npm - @musashishao/agent-kit - Versions diffs - 1.0.0 → 1.1.0 - Mend

@musashishao/agent-kit 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @musashishao/agent-kit might be problematic. Click here for more details.

Files changed (23) hide show

package/.agent/skills/mcp-builder/tool-patterns.md ADDED Viewed

@@ -0,0 +1,642 @@
+# MCP Tool Design Patterns
+> Patterns for designing effective, user-friendly MCP tools.
+## Core Principles
+| Principle | Description |
+|-----------|-------------|
+| **Single Purpose** | One tool does one thing well |
+| **Clear Naming** | Action-oriented: verb_noun |
+| **Validated Input** | Schema with types and descriptions |
+| **Structured Output** | Predictable, parseable responses |
+| **Graceful Errors** | Helpful error messages |
+---
+## Pattern 1: CRUD Operations
+For managing entities (users, tasks, documents):
+```python
+# CREATE
+@mcp.tool()
+def create_task(
+    title: str,
+    description: str = "",
+    priority: str = "medium",
+    due_date: str = None
+) -> dict:
+    """Create a new task.
+    Args:
+        title: Task title (required)
+        description: Detailed description
+        priority: One of 'low', 'medium', 'high'
+        due_date: Due date in YYYY-MM-DD format
+    Returns:
+        Created task with ID and timestamps
+    """
+    task = {
+        "id": generate_id(),
+        "title": title,
+        "description": description,
+        "priority": priority,
+        "due_date": due_date,
+        "status": "pending",
+        "created_at": datetime.now().isoformat(),
+    }
+    save_task(task)
+    return {"success": True, "task": task}
+# READ (single)
+@mcp.tool()
+def get_task(task_id: str) -> dict:
+    """Get a task by ID.
+    Args:
+        task_id: Unique task identifier
+    Returns:
+        Task details or error if not found
+    """
+    task = load_task(task_id)
+    if not task:
+        return {"error": f"Task not found: {task_id}"}
+    return task
+# READ (list with filters)
+@mcp.tool()
+def list_tasks(
+    status: str = None,
+    priority: str = None,
+    limit: int = 10
+) -> dict:
+    """List tasks with optional filters.
+    Args:
+        status: Filter by status ('pending', 'in_progress', 'done')
+        priority: Filter by priority ('low', 'medium', 'high')
+        limit: Maximum number of tasks to return
+    Returns:
+        List of matching tasks
+    """
+    tasks = load_all_tasks()
+    if status:
+        tasks = [t for t in tasks if t["status"] == status]
+    if priority:
+        tasks = [t for t in tasks if t["priority"] == priority]
+    return {
+        "tasks": tasks[:limit],
+        "total": len(tasks),
+        "showing": min(limit, len(tasks))
+    }
+# UPDATE
+@mcp.tool()
+def update_task(
+    task_id: str,
+    title: str = None,
+    status: str = None,
+    priority: str = None
+) -> dict:
+    """Update task properties.
+    Args:
+        task_id: Task to update
+        title: New title (optional)
+        status: New status (optional)
+        priority: New priority (optional)
+    Returns:
+        Updated task or error
+    """
+    task = load_task(task_id)
+    if not task:
+        return {"error": f"Task not found: {task_id}"}
+    if title:
+        task["title"] = title
+    if status:
+        task["status"] = status
+    if priority:
+        task["priority"] = priority
+    task["updated_at"] = datetime.now().isoformat()
+    save_task(task)
+    return {"success": True, "task": task}
+# DELETE
+@mcp.tool()
+def delete_task(task_id: str) -> dict:
+    """Delete a task.
+    Args:
+        task_id: Task to delete
+    Returns:
+        Confirmation or error
+    """
+    task = load_task(task_id)
+    if not task:
+        return {"error": f"Task not found: {task_id}"}
+    remove_task(task_id)
+    return {"success": True, "deleted": task_id}
+```
+---
+## Pattern 2: API Integration
+For connecting to external APIs:
+```python
+import httpx
+import os
+@mcp.tool()
+async def github_create_issue(
+    repo: str,
+    title: str,
+    body: str = "",
+    labels: list[str] = []
+) -> dict:
+    """Create a GitHub issue.
+    Args:
+        repo: Repository in format 'owner/repo'
+        title: Issue title
+        body: Issue body in markdown
+        labels: List of label names to apply
+    Returns:
+        Created issue details with URL
+    """
+    token = os.environ.get("GITHUB_TOKEN")
+    if not token:
+        return {"error": "GITHUB_TOKEN environment variable not set"}
+    async with httpx.AsyncClient() as client:
+        response = await client.post(
+            f"https://api.github.com/repos/{repo}/issues",
+            headers={
+                "Authorization": f"Bearer {token}",
+                "Accept": "application/vnd.github.v3+json",
+            },
+            json={
+                "title": title,
+                "body": body,
+                "labels": labels,
+            },
+            timeout=30.0,
+        )
+        if response.status_code == 201:
+            issue = response.json()
+            return {
+                "success": True,
+                "issue_number": issue["number"],
+                "url": issue["html_url"],
+                "title": issue["title"],
+            }
+        elif response.status_code == 401:
+            return {"error": "Invalid GitHub token"}
+        elif response.status_code == 404:
+            return {"error": f"Repository not found: {repo}"}
+        else:
+            return {
+                "error": f"GitHub API error: {response.status_code}",
+                "details": response.text[:200]
+            }
+@mcp.tool()
+async def fetch_url(
+    url: str,
+    method: str = "GET",
+    headers: dict = None
+) -> dict:
+    """Fetch content from a URL.
+    Args:
+        url: URL to fetch
+        method: HTTP method (GET, POST, etc.)
+        headers: Optional headers to include
+    Returns:
+        Response content and metadata
+    """
+    async with httpx.AsyncClient() as client:
+        try:
+            response = await client.request(
+                method=method,
+                url=url,
+                headers=headers or {},
+                timeout=30.0,
+            )
+            return {
+                "status_code": response.status_code,
+                "content_type": response.headers.get("content-type", "unknown"),
+                "content": response.text[:10000],  # Limit content size
+                "truncated": len(response.text) > 10000,
+            }
+        except httpx.ConnectError:
+            return {"error": f"Failed to connect to {url}"}
+        except httpx.TimeoutException:
+            return {"error": f"Request to {url} timed out"}
+```
+---
+## Pattern 3: File Operations
+For reading/writing files safely:
+```python
+from pathlib import Path
+import mimetypes
+# Define allowed directory
+ALLOWED_DIR = Path.home() / "mcp-files"
+def validate_path(path: str) -> Path:
+    """Validate path is within allowed directory."""
+    resolved = Path(path).resolve()
+    if not resolved.is_relative_to(ALLOWED_DIR):
+        raise ValueError(f"Access denied: {path}")
+    return resolved
+@mcp.tool()
+def read_file(path: str) -> dict:
+    """Read a file's contents.
+    Args:
+        path: Path relative to allowed directory
+    Returns:
+        File contents and metadata
+    """
+    try:
+        file_path = validate_path(path)
+    except ValueError as e:
+        return {"error": str(e)}
+    if not file_path.exists():
+        return {"error": f"File not found: {path}"}
+    if not file_path.is_file():
+        return {"error": f"Not a file: {path}"}
+    # Check file size
+    size = file_path.stat().st_size
+    if size > 1_000_000:  # 1MB limit
+        return {"error": f"File too large: {size} bytes (max 1MB)"}
+    try:
+        content = file_path.read_text()
+    except UnicodeDecodeError:
+        return {"error": "Cannot read binary file as text"}
+    return {
+        "path": str(file_path),
+        "content": content,
+        "size": size,
+        "mime_type": mimetypes.guess_type(str(file_path))[0],
+    }
+@mcp.tool()
+def write_file(
+    path: str,
+    content: str,
+    append: bool = False
+) -> dict:
+    """Write content to a file.
+    Args:
+        path: Path relative to allowed directory
+        content: Content to write
+        append: If true, append instead of overwrite
+    Returns:
+        Confirmation with file details
+    """
+    try:
+        file_path = validate_path(path)
+    except ValueError as e:
+        return {"error": str(e)}
+    # Create parent directories
+    file_path.parent.mkdir(parents=True, exist_ok=True)
+    # Write content
+    mode = "a" if append else "w"
+    with open(file_path, mode) as f:
+        f.write(content)
+    return {
+        "success": True,
+        "path": str(file_path),
+        "size": file_path.stat().st_size,
+        "mode": "appended" if append else "written",
+    }
+@mcp.tool()
+def list_directory(path: str = ".") -> dict:
+    """List contents of a directory.
+    Args:
+        path: Directory path relative to allowed directory
+    Returns:
+        List of files and subdirectories
+    """
+    try:
+        dir_path = validate_path(path)
+    except ValueError as e:
+        return {"error": str(e)}
+    if not dir_path.exists():
+        return {"error": f"Directory not found: {path}"}
+    if not dir_path.is_dir():
+        return {"error": f"Not a directory: {path}"}
+    items = []
+    for item in dir_path.iterdir():
+        items.append({
+            "name": item.name,
+            "type": "directory" if item.is_dir() else "file",
+            "size": item.stat().st_size if item.is_file() else None,
+        })
+    return {
+        "path": str(dir_path),
+        "items": sorted(items, key=lambda x: (x["type"], x["name"])),
+        "count": len(items),
+    }
+```
+---
+## Pattern 4: Database Queries
+For safe database access:
+```python
+import sqlite3
+from typing import List, Any
+def get_db_connection():
+    """Get database connection."""
+    return sqlite3.connect(os.environ.get("DATABASE_PATH", "data.db"))
+@mcp.tool()
+def query_database(
+    sql: str,
+    params: List[Any] = []
+) -> dict:
+    """Execute a read-only SQL query.
+    Args:
+        sql: SQL SELECT query
+        params: Query parameters for safe binding
+    Returns:
+        Query results as list of dictionaries
+    """
+    # Validate read-only query
+    normalized = sql.strip().upper()
+    if not normalized.startswith("SELECT"):
+        return {"error": "Only SELECT queries are allowed"}
+    # Check for dangerous patterns
+    dangerous = ["DROP", "DELETE", "UPDATE", "INSERT", "ALTER", "CREATE", "--", ";"]
+    for pattern in dangerous:
+        if pattern in normalized:
+            return {"error": f"Query contains forbidden pattern: {pattern}"}
+    conn = get_db_connection()
+    conn.row_factory = sqlite3.Row
+    try:
+        cursor = conn.execute(sql, params)
+        rows = [dict(row) for row in cursor.fetchall()]
+        return {
+            "success": True,
+            "rows": rows,
+            "count": len(rows),
+            "columns": list(rows[0].keys()) if rows else [],
+        }
+    except sqlite3.Error as e:
+        return {"error": f"Database error: {str(e)}"}
+    finally:
+        conn.close()
+@mcp.tool()
+def get_table_schema(table: str) -> dict:
+    """Get schema information for a table.
+    Args:
+        table: Table name
+    Returns:
+        Column definitions and indexes
+    """
+    # Validate table name (alphanumeric only)
+    if not table.replace("_", "").isalnum():
+        return {"error": "Invalid table name"}
+    conn = get_db_connection()
+    try:
+        # Get column info
+        cursor = conn.execute(f"PRAGMA table_info({table})")
+        columns = [
+            {
+                "name": row[1],
+                "type": row[2],
+                "nullable": not row[3],
+                "primary_key": bool(row[5]),
+            }
+            for row in cursor.fetchall()
+        ]
+        if not columns:
+            return {"error": f"Table not found: {table}"}
+        return {
+            "table": table,
+            "columns": columns,
+        }
+    finally:
+        conn.close()
+```
+---
+## Pattern 5: Long-running Operations
+For operations that take time:
+```python
+import asyncio
+from typing import Callable
+@mcp.tool()
+async def process_batch(
+    items: List[str],
+    operation: str = "process"
+) -> dict:
+    """Process a batch of items with progress tracking.
+    Args:
+        items: List of items to process
+        operation: Operation to perform on each item
+    Returns:
+        Results for all items
+    """
+    results = []
+    errors = []
+    for i, item in enumerate(items):
+        try:
+            # Process item
+            result = await process_single_item(item, operation)
+            results.append({"item": item, "result": result})
+            # Log progress for debugging
+            progress = (i + 1) / len(items) * 100
+            logger.info(f"Progress: {progress:.0f}% ({i+1}/{len(items)})")
+        except Exception as e:
+            errors.append({"item": item, "error": str(e)})
+        # Avoid overwhelming the system
+        await asyncio.sleep(0.1)
+    return {
+        "total": len(items),
+        "successful": len(results),
+        "failed": len(errors),
+        "results": results,
+        "errors": errors,
+    }
+async def process_single_item(item: str, operation: str) -> str:
+    """Process a single item."""
+    await asyncio.sleep(0.5)  # Simulate work
+    return f"Processed {item} with {operation}"
+```
+---
+## Error Handling Pattern
+Consistent error responses:
+```python
+from enum import Enum
+from typing import Union
+class ErrorCode(Enum):
+    NOT_FOUND = "not_found"
+    INVALID_INPUT = "invalid_input"
+    UNAUTHORIZED = "unauthorized"
+    RATE_LIMITED = "rate_limited"
+    INTERNAL_ERROR = "internal_error"
+def error_response(
+    code: ErrorCode,
+    message: str,
+    details: dict = None
+) -> dict:
+    """Create a standardized error response."""
+    response = {
+        "success": False,
+        "error": {
+            "code": code.value,
+            "message": message,
+        }
+    }
+    if details:
+        response["error"]["details"] = details
+    return response
+def success_response(data: Union[dict, list]) -> dict:
+    """Create a standardized success response."""
+    return {
+        "success": True,
+        "data": data,
+    }
+# Usage
+@mcp.tool()
+def example_tool(id: str) -> dict:
+    """Example with standardized responses."""
+    if not id:
+        return error_response(
+            ErrorCode.INVALID_INPUT,
+            "ID is required"
+        )
+    item = load_item(id)
+    if not item:
+        return error_response(
+            ErrorCode.NOT_FOUND,
+            f"Item not found: {id}"
+        )
+    return success_response(item)
+```
+---
+## Best Practices Checklist
+### Before Publishing Your Tool
+- [ ] **Naming**: Verb_noun format (create_task, get_user)
+- [ ] **Description**: Clear, human-readable purpose
+- [ ] **Args**: All parameters have descriptions
+- [ ] **Validation**: Input is validated before processing
+- [ ] **Errors**: All error paths return helpful messages
+- [ ] **Output**: Structured JSON, consistent format
+- [ ] **Security**: Sensitive data not logged
+- [ ] **Limits**: Resource limits in place (file size, query results)
+- [ ] **Testing**: Unit tests for critical paths
+- [ ] **Documentation**: README explains usage
+---
+## Tool Naming Guidelines
+| ❌ Bad | ✅ Good | Why |
+|--------|---------|-----|
+| `do_thing` | `create_user` | Specific action + entity |
+| `process` | `parse_csv_file` | Clear what it does |
+| `handle_data` | `validate_email` | Single purpose |
+| `run` | `execute_query` | Descriptive |
+| `getData` | `get_user_profile` | snake_case, explicit |