Triage New issue. Needs quick review to confirm validity and assign labels. labels Sep 4, 2025
@daniel-lxs daniel-lxs moved this from PR [Needs Prelim Review] to PR [Needs Review] in Roo Code Roadmap Sep 4, 2025
daniel-lxs
daniel-lxs approved these changes Sep 4, 2025
View reviewed changes
Copy link
Member

@daniel-lxs daniel-lxs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Sep 4, 2025
mrubens
mrubens reviewed Sep 4, 2025
View reviewed changes
src/core/tools/useMcpToolTool.ts

if (!toolExists) {
// Tool not found - provide list of available tools
const availableToolNames = server.tools.map((tool) => tool.name)
Copy link
Collaborator

@mrubens mrubens Sep 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this take into account tools that the user has disabled?

Copy link
Member

@daniel-lxs daniel-lxs Sep 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

Copy link
Contributor

@R-omk R-omk Sep 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

take into account tools that the user has disabled

@mrubens

After the bug fix release, I see that disabled tools are being ignored, and the prompt mentions all tools, including the disabled ones.

I have additionally checked the system prompt, and everything is correct there - disabled tools are not included in the description.

@daniel-lxs
fix: validate MCP tool is not disabled before execution
854d101 
- Check enabledForPrompt property in validateToolExists function
- Reject disabled tools with appropriate error message
- Show only enabled tools in error message when tool is disabled

Addresses PR feedback about checking for disabled tools
ellipsis-dev[bot]
ellipsis-dev bot reviewed Sep 4, 2025
View reviewed changes
src/core/tools/useMcpToolTool.ts Outdated
cline.recordToolError("use_mcp_tool")
await cline.say(
"error",
`Tool '${toolName}' on server '${serverName}' is disabled. Available enabled tools: ${enabledToolNames.length > 0 ? enabledToolNames.join(", ") : "No enabled tools available"}`,
Copy link
Contributor

@ellipsis-dev ellipsis-dev bot Sep 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider using the i18n translation function (t()) for the disabled tool error message instead of an inline string. For consistency with the tool-not-found error (which uses t('mcp:errors.toolNotFound')), refactor this error message (and the "No enabled tools available" text) to use a translation key (e.g., t('mcp:errors.toolDisabled', { toolName, serverName, enabledTools: enabledToolNames.join(", ") })) so that the message supports multiple languages.

Suggested change
`Tool '${toolName}' on server '${serverName}' is disabled. Available enabled tools: ${enabledToolNames.length > 0 ? enabledToolNames.join(", ") : "No enabled tools available"}`,
t('mcp:errors.toolDisabled', { toolName, serverName, enabledTools: enabledToolNames.length > 0 ? enabledToolNames.join(", ") : "No enabled tools available" }),

This comment was generated because it violated a code review rule: irule_C0ez7Rji6ANcGkkX.

@daniel-lxs
fix: use translation for disabled tool error message
97945bd 
- Replace hardcoded error message with t() translation function
- Add toolDisabled translation key to all 17 locale files
- Maintains proper placeholder variables for code integration
@mrubens mrubens merged commit 7935c94 into main Sep 4, 2025
9 checks passed
@github-project-automation github-project-automation bot moved this from New to Done in Roo Code Roadmap Sep 4, 2025
@github-project-automation github-project-automation bot moved this from PR [Needs Review] to Done in Roo Code Roadmap Sep 4, 2025
mini2s added a commit to zgsm-ai/costrict that referenced this pull request Sep 10, 2025
@mini2s @mrubens
@github-actions @joshualipman123 @daniel-lxs @cte @ellipsis-dev @roomote @roomote @hannesrudolph @hassoncs @jr @pwilkin @chrarnoldus @brunobergher @mohammad154 @DC-Dancao @wangxiaolong100 @PeterDaveHello @Thachnh @CellenLee @NaccOll @HahaBill @ssweens @renovate @ItsOnlyBinary
Roo to main (#421)
b3a6d3e 
* Follow symlinks in rooignore checks (RooCodeInc#7405)

* Sonic -> Grok Code Fast (RooCodeInc#7426)

* chore: add changeset for v3.26.0 (RooCodeInc#7428)

* Changeset version bump (RooCodeInc#7429)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Matt Rubens <[email protected]>

* feat: Add Vercel AI Gateway provider integration (RooCodeInc#7396)

Co-authored-by: daniel-lxs <[email protected]>
Co-authored-by: cte <[email protected]>

* feat: Enable on-disk storage for Qdrant vectors and HNSW index (RooCodeInc#7182)

* fix: use anthropic protocol for token counting when using anthropic models via Vercel AI Gateway (RooCodeInc#7433)

- Added condition in getApiProtocol to return 'anthropic' for vercel-ai-gateway when modelId starts with 'anthropic/'
- Added tests for Vercel AI Gateway provider protocol detection

This ensures proper token counting for Anthropic models accessed through Vercel AI Gateway, as Anthropic and OpenAI count tokens differently (Anthropic excludes cache tokens from input count, OpenAI includes them).

* fix: remove duplicate cache display in task header (RooCodeInc#7443)

* Random chat text area cleanup (RooCodeInc#7436)

* Update @roo-code/cloud to enable roomote control for cloud agents (RooCodeInc#7446)

Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>

* Always set remoteControlEnabled to true for cloud agents (RooCodeInc#7448)

* chore: add changeset for v3.26.1 (RooCodeInc#7459)

* feat: show model ID in API configuration dropdown (RooCodeInc#7423)

* feat: update tooltip component to match native VSCode tooltip shadow styling (RooCodeInc#7457)

Co-authored-by: Roo Code <[email protected]>
Co-authored-by: cte <[email protected]>

* Add support for Vercel embeddings (RooCodeInc#7445)

Co-authored-by: daniel-lxs <[email protected]>

* Remove dot before model display (RooCodeInc#7461)

* Update contributors list (RooCodeInc#7109)

Co-authored-by: mrubens <[email protected]>

* Update 3.26.1 changeset (RooCodeInc#7463)

* Changeset version bump (RooCodeInc#7460)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Matt Rubens <[email protected]>

* Add type for RooCodeEventName.TaskSpawned (RooCodeInc#7465)

* fix: hide .rooignore'd files from environment details by default (RooCodeInc#7369)

* fix: change default showRooIgnoredFiles to false to hide ignored files

- Changed default value from true to false across all files
- Updated tests to reflect the new default behavior
- This prevents ignored files from appearing in environment details

Fixes RooCodeInc#7368

* fix: update tests to match new showRooIgnoredFiles default

* fix: update test expectation to match new showRooIgnoredFiles default value

The PR changed the default value of showRooIgnoredFiles from true to false,
so the test needs to expect false instead of true when calling formatFilesList.

---------

Co-authored-by: Roo Code <[email protected]>
Co-authored-by: daniel-lxs <[email protected]>

* fix: exclude browser scroll actions from repetition detection (RooCodeInc#7471)

- Modified ToolRepetitionDetector to skip repetition detection for browser_action scroll_down and scroll_up actions
- Added isBrowserScrollAction() helper method to identify scroll actions
- Added comprehensive tests for the new behavior
- Fixes issue where multiple scroll actions were incorrectly flagged as being stuck in a loop

Resolves: RooCodeInc#7470

Co-authored-by: Roo Code <[email protected]>

* Fix GPT-5 Responses API issues with condensing and image support (RooCodeInc#7067)

Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
Co-authored-by: Roo Code <[email protected]>
Co-authored-by: Hannes Rudolph <[email protected]>

* Bump cloud to 0.25.0 (RooCodeInc#7475)

* feat: add image generation tool with OpenRouter integration (RooCodeInc#7474)

Co-authored-by: Matt Rubens <[email protected]>
Co-authored-by: cte <[email protected]>

* Make the default image filename more generic (RooCodeInc#7479)

* Release v3.26.2 (RooCodeInc#7490)

* Support free imagegen (RooCodeInc#7493)

* feat: update OpenRouter API to support input/output modalities and filter image generation models (RooCodeInc#7492)

* Add padding to image model picker (RooCodeInc#7494)

* fix: prevent dirty state on initial mount in ImageGenerationSettings (RooCodeInc#7495)

* Changeset version bump (RooCodeInc#7491)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Matt Rubens <[email protected]>

* Show console logging in vitests when the --no-silent flag is set (RooCodeInc#7467)

By default, all of the tests run in silent mode with monkey-patched the console logging so no console logging will ever appear in test output.
This confuses the agent- sometimes it will add console logging to help it debug things, and it won't see the logs that it expects.

Adds src/utils/vitest-verbosity.ts to handle verbosity resolution and console logging.
Modifies src/vitest.config.ts and webview-ui/vitest.config.ts to integrate the new verbosity control.
Removes manual console suppression from src/vitest.setup.ts and webview-ui/vitest.setup.ts as it's now handled dynamically.

Co-authored-by: Chris Hasson <[email protected]>

* Move @roo-code/cloud to the Roo-Code repo (RooCodeInc#7503)

* Refactor the extension bridge (RooCodeInc#7515)

* Implement deferred task subscriptions (RooCodeInc#7517)

* feat: add optional input image parameter to image generation tool (RooCodeInc#7525)

Co-authored-by: Roo Code <[email protected]>
Co-authored-by: Daniel Riccio <[email protected]>

* feat: sync extension bridge settings with cloud (RooCodeInc#7535)

- Use CloudService.getUserSettings() for remoteControlEnabled instead of global state
- Update CloudService.updateUserSettings when toggling remote control
- Add BridgeOrchestrator.connectOrDisconnect handling in settings update handler
- Remove dependency on contentProxy/globalSettings for remote control state
---------

Co-authored-by: Roo Code <[email protected]>
Co-authored-by: John Richmond <[email protected]>

* refactor: flatten image generation settings structure (RooCodeInc#7536)

* chore: add changeset for v3.26.3 (RooCodeInc#7541)

* Changeset version bump (RooCodeInc#7542)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Matt Rubens <[email protected]>

* Mode and provider profile selector (RooCodeInc#7545)

* Putting the Roo in Roo-leases (RooCodeInc#7546)

* Fix evals (RooCodeInc#7547)

* fix: special tokens should not break task processing (