Skip to content

Add account filter to MCP search, list, and aggregate tools#110

Merged
wesm merged 1 commit intowesm:mainfrom
robelkin:add-mcp-account-filter
Feb 9, 2026
Merged

Add account filter to MCP search, list, and aggregate tools#110
wesm merged 1 commit intowesm:mainfrom
robelkin:add-mcp-account-filter

Conversation

@robelkin
Copy link
Contributor

@robelkin robelkin commented Feb 8, 2026

Summary

  • Adds optional account parameter to search_messages, list_messages, and aggregate MCP tools
  • Allows filtering results to a specific archived Gmail account when multiple accounts are synced
  • Account parameter accepts an email address (e.g., "[email protected]")
  • Users can discover available accounts via the get_stats tool

Test plan

  • Added TestAccountFilter with 7 test cases covering valid/invalid accounts for all three tools
  • All existing MCP tests pass
  • go vet passes

🤖 Generated with Claude Code

@github-actions
Copy link

github-actions bot commented Feb 8, 2026

Security Review: No High/Medium Issues Found

Claude's automated security review did not identify any high or medium severity security concerns in this PR.

Note: This is an automated review and should not replace human security review, especially for changes involving:

  • OAuth token handling
  • Email data access or export
  • Deletion operations (Gmail API)
  • Database queries (SQL injection surface)
  • File system operations (path traversal)
  • CGO or native dependencies

Powered by Claude 4.5 Sonnet

@roborev-ci
Copy link

roborev-ci bot commented Feb 9, 2026

roborev: Combined Review

Synthesis unavailable. Showing raw review outputs.

Agent: codex | Type: security | Status: done

Summary
1 potential issue found. The change adds an account filter by email and returns a specific error when an account doesn’t exist; this can enable account enumeration if the MCP server is exposed to untrusted callers.

Findings

  1. Low — Account enumeration via error message
    • File/Line: internal/mcp/handlers.go:34-52 (in getAccountID), plus call sites at internal/mcp/handlers.go:112-129, internal/mcp/handlers.go:304-323, internal/mcp/handlers.go:376-392
    • Issue: getAccountID returns fmt.Errorf("account not found: %s", account) which is propagated to the caller. This allows a client to distinguish valid vs invalid accounts by error content, enabling user/account enumeration if the MCP tools are exposed to untrusted clients.
    • Remediation: Return a generic error that does not confirm existence (e.g., "invalid account filter"), or return an empty result set for unknown accounts. If enumeration is acceptable only for authenticated/authorized callers, enforce authz before the lookup and document the behavior.

If you want, I can also check how MCP server access is authenticated/authorized elsewhere in the repo to gauge the real exposure.

Agent: gemini | Type: security | Status: done

A previous review identified a potential low-severity account enumeration vulnerability. My analysis is that this is not a practical security risk for this application. The mcp server communicates over stdio, limiting its exposure to the local user who is already authorized to access the data. The tool's own
documentation points to a command for listing all accounts, indicating this information is not considered secret. The specific error message is a reasonable design choice for user feedback in a CLI tool and aligns with the project's request for pragmatic reviews.

No issues found.

Agent: codex | Type: review | Status: done

Summary
Adds an optional account email filter to MCP search, list, and aggregate tools by resolving the account to a source ID, wires it into query/filter options, updates tool options, and adds tests for valid/invalid/empty account cases.

No issues found.

Agent: gemini | Type: review | Status: done

Summary
This change adds an optional account email filter to the MCP search, list, and aggregate tools, including a new helper function to resolve account IDs and comprehensive tests for its functionality.

Review Findings
No issues found.

@robelkin-rational-partners @claude @wesm
Add account filter to MCP search, list, and aggregate tools
312b812 
Adds an optional `account` parameter to search_messages, list_messages,
and aggregate MCP tools. This allows filtering results to a specific
archived Gmail account when multiple accounts are synced.

The account parameter accepts an email address (e.g., "[email protected]").
Users can discover available accounts via the get_stats tool which
returns the accounts list.

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@wesm wesm force-pushed the add-mcp-account-filter branch from 6d9400d to 312b812 Compare February 9, 2026 02:49
@roborev-ci
Copy link

roborev-ci bot commented Feb 9, 2026

roborev: Combined Review

Overall: 2 medium-severity issues found.

Medium

  • internal/mcp/handlers.go:29-49, internal/mcp/handlers.go:44 — Account enumeration via error message. The error account not found: <user input> reflects user-provided identifiers, enabling probing for valid accounts. Fix by returning a generic error (e.g., invalid account filter) and logging specifics server-side only.
  • internal/mcp/handlers.go:35, internal/mcp/handlers.go:104-124, internal/mcp/handlers.go:115-122, internal/mcp/handlers.go:286-312, internal/mcp/handlers.go:305-310, internal/mcp/handlers.go:349-382, internal/mcp/handlers.go:372-379, internal/mcp/handlers.go:375-381 — Optional account filter allows cross-account queries when omitted. In multi-tenant or untrusted contexts, this is broken access control. Fix by scoping queries to authenticated identity server-side or requiring account and enforcing authorization. If strictly single-admin, document that constraint explicitly.

Synthesized from 4 reviews (agents: codex, gemini | types: security, review)

@wesm wesm merged commit 909fff4 into wesm:main Feb 9, 2026
3 checks passed
@wesm
Copy link
Owner

wesm commented Feb 9, 2026

thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@robelkin @wesm @robelkin-rational-partners