@vellumai/assistant 0.3.20 → 0.3.22

package/src/mcp/manager.ts

@@ -0,0 +1,139 @@
+import type { McpConfig, McpServerConfig } from '../config/mcp-schema.js';
+import { getLogger } from '../util/logger.js';
+import { McpClient, type McpToolInfo } from './client.js';
+
+const log = getLogger('mcp-manager');
+
+export interface McpServerToolInfo {
+  serverId: string;
+  serverConfig: McpServerConfig;
+  tools: McpToolInfo[];
+}
+
+export class McpServerManager {
+  private clients = new Map<string, McpClient>();
+  private serverConfigs = new Map<string, McpServerConfig>();
+
+  async start(config: McpConfig): Promise<McpServerToolInfo[]> {
+    const results: McpServerToolInfo[] = [];
+
+    console.log(`[MCP] Starting ${Object.keys(config.servers).length} server(s)...`);
+    for (const [serverId, serverConfig] of Object.entries(config.servers)) {
+      if (!serverConfig.enabled) {
+        console.log(`[MCP] Server "${serverId}" is disabled, skipping`);
+        log.info({ serverId }, 'MCP server disabled, skipping');
+        continue;
+      }
+
+      try {
+        console.log(`[MCP] Starting server "${serverId}" (transport: ${serverConfig.transport.type})`);
+        const client = new McpClient(serverId);
+        await client.connect(serverConfig.transport);
+        this.clients.set(serverId, client);
+        this.serverConfigs.set(serverId, serverConfig);
+
+        let tools = await client.listTools();
+        log.info({ serverId, toolCount: tools.length }, 'MCP server tools discovered');
+
+        // Apply tool filtering
+        tools = this.filterTools(tools, serverConfig);
+
+        // Apply per-server maxTools limit
+        if (tools.length > serverConfig.maxTools) {
+          log.warn(
+            { serverId, discovered: tools.length, max: serverConfig.maxTools },
+            'MCP server exceeded maxTools limit, truncating',
+          );
+          tools = tools.slice(0, serverConfig.maxTools);
+        }
+
+        results.push({ serverId, serverConfig, tools });
+      } catch (err) {
+        console.error(`[MCP] Failed to connect to server "${serverId}":`, err);
+        log.error({ err, serverId }, 'Failed to connect to MCP server');
+        // Clean up any partially-connected client
+        const staleClient = this.clients.get(serverId);
+        if (staleClient) {
+          try { await staleClient.disconnect(); } catch { /* ignore */ }
+          this.clients.delete(serverId);
+          this.serverConfigs.delete(serverId);
+        }
+      }
+    }
+
+    // Apply global max tools limit
+    const totalTools = results.reduce((sum, r) => sum + r.tools.length, 0);
+    if (totalTools > config.globalMaxTools) {
+      log.warn(
+        { totalTools, globalMax: config.globalMaxTools },
+        'Total MCP tools exceed globalMaxTools, truncating',
+      );
+      let remaining = config.globalMaxTools;
+      for (const result of results) {
+        if (remaining <= 0) {
+          result.tools = [];
+        } else if (result.tools.length > remaining) {
+          result.tools = result.tools.slice(0, remaining);
+        }
+        remaining -= result.tools.length;
+      }
+    }
+
+    return results;
+  }
+
+  async stop(): Promise<void> {
+    const disconnects = Array.from(this.clients.values()).map((client) =>
+      client.disconnect().catch((err) => {
+        log.warn({ err, serverId: client.serverId }, 'Error disconnecting MCP server');
+      }),
+    );
+    await Promise.all(disconnects);
+    this.clients.clear();
+    this.serverConfigs.clear();
+    log.info('All MCP servers disconnected');
+  }
+
+  async callTool(serverId: string, toolName: string, args: Record<string, unknown>) {
+    const client = this.clients.get(serverId);
+    if (!client) {
+      throw new Error(`MCP server "${serverId}" not found`);
+    }
+    return client.callTool(toolName, args);
+  }
+
+  getClient(serverId: string): McpClient | undefined {
+    return this.clients.get(serverId);
+  }
+
+  private filterTools(tools: McpToolInfo[], config: McpServerConfig): McpToolInfo[] {
+    let filtered = tools;
+
+    if (config.allowedTools) {
+      const allowed = new Set(config.allowedTools);
+      filtered = filtered.filter((t) => allowed.has(t.name));
+    }
+
+    if (config.blockedTools) {
+      const blocked = new Set(config.blockedTools);
+      filtered = filtered.filter((t) => !blocked.has(t.name));
+    }
+
+    return filtered;
+  }
+}
+
+// Singleton instance
+let instance: McpServerManager | null = null;
+
+export function getMcpServerManager(): McpServerManager {
+  if (!instance) {
+    instance = new McpServerManager();
+  }
+  return instance;
+}
+
+/** Reset singleton for testing. */
+export function __resetMcpManagerForTesting(): void {
+  instance = null;
+}

package/src/runtime/routes/identity-routes.ts

@@ -3,6 +3,7 @@
  */
 
 import { existsSync, readFileSync, statfsSync,statSync } from 'node:fs';
+import { cpus, totalmem } from 'node:os';
 import { dirname,join } from 'node:path';
 import { fileURLToPath } from 'node:url';
 
@@ -36,6 +37,76 @@ function getDiskSpaceInfo(): DiskSpaceInfo | null {
   }
 }
 
+interface MemoryInfo {
+  currentMb: number;
+  maxMb: number;
+}
+
+// Read the container memory limit from cgroups if available, falling back to host total.
+// cgroups v2: /sys/fs/cgroup/memory.max (returns "max" when unlimited)
+// cgroups v1: /sys/fs/cgroup/memory/memory.limit_in_bytes (large sentinel when unlimited)
+function getContainerMemoryLimitBytes(): number | null {
+  try {
+    const v2 = readFileSync('/sys/fs/cgroup/memory.max', 'utf-8').trim();
+    if (v2 !== 'max') {
+      const bytes = parseInt(v2, 10);
+      if (!isNaN(bytes) && bytes > 0) return bytes;
+    }
+  } catch { /* not available */ }
+  try {
+    const v1 = readFileSync('/sys/fs/cgroup/memory/memory.limit_in_bytes', 'utf-8').trim();
+    const bytes = parseInt(v1, 10);
+    // cgroups v1 uses a near-INT64_MAX sentinel when no limit is set
+    if (!isNaN(bytes) && bytes > 0 && bytes < totalmem() * 1.5) return bytes;
+  } catch { /* not available */ }
+  return null;
+}
+
+function getMemoryInfo(): MemoryInfo {
+  const bytesToMb = (b: number) => Math.round((b / (1024 * 1024)) * 100) / 100;
+  return {
+    currentMb: bytesToMb(process.memoryUsage().rss),
+    maxMb: bytesToMb(getContainerMemoryLimitBytes() ?? totalmem()),
+  };
+}
+
+interface CpuInfo {
+  currentPercent: number;
+  maxCores: number;
+}
+
+// Track CPU usage over a rolling window so /healthz reports near-real-time
+// utilization instead of a lifetime average (total CPU time / total uptime).
+const CPU_SAMPLE_INTERVAL_MS = 5_000;
+let _lastCpuUsage: NodeJS.CpuUsage = process.cpuUsage();
+let _lastCpuTime: number = Date.now();
+let _cachedCpuPercent = 0;
+
+// Kick off the background sampler. unref() so it never prevents process exit.
+setInterval(() => {
+  const now = Date.now();
+  const newUsage = process.cpuUsage();
+  const elapsedMs = now - _lastCpuTime;
+  if (elapsedMs > 0) {
+    const deltaCpuUs =
+      (newUsage.user - _lastCpuUsage.user) +
+      (newUsage.system - _lastCpuUsage.system);
+    const deltaCpuMs = deltaCpuUs / 1000;
+    const numCores = cpus().length;
+    _cachedCpuPercent =
+      Math.round((deltaCpuMs / (elapsedMs * numCores)) * 10000) / 100;
+  }
+  _lastCpuUsage = newUsage;
+  _lastCpuTime = now;
+}, CPU_SAMPLE_INTERVAL_MS).unref();
+
+function getCpuInfo(): CpuInfo {
+  return {
+    currentPercent: _cachedCpuPercent,
+    maxCores: cpus().length,
+  };
+}
+
 function getPackageVersion(): string | undefined {
   try {
     const pkgPath = join(dirname(fileURLToPath(import.meta.url)), '../../../package.json');
@@ -52,6 +123,8 @@ export function handleHealth(): Response {
     timestamp: new Date().toISOString(),
     version: getPackageVersion(),
     disk: getDiskSpaceInfo(),
+    memory: getMemoryInfo(),
+    cpu: getCpuInfo(),
   });
 }
 

package/src/tools/mcp/mcp-tool-factory.ts

@@ -0,0 +1,100 @@
+import type { McpServerConfig } from '../../config/mcp-schema.js';
+import type { McpServerManager } from '../../mcp/manager.js';
+import { RiskLevel } from '../../permissions/types.js';
+import type { ToolDefinition } from '../../providers/types.js';
+import type { Tool, ToolContext, ToolExecutionResult } from '../types.js';
+
+const riskMap: Record<string, RiskLevel> = {
+  low: RiskLevel.Low,
+  medium: RiskLevel.Medium,
+  high: RiskLevel.High,
+};
+
+/**
+ * Create a namespaced tool name to prevent collisions across MCP servers
+ * and with core/skill tools.
+ */
+export function mcpToolName(serverId: string, toolName: string): string {
+  return `mcp__${serverId}__${toolName}`;
+}
+
+/**
+ * Parse a namespaced MCP tool name back into serverId and original tool name.
+ * Returns null if the name doesn't match the MCP naming convention.
+ */
+export function parseMcpToolName(name: string): { serverId: string; toolName: string } | null {
+  if (!name.startsWith('mcp__')) return null;
+  const prefixRemoved = name.slice(5); // remove 'mcp__'
+  const firstSep = prefixRemoved.indexOf('__');
+  if (firstSep === -1) return null;
+  return {
+    serverId: prefixRemoved.slice(0, firstSep),
+    toolName: prefixRemoved.slice(firstSep + 2),
+  };
+}
+
+export interface McpToolMetadata {
+  name: string;
+  description: string;
+  inputSchema: Record<string, unknown>;
+}
+
+/**
+ * Create a Tool object from MCP tool metadata.
+ * The tool delegates execution to the McpServerManager.
+ */
+export function createMcpTool(
+  metadata: McpToolMetadata,
+  serverId: string,
+  serverConfig: McpServerConfig,
+  manager: McpServerManager,
+): Tool {
+  const namespacedName = mcpToolName(serverId, metadata.name);
+  const riskLevel = riskMap[serverConfig.defaultRiskLevel] ?? RiskLevel.High;
+
+  return {
+    name: namespacedName,
+    description: metadata.description,
+    category: 'mcp',
+    defaultRiskLevel: riskLevel,
+    origin: 'mcp',
+    ownerMcpServerId: serverId,
+    executionTarget: 'host',
+
+    getDefinition(): ToolDefinition {
+      return {
+        name: namespacedName,
+        description: metadata.description,
+        input_schema: metadata.inputSchema as ToolDefinition['input_schema'],
+      };
+    },
+
+    async execute(input: Record<string, unknown>, _context: ToolContext): Promise<ToolExecutionResult> {
+      try {
+        const result = await manager.callTool(serverId, metadata.name, input);
+        return {
+          content: result.content,
+          isError: result.isError,
+        };
+      } catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        return {
+          content: `MCP tool execution failed: ${message}`,
+          isError: true,
+        };
+      }
+    },
+  };
+}
+
+/**
+ * Create Tool objects from all tools provided by an MCP server.
+ */
+export function createMcpToolsFromServer(
+  tools: McpToolMetadata[],
+  serverId: string,
+  serverConfig: McpServerConfig,
+  manager: McpServerManager,
+): Tool[] {
+  return tools.map((tool) => createMcpTool(tool, serverId, serverConfig, manager));
+}

package/src/tools/registry.ts

@@ -121,7 +121,7 @@ export function registerSkillTools(newTools: Tool[]): Tool[] {
   for (const tool of newTools) {
     const existing = tools.get(tool.name);
     if (existing) {
-      const existingIsCore = existing.origin !== 'skill';
+      const existingIsCore = existing.origin === 'core' || !existing.origin;
       if (existingIsCore) {
         log.warn(
           { toolName: tool.name, skillId: tool.ownerSkillId },
@@ -176,6 +176,69 @@ export function unregisterSkillTools(skillId: string): void {
   }
 }
 
+/**
+ * Register multiple MCP-origin tools at once.
+ * Skips any tool whose name collides with a core tool (logs a warning).
+ * Throws if a tool name collides with a tool owned by a different MCP server.
+ */
+export function registerMcpTools(newTools: Tool[]): Tool[] {
+  const accepted: Tool[] = [];
+  for (const tool of newTools) {
+    const existing = tools.get(tool.name);
+    if (existing) {
+      const existingIsCore = existing.origin === 'core' || !existing.origin;
+      if (existingIsCore) {
+        log.warn(
+          { toolName: tool.name, serverId: tool.ownerMcpServerId },
+          `MCP server "${tool.ownerMcpServerId}" tried to register tool "${tool.name}" which conflicts with a core tool. Skipping.`,
+        );
+        continue;
+      }
+      if (existing.origin === 'skill') {
+        log.warn(
+          { toolName: tool.name, serverId: tool.ownerMcpServerId, skillId: existing.ownerSkillId },
+          `MCP server "${tool.ownerMcpServerId}" tried to register tool "${tool.name}" which conflicts with skill tool from "${existing.ownerSkillId}". Skipping.`,
+        );
+        continue;
+      }
+      if (existing.origin === 'mcp' && existing.ownerMcpServerId !== tool.ownerMcpServerId) {
+        throw new Error(
+          `MCP tool "${tool.name}" is already registered by MCP server "${existing.ownerMcpServerId}"`,
+        );
+      }
+    }
+    accepted.push(tool);
+  }
+
+  for (const tool of accepted) {
+    tools.set(tool.name, tool);
+    log.info({ name: tool.name, ownerMcpServerId: tool.ownerMcpServerId }, 'MCP tool registered');
+  }
+
+  return accepted;
+}
+
+/**
+ * Unregister all tools belonging to a specific MCP server.
+ */
+export function unregisterMcpTools(serverId: string): void {
+  for (const [name, tool] of tools) {
+    if (tool.origin === 'mcp' && tool.ownerMcpServerId === serverId) {
+      tools.delete(name);
+      log.info({ name, serverId }, 'MCP tool unregistered');
+    }
+  }
+}
+
+/**
+ * Return the names of all currently registered MCP-origin tools.
+ */
+export function getMcpToolNames(): string[] {
+  return Array.from(tools.values())
+    .filter((t) => t.origin === 'mcp')
+    .map((t) => t.name);
+}
+
 /**
  * Return the names of all currently registered skill-origin tools.
  */

package/src/tools/types.ts

@@ -170,10 +170,12 @@ export interface Tool {
   defaultRiskLevel: RiskLevel;
   /** When set to 'proxy', the tool is forwarded to a connected client rather than executed locally. */
   executionMode?: 'local' | 'proxy';
-  /** Whether this tool is a core built-in or provided by a skill. */
-  origin?: 'core' | 'skill';
+  /** Whether this tool is a core built-in, provided by a skill, or from an MCP server. */
+  origin?: 'core' | 'skill' | 'mcp';
   /** If origin is 'skill', the ID of the owning skill. */
   ownerSkillId?: string;
+  /** If origin is 'mcp', the ID of the owning MCP server. */
+  ownerMcpServerId?: string;
   /** Content-hash of the owning skill's source at registration time. */
   ownerSkillVersionHash?: string;
   /** Whether the owning skill is bundled with the daemon (trusted first-party). */