-
Notifications
You must be signed in to change notification settings - Fork 0
MCP Integration
mq-agent integrates with mq-mcp to discover and route local tools.
user command
↓
mq-agent CLI
↓
MCPBridge (HTTP)
↓
mq-mcp server on :8765
↓
PSIGEL / repo tools / shell tools
mq-agent never directly executes arbitrary shell. Every call goes through the safety gate before reaching mq-mcp.
uv --directory ~/mq-mcp/mq-mcp run python server.pyVerify it is running:
mq-agent mcp statusmq-agent mcp tools # list all tools with safety class
mq-agent mcp tools --json # machine-readable output
mq-agent tools --mcp # built-in + MCP tools combined
mq-agent tools --describe read_repo_file # single tool detail# Read-only — no flags needed
mq-agent run-tool read_repo_file --arg path=README.md
# Write-capable or subprocess — requires --approve
mq-agent run-tool update_repo_file --arg path=README.md --arg old=x --arg new=y --approve
# Dangerous — requires --dangerous
mq-agent run-tool remove_device --arg Id=42 --dangerous
# Dry-run any tool
mq-agent run-tool git_status --dry-runmq-agent review commands are pass-through orchestration. mq-agent does not score severity, classify risk, reason about architecture, retrieve semantic memory, or implement review heuristics locally.
mq-agent review file README.md
mq-agent review diff
mq-agent review repo .Mode flags are forwarded to mq-mcp:
mq-agent review file mq_agent/main.py --security
mq-agent review repo . --architecture
mq-agent review diff --json--risk is only available when the installed mq-mcp exposes the matching
risk_review_* tool:
mq-agent review diff --riskIf the required mq-mcp review tool is missing, mq-agent exits with a clear error and suggests upgrading or starting mq-mcp.
mq-agent learn commands are also pass-through and read-only:
mq-agent learn status
mq-agent learn search "state mutation"
mq-agent learn explain p-42mq-mcp owns learned-pattern storage, extraction contracts, validation and any optional local model provider such as Ollama. mq-agent must not create learning records, store them silently, or treat model output as authoritative risk scoring. See LEARN_OLLAMA.md for the Ollama learn boundary.
All MCP commands support --json:
mq-agent mcp status --json
mq-agent mcp tools --json
mq-agent run-tool git_status --json
mq-agent review file README.md --jsonmq-agent fails closed. run-tool exits with a clear error:
mq-mcp is not reachable at http://localhost:8765
Start mq-mcp with:
uv --directory ~/mq-mcp/mq-mcp run python server.py
mq-agent tools --describe <name> still works when mq-mcp is down — it infers the safety class from the tool name.
The formal boundary between mq-agent and mq-mcp is defined in mq-mcp/docs/ORCHESTRATION_CONTRACT.md.
Key rules for mq-agent:
- Class A/B tools may be auto-invoked without user confirmation
- Class C (write files) and Class D (subprocess/open apps) require explicit user approval
- mq-agent must never reimplement review logic, architecture reasoning, or semantic retrieval
- mq-agent must not assume mq-mcp maintains session state between calls
- mq-agent must not construct filesystem paths outside of tool arguments
- Tool chains that together produce a git commit or push are prohibited
Verify contract compliance at any time:
mq-agent run-tool validate_orchestration_contract
mq-agent doctormq-mcp serves real safety classes via /tools and /tool-contracts.
mq-agent uses them to enforce its safety gate — no guessing from name
prefixes when the server is up.
| Class | Examples | Gate behaviour |
|---|---|---|
| A |
read_repo_file, git_status
|
No flags required |
| B |
repo_signal_analyze, get_wifi_info
|
No flags required |
| C |
update_repo_file, edit_image
|
Requires --approve
|
| D |
open_in_app, run_tests
|
Requires --approve
|
| — | remove_* |
Requires --dangerous
|
mq-mcp exposes machine-readable contracts at GET /tool-contracts:
curl http://localhost:8765/tool-contracts | jq '.tool_count'
curl http://localhost:8765/tool-contracts | jq '.tools[] | select(.class == "C")'# 1. Start mq-mcp
uv --directory ~/mq-mcp/mq-mcp run python server.py &
# 2. Verify it is up and serving all 66 tools
mq-agent mcp status --json | jq '.servers["mq-mcp"]'
# 3. Inspect a tool's safety class
mq-agent tools --describe read_repo_file
# 4. Dry-run a read tool (no flags needed)
mq-agent run-tool read_repo_file --arg path=README.md --dry-run
# 5. Run a write tool with approval
mq-agent run-tool edit_image --arg relative_path=img.jpg \
--arg action=resize --arg value=800 --approve
# 6. Stop mq-mcp when done
mq-agent mcp stopERROR: [Errno 48] Address already in use
Find and kill the existing process:
lsof -ti :8765 | xargs kill -9Or start on a different port:
MQ_MCP_PORT=8766 uv run python server.py
MQ_MCP_ENDPOINT=http://localhost:8766 mq-agent mcp statusmq-agent mcp status --json # shows endpoint and reachability
curl http://localhost:8765/health # direct health checkAlways use uv run inside the mq-mcp directory — system Python lacks
the required packages:
uv --directory ~/mq-mcp/mq-mcp run python server.pymq-mcp serves safety classes from docs/tool_contracts.json. If that
file is missing or stale, regenerate it:
cd ~/mq-mcp && python3 scripts/generate_tool_contracts.pySee TOOL_ROUTING.md for the full safety classification reference.