Track important changes in Model Context Protocol, including capabilities, product updates, adoption signals, risks, and evidence worth continued monitoring.
Serena’s `replace_content`/edit path can reuse a stale cached file buffer after a file was modified outside the tool, causing writes to silently discard newer external changes (one reported case lost 388 lines).
What ChangedSerena’s `replace_content`/edit path can reuse a stale cached file buffer after a file was modified outside the tool, causing writes to silently discard newer external changes (one reported case lost 388 lines).
Why It MattersDevelopers using Serena alongside other editors or Git in the same workspace can lose legitimate on-disk updates without any error—`replace_content` may write stale content and erase their latest changes—so teams should prioritize enabling/validating file-change invalidation and then monitor whether multi-tool edit workflows still produce silent overwrite incidents. The intended implementation is an `open_file()` guard that detects changed `mtime` and forces a fresh read before `replace_content` computes replacements, which reduces silent data-loss risk during MCP-based editing workflows.
Final score 84Confidence 951 evidence itemoraios/serenaopen_file()open_file_buffersreplace_contentEditedFileContext.get_original_contentfile mtime
The PR adds a timeout guard to `hostServiceCall` in `packages/mcp-v2`, using `AbortController` so relay calls default to 30,000 ms (with optional override via `HostServiceCallOptions.timeoutMs`) and return a structured timeout error instead of letting MCP requests run until Vercel’s 300-second hard timeout.
What ChangedThe PR adds a timeout guard to `hostServiceCall` in `packages/mcp-v2`, using `AbortController` so relay calls default to 30,000 ms (with optional override via `HostServiceCallOptions.timeoutMs`) and return a structured timeout error instead of letting MCP requests run until Vercel’s 300-second hard timeout.
Why It MattersMCP clients and users calling `agents_run`, `agents_list`, `workspaces_create`, and `workspaces_delete` should experience faster failure recovery when a host/relay is slow or unavailable, because stalled calls now stop around 30 seconds instead of occupying a Vercel Lambda for 300 seconds and flooding operations with timeout incidents. The change uses `AbortController` in `hostServiceCall` with `HostServiceCallOptions.timeoutMs` overrides and catches the raised timeout (`Host <id> timed out after <ms> for <procedure>`) in the tool handler so callers get an immediate error response; teams should watch for legitimate long-running relay calls that may need larger timeout settings and verify client surfaces now correctly handle the new tool-error path.
Final score 83Confidence 981 evidence itemhostServiceCallAbortControllerfetch timeoutVercel lambdamcp-v2
The patch adds `2>/dev/null` to the producer block in claude-mem’s plugin-path resolver shell snippets used by hook launchers, preventing stderr from the broken-pipe write path from surfacing as false hook failures while keeping resolver fallback order, early-break behavior, and exit semantics unchanged.
What ChangedThe patch adds `2>/dev/null` to the producer block in claude-mem’s plugin-path resolver shell snippets used by hook launchers, preventing stderr from the broken-pipe write path from surfacing as false hook failures while keeping resolver fallback order, early-break behavior, and exit semantics unchanged.
Why It MattersWindows users of claude-mem now get clean hook execution in sessions (especially Stop hooks) instead of noisy `printf: write error` messages and misleading non-blocking hook-failure alerts, so operators are less likely to treat a healthy session as broken. The change is a low-risk stderr-suppression fix for the existing `while ... read ...; do ... break` resolver pattern; follow up should watch for any newly added resolver snippets that still emit post-break stderr under the same shell behavior, which could reintroduce false failure signals.
Final score 82Confidence 971 evidence itemclaude-memWindows MSYS Git Bashplugin-path resolverplugin/hooks/hooks.json.mcp.json2>/dev/nullEPIPEEACCES
The MCP stream endpoints `/api/agent/mcp` and `/api/v2/agent/mcp` now set `maxDuration = 800` explicitly, replacing the implicit Vercel default timeout that previously killed sessions at 300 seconds.
What ChangedThe MCP stream endpoints `/api/agent/mcp` and `/api/v2/agent/mcp` now set `maxDuration = 800` explicitly, replacing the implicit Vercel default timeout that previously killed sessions at 300 seconds.
Why It MattersUsers running Cursor MCP sessions against Superset should see fewer abrupt session terminations, so long AI coding sessions are less likely to be cut off mid-task; operators should now monitor for sessions still ending near the new 800-second limit and verify that longer-running sessions do not increase function recycle pressure or retry storms.
Final score 82Confidence 981 evidence itemVercelmaxDurationMCP/api/agent/mcp/api/v2/agent/mcpCursor
Issue telemetry from 21 days of Claude Code usage shows a strong, repeated pattern: resolvable symbol-level Serena queries are followed by redundant `Read` calls on the same file path, indicating the query result is often not context-complete for downstream editing flow. Specifically, 102 of 554 symbol queries (18.4%) had same-session same-file read fallbacks, and among `find_symbol` fallbacks 80.8% already used `include_body=true` before issuing `Read(offset/limit)`.
What ChangedIssue telemetry from 21 days of Claude Code usage shows a strong, repeated pattern: resolvable symbol-level Serena queries are followed by redundant `Read` calls on the same file path, indicating the query result is often not context-complete for downstream editing flow. Specifically, 102 of 554 symbol queries (18.4%) had same-session same-file read fallbacks, and among `find_symbol` fallbacks 80.8% already used `include_body=true` before issuing `Read(offset/limit)`.
Why It MattersDevelopers using Claude Code with Serena can face extra latency and token/interaction overhead because the assistant often cannot proceed after a symbol lookup alone and reopens the same file to read nearby lines it lacked, even when `include_body=true` was requested. The fallback pattern is concentrated: 18.4% of path-resolvable symbol queries were followed by same-file reads, and the common `include_body=true` + `Read(offset/limit)` sequence suggests missing imports/comments/surrounding declarations in returned content. Teams should watch future releases for reduced fallback rate and verify that added context does not bloat responses or regress call efficiency.
Final score 82Confidence 931 evidence itemfind_symbolget_symbols_overviewinclude_bodyReadoffsetlimitClaude CodeSerena MCP
This PR fixes LibreChat’s MCP integration so a server’s tools are not exposed or connected when required `customUserVars` (such as auth tokens) are missing or empty, preventing users from seeing tools they cannot execute.
What ChangedThis PR fixes LibreChat’s MCP integration so a server’s tools are not exposed or connected when required `customUserVars` (such as auth tokens) are missing or empty, preventing users from seeing tools they cannot execute.
Why It MattersWhen an end user configures an MCP server in LibreChat without supplying all required custom variables, its tools stay hidden and are not callable, so users avoid repeated auth failures and confusing repeated tool-call errors until variables are provided; operators also get explicit warnings naming the missing variables. This is implemented at the shared MCP connection and tool-lookup paths, including the definitions cache path, with per-user stale-cache leakage prevented when variables are cleared after caching. Watch whether any integrations rely on delayed token injection, since tools will become available only after values are set and recognized as non-empty.
Final score 82Confidence 971 evidence itemcustomUserVarsMCP servergetMissingCustomUserVarsreinitMCPServergetOrFetchMCPServerToolstool cache
This PR fixes a startup initialization bug where `loadRuvllmWasm()` only imported the WASM module and never called `initRuvllmWasm()`, leaving `_wasmReady` false and causing `sona_*`, `microlora_*`, and `hnsw_*` MCP calls to throw errors or return empty results. The change makes `loadRuvllmWasm()` invoke initialization and adds a separate `loadRuvllmWasmModule()` path so `ruvllm_status` stays a pure diagnostic, then adds regression guards via a dedicated auto-init smoke test and CI job.
What ChangedThis PR fixes a startup initialization bug where `loadRuvllmWasm()` only imported the WASM module and never called `initRuvllmWasm()`, leaving `_wasmReady` false and causing `sona_*`, `microlora_*`, and `hnsw_*` MCP calls to throw errors or return empty results. The change makes `loadRuvllmWasm()` invoke initialization and adds a separate `loadRuvllmWasmModule()` path so `ruvllm_status` stays a pure diagnostic, then adds regression guards via a dedicated auto-init smoke test and CI job.
Why It MattersDevelopers and operators using Ruflo MCP RUVLLM tools can start `sona_*`, `microlora_*`, or `hnsw_*` workflows without the first-call failures and blank results that previously interrupted indexing, adaptation, and chat-formatting flows, making these pipelines more reliably usable after service startup. Because the normal path now performs one-time initialization inside `loadRuvllmWasm()` (with `_wasmReady` gating to keep repeated calls cheap), and a dedicated static smoke test now tracks this regression class in CI, the key follow-up is watching CI and post-publish alpha verification for any startup-latency regression or changes in status accuracy (`initialized` vs `available`) that could hide partial readiness states.
Final score 82Confidence 971 evidence itemloadRuvllmWasmloadRuvllmWasmModuleinitRuvllmWasm_wasmReadyruvllm_statusruvllm_hnsw_createsmoke-ruvllm-wasm-auto-init
The PR changes build settings for three Node CJS bundles so `zod` is bundled inside the output instead of treated as an external dependency. This directly removes the runtime dependency on `plugin/node_modules/zod` that caused `Cannot find module 'zod/v3'` during startup in several 13.x releases.
What ChangedThe PR changes build settings for three Node CJS bundles so `zod` is bundled inside the output instead of treated as an external dependency. This directly removes the runtime dependency on `plugin/node_modules/zod` that caused `Cannot find module 'zod/v3'` during startup in several 13.x releases.
Why It MattersPlugin users and operators are less likely to hit install/upgrade breakages in the MCP runtime because the worker path no longer crashes when a cached `zod` package is missing. In practice, this addresses the recurring `Cannot find module 'zod/v3'` issue affecting multi-platform users by ensuring those bundles are self-resolving; teams should monitor whether the additional bundle size (+8.5% to +18% in the updated CJS outputs) affects distribution constraints and whether future bundle changes reintroduce external `zod` imports.
Final score 81Confidence 961 evidence itemzodesbuildscripts/build-hooks.jsworker-service.cjsserver-beta-service.cjscontext-generator.cjsplugin/node_modules
LibreChat’s MCP OAuth token store now applies a JWT-based fallback for token lifetime so short-lived JWT access tokens are not incorrectly treated as valid for 365 days when `expires_in`/`expires_at` are absent. This change updates the `storeTokens` expiry resolution order and enables automatic refresh behavior to run on the actual token expiry for common JWT issuers.
What ChangedLibreChat’s MCP OAuth token store now applies a JWT-based fallback for token lifetime so short-lived JWT access tokens are not incorrectly treated as valid for 365 days when `expires_in`/`expires_at` are absent. This change updates the `storeTokens` expiry resolution order and enables automatic refresh behavior to run on the actual token expiry for common JWT issuers.
Why It MattersLibreChat users connected to MCP servers that issue JWT access tokens will stop hitting unexpected 401 failures after a few minutes of use, because credentials are no longer assumed valid for a year and will be refreshed before real expiry. Technically, the new fallback order in `storeTokens` makes refresh scheduling use authoritative JWT lifetime data when explicit expiry fields are missing, and teams should monitor providers that return malformed/expired `exp` values or unusual clock-skew conditions for any missed refresh edge cases.
This change registers a new `AITools.BinlogMcp` MCP server in the `dotnet-msbuild` plugin and rewires the `binlog-failure-analysis` skill to use MCP binlog tools as the primary flow, while keeping text-log replay as fallback when MCP is unavailable.
What ChangedThis change registers a new `AITools.BinlogMcp` MCP server in the `dotnet-msbuild` plugin and rewires the `binlog-failure-analysis` skill to use MCP binlog tools as the primary flow, while keeping text-log replay as fallback when MCP is unavailable.
Why It MattersDevelopers and operators debugging .NET build failures can now triage `binlog-failure-analysis` runs faster and with lower resource usage because the skill now defaults to MCP tools instead of relying only on replaying logs. In the provided local benchmark, token volume dropped 55%, tool-call count dropped 54%, and runtime dropped 80% (201.2s to 39.5s), with rubric quality improving from 3.6/5 to 4.0/5; continue watching MCP availability in runtime environments, behavior consistency after automatic dependency updates, and whether the unpinned prerelease MCP package source causes environment-specific breakage.
Final score 81Confidence 971 evidence itemAITools.BinlogMcpdotnet-msbuildbinlog-failure-analysisMCPbinlog_overviewbinlog_errorsbinlog_search
The PR adds a web management panel for MCPs and new REST endpoints for MCP catalog retrieval and per-session attach/detach/scope changes, aligning web behavior with the existing TUI MCP flow and closing four previously missing parity cases.
What ChangedThe PR adds a web management panel for MCPs and new REST endpoints for MCP catalog retrieval and per-session attach/detach/scope changes, aligning web behavior with the existing TUI MCP flow and closing four previously missing parity cases.
Why It MattersUsers and operators can now manage MCPs directly in the web interface (browse catalog, attach/detach, and toggle local/global scope) instead of falling back to terminal-only workflows, which makes session MCP setup and maintenance faster and operationally consistent; this also enables automated MCP operations through a defined API contract. The web and TUI now share the same session persistence path, reducing risk of divergent `.mcp.json` behavior, but parity should be watched around scope validation, mutation-disabled paths, and remote-session path handling as MCP coverage grows.
The PR changes MCP startup sequencing so `start.mjs` loads `server.bundle.mjs` and becomes ready before `hooks/ensure-deps.mjs` runs, preventing slow optional dependency repair work from blocking readiness; it also adds a regression test for delayed warmup behavior.
What ChangedThe PR changes MCP startup sequencing so `start.mjs` loads `server.bundle.mjs` and becomes ready before `hooks/ensure-deps.mjs` runs, preventing slow optional dependency repair work from blocking readiness; it also adds a regression test for delayed warmup behavior.
Why It MattersMCP operators using context-mode should see faster, more predictable startup completion because client readiness is no longer blocked by slow dependency warmup, reducing timeout failures in environments with slow installs or filesystems. The mechanism now delays optional repair work to a detached Node process after bundle import/stdio readiness, so startup responsiveness improves for latency-sensitive clients. Watch for whether repair failures surface clearly in logs and whether delayed repair introduces runtime dependency failures later in a session.
This PR changes MCP startup flow so a server configured with `requiresOAuth: true` no longer waits for a later auth error to start OAuth; `MCPConnectionFactory.createConnection()` now checks for stored tokens and, if absent, proactively runs the OAuth flow before calling `attemptToConnect()`. The flow emits `oauthRequired`, awaits `oauthHandled` or `oauthFailed`, and uses the parsed server URL to fail fast when mandatory connection metadata is missing.
What ChangedThis PR changes MCP startup flow so a server configured with `requiresOAuth: true` no longer waits for a later auth error to start OAuth; `MCPConnectionFactory.createConnection()` now checks for stored tokens and, if absent, proactively runs the OAuth flow before calling `attemptToConnect()`. The flow emits `oauthRequired`, awaits `oauthHandled` or `oauthFailed`, and uses the parsed server URL to fail fast when mandatory connection metadata is missing.
Why It MattersFor operators and users of OAuth-protected MCP integrations in LibreChat (such as Google BigQuery MCP), connections now require user authorization before the server is considered usable, which prevents the misleading state where a server appears connected but tool calls still fail with authentication errors. This materially reduces failed tool executions after connect and shortens the time to detect credential/setup problems. Implementation-wise, teams should monitor OAuth callback reliability, token persistence/load failures, and malformed `ParsedServerConfig.url` values because these conditions now directly decide whether connection proceeds or returns early with an auth URL.
Final score 81Confidence 941 evidence itemLibreChatMCPOAuthMCPConnectionFactoryrequiresOAuth
Updated the slack-channel vendoring rules in `sources.yaml` by removing `*.test.ts` and `*.spec.ts` from the exclude list and adding `features/**` to include, preventing test files from being dropped while `bun test` remains in the mirrored `package.json`.
What ChangedUpdated the slack-channel vendoring rules in `sources.yaml` by removing `*.test.ts` and `*.spec.ts` from the exclude list and adding `features/**` to include, preventing test files from being dropped while `bun test` remains in the mirrored `package.json`.
Why It MattersSlack-channel MCP plugin maintainers and CI operators will now get real test pass/fail feedback from this plugin instead of a misleading pre-test failure, reducing blind spots in CI and making regressions in plugin behavior visible earlier. The fix also restores test coverage for mirrored policy/journal/supervisor paths by including `features/**` and removing test-file exclusions from sync, so the mirrored plugin’s `bun test` command can actually execute its suites. Continue monitoring whether other MCP plugin runs still short-circuit on first failures and whether failures are still labeled as noisy, because hidden failures would keep additional coverage gaps unseen.
Final score 81Confidence 971 evidence itemjeremylongshore/claude-code-plugins-plus-skillssources.yamlslack-channelbun testtest (mcp-plugins) CI
This PR’s primary change is a migration to tool-mode-only execution for byterover query/curate workflows: `brv-query` and curate now run through provider-free MCP envelopes, `brv-curate` is replaced by `brv-curate-html`, and `BRV_*_TOOL_MODE` switches are removed.
What ChangedThis PR’s primary change is a migration to tool-mode-only execution for byterover query/curate workflows: `brv-query` and curate now run through provider-free MCP envelopes, `brv-curate` is replaced by `brv-curate-html`, and `BRV_*_TOOL_MODE` switches are removed.
Why It MattersTeams integrating byterover in CLI or MCP tools can run topic query and curation end-to-end without an LLM provider configured, which simplifies secure or restricted deployments and avoids blocking workflows on provider availability or credentials. The rollout enforces a breaking input contract change: old `brv-curate` clients sending `{context, files, folder}` must move to `brv-curate-html` with `{html, confirmOverwrite?}`, and operators should monitor compatibility failures from legacy integrations and any latent assumptions about markdown writes because new saves are now HTML `<bv-topic>` based.
Final score 80Confidence 931 evidence itembyterover-clibrv-querybrv-curate-htmlMCPtool modeBRV_CURATE_TOOL_MODEBRV_QUERY_TOOL_MODEbv-topic HTML
The About modal’s “Check for updates” flow was changed from a WebView `fetch()` call to the GitHub releases API to the Tauri updater plugin’s `check()` API, removing the CSP-blocked path that previously produced `Failed to fetch` for users.
What ChangedThe About modal’s “Check for updates” flow was changed from a WebView `fetch()` call to the GitHub releases API to the Tauri updater plugin’s `check()` API, removing the CSP-blocked path that previously produced `Failed to fetch` for users.
Why It MattersDesktop users clicking the About page’s Check for updates now get a usable update check instead of an immediate `Failed to fetch` error, so they can confirm update availability inside the app without repeated manual fallbacks; teams should watch whether the same UI path remains reliable under offline/proxy/restricted-network environments where plugin-level request behavior can differ. The technical change is that the flow now goes through Tauri IPC (`check()`) instead of browser-side cross-origin fetch, which bypasses the WebView CSP restriction and removes bespoke release-tag filtering logic.
LibreChat introduced OAuth 2.0 On-Behalf-Of (OBO) support for MCP server connections, so OIDC-authenticated users can access protected MCP servers using their existing identity without starting a separate OAuth redirect flow for each server.
What ChangedLibreChat introduced OAuth 2.0 On-Behalf-Of (OBO) support for MCP server connections, so OIDC-authenticated users can access protected MCP servers using their existing identity without starting a separate OAuth redirect flow for each server.
Why It MattersUsers of LibreChat authenticated with OpenID Connect can use MCP tool integrations without being prompted to re-login per MCP server, which reduces operational friction and should lower authentication-related support incidents for multi-server setups; teams should monitor deployments where scopes or app registration settings are incomplete, since that can still break MCP access.
Final score 80Confidence 951 evidence itemLibreChatOAuth 2.0 OBOMCPopenid-clientOboTokenServicejwt-bearer grantlibrechat.yamlMCPOAuthTokens
The PR rewires ByteRover skill installation so autonomous agents like Hermes and OpenClaw get a managed skill package (multi-file `SKILL` layout) and an automatically maintained `BYTEROVER RULES` block in their system prompts, while hub install now infers per-agent default scope instead of always forcing `project`.
What ChangedThe PR rewires ByteRover skill installation so autonomous agents like Hermes and OpenClaw get a managed skill package (multi-file `SKILL` layout) and an automatically maintained `BYTEROVER RULES` block in their system prompts, while hub install now infers per-agent default scope instead of always forcing `project`.
Why It MattersAutonomous-agent operators using Hermes or OpenClaw can now install/update ByteRover with fewer failed setups and more consistent prompt behavior, because the memory/behavior rules are automatically applied and refreshed instead of being dropped or forgotten. This is enabled by scoped, per-agent path handling plus marker-bounded prompt patching (`upsert/remove/has`) that preserves surrounding prompt content. Watch for any changes in custom agent environments where inferred defaults (`HERMES_HOME`, `OPENCLAW_STATE_DIR`, `OPENCLAW_CONFIG_PATH`) or marker parsing could misplace or skip the managed block.
This PR changes standalone MCP `memory_recall` proxy behavior to call `/agentmemory/search` instead of `/agentmemory/smart-search`, and passes through `format` and `token_budget` so `full`, `compact`, and `narrative` recall modes return correctly. It also updates local fallback handling to align with search-style `memory_recall` responses.
What ChangedThis PR changes standalone MCP `memory_recall` proxy behavior to call `/agentmemory/search` instead of `/agentmemory/smart-search`, and passes through `format` and `token_budget` so `full`, `compact`, and `narrative` recall modes return correctly. It also updates local fallback handling to align with search-style `memory_recall` responses.
Why It MattersDevelopers and operators using MCP `memory_recall` can now get recall output in the requested shape and budget, so downstream clients get stable, predictable behavior instead of unexpected fallback responses when invoking recall modes. The route now goes to `/agentmemory/search` with explicit format and budget parameters, so watch for integrations that still assume `/agentmemory/smart-search` semantics or depend on old fallback behavior, and validate that token budget handling remains correct for edge-case values.
Final score 80Confidence 961 evidence itemMCPmemory_recall/agentmemory/search/agentmemory/smart-searchformattoken_budgetlocal fallback
In `maybeStartPager` (`internal/cmd/session.go`), the error path now closes the pager stdin pipe when `cmd.Start()` fails, preventing descriptor leakage on each failed pager launch.
What ChangedIn `maybeStartPager` (`internal/cmd/session.go`), the error path now closes the pager stdin pipe when `cmd.Start()` fails, preventing descriptor leakage on each failed pager launch.
Why It MattersOperators running Crush as a long-lived service (such as MCP integrations) will avoid accumulating leaked file descriptors when pager startup fails, reducing the chance of `too many open files` failures during repeated `session show/list/diff` calls; track long-running sessions for any remaining FD growth in other launcher error branches. The fix specifically closes the OS pipe immediately on `cmd.Start()` errors, so failure cases no longer diverge from the happy-path cleanup behavior.
Final score 79Confidence 981 evidence itemcharmbracelet/crushmaybeStartPagercmd.Startos.StdinPipefile descriptorPAGER
This change adds Notra to emdash’s MCP catalog and enables bearer-token authentication for it, creating an explicit, authenticated integration point for the new server.
ContributionImplemented a catalog-level registration for the Notra MCP server and enforced token-based authentication for access, replacing a likely informal or unauthenticated integration path.
ImpactMCP users and operators can onboard Notra through emdash with a defined token-based login flow, which makes integration clearer and access control less error-prone than a manual setup path; next, watch token provisioning, revocation, and client compatibility because auth mismatches could block deployments even after catalog registration.
Rulesync now supports automatic conversion between OpenCode’s `{env:VAR}` syntax and rulesync’s `${VAR}` syntax when importing and exporting MCP server configs, so environment references survive migration in both `env` and `headers` fields. The change is implemented as a dedicated MCP server-map translation step around existing converters, leaving structural conversion logic unchanged.
ContributionImplemented dedicated OpenCode env-format conversion helpers and regex-based parsing so MCP server `env` and `headers` can round-trip safely between `${VAR}` and `{env:VAR}`, including a negative-lookbehind pattern to avoid mistaking Cursor `${env:VAR}` syntax.
ImpactDevelopers and operators syncing MCP configs between OpenCode and rulesync will no longer have to manually fix environment-variable tokens after conversion, reducing broken integrations where credentials or server settings stop working after import/export. Keep watching for placeholder edge cases (nested strings, unusual token characters, or malformed references) that could be missed by the regex and silently skip conversion in future config formats.
The PR introduces first-class support for CodeBuddy in context-mode by adding a dedicated CodeBuddy adapter built on the existing Claude Code protocol flow, wiring platform detection and mapping so `CodeBuddy` is recognized as the new `codebuddy` platform ID, and adding the corresponding plugin manifests, docs, and tests for installation and onboarding.
ContributionAdded an actual CodeBuddy integration path instead of one-off custom wiring: a new adapter layer, platform registration and detection logic, CodeBuddy-specific hook and tool-prefix formatting, and plugin manifests/docs so teams can enable CodeBuddy support through the normal context-mode flow.
ImpactDevelopers and operators using context-mode can now connect to CodeBuddy as a supported platform without writing custom protocol glue, which should reduce setup friction and make CodeBuddy workflows easier to standardize in existing MCP-based stacks. The implementation also introduces new surface area in environment detection and wire-format handling, so the next risk to track is whether `CODEBUDDY_*` session/project detection and the CodeBuddy manifest/tool prefix contract remain stable across future CodeBuddy updates.
The PR adds a build-chain integrity assertion that verifies the Claude plugin manifest points to the shipped top-level `./skills/` directory and that required plugin files (`start.mjs`, `server.bundle.mjs`, `cli.bundle.mjs`) are present, with regression coverage ensuring `npm pack --dry-run` includes the manifest, bundles, and skills payload.
ContributionIntroduced concrete pre-release validation and tests that reject package/plugin checkouts with manifest-to-skills path mismatch or missing MCP runtime entry files, directly addressing known release-corruption failure modes from issue #658.
ImpactPlugin publishers and operators of the context-mode MCP package will avoid broken installs that appear connected but expose zero tools, because malformed releases are now blocked before shipping. The asserter now checks manifest location and required root bundles in the plugin/package layout, and regression tests confirm these artifacts are included in packed output; continue watching whether newly added required plugin entry points or packaging variants require inclusion in the same integrity gate.
This PR extends the earlier binlog MCP work by connecting additional dotnet/skills MSBuild skill/agent components to the same MCP-based binlog path, increasing shared build telemetry coverage.
ContributionAdds support for the other MSBuild skills/agents to participate in binlog MCP integration, so their build events follow the same diagnostic transport rather than remaining isolated.
ImpactOperators using dotnet/skills MSBuild pipelines will get more unified debug telemetry across a larger set of agents, which should shorten troubleshooting time when a pipeline step fails or hangs. This is implemented by routing additional MSBuild agents through the binlog MCP path, so teams should watch for compatibility breakage between agents and the MCP interface, missing or duplicate events in the centralized logs, and any log noise increases that hide real build failures.
Introduced the new `llama-index-tools-ejentum` v0.1.0 package that hooks Ejentum’s hosted MCP server into LlamaIndex as a `ToolSpec`, exposing `harness_reasoning`, `harness_code`, `harness_anti_deception`, and `harness_memory` as callable agent tools.
ContributionAdded a new LlamaIndex ToolSpec integration that packages Ejentum harness capabilities for agents, including a preset MCP endpoint, Bearer-key authentication path (including env-var fallback), mode-subset filtering, and validation/error handling for unsupported modes, while keeping raw MCP access available via the base spec.
ImpactDevelopers can now plug a complete cognitive-check layer into LlamaIndex agents with one package install instead of custom MCP wiring, which makes it easier to route responses through reasoning and anti-deception/memory scaffolds before final output and reduce the chance of unsafe or drifted replies in deployed assistants. The new package (`llama-index-tools-ejentum`) wraps `McpToolSpec` in a LlamaHub-discoverable tool spec that adds harness tool binding and auth/mode controls; operators should next watch for Ejentum endpoint auth failures, mode-subset rejections impacting call paths, and any increase in MCP latency or throttling when harness tools are used heavily.
PR #1511 in oraios/serena is a documentation-centered change that submits a preventive authorship and evidence-preservation complaint about SERENA/CEUNIA/MCP concepts and asks that it be saved as `docs/MEDIACION_DEFENSA_AUTORÍA_SERENA/DENUNCIA_FORMAL_PREVENTIVA_COMPLETA.md` and linked from `00_INICIO.md`, `05_PRESERVACIÓN_URGENTE.md`, and `MANIFIESTO.txt`.
ContributionIntroduces a versioned in-repository authorship-defense document and explicit doc link wiring so provenance-related concerns are recorded as tracked project artifacts.
ImpactRepository operators and contributors will now have a formal authorship-dispute record embedded in version control, which can make provenance reviews more concrete than ad-hoc discussions, and they should watch whether public exposure of legal/accusatory content triggers moderation, privacy, or compliance actions. The technical effect is a documentation path and cross-link update (`DENUNCIA_FORMAL_PREVENTIVA_COMPLETA.md`, and links in `00_INICIO.md`, `05_PRESERVACIÓN_URGENTE.md`, `MANIFIESTO.txt`), so maintainers should monitor follow-up discussions for scope, policy alignment, and whether sensitive context should remain public.
An open issue reports that @agentmemory/mcp in VS Code Copilot starts with warnings, cannot reach `http://localhost:3111/agentmemory/livez`, and drops to local InMemoryKV while disabling LLM-backed compression/summarization when no provider key is configured.
ContributionThis issue captures a concrete integration failure mode: when Copilot’s MCP host cannot complete the agentmemory livez probe and no LLM credentials are supplied, the server auto-falls back to local storage and a no-op summarizer path, so users are not explicitly on full remote/LLM-powered agent-memory behavior.
ImpactDevelopers using VS Code Copilot agent mode can see their memory assistant degrade to a local-only/no-op mode, which makes session context and compression-based recap features unreliable for longer workflows and can break expected continuity across tool invocations; monitor that the `agentmemory/livez` endpoint becomes reachable (or `AGENTMEMORY_FORCE_PROXY=1` is set correctly) and that provider keys are provisioned to avoid silent capability loss.
This change adds first-class Cursor MCP management in Agent Deck by wiring Cursor Agent CLI attach/detach flows into MCP manager and persisting Cursor MCP settings for both project and global scopes via shared merge logic with cache-safe regeneration.
ContributionImplemented a unified Cursor MCP path that writes and merges Cursor config into both `.cursor/mcp.json` and `~/.cursor/mcp.json`, handles attach/detach and orphan-preserving updates, and shares merge behavior with existing Claude logic to keep Cursor MCP entries consistent across scopes.
ImpactDevelopers using Agent Deck can now onboard and switch Cursor MCP sessions without hand-editing separate MCP config files, which should reduce setup errors and broken session behavior when moving between project-level and user-level settings. The change works through scoped config writes/merges plus cache reset during regeneration, but teams should continue to watch for local-vs-global scope precedence bugs, stale cache artifacts, and any merge regressions after large MCP entry updates.
This change updates `isOAuthError()` in `MCPConnection` and `MCPConnectionFactory` to detect a non-standard "no authorization" error pattern, allowing MCP OAuth flows to continue when servers incorrectly return HTTP 400 instead of 401/403 for missing authentication (as seen with Amazon Ads MCP).
ContributionAdds explicit handling for non-standard auth-failure responses in MCP by matching a `"no authorization"` pattern inside `isOAuthError()` in both `MCPConnection` and `MCPConnectionFactory`, fixing OAuth flow termination for servers that use HTTP 400 instead of 401/403 when credentials are missing.
ImpactOperators and developers using LibreChat MCP OAuth integrations (notably Amazon Ads MCP) can avoid unexpected OAuth setup failures when servers incorrectly return HTTP 400 for missing credentials, so integrations stay connected instead of getting stuck during login or token exchange. This is implemented by extending MCP auth error classification in `isOAuthError` across both connection paths, and it should be watched for regressions where other providers use yet different status/header combinations that may still be misclassified as success or as a different failure mode.
LibreChat’s MCP OAuth token store now applies a JWT-based fallback for token lifetime so short-lived JWT access tokens are not incorrectly treated as valid for 365 days when `expires_in`/`expires_at` are absent. This change updates the `storeTokens` expiry resolution order and enables automatic refresh behavior to run on the actual token expiry for common JWT issuers.
ContributionAdded a surgical fix in MCP OAuth token persistence to read the JWT `exp` claim as the expiry fallback (after `expires_at`/`expires_in` and before the one-year default), so short-lived JWT access tokens are refreshed automatically when providers omit `expires_in`.
ImpactLibreChat users connected to MCP servers that issue JWT access tokens will stop hitting unexpected 401 failures after a few minutes of use, because credentials are no longer assumed valid for a year and will be refreshed before real expiry. Technically, the new fallback order in `storeTokens` makes refresh scheduling use authoritative JWT lifetime data when explicit expiry fields are missing, and teams should monitor providers that return malformed/expired `exp` values or unusual clock-skew conditions for any missed refresh edge cases.
The PR adds Codex as a first-class ingestion provider in claude-mem and changes provider behavior so Codex is explicitly selected through configured routing, while a missing Codex executable now causes a hard failure instead of silently falling back to another provider.
ContributionIntroduced a dedicated Codex ingestion path with explicit configuration and dispatch, plus a hard failure path when the chosen Codex binary is unavailable, replacing implicit provider fallback behavior.
ImpactOperators and developers using Codex ingestion will now get clear, immediate failures when Codex is not properly installed, instead of silent behavior changes that hide outages and make incident triage harder. The change makes provider routing and missing-dependency handling explicit through health-aware status paths, but teams should verify whether any automation relied on automatic fallback and monitor worker/provider health after rollout to ensure no unintended service interruptions in mixed-provider deployments.
This PR fixes LibreChat’s MCP integration so a server’s tools are not exposed or connected when required `customUserVars` (such as auth tokens) are missing or empty, preventing users from seeing tools they cannot execute.
ContributionAdded a concrete pre-auth guard: a new `getMissingCustomUserVars` helper detects unset required vars, and both `reinitMCPServer` and `getOrFetchMCPServerTools` now short-circuit before connecting or returning cached tools when required values are absent.
ImpactWhen an end user configures an MCP server in LibreChat without supplying all required custom variables, its tools stay hidden and are not callable, so users avoid repeated auth failures and confusing repeated tool-call errors until variables are provided; operators also get explicit warnings naming the missing variables. This is implemented at the shared MCP connection and tool-lookup paths, including the definitions cache path, with per-user stale-cache leakage prevented when variables are cleared after caching. Watch whether any integrations rely on delayed token injection, since tools will become available only after values are set and recognized as non-empty.
This PR reorganizes InsForge documentation around a new Products hub and an Agent-Native section, adding per-product overview pages plus terminal-first workflow pages (CLI harness, diagnostics, branching, config-as-code) and updating sidebar structure and redirects so users can find setup paths from one entry point.
ContributionThe concrete change is a documentation architecture rewrite: product documentation was collapsed into focused overview/usage pages, new Agent-Native terminal-operability guides were added, and the docs navigation was restructured with redirects to keep moved pages discoverable.
ImpactDevelopers and operators using InsForge docs should be able to onboard and execute terminal-based workflows (CLI, diagnostics, branching, config-as-code) with less confusion, which reduces the chance of setup mistakes and delayed integrations caused by scattered or outdated navigation. The practical risk to monitor is whether the removal of detailed architecture/troubleshooting pages and the new redirects introduce missing context or broken deep links; watch issue reports and user feedback for link failures or increased questions on advanced configuration cases.
The patch adds a new `AGENTMEMORY_TOOLS=all` env option and updates standalone proxy behavior so requests for all tools return the bundled full MCP tool definitions even when the remote `/agentmemory/mcp/tools` endpoint reports only a reduced set, while preserving existing `AGENTMEMORY_URL` and `AGENTMEMORY_SECRET` override paths.
ContributionIntroduces a concrete integration fix for MCP tool discovery: a new configuration switch (`AGENTMEMORY_TOOLS=all`) plus proxy-mode fallback logic that returns the complete bundled tool manifest when the remote endpoint is incomplete, preventing hardcoded localhost behavior and proxy-mode forcing.
ImpactOperators using AgentMemory with Codex can now expose the full MCP tool surface consistently in deployments that are remote or protected, so plugin features that depend on full tool discovery work without brittle localhost hacks or forced proxy-only operation. This lowers integration friction for CI/CD and production orchestration workflows that rely on the plugin manifest to enumerate available tools. Watch for whether remote services still return partial tool lists under load or version skew, because the fallback path can only compensate when endpoint mismatches happen, so stale or inconsistent endpoint responses could still hide or misreport capabilities.
The PR changes build settings for three Node CJS bundles so `zod` is bundled inside the output instead of treated as an external dependency. This directly removes the runtime dependency on `plugin/node_modules/zod` that caused `Cannot find module 'zod/v3'` during startup in several 13.x releases.
ContributionThe build pipeline now inlines the pure-JS `zod` library in three Node bundles by removing it from their `external` arrays, while preserving externalization of native/large optional deps. This fixes the #2437 failure mode across install and upgrade paths that lacked `node_modules/zod`, with the worker and server-beta bundles no longer relying on external zod resolution.
ImpactPlugin users and operators are less likely to hit install/upgrade breakages in the MCP runtime because the worker path no longer crashes when a cached `zod` package is missing. In practice, this addresses the recurring `Cannot find module 'zod/v3'` issue affecting multi-platform users by ensuring those bundles are self-resolving; teams should monitor whether the additional bundle size (+8.5% to +18% in the updated CJS outputs) affects distribution constraints and whether future bundle changes reintroduce external `zod` imports.
This burst introduced MCP remote proxy support as a focused change, adding proxy routing and validation behavior updates (including env precedence and admin-scope checks) so LibreChat can use MCP backends through a remote proxy path.
ContributionAdded a concrete MCP remote proxy integration path in LibreChat, replacing inconsistent local-only proxy handling with explicit remote proxy routing, enforced environment-precedence rules, aligned bypass behavior, and stricter admin-scope behavior for proxy operations.
ImpactAdmins and operators can now connect LibreChat to external MCP services through a configured remote proxy, which can simplify enterprise integrations across network boundaries and reduce manual proxy-specific deployment work. Technical follow-up: the routing and precedence logic now centralizes how MCP endpoints are selected, while tests pin admin scope handling; teams should watch for env-variable precedence regressions, bypass-rule edge cases, and scope misconfigurations in mixed local/remote proxy deployments.
This change adds Quill to the repository’s Ecosystem section in README, exposing an external MCP plugin (`quill-mcp`) with four thinking-partner commands without adding any plugin source files.
ContributionIntroduces discoverability of an external dual-AI workflow at the ecosystem layer, so users of this plugin index can find and try Quill’s `/quill:consult`, `/quill:perspective`, `/quill:assumptions`, and `/quill:mosaic` flows from the same catalog experience.
ImpactDevelopers using this index can now find a second AI perspective tool in one place, which can speed up decision-heavy coding sessions by making alternative reasoning and challenge-of-assumptions checks easier to start. Because the entry links to an external plugin rather than shipping bundled code, teams should watch for upstream availability stability, installation friction (`pip install quill-mcp`) and whether recommendations produced by the second model are trustworthy enough for real workflows.
This PR fixes a startup initialization bug where `loadRuvllmWasm()` only imported the WASM module and never called `initRuvllmWasm()`, leaving `_wasmReady` false and causing `sona_*`, `microlora_*`, and `hnsw_*` MCP calls to throw errors or return empty results. The change makes `loadRuvllmWasm()` invoke initialization and adds a separate `loadRuvllmWasmModule()` path so `ruvllm_status` stays a pure diagnostic, then adds regression guards via a dedicated auto-init smoke test and CI job.
ContributionMoved WASM bootstrap into the MCP execution load path by calling `initRuvllmWasm()` from `loadRuvllmWasm()`, and split out a diagnostic-only module load helper so status reporting stays non-initializing. This directly changes runtime behavior: real RUVLLM operations now initialize before use instead of failing or returning empty data.
ImpactDevelopers and operators using Ruflo MCP RUVLLM tools can start `sona_*`, `microlora_*`, or `hnsw_*` workflows without the first-call failures and blank results that previously interrupted indexing, adaptation, and chat-formatting flows, making these pipelines more reliably usable after service startup. Because the normal path now performs one-time initialization inside `loadRuvllmWasm()` (with `_wasmReady` gating to keep repeated calls cheap), and a dedicated static smoke test now tracks this regression class in CI, the key follow-up is watching CI and post-publish alpha verification for any startup-latency regression or changes in status accuracy (`initialized` vs `available`) that could hide partial readiness states.
AWS published a how-to for connecting Amazon Quick to AWS services through the AWS API MCP Server using Bedrock AgentCore Runtime and Model Context Protocol. The change enables a conversational assistant flow where users can issue natural-language requests and have them translated into AWS CLI commands without switching tools.
ContributionEnabled a new MCP-mediated integration path where Bedrock AgentCore Runtime links Amazon Quick to AWS APIs, adding an operational workflow that translates natural-language prompts into executable AWS CLI actions in one chat context instead of manual cross-tool execution.
ImpactOperators and developers can run AWS tasks from a single conversational interface in urgent moments, which can reduce delay and context-switching when issuing commands, while also lowering the chance of command mistakes during fast-paced workflows. The MCP path inside AgentCore Runtime makes this depend on translation fidelity and access boundaries, so teams should monitor command generation accuracy, IAM permission enforcement on the MCP layer, and latency/reliability of the assistant-to-CLI path as usage scales.
claude-mem removed the stale root-level MCP manifest and switched plugin registration to `plugin/.mcp.json`, fixing a duplicate `mcp-search` entry that caused Claude Code to suppress the canonical `plugin:claude-mem:mcp-search` registration.
ContributionThe change deletes the obsolete root `.mcp.json` and updates distribution/build/install wiring to rely exclusively on `plugin/.mcp.json`, including package file lists, build checks, marketplace sync entries, and install entry rules. This removes an explicit duplicate MCP configuration path so only the plugin-scoped registration is authoritative.
ImpactDevelopers and operators who run claude-mem as a plugin in Claude Code should no longer see duplicate MCP registration behavior where the intended `plugin:claude-mem:mcp-search` entry is skipped, so plugin search integration is less confusing and more predictable without manual workaround. Technically, root manifest handling and sync/build guards were removed, so the next item to watch is whether existing local setup scripts or upgrade tooling still depend on a root `.mcp.json`; those paths could regress during migrations if not updated.
v13.3.0 changes Codex transcript handling to stop automatic replay from the default JSONL watcher, preventing files discovered after startup from being re-injected into session history.
ContributionThe release removes the legacy default `~/.codex/sessions/**/*.jsonl` replay path after startup and enforces hook-driven ingestion in config (`[features] hooks = true`, plugin enabled), which fixes stale-history reinjection while preserving an explicit opt-in path for legacy JSONL ingestion.
ImpactDevelopers and operators using Claude sessions will no longer get unexpected replay of old transcript chunks when a run starts, so workflows are less likely to process duplicate or stale context and produce confusing results. The change is implemented by disabling the default JSONL watcher and enabling native hook processing in `~/.codex/config.toml`; legacy JSONL behavior is still possible via `CLAUDE_MEM_CODEX_TRANSCRIPT_INGESTION=true` for teams that explicitly need it. Watch next for environments still depending on JSONL flows, because those users must explicitly re-enable legacy ingestion or risk missing transcript input, and for any startup transcript gaps after the migration.
The PR introduces a new `httpMiddlewares` extension point in `extensions_config.json` and automatically forwards `request.state.run_metadata` into `config["metadata"]` during run creation, so middleware can inject per-request context that MCP tool interceptors can consume without editing Gateway core files.
ContributionProvides a concrete integration mechanism for request-level context injection by loading HTTP middleware classes from configuration and plumbing middleware-produced request metadata into the run configuration used by MCP tool interceptors.
ImpactDownstream integrators and operators can now inject auth tokens, tenant IDs, or other per-session context into MCP tool execution through configuration, which reduces risky source patches and merge conflicts during upgrades while enabling safer session-aware tool routing. This is implemented by adding config-based middleware discovery (`httpMiddlewares`) and wiring `request.state.run_metadata` into `config["metadata"]`; teams should watch for malformed middleware entries, metadata validation/sanitization, and production behavior of auto-loaded middleware to avoid silent context-loss or injection failures.
The PR replaces the Windows-incompatible `sh -c` launchers in four MCP/hook config files with inline `node -e` bootstrap scripts, preserving existing hook flow while making startup path resolution and command dispatch work on Windows as well as macOS/Linux.
ContributionImplemented a concrete reliability fix by moving all launcher logic to pure Node (`fs`, `path`, `os`) inside the JSON bootstraps, then dispatching the same targets (`mcp-server`, `version-check`, `worker`) and keeping cache-path fallback order unchanged.
ImpactWindows users and operators of claude-mem should stop seeing MCP/hook startup failures and repeated error spam, so plugin tools can initialize and run to completion instead of failing with broken-pipe or connection-closed errors across Git Bash and cmd/PowerShell workflows. The change now executes path resolution and process launch with platform-neutral JavaScript, which should reduce shell-syntax-related breakage, but teams should continue watching for environment-variable precedence issues (`CLAUDE_PLUGIN_ROOT` vs `PLUGIN_ROOT`) and unusual cache-directory layouts that could still break path discovery.
The v1.9.25 release’s primary change is the introduction of MCP management capabilities in Agent Deck’s web layer, providing UI and endpoint support so users can manage MCP integrations through the app rather than relying only on offline workflows.
ContributionAdds dedicated MCP management API routes and a matching web user interface in v1.9.25, enabling creation, inspection, and control of MCP integrations directly from the terminal-session manager interface.
ImpactDevelopers and operators can now manage AI-tool integrations from Agent Deck’s web interface, which should reduce manual setup mistakes and make MCP-enabled agent workflows faster to configure and recover when integration settings drift. This is implemented by adding MCP-focused web endpoints plus UI screens for management operations, so teams should monitor endpoint permission enforcement, backward compatibility for existing MCP configs, and any breakage in UI-to-API contract behavior as they migrate to the new management path.
The PR fixes a concrete MCP configuration regression where unresolved template variables like `${AGENTMEMORY_URL}` or `${AGENTMEMORY_SECRET}` were treated as set values, so the client sent requests to an invalid literal host and failed hard instead of falling back to normal defaults.
ContributionIntroduced `resolveEnvOrEmpty(name)` and routed MCP endpoint/auth resolution through it, so placeholder-only values (`${...}`) are normalized to empty strings and do not bypass fallback checks; also aligned startup log display to avoid surfacing unresolved placeholders as real runtime config.
ImpactOperators and developers using AgentMemory MCP integrations that do not expand environment placeholders at launch will avoid failed POSTs to `${AGENTMEMORY_URL}` and the resulting DNS/connection failures, so deployments are more likely to start and connect with intended defaults. The implementation now explicitly rejects placeholder strings in `rest-proxy.ts` before `baseUrl()`/`authHeader()` validation and logs unresolved values safely, but teams should continue watching whether any custom deployments intentionally depended on literal placeholder text and whether default-auth/URL fallback behavior changes requests in edge-case startup flows.
The 1.9.25 release was amended to include a focused web-parity update: Skills and MCP management surfaces were turned from empty Web UI stubs into working flows (list/attach/detach and scope move), and PARITY_MATRIX was updated to reflect both as implemented.
ContributionImplemented web management parity for MCP and Skills by adding backend endpoints and web panes with operational flows (catalog/list/attach/detach, MCP scope moves), introducing testable manager/service seams that reuse existing TUI session helper logic, and adding unit/e2e coverage with parity-matrix updates.
ImpactWeb operators can now manage MCP tools and Skills directly in the browser UI instead of relying on terminal-only workflows, so session configuration for core capabilities becomes usable in one interface and avoids unfinished administrative flows during release usage. This was achieved by adding the MCP and Skills API + UI surfaces and wiring them through MCPManager/SkillsService to the same session helper paths used by TUI, then repointing the v1.9.25 release to the amended commit set; watch for any parity drift between Web UI and TUI behavior (missing-session handling, scope validation, and error-path consistency) after rollout.
An open issue reports that `ctx stats` fails in a plugin-only install of context-mode because the command still tries to call `context-mode_ctx_stats`, which is unavailable without the MCP server, making the documented plugin-only path non-functional.
ContributionIdentifies a concrete integration regression: the plugin-only installation path no longer correctly provides the tool surface needed by `ctx stats`, revealing that the implementation still hard-couples this command to MCP tool availability.
ImpactOpenCode operators using the plugin-only setup lose the `ctx stats` diagnostic command, so they cannot run built-in context checks during normal troubleshooting and may be blocked by misleading expectations from installation docs. Technically, `ctx stats` appears to require the unavailable `context-mode_ctx_stats` tool, which means the advertised MCP-free flow is not actually sufficient for this command. Watch whether future fixes re-register stats tool handlers in plugin-only mode or whether installation guidance is updated to explicitly require MCP for stats features.
The PR adds a web management panel for MCPs and new REST endpoints for MCP catalog retrieval and per-session attach/detach/scope changes, aligning web behavior with the existing TUI MCP flow and closing four previously missing parity cases.
ContributionImplemented a dedicated web MCP pane and MCP management handlers that expose catalog + attach/detach/move operations per session, and introduced an MCPManager-based path so web writes/read paths reuse existing session MCP helper APIs and produce the same on-disk MCP state as TUI.
ImpactUsers and operators can now manage MCPs directly in the web interface (browse catalog, attach/detach, and toggle local/global scope) instead of falling back to terminal-only workflows, which makes session MCP setup and maintenance faster and operationally consistent; this also enables automated MCP operations through a defined API contract. The web and TUI now share the same session persistence path, reducing risk of divergent `.mcp.json` behavior, but parity should be watched around scope validation, mutation-disabled paths, and remote-session path handling as MCP coverage grows.
This change removes the root `.mcp.json` and makes the plugin use only `plugin/.mcp.json`, updating package, build/sync scripts, and tests accordingly, so plugin installation has a single canonical MCP server definition instead of competing duplicates.
ContributionEliminated a redundant root MCP config file and rerouted all plugin registration references to the plugin-scoped manifest, which removes duplicate `mcp-search` definitions and enforces one effective MCP entry during install and diagnostics.
ImpactClaude Code users will stop seeing duplicate `mcp-search` warnings during `/doctor`, which should reduce setup confusion and ensure the plugin’s own `plugin:claude-mem` registration is the one actually used. The update also removes a root-level file that could suppress the namespaced plugin definition, so operators should watch for any local repository workflows that still depend on root `.mcp.json` presence and verify no automation recreates the removed file path after upgrade.
rulesync v8.19.0 fixes claudecode-mcp so global MCP configuration is written to the documented ~/.claude.json location, reducing config drift between write and read paths.
ContributionChanged claudecode-mcp’s global MCP persistence behavior to write configuration to the documented global file path and to better surface migration-related warnings/errors in that flow.
ImpactDevelopers using claudecode-mcp will get consistent MCP behavior because global settings are now saved and expected to be loaded from the same documented location, reducing silent setup failures and confusing partial-configuration states after installs or upgrades. The practical follow-up is to monitor environments with custom home paths, permission constraints, or legacy MCP state, since those setups could still fail when the standardized path is enforced.
This release tightens Kilo agent handling by defining supported frontmatter fields and adding runtime schema validation in kilo-subagent, while keeping valid global settings flowing through as before.
ContributionAdded explicit support declarations for Kilo frontmatter fields and runtime validation in kilo-subagent so unsupported/invalid agent config fields are caught before execution, while preserving propagation of legitimate global options through the subagent path.
ImpactTeams using Kilo subagents will get more predictable behavior because malformed frontmatter now fails clearly and supported global settings are forwarded consistently, instead of hidden misconfiguration causing silent setup drift in CI and automation workflows. Technically, the fix introduces explicit frontmatter field whitelisting plus runtime schema checks in kilo-subagent, which should reduce ambiguous failures during agent startup; track whether existing legacy configs rely on undocumented keys and watch for validation false positives in custom agent templates after upgrading to 8.19.0.
LlamaIndex added a new MCP notebook example showing how to launch Bilig WorkPaper over stdio with BasicMCPClient and run an end-to-end flow (tool discovery, range reads/edits, recalculation verification, JSON persistence, and loading selected MCP tools as LlamaIndex FunctionTools), with no package/API code changes.
ContributionIntroduces a docs-only integration notebook that operationalizes a concrete Bilig WorkPaper MCP workflow, giving users a reusable step-by-step reference for discovery, interaction, verification, and persistence paths without introducing new runtime code paths.
ImpactDevelopers evaluating or integrating Bilig WorkPaper with LlamaIndex can now follow a complete runnable example, reducing the time spent wiring MCP glue code before they can try real tool flows. The change also makes integration behavior more reproducible during onboarding by showing how to validate edits, recalculation readback, and tool registration end-to-end. Technical follow-up to watch: whether pinned dependencies (`llama-index-tools-mcp`, `@bilig/headless`) and MCP schema/stdio transport changes keep the notebook path stable as versions evolve.
LibreChat PR #13076 implements outbound proxy support for remote MCP SSE and Streamable HTTP transports, introducing an admin-only proxy setting plus environment fallback logic so MCP traffic can be routed through configured proxies while preserving safe request handling and timeout behavior.
ContributionAdded a concrete MCP networking capability: admin-defined outbound proxy configuration for remote MCP transports, automatic environment-variable proxy resolution, and request-time SSRF validation that blocks unsafe proxied targets while keeping user-level server definitions unable to set proxy endpoints.
ImpactAdministrators of LibreChat instances can now run remote MCP integrations through approved outbound proxies instead of requiring direct network egress, which makes deployments behind enterprise proxy policies work more reliably and reduces exposure from user-defined proxy redirection. Technically, MCP SSE and Streamable HTTP dispatch is now sent through `undici` `ProxyAgent` with URL/protocol validation, global and per-server proxy precedence, and `NO_PROXY` direct-connect and redirect-credential safeguards; monitor for edge cases in mixed proxy/NO_PROXY setups, long-lived SSE timeout interactions, and any proxy-chain misconfiguration that could still allow accidental traffic leaks or connection regressions.
This change adds configurable maximum response and line-size limits for streamable HTTP responses used by MCP, and updates MCP handling to validate stream payloads against those limits before forwarding them.
ContributionAdded a concrete safety control path for streamable MCP responses: new environment-variable knobs define max response/line sizes, and MCP connection logic now validates outbound stream chunks and logs violations when limits are exceeded.
ImpactOperators and users of LibreChat MCP streaming endpoints will see fewer unstable sessions caused by oversized stream responses, because large outputs are now checked and handled before they can exceed safe bounds. The PR introduces configurable limits plus validation and logging in MCP response handling; teams should monitor for legitimate long-form responses being rejected, tune the new limits for production traffic, and ensure alerting on repeated size violations to avoid silent truncation or needless request failures.
In v15.1.9, oh-my-pi’s web-search path now enforces a hard timeout with abort propagation, so stalled fetch requests no longer hang indefinitely.
ContributionIntroduced explicit timeout handling in web-search fetch logic and wired abort signals through the request path, preventing long-running stalled calls from staying open and blocking the operation.
ImpactUsers and operators running web-search actions in oh-my-pi will notice fewer interface stalls and less job-timeout frustration because unreachable or hanging fetches now stop automatically and propagate cancellation instead of blocking the session. The change should reduce operational drag in interactive and automated flows, while teams should still watch for false timeouts on legitimately slow endpoints and verify cleanup behavior after aborts in edge-case retry scenarios.
LibreChat now normalizes MCP tool definitions by converting empty `description` strings to `undefined` before building Bedrock tool payloads, preventing AWS Bedrock’s `toolSpec.description` validation (`length >= 1`) from rejecting requests.
ContributionUpdated `loadToolDefinitions` in both MCP definition paths (`sys__all__sys` wildcard and direct named-tool) to emit `description: toolDef.function.description || undefined`, so blank descriptions are removed from the outbound Bedrock request while non-empty descriptions remain unchanged; added unit tests in `definitions.spec.ts` for both paths to assert this behavior.
ImpactBedrock-integrated MCP users can keep tool-driven requests from failing just because a tool description is blank, so automation workflows (for example Asana MCP usage) are less likely to break at runtime and stop mid-flow. The loader now sanitizes empty descriptions to `undefined` before serialization, which prevents invalid zero-length `toolSpec.description` fields from being sent to Bedrock, and the team should continue watching for other provider-specific required fields that can still arrive empty or malformed as MCP schemas evolve.
The pull request adds first-class Fire Pass support in oh-my-pi by creating a dedicated `firepass` provider and login flow for `fpk_` subscription keys, so Fire Pass users can access the subscription model through a supported path instead of forcing the generic Fireworks credentials path.
ContributionIntroduced a new `firepass` provider with its own login command, key-handling rules, and model entry so Fire Pass credentials are no longer treated as generic Fireworks credentials. This enforces a correct wire ID translation from `firepass/kimi-k2.6-turbo` to the Fire Pass router path and limits the catalog to the supported subscription model, `kimi-k2.6-turbo`.
ImpactDevelopers and operators using Fireworks Fire Pass subscriptions can now authenticate and invoke the `kimi-k2.6-turbo` model directly from `omp`, which removes the need for custom routing workarounds and prevents failures from unsupported generic model-list behavior. Concretely, the change adds provider-level separation (`firepass`) plus endpoint-specific routing and validation for `fpk_` keys, so workflows relying on subscription access should be more predictable. Watch for breakage if the Fire Pass router URL contract changes, if login validation starts rejecting valid keys due to endpoint drift, or if catalog assumptions break when the subscription model list evolves.
The CLI startup path was changed to avoid displaying a misleading default viewer port, instead reporting the actual bound viewer endpoint once binding is confirmed or explicitly skipped.
ContributionImplemented a startup readiness check that polls for viewer binding or explicit skip status, and added endpoint fields (`viewerPort`, `viewerSkipped`) so the splash display uses the true runtime viewer port instead of always presenting a default value.
ImpactOperators and users can open the correct viewer URL on startup instead of chasing the wrong default port, which reduces failed connection attempts and startup confusion when ports are remapped. The change also makes startup state explicit in `/agentmemory/livez`, so UIs can distinguish between delayed binding and intentional skips and avoid false assumptions from stale defaults. Watch for increased startup wait behavior or missing readiness fields, which could delay endpoint visibility or hide binding failures.
This PR makes `SublinearAdapter` use the native MCP solver (`mcp__ruflo-sublinear__solve`) when available and fall back to local JS CG when it is not, while exposing backend choice in `SolveResult` for downstream `trader-portfolio-cg` artifacts.
ContributionImplemented ADR-126 Phase 3 path switching by adding `SublinearAdapter.detectSublinearTool()` and a two-stage readiness check (tool presence plus optional `RUFLO_SUBLINEAR_NATIVE` override), so solver requests are sent to the native backend when mounted, otherwise to the existing local JS CG path, and propagated backend metadata via `SolveResult.method` and `SolveResult.solver` into trading-risk outputs.
ImpactTrading operators and portfolio-risk workflows can now get faster solve execution when the native Sublinear tool is reachable, while avoiding hard failures when it is not because the system automatically degrades to local JS CG and still returns usable results. In practice this reduces operational impact during partial infra rollouts and gives clearer operator visibility into which backend produced each artifact, but teams should continue monitoring native tool mount health in daemon environments, parity of native vs local outputs, and rollout behavior of `RUFLO_SUBLINEAR_NATIVE` to avoid silent routing surprises.
The commit set makes neural-trader portfolio CG execution prefer a native sublinear solver path (`mcp__ruflo-sublinear__solve`) when the plugin is present, while keeping the existing local JS CG as fallback. This is important because the operator-visible dispatch now chooses the fastest path automatically and records `method`/`solver` metadata, which materially changes how portfolio-risk runs are executed and observed.
ContributionIntroduced a new dispatch mechanism that detects and uses the native sublinear solver when `ruflo-sublinear` is available, otherwise auto-falls back to local JS CG. It adds `SublinearAdapter.detectSublinearTool()`, operator-controlled override (`RUFLO_SUBLINEAR_NATIVE=1`), and backend tagging (`method`/`solver`) that downstream `trader-portfolio-cg` writes into trading-risk metadata for verification.
ImpactTrading-risk operators and teams running neural-trader CG workflows can get much faster solve paths in environments where the native MCP tool is mounted, which can significantly reduce latency and make larger or more frequent portfolio optimization loops feasible without manual solver switching. The change is worth tracking because if the native tool is unavailable or mis-mounted, execution falls back to a slower local JS path; you should continue to watch rollout environments for plugin registration coverage, tool mounting reliability, and whether the reported `method`/`solver` always matches the actual backend.
This PR changes implicit session handling so `mem_save`-family calls without a `session_id` now resolve to the most recent active session for the project/directory, instead of always falling back to `manual-save-{project}`, which had been accumulating observations across runs.
ContributionIntroduced `store.LookupActiveSession(project, directory)` to fetch the latest open session (`ended_at IS NULL`) with directory matching, and replaced direct `defaultSessionID(project)` usage with `resolveImplicitSessionID(s, project)` across MCP handlers (`mem_save`, `mem_save_prompt`, `session_summary`, `session_start`, `session_end`, `capture_passive`). Session activity is now keyed by the resolved session ID, while explicit `session_id` input remains authoritative and the `manual-save-{project}` fallback remains only for no-active-session flows.
ImpactDevelopers and operators using Claude Code hooks without passing `session_id` will now keep observations in the correct running session instead of a catch-all manual bucket, which preserves complete session history and makes debugging or auditing per session much more reliable. Continue monitoring directory-based matching and open/closed session state (`ended_at`) during hook-heavy workflows to ensure observations are not mis-routed when cwd context changes.
This PR fixes a concrete bug where `mem_search` and `mem_context` with `scope=personal` were still applying auto-detected project SQL filters, making personal memories from another project invisible. It introduces `filterProjectForScope()` and applies it in `handleSearch` and `handleContext` so personal-scope lookups can operate across projects when no explicit `project` is provided.
ContributionAdds explicit cross-project behavior for personal-scope memory retrieval by bypassing auto project SQL filtering in the relevant MCP handlers, while keeping authoring flows auto-populated with project context.
ImpactDevelopers using MCP personal-memory search can now see their own notes across projects instead of having them disappear when switching context, so cross-project workflows recover expected memory recall and fewer task-related details are lost during retrieval. The change is implemented via `filterProjectForScope()` (used by `handleSearch` and `handleContext`) when `scope=personal` is set without an explicit `project`; continue watching for overbroad result sets or scope-boundary mistakes and validate that the new behavior does not surface unintended entries in project-mixed environments.
A notable change in this burst is making the cloud push payload size configurable, replacing a fixed upload cap so teams can tune payload batching instead of being constrained by one hardcoded value.
ContributionIntroduced a configuration control for the cloud push payload limit, changing the push path from a fixed-size policy to adjustable thresholds that can be aligned with deployment-specific network and backend constraints.
ImpactDevelopers and operators using engram cloud sync can now avoid brittle upload behavior by tuning push batch size, which helps reduce failed or delayed pushes in environments where data volume and network limits vary; teams should watch for misconfigured limits that cause either API throttling from overly large payloads or excessive chunking overhead from limits set too low.
Engram v1.15.14 changes cloud push handling from a fixed 8 MiB ceiling to a configurable limit, enabling operators of larger self-hosted projects to increase allowed payload size without changing core upload logic, while keeping the default at 8 MiB when no override is set.
ContributionIntroduced a validated `ENGRAM_CLOUD_MAX_PUSH_BYTES` configuration in cloud server runtime and wired both cloud chunk push and mutation push handlers to enforce the same configured maximum body size, replacing opaque hardcoded-limit behavior and making oversize mutation pushes fail with an explicit structured 413 response.
ImpactSelf-hosted operators can push larger Engram payloads without getting blocked by an unexpectedly small default limit, reducing failed cloud sync attempts for growing projects. The runtime now reads and validates a configurable max body size (`ENGRAM_CLOUD_MAX_PUSH_BYTES`), applies it to both push endpoints, and keeps the 8 MiB default when unset; teams should monitor mutation-push 413 trends and upstream infrastructure body-size caps (for example API gateway/proxy limits) after raising the value, since too-large settings can shift failures to other layers.
This PR changes MCP startup flow so a server configured with `requiresOAuth: true` no longer waits for a later auth error to start OAuth; `MCPConnectionFactory.createConnection()` now checks for stored tokens and, if absent, proactively runs the OAuth flow before calling `attemptToConnect()`. The flow emits `oauthRequired`, awaits `oauthHandled` or `oauthFailed`, and uses the parsed server URL to fail fast when mandatory connection metadata is missing.
ContributionImplemented a proactive authentication gate in `MCPConnectionFactory.createConnection()` for explicitly OAuth-required MCP servers, so missing-token sessions trigger OAuth before connection establishment and use the existing `handleOAuthEvents` path to coordinate `oauthHandled`/`oauthFailed` outcomes.
ImpactFor operators and users of OAuth-protected MCP integrations in LibreChat (such as Google BigQuery MCP), connections now require user authorization before the server is considered usable, which prevents the misleading state where a server appears connected but tool calls still fail with authentication errors. This materially reduces failed tool executions after connect and shortens the time to detect credential/setup problems. Implementation-wise, teams should monitor OAuth callback reliability, token persistence/load failures, and malformed `ParsedServerConfig.url` values because these conditions now directly decide whether connection proceeds or returns early with an auth URL.
This PR adds two focused regression tests to `internal/project/detect_test.go` that enforce the contract that `.engram/config.json` is not inherited from arbitrary HOME-like ancestor directories, and that project detection must come from the git root or the actual working directory. It directly covers the multi-agent mis-routing shape from #312 and codifies behavior to prevent future slips.
ContributionAdded two regression test cases that explicitly verify config inheritance boundaries: one for nested git repos and one for deeply nested non-git directories, both under HOME-like ancestors with a present parent `.engram/config.json`. The tests pin the rule that project detection must remain scoped to repository/cwd context and provide automated protection against a concrete correctness regression.
ImpactTeams running multiple agents from the same home directory are less likely to see their project context drift to a shared `~/.engram/config.json`, so tooling behavior stays aligned with each agent’s actual repo or working directory and avoids confusing cross-agent bleed-through. Technically, this guards against `detectFromConfig` regressing to ancestor-walking behavior by adding tests that fail if the lookup broadens again, and operators should keep watching whether similar context-resolution paths (for example MCP resolution flows) can reintroduce equivalent leakage through other call paths.
This PR updates documentation to clearly distinguish Pi-native Engram `mem_*` tool usage over the gentle-engram HTTP path and to define the MCP footer `error MCP: 0/N servers` as a gateway-wide health signal that can include third-party MCP servers, reducing misdiagnosis between tool-call and gateway failures.
ContributionDocumented a concrete operational distinction between native Engram tool transport and MCP gateway behavior, including explicit troubleshooting guidance for MCP footer status and Notion/direct MCP flows.
ImpactPi integrators and operators get clearer failure signals for tool and MCP issues, so they are less likely to chase the wrong layer when calls fail and can fix the real underlying cause faster. The change documents that native `mem_*` tools should use the gentle-engram HTTP path, while the `error MCP: 0/N servers` footer should be treated as an MCP gateway-level health indicator that may be influenced by third-party MCP servers, so teams should verify whether future MCP footer wording or gateway routing behavior changes reintroduce ambiguity.
A commit in the burst fixed a correctness bug where the OpenClaw plugin derived SessionDB filenames from a raw `sha256(projectDir)` hash, bypassing canonical path handling. In mixed-case paths on macOS and linked worktrees, this caused `ctx_stats` to return empty history and `ctx_search(sort: "timeline")` to lose ordering; the fix routes `getDBPath` through `resolveSessionDbPath` and re-keys the module DB singleton when the resolved path changes.
ContributionIntroduced a canonical-session-path fix and singleton lifecycle guard in OpenClaw so SessionDB selection matches the canonical helper used by other adapters and cannot retain a stale path after project context switches.
ImpactOpenClaw users on macOS and worktree-based projects stop seeing blank context stats and broken timeline sorting for prompts when project directories contain uppercase characters, improving day-to-day context query reliability during development and operations. The change implements `resolveSessionDbPath` for `getDBPath` and path-keyed singleton reset, so future project switches use the correct DB file; continue monitoring whether similar path-derivation inconsistencies persist in other adapters and whether any remaining import-order assumptions could reintroduce stale DB reuse.
v1.0.146 applies the SessionDB path-fix pattern to OpenClaw, replacing direct raw hashing for DB file naming with the shared canonical resolver so OpenClaw and MCP now use the same SessionDB location.
ContributionThe change fixes a concrete path-routing bug by removing OpenClaw’s raw `sha256(projectDir).slice(0,16)` session-key logic and calling the shared `resolveSessionDbPath` flow with `projectDir` and `sessionsDir`, aligning behavior with other adapters and adding singleton re-keying when resolved paths change.
ImpactOpenClaw users and operators should get more consistent session state between OpenClaw and MCP because both components now write and read the same canonical SessionDB path, which reduces silent session splits or resets after restart and in multi-worktree projects; monitor cross-platform path translation paths for realpath-related edge cases. This release makes path selection follow the same canonicalization pipeline (case handling, worktree suffix support, and legacy migration) used elsewhere, so future mismatches from ad-hoc hashing should be easier to detect and isolate.
Pi and OMP now resolve `SessionDB` through the shared `resolveSessionDbPath` flow, replacing hardcoded `<sessionDir>/context-mode.db` writes that caused those adapters and MCP to operate on different database files and silently degrade `ctx_stats`/`ctx_search` timelines.
ContributionFixes session-state consistency by routing both adapters to the same canonical SessionDB filename as MCP, which removes the split-storage defect where one component wrote to a hardcoded DB path while the runtime read a different hashed path.
ImpactPi and OMP users now get consistent context-history and search behavior across sessions because data is no longer split between two different SessionDB files, so tools and analytics stop degrading silently. Under the hood, both adapters now call `resolveSessionDbPath` instead of hardcoding `context-mode.db`, so the practical follow-up is to watch for any remaining adapters still using non-canonical paths and validate that existing pre-release sessions migrate cleanly without data drift.
This PR fixes stale environment URL usage in OpenHands by replacing startup-cached web URL config with a runtime resolver used by sandbox MCP generation, CORS setup, and webhook configuration, so endpoint addresses follow the current host after a restart.
ContributionIntroduced `get_current_web_url()` to re-read `OH_WEB_URL` (with `WEB_HOST` fallback) on every call, and wired Docker/Remote sandbox and live-status MCP URL paths to use it instead of a cached `web_url` in config. Added dedicated unit tests covering env priority, fallback behavior, and URL refresh correctness.
ImpactOperators restarting OpenHands sandboxes on a different host/IP can avoid MCP connection failures and misrouted callback/CORS behavior, which reduces surprise breakage immediately after restart. The fix works by resolving endpoints from live environment values rather than a one-time cached config during startup, with direct effect on MCP URLs, webhook targets, and CORS origins. Watch for any still-cached URL call paths in recently added integrations and verify behavior when `OH_WEB_URL` and `WEB_HOST` are changed while multiple sandboxes run concurrently.
In PR #4849, browser-use fixes MCP `browser_get_state` so screenshot output is controlled by `include_screenshot`: when false (default), it skips screenshot capture and omits `screenshot_dimensions`; when true, it returns the screenshot and dimensions. The flag is now passed through to `browser_session.get_browser_state_summary`, with tests added for both code paths.
ContributionCorrected MCP state retrieval behavior by making screenshot capture conditional on `include_screenshot` instead of effectively default-on, and added focused tests for both default/no-screenshot and requested-screenshot flows.
ImpactIntegrations that poll browser state via MCP can now avoid unnecessary screenshot generation by default, so repeated calls run faster and use fewer resources unless screenshots are explicitly needed for UI inspection or downstream parsing. Concretely, the change forwards `include_screenshot` into `get_browser_state_summary` and keeps `screenshot`/`screenshot_dimensions` out of responses when the flag is false, while preserving image+dimension output when true. Teams should watch for clients that silently assumed screenshots were always present, because those integrations may now see missing fields and need contract updates.
The PR fixes a Slack bug where `app_home_opened` events lacking an optional `tab` field were rejected as invalid, so the app stopped publishing the Home view for affected users; the handler now accepts such events based on `user` and only skips when the event is explicitly for the `messages` tab.
ContributionRemoved `tab` from the event validation and `ProcessAppHomeOpenedParams`, changed processing to require only `user`, added an explicit skip for `tab === 'messages'`, and added tests for absent-tab (processed), messages-tab (skipped), and missing-user (rejected).
ImpactSlack users opening App Home now get the Home view again even when Slack omits the `tab` field, so support teams should see fewer silent failures and operators should see fewer recurring invalid payload errors during those opens; continue to watch for other Slack payload shape changes (new or missing fields) that could still trigger early exits. The fix replaces a strict `tab`-type guard with a `user`-only gate, and treats non-home tabs as intentional no-op paths, which removes a false error path and preserves expected behavior for the Messages tab.
This PR adds the new `databricks-genie-bedrock-agentcore` skill, defining a first-class path for Bedrock agents to access Databricks Genie through AgentCore Gateway as a governed MCP tool.
ContributionIntroduces a concrete integration template that wires Genie spaces to Bedrock agents via AgentCore Gateway with deployment scripts and policy guidance, so teams can implement a governed Genie's-in-to-assistant workflow without ad-hoc glue code.
ImpactTeams building Bedrock assistants can now deliver governed Databricks-backed analytics capabilities directly from Genie without creating a separate data-copy workflow, so governed AI features can be rolled out faster with fewer custom integrations. The change preserves Unity Catalog governance end-to-end by exposing Genie as an MCP tool through AgentCore Gateway, and codifies OBO-first identity guidance plus M2M caveats in the same onboarding package. It should be monitored for OAuth redirect/OIDC setup correctness and AWS resource schema drift in preview APIs, because those issues can still break deployment or accidentally weaken governance expectations.
PR #1224 defines a generalized in-conversation widget architecture for agor, introducing typed MCP widget tools and a new `widget_request` message path in the transcript so agents can request values like API keys inline and continue the session while keeping raw secrets out of LLM-visible data. The design explicitly targets an env-var widget as v1 and treats persistence, event dispatch, and submission handling as first-class mechanics, with broader widget types planned on the same interface.
ContributionIntroduces a concrete capability shift from manual, out-of-band credential collection to an inline, typed widget flow: define a message-based widget state model (`widget_request` on transcript messages), route user input through a dedicated submit endpoint to daemon persistence, and return only sanitized status events to the agent. This creates a reusable primitive for future interactive widgets (confirmation, OAuth, MCP-server selection) while preserving secret handling guarantees.
ImpactOperators and users can complete onboarding tasks like supplying `HUBSPOT_API_KEY` or `GITHUB_TOKEN` inside the same conversation instead of switching context to settings pages, which reduces setup friction and makes automation flows more likely to proceed without human-side interruption; watch for regressions in submit reliability, widget persistence after daemon restarts, and timeout behavior before this pattern is rolled out broadly. The design closes the AskUserQuestion gap for agor-style assistants by placing widget lifecycle on the existing permission request/event bus model (`waitForDecision`) and storing state directly on transcript messages, while ensuring the agent channel only sees `{names, status, scope}` and never raw credential values.
In this PR, preset-io/agor updates @github/copilot-sdk from 0.2.2 to 0.3.0, with the main impact being session-scoped GitHub identity and finer-grained agent/tool controls.
ContributionThe change is a dependency upgrade to @github/copilot-sdk 0.3.0 that enables per-session GitHub authentication (session-level token identity), per-agent tool visibility controls via defaultAgent.excludedTools, and updated session behavior such as configurable session idle timeout plus sub-agent streaming metadata.
ImpactOperators and developers can now host multiple Copilot-backed sessions under different GitHub identities in one process, which reduces identity mix-up risk and makes quota/permission behavior for multi-user automation clearer. This is enabled by Copilot SDK’s new session-level auth model and session-scoped controls; teams should watch for regressions in integrations that assume one global token and ensure stream consumers handle new `agentId`-tagged sub-agent events correctly.
The PR updates LibreChat’s MCP transport logic so a remote server returning HTTP 406 during the optional streamable-HTTP GET SSE probe is treated as an unavailable optional listener, like existing pre-session 400/404/405 compatibility handling, while active sessions still follow the normal reconnect/error path.
ContributionIntroduced explicit compatibility handling for 406 Not Acceptable on MCP optional SSE GET pre-session checks, preventing unnecessary transport-failure loops, and added regression coverage to ensure pre-session fallback is distinct from active-session failure behavior.
ImpactUsers and operators using LibreChat with MCP servers are less likely to hit repeated connection failures when a server does not support the optional SSE GET listener, so integrations can continue functioning over POST-only streams instead of entering repeated retry/circuit-breaker cycles. In technical terms, 406 is now aligned with other accepted pre-session compatibility codes for GET probes, but the stricter post-session error path is preserved to avoid masking broken established streams; continue monitoring for other nonstandard server responses that may still require compatibility mapping.
Relocates subagent listing in summon from one-time initialization to a per-turn `get_instructions()` override, so summon reads updated `.agents/` and `.goose/` definitions on each response cycle instead of fixing them at session start.
ContributionFixes session-initialization freezing by changing summon instruction discovery to the existing per-turn `get_instructions()` path, enabling dynamic loading of newly added or changed agents/recipes during an active session.
ImpactDevelopers and operators can add or modify tools in `.agents/` or `.goose/` while a session is running and use them on the next reply without restarting Goose, which reduces workflow interruption during experimentation and integration. The change routes summon instruction loading through `prepare_tools_and_prompt -> get_extensions_info` each turn, so teams should monitor for any per-turn instruction-fetch latency and verify consistency when tool definitions are edited rapidly mid-session.
This update introduces an MCP-backed binlog troubleshooting flow by registering AITools.BinlogMcp in dotnet-msbuild and switching binlog-failure-analysis to use its toolset (overview, errors, search, items, properties, imports, NuGet), while keeping raw text-log replay as a fallback path for environments without MCP.
ContributionEnabled a concrete workflow improvement for build diagnostics by adding and wiring an MCP server so failure analysis can use explicit binlog inspection tools (overview, errors, search, etc.) instead of only manual log scanning.
ImpactDevelopers and build operators can triage MSBuild failures faster because binlog investigations now start from structured MCP commands instead of only scrolling text logs, which should reduce time-to-root-cause for CI and local build breakages; watch closely whether MCP tool access remains stable in production agents, since the feature is based on an unpinned prerelease package from dotnet-eng NuGet, and whether environments without MCP still get equivalent coverage through fallback replay.
v1.0.144 removes the Pi MCP bridge’s hardcoded `DEFAULT_CALL_TIMEOUT_MS = 120_000` for `tools/call`, which previously killed legitimate long-running executions, and keeps timeout control in the executor layer where it is already a per-call setting.
ContributionRemoved the bridge-level 120-second timeout gate on `tools/call` and updated timeout scheduling to skip invalid values, preventing a lower layer from unilaterally terminating long-running requests that should be governed by executor-managed per-call timeout logic.
ImpactDevelopers and CI operators no longer lose multi-minute `tools/call` workloads to an arbitrary two-minute bridge timeout, so builds, test runs, and command executions can complete without unexplained aborts. The timeout path was moved from a bridge default to executor-owned control, so teams should now watch for whether per-call timeout configuration is set appropriately and track any hanging runs that no longer receive a bridge-layer cutoff.
The PR changes MCP startup sequencing so `start.mjs` loads `server.bundle.mjs` and becomes ready before `hooks/ensure-deps.mjs` runs, preventing slow optional dependency repair work from blocking readiness; it also adds a regression test for delayed warmup behavior.
ContributionEnabled asynchronous startup behavior by executing dependency warmup and optional dependency repair off the critical path, preserving best-effort repair while guaranteeing the MCP bundle can initialize and respond within startup budget.
ImpactMCP operators using context-mode should see faster, more predictable startup completion because client readiness is no longer blocked by slow dependency warmup, reducing timeout failures in environments with slow installs or filesystems. The mechanism now delays optional repair work to a detached Node process after bundle import/stdio readiness, so startup responsiveness improves for latency-sensitive clients. Watch for whether repair failures surface clearly in logs and whether delayed repair introduces runtime dependency failures later in a session.
The PR updates herdr’s packaging build flow so the vendored libghostty-vt Zig build is invoked with `-Dcpu=baseline`, preventing host-only CPU extensions from leaking into the produced Linux x86_64 artifact.
ContributionAdds an explicit CPU-baseline flag to the nested vendored libghostty-vt compilation step inside herdr’s `build.rs`-driven build path, so compiled output stays compatible with non-specialized x86_64 systems.
ImpactOperators and users running herdr on older x86_64 Linux hosts should see fewer unexpected `SIGILL` crashes from generated binaries because the package no longer emits instructions only supported by the build machine; the repo should next verify that other nested native/build-script steps also avoid host-feature leakage so this compatibility fix does not become only partial.
In this release, builder-app’s FastMCP execution path was corrected to await async tool callables, preventing coroutine-based tools from being invoked without actual execution.
ContributionFixes a correctness bug in tool dispatch by explicitly awaiting coroutine-returning FastMCP tool functions, so async handlers complete before the caller proceeds.
ImpactDevelopers using builder-app with async MCP tools will see more reliable tool call behavior, because tool actions are now executed and returned properly instead of appearing to silently do nothing or complete incorrectly. This reduces broken automation flows and debugging time during tool-integrated agent workflows. It also changes where exceptions are observed, so teams should watch for newly surfaced async errors and verify timeout/error-handling behavior under sustained tool call load.
The PR removes MCP tool dependencies from databricks-skills and rewires the skills to execute Databricks operations through `databricks` CLI commands and `WorkspaceClient` SDK calls, with MCP retained only for the explicit External MCP Server feature.
ContributionConverts skill execution from MCP-specific tool calls to standardized Databricks CLI/SDK patterns, which makes the same skill set portable across AI coding assistants and removes an assistant-specific integration dependency.
ImpactDevelopers and AI assistant builders using these Databricks skills can move workflows across environments with fewer integration failures, because the skills no longer depend on one assistant-specific MCP tool layer and can use Databricks-native interfaces directly. Technically, MCP tool invocations are replaced by `databricks` CLI commands (for example SQL execution) and direct `WorkspaceClient` usage, while preserving the External MCP Server path only where explicitly needed. This should be monitored by re-running the affected agent-bricks/Genie/SQL skill flows to catch regressions in behavior or auth/permission assumptions that were previously masked by MCP abstractions.
In v1.0.142, context-mode changed the Codex CLI startup path so fetch-and-index dependency installation (`turndown`, `turndown-plugin-gfm`, `@mixmark-io/domino`) is run in the background instead of blocking MCP server boot, reducing cold-start blocking on fresh installations.
ContributionMoved dependency installation required by `ctx_fetch_and_index` from synchronous startup to a detached background task, preventing the first boot path from being blocked by package installs while preserving the same toolchain for later use.
ImpactDevelopers and operators using fresh Codex CLI installations will see the context-mode MCP server start quickly instead of timing out during bootstrap, which directly reduces failed startup incidents and improves reliability for automated tool launches. Because dependency fetch now happens on-demand at first `ctx_fetch_and_index` call, teams should monitor first-call latency and any background install failures (especially network or package-resolution errors), since issues now shift from initial boot time to runtime path behavior.
This PR is a design/analysis signal that locks in Variant C for Agor: a hybrid architecture where execution runs in a local agent on the developer machine while a hosted daemon remains the system of record for canvas state. It narrows the risk surface to offline/reconnect conflict resolution and long-lived agent auth/revocation, then proposes a phased eight-PR implementation path (D1–D8), starting from RPC design and ending with sync/conflict handling and optional Electron wrapping.
ContributionDefines a concrete product architecture for distributed Agor deployments: local code execution remains machine-local while shared project state stays on a hosted source-of-truth daemon, enforced by one-worktree-per-home. It also turns this into a trackable plan by enumerating the exact hard parts (offline conflict recovery and auth with revocation) and sequenced deliverables (D1-D8) for implementation.
ImpactDevelopers and operators would gain a realistic path to collaborate on a shared Agor workspace without moving all work onto hosted infrastructure, so teams can keep repos and runtime environment on their own machines while still contributing to a central canvas. The design also makes future rollout decisions explicit by isolating the critical dependencies: offline buffering/reconnect and authorization correctness must work before distributed mode is usable, and progress should be watched at the D4, D6, and D7 milestones for merge correctness and access-control safety.
This change registers a new `AITools.BinlogMcp` MCP server in the `dotnet-msbuild` plugin and rewires the `binlog-failure-analysis` skill to use MCP binlog tools as the primary flow, while keeping text-log replay as fallback when MCP is unavailable.
ContributionThe PR introduces a concrete integration change: plugin-level MCP server declaration plus skill-level execution rewiring to an MCP-first binlog analysis path. It changes the failure-analysis behavior from primarily text-log flow to structured MCP tool calls (for overview, errors, search, items, properties, imports, nuget), and updates evaluation guidance to reward MCP usage.
ImpactDevelopers and operators debugging .NET build failures can now triage `binlog-failure-analysis` runs faster and with lower resource usage because the skill now defaults to MCP tools instead of relying only on replaying logs. In the provided local benchmark, token volume dropped 55%, tool-call count dropped 54%, and runtime dropped 80% (201.2s to 39.5s), with rubric quality improving from 3.6/5 to 4.0/5; continue watching MCP availability in runtime environments, behavior consistency after automatic dependency updates, and whether the unpinned prerelease MCP package source causes environment-specific breakage.
This Ruflo dependency bump to sublinear-time-solver 1.7.2 adds `find_anomalous_rows_in_subset`, shifting contrastive top-k anomaly checks to operate on caller-provided candidate rows instead of always scanning the full row space.
ContributionIntroduces a new subset-based contrastive primitive so callers can run anomaly boundary checks only on selected candidate rows, enabling sub-linear top-k behavior on sparse-update workloads instead of always paying for a full scan.
ImpactRuflo operators handling graph updates with few affected rows should observe faster anomaly-check paths on those incremental workloads, because the solver now evaluates only a supplied candidate set rather than scanning all rows, so latency can improve when updates are sparse. The change pairs a candidate-set scan with the existing O(log n) per-query primitive to lower contrastive cost to O(|candidates| log n); this speedup should be monitored closely to ensure Ruflo’s candidate-generation logic keeps candidate sets small and complete enough to avoid missing top-k anomalies.
The AWS post describes adding a custom Model Context Protocol (MCP) server for Kiro CLI so terminal-based agents can persist and retrieve conversation context through Amazon Bedrock AgentCore Memory.
ContributionIntroduced an implementation pattern where Kiro CLI connects to Amazon Bedrock AgentCore Memory through a custom MCP server, enabling command-line AI agents to externalize and reuse conversation state across interactions with optional memory usage monitoring and infrastructure control.
ImpactDevelopers using Kiro CLI can keep AI-agent conversations consistent across sessions, so they no longer need to restate prior context manually and agent workflows can continue with better continuity. Practically, this is a developer/operator-facing feature that changes where memory state lives (outside the session in managed AgentCore Memory), so teams should watch for credential handling, memory-retention correctness, and whether context lookups add latency or cost as conversations scale.
LibreChat introduced OAuth 2.0 On-Behalf-Of (OBO) support for MCP server connections, so OIDC-authenticated users can access protected MCP servers using their existing identity without starting a separate OAuth redirect flow for each server.
ContributionImplemented an `OboTokenService` that centralizes OBO token exchange logic and delegated `GraphTokenService` to it, added `resolveOboToken` validation/exchange flow in `packages/api`, added OBO configuration (`obo.scopes`) in both YAML and UI, and switched MCP tool calls to use refreshed, OBO-derived tokens via headers with explicit erroring on exchange failure.
ImpactUsers of LibreChat authenticated with OpenID Connect can use MCP tool integrations without being prompted to re-login per MCP server, which reduces operational friction and should lower authentication-related support incidents for multi-server setups; teams should monitor deployments where scopes or app registration settings are incomplete, since that can still break MCP access.
This PR rewrites the `experimental` A/B ground-truth fixtures for five ai-dev-kit skills so `outputs.response` is now a tool-agnostic natural-language confirmation set rather than MCP-only assertions, enabling direct side-by-side comparison of MCP versus CLI evaluation paths.
ContributionConverted response checks for the five skills from MCP-prescriptive tool-call checks to reusable, backend-agnostic expected response descriptions, while preserving per-case metadata and adding a full `databricks-ai-functions` ground-truth set so one evaluation corpus can be used for both tool modes.
ImpactMaintainers and evaluation operators can now use the same skill test cases for MCP and CLI modes, which should cut repeated eval-authoring work and make outcome comparisons reflect behavioral differences instead of tooling-specific formatting differences; this PR’s run also shows a concrete operator-facing win in `databricks-agent-bricks` where the CLI-first variant reached a usable artifact. Keep watching whether dropping MCP-only cases masks regressions in MCP-only workflows and whether future prompt changes keep the cross-mode comparability stable since eval artifacts (`evaluation_results.json`/`report.html`) are not committed in this PR.
The PR rewires ByteRover skill installation so autonomous agents like Hermes and OpenClaw get a managed skill package (multi-file `SKILL` layout) and an automatically maintained `BYTEROVER RULES` block in their system prompts, while hub install now infers per-agent default scope instead of always forcing `project`.
ContributionImplemented a new autonomous-agent installation flow that splits ByteRover into managed sub-skill files and adds idempotent system-prompt attachment/removal (`BEGIN/END BYTEROVER RULES`) with per-agent default scope resolution, eliminating the previous `project`-scope default path that broke global-only agents.
ImpactAutonomous-agent operators using Hermes or OpenClaw can now install/update ByteRover with fewer failed setups and more consistent prompt behavior, because the memory/behavior rules are automatically applied and refreshed instead of being dropped or forgotten. This is enabled by scoped, per-agent path handling plus marker-bounded prompt patching (`upsert/remove/has`) that preserves surrounding prompt content. Watch for any changes in custom agent environments where inferred defaults (`HERMES_HOME`, `OPENCLAW_STATE_DIR`, `OPENCLAW_CONFIG_PATH`) or marker parsing could misplace or skip the managed block.
This PR’s primary change is a migration to tool-mode-only execution for byterover query/curate workflows: `brv-query` and curate now run through provider-free MCP envelopes, `brv-curate` is replaced by `brv-curate-html`, and `BRV_*_TOOL_MODE` switches are removed.
ContributionRemoved dependency on an on-request LLM-provider path for core byterover workflows by replacing the old natural-language curate API with a structured `bv-topic` HTML tool envelope, so `brv query` and `brv curate` share one provider-free execution model.
ImpactTeams integrating byterover in CLI or MCP tools can run topic query and curation end-to-end without an LLM provider configured, which simplifies secure or restricted deployments and avoids blocking workflows on provider availability or credentials. The rollout enforces a breaking input contract change: old `brv-curate` clients sending `{context, files, folder}` must move to `brv-curate-html` with `{html, confirmOverwrite?}`, and operators should monitor compatibility failures from legacy integrations and any latent assumptions about markdown writes because new saves are now HTML `<bv-topic>` based.
The pull request adds sidecar update callsites for all tool-mode activity paths in byterover-cli, so curate writes and query reads now update runtime-signal history in existing `update`/`delete`/`list` store flows instead of leaving sidecar metadata stale.
ContributionIntroduces and wires two helper invocations—`bumpSidecarOnCurateWrite` and `bumpSidecarOnQueryRead`—into the four tool-mode touchpoints that previously did not update the sidecar (`curate-html-direct`, CLI `curate-session`, SearchExecutor read path, and QueryExecutor tool-mode execution), and passes the daemon runtime store into both executors so updateCount, recency, and accessCount are tracked through existing call paths.
ImpactTool-mode users that rely on signal-driven ranking will now see their recent activity reflected in ranking behavior, instead of frequently active topics being treated as if they were new or untouched, which should reduce incorrect candidate pruning and stale decay decisions. The PR connects the missing write/read hooks to the existing sidecar schema without adding new store APIs, so follow-ups should verify whether any remaining tool-mode branches still bypass these bumps and whether swallowed no-op/store-missing paths could hide regressions in production usage.
The PR adds a timeout guard to `hostServiceCall` in `packages/mcp-v2`, using `AbortController` so relay calls default to 30,000 ms (with optional override via `HostServiceCallOptions.timeoutMs`) and return a structured timeout error instead of letting MCP requests run until Vercel’s 300-second hard timeout.
ContributionIntroduced bounded request execution for relay-backed MCP tools with configurable timeout control, explicit abort handling, and timer cleanup, converting long-hanging calls into bounded failures returned as tool errors.
ImpactMCP clients and users calling `agents_run`, `agents_list`, `workspaces_create`, and `workspaces_delete` should experience faster failure recovery when a host/relay is slow or unavailable, because stalled calls now stop around 30 seconds instead of occupying a Vercel Lambda for 300 seconds and flooding operations with timeout incidents. The change uses `AbortController` in `hostServiceCall` with `HostServiceCallOptions.timeoutMs` overrides and catches the raised timeout (`Host <id> timed out after <ms> for <procedure>`) in the tool handler so callers get an immediate error response; teams should watch for legitimate long-running relay calls that may need larger timeout settings and verify client surfaces now correctly handle the new tool-error path.
This change updates the `agentmemory connect codex` flow to install AgentMemory lifecycle hooks into `~/.codex/hooks.json`, preferring installed plugin cache hook paths and falling back to bundled plugin paths, while deduplicating prior AgentMemory entries and preserving unrelated user hooks. It also adds Windows support for the connect path.
ContributionAdded explicit hook-registration behavior in the Codex connect command so AgentMemory installs a working lifecycle-hook path in current Codex builds: write into `~/.codex/hooks.json`, resolve hook scripts from installed plugin cache first with bundled fallback, and protect users from duplicate/overwritten hook entries.
ImpactDevelopers and operators using Codex with AgentMemory now get lifecycle observations again from connect-enabled sessions, so installs no longer look successful while tool calls silently produce no tracked events. The change is achieved by writing config-layer hook entries into Codex and using a fallback path strategy until upstream Codex plugin-dispatch discovery becomes fully reliable; watch for regressions if Codex changes hook discovery rules, path precedence, or Windows hook resolution.
Added a dedicated GitHub Copilot CLI integration path by introducing plugin manifest assets, a `connect` command for MCP config wiring, and hook compatibility handling so Copilot can work through the same agentmemory observation flow as other adapters.
ContributionImplemented first-class Copilot CLI support with new plugin artifacts and a CLI connect command that merges agentmemory into Copilot MCP config safely (including idempotent updates), while extending hook input handling to accept Copilot camelCase fields such as `sessionId` and `toolName` alongside existing formats.
ImpactDevelopers using GitHub Copilot CLI can now connect agentmemory through a supported setup path instead of manual/config-fragile MCP wiring, reducing onboarding friction and the chance of broken hook integration during deployment. This is achieved by adding `plugin/plugin.json`/`plugin/.mcp.copilot.json`, a CLI merge flow for `mcp-config.json` with idempotent behavior, and broader payload-shape handling in hook adapters; teams should still watch for regressions from Copilot payload schema changes, Windows command execution edge cases, and unintended MCP config merge behavior when mixed with existing third-party MCP entries.
Serena’s `replace_content`/edit path can reuse a stale cached file buffer after a file was modified outside the tool, causing writes to silently discard newer external changes (one reported case lost 388 lines).
ContributionThe primary technical fix is to prevent stale cached reads: before reusing a cached `LSPFileBuffer`, compare cached metadata (e.g., mtime/hash) with on-disk state and invalidate/reload the buffer so edit helpers always operate on current content.
ImpactDevelopers using Serena alongside other editors or Git in the same workspace can lose legitimate on-disk updates without any error—`replace_content` may write stale content and erase their latest changes—so teams should prioritize enabling/validating file-change invalidation and then monitor whether multi-tool edit workflows still produce silent overwrite incidents. The intended implementation is an `open_file()` guard that detects changed `mtime` and forces a fresh read before `replace_content` computes replacements, which reduces silent data-loss risk during MCP-based editing workflows.