feat: add SearchTools and CallTool for executor-style tool discovery#67
Open
vu1n wants to merge 2 commits intodeathbyknowledge:mainfrom
Open
feat: add SearchTools and CallTool for executor-style tool discovery#67vu1n wants to merge 2 commits intodeathbyknowledge:mainfrom
vu1n wants to merge 2 commits intodeathbyknowledge:mainfrom
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2e76ce773f
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
vu1n
force-pushed
the
feat/tool-discovery
branch
2 times, most recently
from
7441e30 to
8afe80c
Compare
Gateway can now connect to remote MCP servers via @modelcontextprotocol/sdk
and expose their tools alongside native and node tools. Tools use the same
{sourceId}__{toolName} naming convention — the LLM sees a flat catalog.
Routing:
- toolRequest() resolves sourceId against MCP config before nodes
- Connection caching with 2-min TTL, evict-on-failure
- Spec-compliant protocol lifecycle (initialize, version negotiation)
Config:
- McpConfig with per-server url, token, cacheTtlMs, timeoutMs
- Cache refreshed via Gateway alarm, invalidated on config.set
- Server ID validation (no reserved prefixes, no __ in IDs)
- Timeouts on connect + listTools + callTool
Security:
- Bearer tokens masked in getSafeConfig()
- HTTPS enforced (localhost exception for dev)
- AI agent ConfigGet uses masked reads; RPC preserves raw for UI
Adds a discover → execute pattern for tools. The agent uses SearchTools to find capabilities and CallTool to invoke them — streamlining how agents discover and use tools regardless of source. SearchTools: weighted token matching across name, description, sourceId, and schema properties. Scores and returns top 10 matches. CallTool: unified dispatch — MCP via HTTP, native via executeNativeTool. Recursion-guarded (meta-tools can't invoke themselves). MCP tools removed from the default tool list — accessed via the discover/execute flow. This also enables scaling to many MCP servers without growing the agent's context window.
vu1n
force-pushed
the
feat/tool-discovery
branch
from
8afe80c to
6a158ab
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Builds on #66. Adds an executor-inspired discover → call pattern for MCP tools. Instead of putting all MCP tools in the LLM's context (costly at scale), the agent discovers them via
gsv__SearchToolsand invokes them viagsv__CallTool.SearchTools: Weighted token matching (executor-style scoring) across tool name, description, sourceId, and schema property names. Returns top 10 results with relevance scoring.
CallTool: Unified dispatch — MCP tools via HTTP, native tools via
executeNativeTool. Node tools return a clear unsupported message (WebSocket dispatch needed).Context efficiency: MCP tools removed from default tool list. Only 2 fixed-cost tools added (~200 tokens) regardless of how many MCP servers are configured.
The system prompt hints the agent to search when it can't do something with its built-in tools. Tool descriptions validated with gepa/optimize_anything — seed descriptions score optimally.
Design note: approval model
gsv__CallToolgoes through normal session tool approval. We don't re-evaluate approval on the inner tool because GSV's security model prioritizes capability and simplicity (defaultDecision: "allow", no rules by default). The user's approval of CallTool is the consent point. If the approval model evolves to require per-tool granularity, the JSDoc oncallToolDirectdocuments exactly where to add it.Test plan
npx tsc --noEmit— cleannpm test— 226 tests passing (8 new for tool search scoring)