crewly 1.11.6 → 1.12.1

package/packages/crewly-agent/src/runtime/in-process-log-buffer.ts

@@ -0,0 +1,317 @@
+/**
+ * In-Process Log Buffer
+ *
+ * Ring buffer that captures structured output from in-process Crewly Agent
+ * runtimes. Provides the same interface as PTY terminal capture so the
+ * frontend Side Terminal panel can display crewly-agent activity.
+ *
+ * Extends EventEmitter to support real-time WebSocket streaming of log entries
+ * to the frontend Side Terminal panel.
+ *
+ * Also persists log entries to disk at ~/.crewly/logs/sessions/{sessionName}.log,
+ * matching the file-based logging that PTY-based agents get via PtySessionBackend.
+ *
+ * @module services/agent/crewly-agent/in-process-log-buffer
+ */
+
+import { EventEmitter } from 'events';
+import * as fs from 'fs';
+import * as path from 'path';
+import * as os from 'os';
+/**
+ * Local copies of the OSS constants this module relies on — standalone
+ * crewly-agent must not depend on `crewly/backend/src/constants.ts`. Keep
+ * these path fragments in sync with the values OSS writes elsewhere (any
+ * code that reads back the same directory tree on disk).
+ */
+const CREWLY_CONSTANTS = {
+  PATHS: {
+    CREWLY_HOME: '.crewly',
+    LOGS_DIR: 'logs',
+  },
+} as const;
+
+const LOG_ROTATION_CONSTANTS = {
+  SESSIONS_LOG_DIR: 'sessions',
+} as const;
+
+/**
+ * Single log entry from an in-process agent session.
+ */
+export interface LogEntry {
+  /** ISO timestamp */
+  timestamp: string;
+  /** Log level */
+  level: 'info' | 'debug' | 'warn' | 'error';
+  /** Log message */
+  message: string;
+}
+
+/** Maximum number of entries to keep per session */
+const MAX_ENTRIES_PER_SESSION = 500;
+
+/**
+ * Singleton buffer that captures in-process agent output.
+ *
+ * Used by CrewlyAgentRuntimeService to log tool calls, responses,
+ * and errors. The terminal controller reads from this buffer when
+ * the requested session is an in-process agent (no PTY).
+ *
+ * Emits 'data' events with (sessionName, formattedLine) when new entries
+ * are appended, enabling real-time WebSocket streaming via TerminalGateway.
+ *
+ * @example
+ * ```typescript
+ * const buffer = InProcessLogBuffer.getInstance();
+ * buffer.append('crewly-assistant', 'info', 'Calling get_team_status tool...');
+ * const output = buffer.capture('crewly-assistant', 50);
+ *
+ * // Real-time streaming
+ * buffer.on('data', (sessionName, formattedLine) => {
+ *   console.log(`[${sessionName}] ${formattedLine}`);
+ * });
+ * ```
+ */
+export class InProcessLogBuffer extends EventEmitter {
+  private static instance: InProcessLogBuffer | null = null;
+  private sessions = new Map<string, LogEntry[]>();
+  /** File write streams for persisting logs to disk */
+  private logStreams = new Map<string, fs.WriteStream>();
+  /** Resolved path to ~/.crewly/logs/sessions/ */
+  private sessionLogsDir: string;
+
+  constructor() {
+    super();
+    this.sessionLogsDir = path.join(
+      os.homedir(),
+      CREWLY_CONSTANTS.PATHS.CREWLY_HOME,
+      CREWLY_CONSTANTS.PATHS.LOGS_DIR,
+      LOG_ROTATION_CONSTANTS.SESSIONS_LOG_DIR,
+    );
+    // Ensure directory exists (non-fatal if it fails)
+    try {
+      fs.mkdirSync(this.sessionLogsDir, { recursive: true });
+    } catch {
+      // Directory may already exist or be uncreatable — logging will be skipped
+    }
+  }
+
+  /**
+   * Get the singleton instance.
+   *
+   * @returns The shared InProcessLogBuffer instance
+   */
+  static getInstance(): InProcessLogBuffer {
+    if (!InProcessLogBuffer.instance) {
+      InProcessLogBuffer.instance = new InProcessLogBuffer();
+    }
+    return InProcessLogBuffer.instance;
+  }
+
+  /**
+   * Reset the singleton (for testing).
+   */
+  static resetInstance(): void {
+    if (InProcessLogBuffer.instance) {
+      // Close all open file streams
+      for (const stream of InProcessLogBuffer.instance.logStreams.values()) {
+        try { stream.end(); } catch { /* ignore */ }
+      }
+      InProcessLogBuffer.instance.logStreams.clear();
+      InProcessLogBuffer.instance.removeAllListeners();
+    }
+    InProcessLogBuffer.instance = null;
+  }
+
+  /**
+   * Format a log entry into a single display line.
+   *
+   * @param entry - The log entry to format
+   * @returns Formatted string like "[HH:MM:SS.mmm] ERROR: message"
+   */
+  private formatEntry(entry: LogEntry): string {
+    const ts = entry.timestamp.substring(11, 23); // HH:MM:SS.mmm
+    const prefix = entry.level === 'error' ? 'ERROR' : entry.level === 'warn' ? 'WARN' : entry.level === 'debug' ? 'DEBUG' : '';
+    return prefix ? `[${ts}] ${prefix}: ${entry.message}` : `[${ts}] ${entry.message}`;
+  }
+
+  /**
+   * Append a log entry for a session.
+   *
+   * Emits a 'data' event with the session name and formatted line for
+   * real-time WebSocket streaming.
+   *
+   * @param sessionName - In-process agent session name
+   * @param level - Log level
+   * @param message - Log message text
+   */
+  append(sessionName: string, level: LogEntry['level'], message: string): void {
+    if (!this.sessions.has(sessionName)) {
+      this.sessions.set(sessionName, []);
+    }
+    const entries = this.sessions.get(sessionName)!;
+    const entry: LogEntry = {
+      timestamp: new Date().toISOString(),
+      level,
+      message,
+    };
+    entries.push(entry);
+    // Ring buffer — drop oldest entries
+    if (entries.length > MAX_ENTRIES_PER_SESSION) {
+      entries.splice(0, entries.length - MAX_ENTRIES_PER_SESSION);
+    }
+
+    // Emit for real-time WebSocket streaming
+    const formattedLine = this.formatEntry(entry);
+    this.emit('data', sessionName, formattedLine);
+
+    // Persist to disk (fire-and-forget, non-blocking)
+    this.writeToFile(sessionName, entry, formattedLine);
+  }
+
+  /**
+   * Check if a session has any log entries.
+   *
+   * @param sessionName - Session to check
+   * @returns True if the session has been registered with at least one entry
+   */
+  hasSession(sessionName: string): boolean {
+    return this.sessions.has(sessionName);
+  }
+
+  /**
+   * Capture recent output from an in-process session, formatted like
+   * terminal output for frontend compatibility.
+   *
+   * @param sessionName - Session to capture from
+   * @param lines - Maximum number of lines to return
+   * @returns Formatted output string (one log entry per line)
+   */
+  capture(sessionName: string, lines = 100): string {
+    const entries = this.sessions.get(sessionName);
+    if (!entries || entries.length === 0) {
+      return '[crewly-agent] No output yet';
+    }
+    const slice = entries.slice(-lines);
+    return slice.map(e => this.formatEntry(e)).join('\n');
+  }
+
+  /**
+   * Register a session (creates empty entry list and opens a file log stream).
+   *
+   * @param sessionName - Session to register
+   */
+  registerSession(sessionName: string): void {
+    if (!this.sessions.has(sessionName)) {
+      this.sessions.set(sessionName, []);
+    }
+    this.openLogStream(sessionName);
+  }
+
+  /**
+   * Remove a session's log buffer and close its file stream.
+   * The log file is preserved on disk for post-mortem analysis.
+   *
+   * @param sessionName - Session to remove
+   */
+  removeSession(sessionName: string): void {
+    this.sessions.delete(sessionName);
+    this.closeLogStream(sessionName);
+  }
+
+  /**
+   * Get all registered in-process session names.
+   *
+   * @returns Array of session names
+   */
+  getSessionNames(): string[] {
+    return Array.from(this.sessions.keys());
+  }
+
+  /**
+   * Clear all sessions and close all file streams (for testing).
+   */
+  clear(): void {
+    this.sessions.clear();
+    for (const stream of this.logStreams.values()) {
+      try { stream.end(); } catch { /* ignore */ }
+    }
+    this.logStreams.clear();
+  }
+
+  // ===== Private file I/O helpers =====
+
+  /**
+   * Get the file path for a session's persistent log.
+   *
+   * @param sessionName - Session name
+   * @returns Absolute path to the log file
+   */
+  private getLogPath(sessionName: string): string {
+    return path.join(this.sessionLogsDir, `${sessionName}.log`);
+  }
+
+  /**
+   * Open a writable file stream for a session log.
+   * Appends a session marker so multiple runs are distinguishable.
+   *
+   * @param sessionName - Session name
+   */
+  private openLogStream(sessionName: string): void {
+    // Don't open duplicate streams
+    if (this.logStreams.has(sessionName)) return;
+
+    try {
+      const logPath = this.getLogPath(sessionName);
+      const fileExists = fs.existsSync(logPath);
+
+      const stream = fs.createWriteStream(logPath, { flags: 'a' });
+      stream.on('error', () => {
+        // Silently remove broken streams — disk logging is best-effort
+        this.logStreams.delete(sessionName);
+      });
+
+      const marker = fileExists ? 'RESTARTED' : 'STARTED';
+      stream.write(`\n--- SESSION ${marker} at ${new Date().toISOString()} ---\n\n`);
+
+      this.logStreams.set(sessionName, stream);
+    } catch {
+      // Non-fatal — in-memory buffer and WebSocket streaming still work
+    }
+  }
+
+  /**
+   * Close and remove the file stream for a session.
+   *
+   * @param sessionName - Session name
+   */
+  private closeLogStream(sessionName: string): void {
+    const stream = this.logStreams.get(sessionName);
+    if (stream) {
+      try {
+        stream.write(`\n--- SESSION ENDED at ${new Date().toISOString()} ---\n`);
+        stream.end();
+      } catch { /* ignore */ }
+      this.logStreams.delete(sessionName);
+    }
+  }
+
+  /**
+   * Write a formatted log entry to the session's file stream.
+   * Non-blocking, fire-and-forget — errors are silently ignored.
+   *
+   * @param sessionName - Session name
+   * @param entry - The log entry (for full timestamp in file)
+   * @param formattedLine - Pre-formatted display line
+   */
+  private writeToFile(sessionName: string, entry: LogEntry, formattedLine: string): void {
+    const stream = this.logStreams.get(sessionName);
+    if (!stream) return;
+
+    try {
+      stream.write(`${entry.timestamp} ${formattedLine}\n`);
+    } catch {
+      // Non-fatal — disk logging is best-effort
+    }
+  }
+}

package/packages/crewly-agent/src/runtime/index.ts

@@ -0,0 +1,38 @@
+/**
+ * Crewly Agent Runtime — Barrel Export
+ *
+ * Standalone runtime module. The OSS-side `CrewlyAgentRuntimeService`
+ * (in-process variant) intentionally does not exist here — this package
+ * IS the process; OSS spawns it as a subprocess and talks via the JSON
+ * protocol implemented in `cli.ts`.
+ *
+ * @module runtime
+ */
+
+export { AgentRunnerService } from './agent-runner.service.js';
+export { CrewlyApiClient } from './api-client.js';
+export { ModelManager } from './model-manager.js';
+export { InProcessLogBuffer, type LogEntry } from './in-process-log-buffer.js';
+export { createTools, getToolNames } from './tool-registry.js';
+export { createAuditorTools, getAuditorToolNames } from './auditor-tools.js';
+export { AuditTrailService } from './audit-trail.service.js';
+export { RateLimiter, RATE_LIMITER_DEFAULTS, type RateLimiterConfig } from './rate-limiter.js';
+export { createWebSearchTool, formatAsMarkdown } from './web-search.tool.js';
+export { loadCloudConfig, CloudNotLoggedInError, type CloudConfig } from './cloud-config.js';
+export {
+  type ModelProvider,
+  type ModelConfig,
+  type ConversationState,
+  type CrewlyAgentConfig,
+  type AgentRunResult,
+  type ToolCallRecord,
+  type ApiCallResult,
+  type AuditEntry,
+  type SecurityPolicy,
+  type AuditLogFilters,
+  MODEL_PROVIDERS,
+  CREWLY_AGENT_DEFAULTS,
+  WRITE_TOOLS,
+  isModelProvider,
+  isModelConfig,
+} from './types.js';

package/packages/crewly-agent/src/runtime/mcp-tool-bridge.test.ts

@@ -0,0 +1,352 @@
+/**
+ * Tests for MCP Tool Bridge
+ *
+ * Validates MCP tool conversion, naming, sensitivity classification,
+ * tool loading, and end-to-end execution via a mock MCP server.
+ */
+
+import { describe, it, expect, vi, type Mocked, type MockInstance } from 'vitest';
+import {
+  MCP_TOOL_PREFIX,
+  MCP_DEFAULT_SENSITIVITY,
+  jsonSchemaToZodPassthrough,
+  buildMcpToolName,
+  resolveSensitivity,
+  convertMcpTool,
+  loadMcpTools,
+  connectAndLoadMcpTools,
+} from './mcp-tool-bridge.js';
+import type { McpClientService, McpToolInfo, McpServerConfig } from '../../mcp-client.js';
+import type { ToolSensitivity } from './types.js';
+
+// ---------------------------------------------------------------------------
+// Mock MCP Client
+// ---------------------------------------------------------------------------
+
+/**
+ * Create a mock McpClientService with configurable tool lists.
+ */
+function createMockMcpClient(tools: McpToolInfo[] = []): McpClientService {
+  return {
+    connectServer: vi.fn<any>().mockResolvedValue(undefined),
+    disconnectServer: vi.fn<any>().mockResolvedValue(undefined),
+    disconnectAll: vi.fn<any>().mockResolvedValue(undefined),
+    listTools: vi.fn<any>().mockReturnValue(tools),
+    callTool: vi.fn<any>().mockResolvedValue({
+      content: [{ type: 'text', text: 'mock result' }],
+      isError: false,
+    }),
+    refreshTools: vi.fn<any>().mockResolvedValue(undefined),
+    getConnectedServers: vi.fn<any>().mockReturnValue(
+      [...new Set(tools.map(t => t.serverName))],
+    ),
+    isServerConnected: vi.fn<any>().mockReturnValue(true),
+    getServerStatuses: vi.fn<any>().mockReturnValue([]),
+    connectAll: vi.fn<any>().mockResolvedValue(new Map()),
+  } as unknown as McpClientService;
+}
+
+/** Sample MCP tool info for a filesystem read tool */
+const SAMPLE_TOOL: McpToolInfo = {
+  name: 'read_file',
+  description: 'Read the contents of a file',
+  inputSchema: {
+    type: 'object',
+    properties: {
+      path: { type: 'string', description: 'File path to read' },
+    },
+    required: ['path'],
+  },
+  serverName: 'filesystem',
+};
+
+/** Sample MCP tool info without description */
+const TOOL_NO_DESC: McpToolInfo = {
+  name: 'list_dir',
+  inputSchema: { type: 'object', properties: {} },
+  serverName: 'filesystem',
+};
+
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+
+describe('MCP Tool Bridge', () => {
+  describe('Constants', () => {
+    it('should have correct prefix', () => {
+      expect(MCP_TOOL_PREFIX).toBe('mcp_');
+    });
+
+    it('should default to sensitive classification', () => {
+      expect(MCP_DEFAULT_SENSITIVITY).toBe('sensitive');
+    });
+  });
+
+  describe('buildMcpToolName', () => {
+    it('should namespace tool names with server prefix', () => {
+      expect(buildMcpToolName('filesystem', 'read_file')).toBe('mcp_filesystem_read_file');
+    });
+
+    it('should handle different server names', () => {
+      expect(buildMcpToolName('github', 'create_issue')).toBe('mcp_github_create_issue');
+    });
+  });
+
+  describe('jsonSchemaToZodPassthrough', () => {
+    it('should create a schema from JSON Schema with properties', () => {
+      const schema = jsonSchemaToZodPassthrough({
+        type: 'object',
+        properties: {
+          path: { type: 'string', description: 'File path' },
+          encoding: { type: 'string' },
+        },
+      });
+      // Should parse without errors
+      const result = schema.safeParse({ path: '/tmp/test.txt', encoding: 'utf-8' });
+      expect(result.success).toBe(true);
+    });
+
+    it('should accept extra properties via passthrough', () => {
+      const schema = jsonSchemaToZodPassthrough({
+        type: 'object',
+        properties: {
+          path: { type: 'string', description: 'File path' },
+        },
+      });
+      const result = schema.safeParse({ path: '/tmp', extraKey: 'value' });
+      expect(result.success).toBe(true);
+    });
+
+    it('should fall back to record schema when no properties', () => {
+      const schema = jsonSchemaToZodPassthrough({ type: 'object' });
+      const result = schema.safeParse({ anything: 'goes' });
+      expect(result.success).toBe(true);
+    });
+
+    it('should handle empty properties object', () => {
+      const schema = jsonSchemaToZodPassthrough({
+        type: 'object',
+        properties: {},
+      });
+      const result = schema.safeParse({});
+      expect(result.success).toBe(true);
+    });
+  });
+
+  describe('resolveSensitivity', () => {
+    it('should return default sensitivity when no overrides', () => {
+      expect(resolveSensitivity('fs', 'read', undefined)).toBe('sensitive');
+    });
+
+    it('should return default sensitivity when no matching override', () => {
+      const overrides = { 'other:tool': 'safe' as ToolSensitivity };
+      expect(resolveSensitivity('fs', 'read', overrides)).toBe('sensitive');
+    });
+
+    it('should match server-specific override', () => {
+      const overrides = { 'fs:read': 'safe' as ToolSensitivity };
+      expect(resolveSensitivity('fs', 'read', overrides)).toBe('safe');
+    });
+
+    it('should match tool-level override', () => {
+      const overrides = { read: 'safe' as ToolSensitivity };
+      expect(resolveSensitivity('fs', 'read', overrides)).toBe('safe');
+    });
+
+    it('should prefer server-specific over tool-level override', () => {
+      const overrides = {
+        'fs:read': 'destructive' as ToolSensitivity,
+        read: 'safe' as ToolSensitivity,
+      };
+      expect(resolveSensitivity('fs', 'read', overrides)).toBe('destructive');
+    });
+  });
+
+  describe('convertMcpTool', () => {
+    it('should convert MCP tool info to ToolDefinition', () => {
+      const mcpClient = createMockMcpClient();
+      const tool = convertMcpTool(mcpClient, SAMPLE_TOOL);
+
+      expect(tool.description).toContain('[MCP:filesystem]');
+      expect(tool.description).toContain('Read the contents of a file');
+      expect(tool.sensitivity).toBe('sensitive');
+      expect(typeof tool.execute).toBe('function');
+      expect(tool.inputSchema).toBeDefined();
+    });
+
+    it('should use tool name as description fallback', () => {
+      const mcpClient = createMockMcpClient();
+      const tool = convertMcpTool(mcpClient, TOOL_NO_DESC);
+
+      expect(tool.description).toBe('[MCP:filesystem] list_dir');
+    });
+
+    it('should apply sensitivity overrides', () => {
+      const mcpClient = createMockMcpClient();
+      const tool = convertMcpTool(mcpClient, SAMPLE_TOOL, {
+        'filesystem:read_file': 'safe',
+      });
+
+      expect(tool.sensitivity).toBe('safe');
+    });
+
+    it('should call mcpClient.callTool on execute', async () => {
+      const mcpClient = createMockMcpClient();
+      const tool = convertMcpTool(mcpClient, SAMPLE_TOOL);
+
+      const result = await tool.execute({ path: '/tmp/test.txt' });
+
+      expect(mcpClient.callTool).toHaveBeenCalledWith(
+        'filesystem',
+        'read_file',
+        { path: '/tmp/test.txt' },
+      );
+      // Single text content should be flattened
+      expect(result).toEqual({ success: true, text: 'mock result' });
+    });
+
+    it('should return full content for multi-block results', async () => {
+      const mcpClient = createMockMcpClient();
+      (mcpClient.callTool as MockedFunction<any>).mockResolvedValue({
+        content: [
+          { type: 'text', text: 'line 1' },
+          { type: 'text', text: 'line 2' },
+        ],
+        isError: false,
+      });
+      const tool = convertMcpTool(mcpClient, SAMPLE_TOOL);
+
+      const result = await tool.execute({ path: '/tmp/test.txt' }) as Record<string, unknown>;
+
+      expect(result.success).toBe(true);
+      expect(result.content).toHaveLength(2);
+    });
+
+    it('should handle error results from MCP server', async () => {
+      const mcpClient = createMockMcpClient();
+      (mcpClient.callTool as MockedFunction<any>).mockResolvedValue({
+        content: [{ type: 'text', text: 'Permission denied' }],
+        isError: true,
+      });
+      const tool = convertMcpTool(mcpClient, SAMPLE_TOOL);
+
+      const result = await tool.execute({ path: '/root/secret' }) as Record<string, unknown>;
+
+      expect(result.success).toBe(false);
+      expect(result.error).toBe('MCP tool returned an error');
+    });
+
+    it('should return error result when callTool throws', async () => {
+      const mcpClient = createMockMcpClient();
+      (mcpClient.callTool as MockedFunction<any>).mockRejectedValue(new Error('Connection lost'));
+      const tool = convertMcpTool(mcpClient, SAMPLE_TOOL);
+
+      const result = await tool.execute({ path: '/tmp' }) as { success: boolean; error: string };
+      expect(result.success).toBe(false);
+      expect(result.error).toContain('Connection lost');
+    });
+  });
+
+  describe('loadMcpTools', () => {
+    it('should load tools from all connected servers', () => {
+      const tools: McpToolInfo[] = [
+        SAMPLE_TOOL,
+        { name: 'write_file', description: 'Write a file', inputSchema: { type: 'object', properties: {} }, serverName: 'filesystem' },
+        { name: 'create_issue', description: 'Create GitHub issue', inputSchema: { type: 'object', properties: {} }, serverName: 'github' },
+      ];
+      const mcpClient = createMockMcpClient(tools);
+
+      const result = loadMcpTools(mcpClient);
+
+      expect(Object.keys(result)).toEqual([
+        'mcp_filesystem_read_file',
+        'mcp_filesystem_write_file',
+        'mcp_github_create_issue',
+      ]);
+    });
+
+    it('should return empty map when no tools available', () => {
+      const mcpClient = createMockMcpClient([]);
+      const result = loadMcpTools(mcpClient);
+      expect(Object.keys(result)).toHaveLength(0);
+    });
+
+    it('should apply sensitivity overrides to loaded tools', () => {
+      const mcpClient = createMockMcpClient([SAMPLE_TOOL]);
+      const result = loadMcpTools(mcpClient, {
+        'filesystem:read_file': 'safe',
+      });
+
+      expect(result['mcp_filesystem_read_file'].sensitivity).toBe('safe');
+    });
+
+    it('should default all tools to sensitive classification', () => {
+      const mcpClient = createMockMcpClient([SAMPLE_TOOL, TOOL_NO_DESC]);
+      const result = loadMcpTools(mcpClient);
+
+      for (const tool of Object.values(result)) {
+        expect(tool.sensitivity).toBe('sensitive');
+      }
+    });
+  });
+
+  describe('connectAndLoadMcpTools', () => {
+    it('should connect to servers and load tools', async () => {
+      const tools: McpToolInfo[] = [SAMPLE_TOOL];
+      const mcpClient = createMockMcpClient(tools);
+      const configs: Record<string, McpServerConfig> = {
+        filesystem: { command: 'npx', args: ['-y', '@anthropic/mcp-filesystem'] },
+      };
+
+      const { tools: loaded, errors } = await connectAndLoadMcpTools(mcpClient, configs);
+
+      expect(mcpClient.connectAll).toHaveBeenCalledWith(configs);
+      expect(Object.keys(loaded)).toContain('mcp_filesystem_read_file');
+      expect(errors.size).toBe(0);
+    });
+
+    it('should return errors for failed connections', async () => {
+      const mcpClient = createMockMcpClient([]);
+      const failError = new Error('spawn ENOENT');
+      (mcpClient.connectAll as MockedFunction<any>).mockResolvedValue(
+        new Map([['badserver', failError]]),
+      );
+
+      const { errors } = await connectAndLoadMcpTools(mcpClient, {
+        badserver: { command: 'nonexistent' },
+      });
+
+      expect(errors.size).toBe(1);
+      expect(errors.get('badserver')?.message).toBe('spawn ENOENT');
+    });
+
+    it('should still load tools from servers that connected successfully', async () => {
+      const tools: McpToolInfo[] = [SAMPLE_TOOL];
+      const mcpClient = createMockMcpClient(tools);
+      (mcpClient.connectAll as MockedFunction<any>).mockResolvedValue(
+        new Map([['badserver', new Error('fail')]]),
+      );
+
+      const { tools: loaded } = await connectAndLoadMcpTools(mcpClient, {
+        filesystem: { command: 'npx', args: [] },
+        badserver: { command: 'nonexistent' },
+      });
+
+      // filesystem tools should still be loaded
+      expect(Object.keys(loaded)).toContain('mcp_filesystem_read_file');
+    });
+
+    it('should pass sensitivity overrides through', async () => {
+      const mcpClient = createMockMcpClient([SAMPLE_TOOL]);
+      const overrides = { 'filesystem:read_file': 'safe' as ToolSensitivity };
+
+      const { tools: loaded } = await connectAndLoadMcpTools(
+        mcpClient,
+        { filesystem: { command: 'npx' } },
+        overrides,
+      );
+
+      expect(loaded['mcp_filesystem_read_file'].sensitivity).toBe('safe');
+    });
+  });
+});