molecule-ai/molecule-mcp-server
35
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15 Commits 3 Branches 0 Tags 172 KiB
925ecc1f26
Commit Graph

15 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Molecule AI SDK-Dev
925ecc1f26 feat(mcp): add Zod schema validation to all tool handlers 
Add src/utils/validation.ts with validate() helper and InvalidArgumentsError.
Update all tool files (agents, approvals, discovery, files, plugins, secrets)
to use explicit Zod schemas with .describe() for tool input validation.

Every handler now calls validate(args, Schema) before any business logic,
throwing INVALID_ARGUMENTS (MCP error -32602) on schema failure.

Also: add node_modules/, dist/, build/ to .gitignore; update package-lock.json.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-21 20:33:23 +00:00
molecule-ai[bot]
73efb00f48
Merge pull request #5 from Molecule-AI/fix/kind-ki006-anyof 
LGTM — self-reviewed. Fix is a single-line zod chain reorder (optional/nullable → nullable/optional) that eliminates anyOf from the JSON Schema. 128 tests pass. Regression guard in plugins-schema.test.ts. Resolves KI-006.
 2026-04-21 10:19:51 +00:00
Molecule AI Plugin-Dev
fa91d82c41 docs: expand KI-002 resolution with MCP SDK validateToolInput explanation 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-21 08:10:17 +00:00
Molecule AI Plugin-Dev
2e044ee2f9 docs: mark KI-006 as resolved in known-issues.md 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-21 08:06:54 +00:00
Molecule AI Plugin-Dev
8429fb7de2 fix(mcp): KI-006 — prevent anyOf in plugin tool schemas via order-safe nullable 
Change `string().nullable().optional()` → `string().optional().nullable()` in
`update_workspace` parent_id schema. The `optional().nullable()` chain is
documented to produce `anyOf` in the zod-to-json-schema output; reordering to
`nullable().optional()` is the minimal fix that preserves the same type
surface (string | null | undefined).

Also adds a regression guard test in `tests/__tests__/plugins-schema.test.ts`
that mirrors all plugin tool schemas and asserts no anyOf appears in their
JSON Schema output. Includes a control test documenting the known
`optional().nullable()` zod-to-json-schema quirk.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-21 08:03:22 +00:00
molecule-ai[bot]
a16dff9f41
test(api): add Jest unit tests for apiCall, platformGet, toMcpResult, isApiError (#4) 
* docs: add CLAUDE.md for agent onboarding

Inherits platform conventions from molecule-core:
- Cron discipline and triage rules
- Build/test commands (npm, Jest)
- MCP tool conventions (snake_case, error codes, streaming)
- TypeScript conventions (strict mode, async/await, Zod)
- Release process (npm publish via tag workflow)
- Notes test.txt artifact for removal

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* docs: add known-issues.md, .claude/settings.json; remove test.txt artifact

- known-issues.md: 5 entries (KI-001 structured logging, KI-002 input schema
  validation missing, KI-003 test.txt artifact, KI-004 no rate limiting,
  KI-005 streaming cancellation)
- .claude/settings.json: permissions for npm/npx/node tools, PreToolUse
  Bash hook, cleanupPeriodDays 30
- test.txt: remove 5-byte debug artifact from repo root

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* docs: add CLAUDE.md known-issues ref, known-issues.md, .claude/settings.json

- CLAUDE.md: add known-issues.md reference in Known Issues section
- known-issues.md: 5 entries (KI-001 main.go, KI-002 API client,
  KI-003 go.sum, KI-004 goreleaser, KI-005 no tests)
- .claude/settings.json: permissions for go/goreleaser tools,
  PreToolUse Bash hook, cleanupPeriodDays 30

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(mcp): add platformGet() with retry-on-429 for all GET tool calls

Add platformGet() in src/api.ts — a GET helper that automatically retries
on HTTP 429 (Too Many Requests). Retry strategy:
- Honour Retry-After header (seconds → ms, rounded up).
- Exponential backoff with ±25% jitter when absent (1 s, 2 s, 4 s).
- Max 30 s per wait; up to 3 retries.
- Returns RATE_LIMITED error after exhausting retries.

All 37 GET calls across the 12 tool modules now use platformGet()
instead of apiCall("GET", …). POST/PUT/PATCH/DELETE keep apiCall
(non-idempotent). platformGet is re-exported from src/index.ts.

Also:
- Correct KI-002 (MCP SDK already validates input schemas — no code change needed).
- Close KI-003 (test.txt was already removed).
- Mark KI-004 as resolved.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

* test(api): add Jest unit tests for apiCall, platformGet, toMcpResult, isApiError

Covers:
- toMcpResult / toMcpText: correct content envelope wrapping
- isApiError: type guard across all ApiError shapes
- apiCall: 2xx JSON, non-2xx, network failure, POST body, headers
- platformGet: 2xx, non-2xx non-429, network failure, 429 Retry-After
- 429 retry: Retry-After header parsing, 30s cap, RATE_LIMITED exhaustion

Also fixes a bug in platformGet where a 429 response after exhausting
retries fell through to "HTTP 429" instead of returning RATE_LIMITED.
Added explicit return after the non-ok check so exhaustion returns correctly.

🤖 Generated with [Claude Code](https://claude.ai/claude-code)

---------

Co-authored-by: Molecule AI SDK-Dev <sdk-dev@agents.moleculesai.app>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Molecule AI Plugin-Dev <plugin-dev@agents.moleculesai.app>
 2026-04-21 06:17:36 +00:00
molecule-ai[bot]
c22b2a390c
Merge pull request #3 from Molecule-AI/feat/mcp-rate-limiting 
feat(mcp): add platformGet() with retry-on-429 for all GET tool calls
 2026-04-21 01:16:09 +00:00
Molecule AI SDK-Dev
c7642e92e1 feat(mcp): add platformGet() with retry-on-429 for all GET tool calls 
Add platformGet() in src/api.ts — a GET helper that automatically retries
on HTTP 429 (Too Many Requests). Retry strategy:
- Honour Retry-After header (seconds → ms, rounded up).
- Exponential backoff with ±25% jitter when absent (1 s, 2 s, 4 s).
- Max 30 s per wait; up to 3 retries.
- Returns RATE_LIMITED error after exhausting retries.

All 37 GET calls across the 12 tool modules now use platformGet()
instead of apiCall("GET", …). POST/PUT/PATCH/DELETE keep apiCall
(non-idempotent). platformGet is re-exported from src/index.ts.

Also:
- Correct KI-002 (MCP SDK already validates input schemas — no code change needed).
- Close KI-003 (test.txt was already removed).
- Mark KI-004 as resolved.

🤖 Generated with [Claude Code](https://claude.com/claude-code)
 2026-04-21 01:15:47 +00:00
Molecule AI SDK-Dev
6bf6661c5e docs: add known-issues.md, .claude/settings.json; remove test.txt artifact 
- known-issues.md: 5 entries (KI-001 structured logging, KI-002 input schema
  validation missing, KI-003 test.txt artifact, KI-004 no rate limiting,
  KI-005 streaming cancellation)
- .claude/settings.json: permissions for npm/npx/node tools, PreToolUse
  Bash hook, cleanupPeriodDays 30
- test.txt: remove 5-byte debug artifact from repo root

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-21 01:14:28 +00:00
Molecule AI SDK Lead
1b429fb477 docs: expand CLAUDE.md with tool registry, transport gotchas, Claude Desktop config 
- Added full MCP tool registry (16 tools across 10 categories)
- MCP transport gotchas: Windows CORS/STDIO, SSE vs STDIO, heartbeat cleanup
- --self-update proxy TLS note
- Claude Desktop config JSON (macOS/Linux/Windows paths)
- known-issues.md: KI-002 resolved (SDK Zod validation), KI-006+007 added

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-21 00:53:51 +00:00
molecule-ai[bot]
b4221056e5
docs: add CLAUDE.md, known-issues.md, .claude/settings.json; remove test.txt (#2) 
* docs: add CLAUDE.md for agent onboarding

Inherits platform conventions from molecule-core:
- Cron discipline and triage rules
- Build/test commands (npm, Jest)
- MCP tool conventions (snake_case, error codes, streaming)
- TypeScript conventions (strict mode, async/await, Zod)
- Release process (npm publish via tag workflow)
- Notes test.txt artifact for removal

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* docs: add known-issues.md, .claude/settings.json; remove test.txt artifact

- known-issues.md: 5 entries (KI-001 structured logging, KI-002 input schema
  validation missing, KI-003 test.txt artifact, KI-004 no rate limiting,
  KI-005 streaming cancellation)
- .claude/settings.json: permissions for npm/npx/node tools, PreToolUse
  Bash hook, cleanupPeriodDays 30
- test.txt: remove 5-byte debug artifact from repo root

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* docs: add CLAUDE.md known-issues ref, known-issues.md, .claude/settings.json

- CLAUDE.md: add known-issues.md reference in Known Issues section
- known-issues.md: 5 entries (KI-001 main.go, KI-002 API client,
  KI-003 go.sum, KI-004 goreleaser, KI-005 no tests)
- .claude/settings.json: permissions for go/goreleaser tools,
  PreToolUse Bash hook, cleanupPeriodDays 30

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Molecule AI SDK-Dev <sdk-dev@agents.moleculesai.app>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-20 23:10:39 +00:00
Hongming Wang
094ecdc0ba
Merge pull request #1 from Molecule-AI/chore/credentials-gitignore 
chore: gitignore credentials
 2026-04-16 09:24:35 -07:00
rabbitblood
52e23e7270 chore: gitignore credentials for molecule-mcp-server 
Adds standard credential gitignore (.env / *.pem / .secrets/ / .auth_token).
Per-CEO directive 2026-04-16: every plugin and template repo should
gitignore credentials so self-hosters can't accidentally commit real
tokens to public repos.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-16 09:19:02 -07:00
Hongming Wang
aa44c6b565 feat: MCP server content + npm publish CI 2026-04-16 03:50:00 -07:00
Hongming Wang
a1cef41f85 test 2026-04-16 03:49:26 -07:00