@probelabs/probe 0.6.0-rc207 → 0.6.0-rc209

package/src/agent/mcp/config.js

@@ -29,6 +29,61 @@ export function validateTimeout(value) {
   return Math.min(num, MAX_TIMEOUT); // Cap at max timeout
 }
 
+/**
+ * Validate and normalize method filter configuration
+ * @param {Object} serverConfig - Server configuration
+ * @param {string} serverName - Server name for logging
+ * @returns {Object} Object with allowedMethods and blockedMethods (null if not configured)
+ */
+export function validateMethodFilter(serverConfig, serverName = 'unknown') {
+  const result = { allowedMethods: null, blockedMethods: null };
+  const debug = process.env.DEBUG === '1' || process.env.DEBUG_MCP === '1';
+
+  // Check if both are specified - allowedMethods takes precedence
+  if (serverConfig.allowedMethods && serverConfig.blockedMethods) {
+    console.error(`[MCP WARN] Server '${serverName}' has both allowedMethods and blockedMethods - using allowedMethods only`);
+  }
+
+  // Process allowedMethods
+  if (serverConfig.allowedMethods) {
+    if (!Array.isArray(serverConfig.allowedMethods)) {
+      console.error(`[MCP WARN] Server '${serverName}' allowedMethods must be an array, ignoring`);
+    } else {
+      const validMethods = serverConfig.allowedMethods.filter(m => typeof m === 'string' && m.length > 0);
+      if (validMethods.length !== serverConfig.allowedMethods.length) {
+        console.error(`[MCP WARN] Server '${serverName}' allowedMethods contains non-string values, skipping those`);
+      }
+      if (validMethods.length > 0) {
+        result.allowedMethods = validMethods;
+        if (debug) {
+          console.error(`[MCP DEBUG] Server '${serverName}' allowedMethods: ${validMethods.join(', ')}`);
+        }
+      }
+    }
+    return result; // If allowedMethods is specified (even if invalid), don't process blockedMethods
+  }
+
+  // Process blockedMethods (only if allowedMethods not specified)
+  if (serverConfig.blockedMethods) {
+    if (!Array.isArray(serverConfig.blockedMethods)) {
+      console.error(`[MCP WARN] Server '${serverName}' blockedMethods must be an array, ignoring`);
+    } else {
+      const validMethods = serverConfig.blockedMethods.filter(m => typeof m === 'string' && m.length > 0);
+      if (validMethods.length !== serverConfig.blockedMethods.length) {
+        console.error(`[MCP WARN] Server '${serverName}' blockedMethods contains non-string values, skipping those`);
+      }
+      if (validMethods.length > 0) {
+        result.blockedMethods = validMethods;
+        if (debug) {
+          console.error(`[MCP DEBUG] Server '${serverName}' blockedMethods: ${validMethods.join(', ')}`);
+        }
+      }
+    }
+  }
+
+  return result;
+}
+
 /**
  * Default MCP configuration structure
  */
@@ -187,6 +242,16 @@ function mergeWithEnvironment(config) {
             console.error(`[MCP WARN] Invalid timeout value for ${normalizedName}: ${value}`);
           }
           break;
+        case 'ALLOWLIST':
+          // Comma-separated list of allowed method names (supports wildcards)
+          // e.g., MCP_SERVERS_MYSERVER_ALLOWLIST=method1,method2,prefix_*
+          config.mcpServers[normalizedName].allowedMethods = value.split(',').map(m => m.trim()).filter(Boolean);
+          break;
+        case 'BLOCKLIST':
+          // Comma-separated list of blocked method names (supports wildcards)
+          // e.g., MCP_SERVERS_MYSERVER_BLOCKLIST=dangerous_*,risky_method
+          config.mcpServers[normalizedName].blockedMethods = value.split(',').map(m => m.trim()).filter(Boolean);
+          break;
       }
     }
   }
@@ -256,6 +321,11 @@ export function parseEnabledServers(config) {
       server.timeout = validatedTimeout;
     }
 
+    // Validate and normalize method filter configuration
+    const methodFilter = validateMethodFilter(serverConfig, name);
+    server.allowedMethods = methodFilter.allowedMethods;
+    server.blockedMethods = methodFilter.blockedMethods;
+
     servers.push(server);
   }
 
@@ -321,6 +391,22 @@ export function createSampleConfig() {
         enabled: false,
         timeout: 120000,
         description: 'Example server with custom 2-minute timeout (overrides global setting)'
+      },
+      'filtered-server-example': {
+        command: 'npx',
+        args: ['-y', '@example/mcp-server'],
+        transport: 'stdio',
+        enabled: false,
+        allowedMethods: ['safe_read', 'safe_query'],
+        description: 'Example server with method allowlist - only safe_read and safe_query are available'
+      },
+      'blocklist-server-example': {
+        command: 'npx',
+        args: ['-y', '@example/mcp-server'],
+        transport: 'stdio',
+        enabled: false,
+        blockedMethods: ['dangerous_delete', 'dangerous_*'],
+        description: 'Example server with method blocklist - all methods except dangerous ones (supports wildcards)'
       }
     },
     // Global settings (apply to all servers unless overridden per-server)
@@ -356,6 +442,7 @@ export default {
   createSampleConfig,
   saveConfig,
   validateTimeout,
+  validateMethodFilter,
   DEFAULT_TIMEOUT,
   MAX_TIMEOUT
 };

package/src/agent/mcp/xmlBridge.js

@@ -127,6 +127,7 @@ export function parseXmlMcpToolCall(xmlString, mcpToolNames = []) {
 export class MCPXmlBridge {
   constructor(options = {}) {
     this.debug = options.debug || false;
+    this.tracer = options.tracer || null;
     this.mcpTools = {};
     this.mcpManager = null;
     this.xmlDefinitions = {};
@@ -179,8 +180,8 @@ export class MCPXmlBridge {
         console.error('[MCP DEBUG] Initializing MCP client manager...');
       }
 
-      // Initialize the MCP client manager
-      this.mcpManager = new MCPClientManager({ debug: this.debug });
+      // Initialize the MCP client manager with tracer support
+      this.mcpManager = new MCPClientManager({ debug: this.debug, tracer: this.tracer });
       const result = await this.mcpManager.initialize(mcpConfigs);
 
       // Get tools from the manager
@@ -211,11 +212,20 @@ export class MCPXmlBridge {
   }
 
   /**
-   * Get all XML tool definitions for inclusion in system prompt
+   * Get XML tool definitions for inclusion in system prompt
+   * @param {Array<string>|null} filterToolNames - Optional list of tool names to include (if null, include all)
    * @returns {string} Combined XML tool definitions
    */
-  getXmlToolDefinitions() {
-    return Object.values(this.xmlDefinitions).join('\n\n');
+  getXmlToolDefinitions(filterToolNames = null) {
+    if (filterToolNames === null) {
+      return Object.values(this.xmlDefinitions).join('\n\n');
+    }
+
+    // Filter definitions based on provided tool names
+    return Object.entries(this.xmlDefinitions)
+      .filter(([name]) => filterToolNames.includes(name))
+      .map(([, def]) => def)
+      .join('\n\n');
   }
 
   /**

package/src/agent/simpleTelemetry.js

@@ -231,6 +231,32 @@ export class SimpleAppTracer {
     });
   }
 
+  /**
+   * Record MCP (Model Context Protocol) events
+   * Tracks server connections, tool discovery, method filtering, and tool execution
+   */
+  recordMcpEvent(eventType, data = {}) {
+    if (!this.isEnabled()) return;
+
+    this.addEvent(`mcp.${eventType}`, {
+      'session.id': this.sessionId,
+      ...data
+    });
+  }
+
+  /**
+   * Record bash tool events
+   * Tracks command permission checks, allowed/denied commands, and execution
+   */
+  recordBashEvent(eventType, data = {}) {
+    if (!this.isEnabled()) return;
+
+    this.addEvent(`bash.${eventType}`, {
+      'session.id': this.sessionId,
+      ...data
+    });
+  }
+
   setAttributes(attributes) {
     // For simplicity, just log attributes when no active span
     if (this.telemetry && this.telemetry.enableConsole) {

package/src/tools/bash.js

@@ -31,16 +31,18 @@ export const bashTool = (options = {}) => {
     bashConfig = {},
     debug = false,
     cwd,
-    allowedFolders = []
+    allowedFolders = [],
+    tracer = null
   } = options;
 
-  // Create permission checker
+  // Create permission checker with tracer for telemetry
   const permissionChecker = new BashPermissionChecker({
     allow: bashConfig.allow,
     deny: bashConfig.deny,
     disableDefaultAllow: bashConfig.disableDefaultAllow,
     disableDefaultDeny: bashConfig.disableDefaultDeny,
-    debug
+    debug,
+    tracer
   });
 
   // Determine default working directory