feat: make MCP servers conditional in agent mode (#513)

* feat: make MCP servers conditional in agent mode In agent mode, MCP servers (github_comment, github_ci) are now only included when explicitly requested via allowedTools, rather than being auto-provisioned. This change gives agent mode workflows complete control over which MCP servers are included, preventing unwanted automatic provisioning of GitHub integration tools. Changes: - Add agent mode detection in prepareMcpConfig - Make github_comment server conditional based on allowedTools in agent mode - Make github_ci server conditional based on allowedTools in agent mode - Tag mode behavior remains unchanged (auto-inclusion) 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * test: update agent mode test for conditional MCP behavior Updated test expectation to match the new conditional MCP server behavior where agent mode only includes MCP config when servers are actually needed. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Kashyap Murali <13315300+katchu11@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com>
2026-01-22 22:44:13 +08:00 · 2025-08-29 16:40:14 -07:00
parent 1f8cfe7658
commit 45408b4058
2 changed files with 46 additions and 20 deletions
--- a/src/mcp/install-mcp-server.ts
+++ b/src/mcp/install-mcp-server.ts
@@ -63,6 +63,9 @@ export async function prepareMcpConfig(
  try {
    const allowedToolsList = allowedTools || [];

+    // Detect if we're in agent mode (explicit prompt provided)
+    const isAgentMode = !!context.inputs?.prompt;
+
    const hasGitHubMcpTools = allowedToolsList.some((tool) =>
      tool.startsWith("mcp__github__"),
    );
@@ -71,11 +74,24 @@ export async function prepareMcpConfig(
      tool.startsWith("mcp__github_inline_comment__"),
    );

+    const hasGitHubCommentTools = allowedToolsList.some((tool) =>
+      tool.startsWith("mcp__github_comment__"),
+    );
+
+    const hasGitHubCITools = allowedToolsList.some((tool) =>
+      tool.startsWith("mcp__github_ci__"),
+    );
+
    const baseMcpConfig: { mcpServers: Record<string, unknown> } = {
      mcpServers: {},
    };

-    // Always include comment server for updating Claude comments
+    // Include comment server:
+    // - Always in tag mode (for updating Claude comments)
+    // - Only with explicit tools in agent mode
+    const shouldIncludeCommentServer = !isAgentMode || hasGitHubCommentTools;
+
+    if (shouldIncludeCommentServer) {
      baseMcpConfig.mcpServers.github_comment = {
        command: "bun",
        args: [
@@ -91,6 +107,7 @@ export async function prepareMcpConfig(
          GITHUB_API_URL: GITHUB_API_URL,
        },
      };
+    }

    // Include file ops server when commit signing is enabled
    if (context.inputs.useCommitSigning) {
@@ -136,10 +153,17 @@ export async function prepareMcpConfig(
      };
    }

-    // CI server is included when we have a workflow token and context is a PR
+    // CI server is included when:
+    // - In tag mode: when we have a workflow token and context is a PR
+    // - In agent mode: same conditions PLUS explicit CI tools in allowedTools
    const hasWorkflowToken = !!process.env.DEFAULT_WORKFLOW_TOKEN;
+    const shouldIncludeCIServer =
+      (!isAgentMode || hasGitHubCITools) &&
+      isEntityContext(context) &&
+      context.isPR &&
+      hasWorkflowToken;

-    if (isEntityContext(context) && context.isPR && hasWorkflowToken) {
+    if (shouldIncludeCIServer) {
      // Verify the token actually has actions:read permission
      const actuallyHasPermission = await checkActionsReadPermission(
        process.env.DEFAULT_WORKFLOW_TOKEN || "",
--- a/test/modes/agent.test.ts
+++ b/test/modes/agent.test.ts
@@ -161,9 +161,11 @@ describe("Agent Mode", () => {

    // Note: We can't easily test file creation in this unit test,
    // but we can verify the method completes without errors
-    // Agent mode now includes MCP config even with empty user args
+    // With our conditional MCP logic, agent mode with no allowed tools
+    // should not include any MCP config
    const callArgs = setOutputSpy.mock.calls[0];
    expect(callArgs[0]).toBe("claude_args");
-    expect(callArgs[1]).toContain("--mcp-config");
+    // Should be empty or just whitespace when no MCP servers are included
+    expect(callArgs[1]).not.toContain("--mcp-config");
  });
 });