codeant-ai-for-open-source[bot] commented on code in PR #38562:
URL: https://github.com/apache/superset/pull/38562#discussion_r2930412148
##########
superset/mcp_service/server.py:
##########
@@ -252,6 +364,13 @@ def run_server(
middleware=middleware_list or None,
)
+ # Apply tool search transform if configured
+ tool_search_config = flask_app.config.get(
+ "MCP_TOOL_SEARCH_CONFIG", MCP_TOOL_SEARCH_CONFIG
+ )
+ if tool_search_config.get("enabled", False):
+ _apply_tool_search_transform(mcp_instance, tool_search_config)
Review Comment:
**Suggestion:** The search transform allows renaming the discovery tool, but
the response-size guard exclusion list is static (`search_tools`). If
`search_tool_name` is customized, large search responses can be incorrectly
blocked by the size guard, breaking tool discovery. Add the configured search
tool name to `size_guard_middleware.excluded_tools` before applying the
transform. [logic error]
<details>
<summary><b>Severity Level:</b> Major ⚠️</summary>
```mdx
- ❌ Renamed search tool responses can be wrongly blocked.
- ⚠️ Tool discovery fails for large schema queries.
- ⚠️ MCP clients receive ToolError instead of schemas.
```
</details>
```suggestion
tool_search_config = flask_app.config.get(
"MCP_TOOL_SEARCH_CONFIG", MCP_TOOL_SEARCH_CONFIG
) or {}
if tool_search_config.get("enabled", False):
search_tool_name = tool_search_config.get("search_tool_name",
"search_tools")
if size_guard_middleware is not None:
size_guard_middleware.excluded_tools.add(search_tool_name)
_apply_tool_search_transform(mcp_instance, tool_search_config)
```
<details>
<summary><b>Steps of Reproduction ✅ </b></summary>
```mdx
1. Configure `MCP_TOOL_SEARCH_CONFIG` with a renamed search tool (e.g.,
`"search_tool_name": "find_tools"`) and keep response guard enabled;
defaults show static
exclusion `"search_tools"` in `superset/mcp_service/mcp_config.py:225-231`
while rename is
supported in `superset/mcp_service/mcp_config.py:263`.
2. Start MCP via CLI path `superset/cli/mcp.py:28-37`, which calls
`run_server()` and
non-factory branch in `superset/mcp_service/server.py:336-372` creates
`size_guard_middleware` then applies transform from renamed config.
3. Invoke renamed discovery tool (`find_tools`) with a broad query;
transform uses
configured name in `_apply_tool_search_transform`
(`superset/mcp_service/server.py:235-241`), returning potentially large
schema payloads.
4. `ResponseSizeGuardMiddleware.on_call_tool` checks `tool_name in
self.excluded_tools`
(`superset/mcp_service/middleware.py:49-51`); renamed tool is not excluded,
so oversized
result is blocked at `superset/mcp_service/middleware.py:88-127` with
`ToolError`,
breaking discovery.
```
</details>
<details>
<summary><b>Prompt for AI Agent 🤖 </b></summary>
```mdx
This is a comment left during a code review.
**Path:** superset/mcp_service/server.py
**Line:** 368:372
**Comment:**
*Logic Error: The search transform allows renaming the discovery tool,
but the response-size guard exclusion list is static (`search_tools`). If
`search_tool_name` is customized, large search responses can be incorrectly
blocked by the size guard, breaking tool discovery. Add the configured search
tool name to `size_guard_middleware.excluded_tools` before applying the
transform.
Validate the correctness of the flagged issue. If correct, How can I resolve
this? If you propose a fix, implement it and please make it concise.
```
</details>
<a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F38562&comment_hash=9ecfc6967a191085cc47547992232482a489150f719c9ff6077cc09486014757&reaction=like'>👍</a>
| <a
href='https://app.codeant.ai/feedback?pr_url=https%3A%2F%2Fgithub.com%2Fapache%2Fsuperset%2Fpull%2F38562&comment_hash=9ecfc6967a191085cc47547992232482a489150f719c9ff6077cc09486014757&reaction=dislike'>👎</a>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
