Thanks to visit codestin.com
Credit goes to github.com

Skip to content

feat: add repair command for MCP before retrying #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 26, 2025
Merged

feat: add repair command for MCP before retrying #3

merged 1 commit into from
Oct 26, 2025

Conversation

@midodimori
Copy link
Owner

@midodimori midodimori commented Oct 26, 2025
edited by sourcery-ai bot
Loading

Summary by Sourcery

Allow specifying a shell repair_command in the server configuration to automatically run recovery steps when fetching tools fails due to MCP errors, then retry retrieval; streamline filtering and error detection logic.

New Features:

  • Introduce per-server repair commands to execute remediation steps upon MCP initialization failures before retrying tool retrieval

Enhancements:

  • Refactor tool filtering into a reusable _filter_tools method
  • Add an _is_mcp_error helper to detect McpError instances and handle nested ExceptionGroup

@sourcery-ai
Copy link

sourcery-ai bot commented Oct 26, 2025
edited
Loading

Reviewer's Guide

This PR extends MCPClient with a per-server repair command: on MCP errors during tool retrieval, it runs a configured shell command and retries; to support this it adds a new config field and refactors error handling and filtering into helpers.

Sequence diagram for MCPClient tool retrieval with repair command

sequenceDiagram
participant MCPClient
participant Server
participant Shell
participant Logger
MCPClient->>Server: get_tools(server_name)
Note over Server: MCP error occurs
Server-->>MCPClient: Exception
MCPClient->>Shell: run repair_command (if configured)
Shell-->>MCPClient: repair command completes
MCPClient->>Server: get_tools(server_name) (retry)
Server-->>MCPClient: tools or Exception
alt success
  MCPClient->>MCPClient: filter_tools()
else failure
  MCPClient->>Logger: log error
end
Loading

Class diagram for updated MCPServerConfig and MCPClient

classDiagram
class MCPServerConfig {
  +list[str] include
  +list[str] exclude
  +bool enabled
  +str|None repair_command
}
class MCPClient {
  +dict[str, Connection] connections
  +dict[str, dict] tool_filters
  +dict[str, str] repair_commands
  +bool enable_approval
  +list[BaseTool]|None _tools_cache
  +dict[str, str] _module_map
  +asyncio.Lock _init_lock
  +_is_mcp_error(exc: Exception) bool
  +_filter_tools(tools: list[BaseTool], server_name: str) list[BaseTool]
  +_get_server_tools(server_name: str) async list[BaseTool]
  +get_mcp_tools() async list[BaseTool]
}
MCPClient --> MCPServerConfig : uses
Loading

File-Level Changes

Change Details Files
Introduce repair_commands support across client, factory, and config
  • Add repair_commands parameter to MCPClient constructor
  • Expose repair_command field in MCPServerConfig
  • Collect and pass repair_commands in MCPClient factory
 src/mcp/client.py
src/mcp/factory.py
src/core/config.py
Implement error classification helper
  • Add _is_mcp_error to detect McpError and nested ExceptionGroup cases
 src/mcp/client.py
Extract and apply tool filtering logic
  • Move include/exclude logic into new _filter_tools method
  • Use _filter_tools inside _get_server_tools
 src/mcp/client.py
Enhance _get_server_tools with repair and retry
  • On MCP error, run subprocess with the server’s repair command
  • Retry get_tools after repair, then apply filtering
  • Improve error logging with exc_info for non-MCP errors
 src/mcp/client.py
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

sourcery-ai[bot]
sourcery-ai bot requested changes Oct 26, 2025
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey there - I've reviewed your changes - here's some feedback:

Blocking issues:

  • Detected subprocess function 'run' without a static string. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'. (link)
  • Found 'subprocess' function 'run' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead. (link)

General comments:

  • Running subprocess.run in an async method will block the event loop—consider using asyncio.create_subprocess_exec or run the repair command in an executor to avoid blocking.
  • Wrap the repair subprocess invocation in its own try/except (and avoid shell=True if possible) so that repair failures or timeouts are logged and don't crash the retry logic.
Prompt for AI Agents 
Please address the comments from this code review:

## Overall Comments
- Running subprocess.run in an async method will block the event loop—consider using asyncio.create_subprocess_exec or run the repair command in an executor to avoid blocking.
- Wrap the repair subprocess invocation in its own try/except (and avoid shell=True if possible) so that repair failures or timeouts are logged and don't crash the retry logic.

## Individual Comments

### Comment 1
<location> `src/mcp/client.py:85-86` </location>
<code_context>
-            logger.error(f"Error getting tools from server {server_name}: {e}")
-            return []
+            if self._is_mcp_error(e) and server_name in self._repair_commands:
+                subprocess.run(
+                    self._repair_commands[server_name], shell=True, timeout=300
+                )
+                tools = await self.get_tools(server_name=server_name)
</code_context>

<issue_to_address>
**🚨 issue (security):** Using subprocess.run with shell=True introduces security risks.

If repair_command can be influenced by user input, this may allow shell injection. Use shell=False with a list of arguments, or strictly validate repair_command.
</issue_to_address>

### Comment 2
<location> `src/mcp/factory.py:79-80` </location>
<code_context>
             server_config[name] = server_dict

+            # Store repair command if available
+            if server.repair_command:
+                repair_commands[name] = server.repair_command
+
             # Tool filtering configuration
</code_context>

<issue_to_address>
**🚨 suggestion (security):** No validation of repair_command format or safety.

If repair_command comes from user input, validate its format or restrict allowed commands to mitigate misconfiguration and security risks.

Suggested implementation:

```python
        import re
        ALLOWED_REPAIR_COMMANDS = [
            "restart-service",
            "clear-cache",
            "reindex-db",
            # Add more allowed commands as needed
        ]
        def is_valid_repair_command(cmd):
            # Only allow exact matches from the whitelist, or simple shell-safe patterns
            return cmd in ALLOWED_REPAIR_COMMANDS

        for name, server in config.servers.items():
            # Skip disabled servers

            server_config[name] = server_dict

            # Store repair command if available, with validation
            if server.repair_command:
                if is_valid_repair_command(server.repair_command):
                    repair_commands[name] = server.repair_command
                else:
                    # Optionally log or raise an error here
                    # print(f"Invalid repair_command for server {name}: {server.repair_command}")
                    pass

            # Tool filtering configuration

```

- You may want to replace the `ALLOWED_REPAIR_COMMANDS` list with a more dynamic or configurable source.
- If you want to allow more complex validation (e.g., regex patterns), update `is_valid_repair_command` accordingly.
- Consider logging or raising an exception if an invalid command is detected, depending on your application's error handling policy.
</issue_to_address>

### Comment 3
<location> `src/mcp/client.py:85-87` </location>
<code_context>
                subprocess.run(
                    self._repair_commands[server_name], shell=True, timeout=300
                )
</code_context>

<issue_to_address>
**security (python.lang.security.audit.dangerous-subprocess-use-audit):** Detected subprocess function 'run' without a static string. If this data can be controlled by a malicious actor, it may be an instance of command injection. Audit the use of this call to ensure it is not controllable by an external resource. You may consider using 'shlex.escape()'.

*Source: opengrep*
</issue_to_address>

### Comment 4
<location> `src/mcp/client.py:86` </location>
<code_context>
                    self._repair_commands[server_name], shell=True, timeout=300
</code_context>

<issue_to_address>
**security (python.lang.security.audit.subprocess-shell-true):** Found 'subprocess' function 'run' with 'shell=True'. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use 'shell=False' instead.

```suggestion
                    self._repair_commands[server_name], shell=False, timeout=300
```

*Source: opengrep*
</issue_to_address>

### Comment 5
<location> `src/mcp/client.py:75-77` </location>
<code_context>
    def _filter_tools(self, tools: list[BaseTool], server_name: str) -> list[BaseTool]:
        if server_name not in self._tool_filters:
            return tools

        filters = self._tool_filters[server_name]
        include, exclude = filters.get("include", []), filters.get("exclude", [])

        if include and exclude:
            raise ValueError(
                f"Cannot specify both include and exclude for server {server_name}"
            )

        if include:
            return [t for t in tools if t.name in include]
        if exclude:
            return [t for t in tools if t.name not in exclude]
        return tools

</code_context>

<issue_to_address>
**suggestion (code-quality):** We've found these issues:

- Lift code into else after jump in control flow ([`reintroduce-else`](https://docs.sourcery.ai/Reference/Default-Rules/refactorings/reintroduce-else/))
- Replace if statement with if expression ([`assign-if-exp`](https://docs.sourcery.ai/Reference/Default-Rules/refactorings/assign-if-exp/))

```suggestion
        return [t for t in tools if t.name not in exclude] if exclude else tools
```
</issue_to_address>
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@midodimori midodimori force-pushed the feat/add-repair-commands-mcp branch from 783d711 to 0fbd765 Compare October 26, 2025 20:24
@midodimori midodimori force-pushed the feat/add-repair-commands-mcp branch from 0fbd765 to d5d01da Compare October 26, 2025 20:24
@midodimori midodimori merged commit 3d98dcd into main Oct 26, 2025
4 checks passed
midodimori added a commit that referenced this pull request Oct 26, 2025
@midodimori
Merge pull request #3 from midodimori/feat/add-repair-commands-mcp
fafe441 
feat: add repair command for MCP before retrying
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@midodimori