All tool inputSchema definitions lack "additionalProperties": false. When an AI agent passes an undeclared parameter, it is silently swallowed — no error, no warning.
Why this is a problem: AI agents rely on parameter declarations to understand what a tool accepts. If an agent infers that a tool should support path (because other tools do, or from the semantic context), it will pass path="src/" and receive results. The agent then assumes the scope is limited to src/ and reasons about the codebase based on incomplete data — potentially missing critical files, making wrong refactoring decisions, or reporting incorrect analysis. The failure is completely silent and undetectable from the agent's perspective.
Proposed: Add "additionalProperties": false to all input schemas so MCP clients return a validation error, or emit a warning in the server when unrecognized parameters are received.
All tool inputSchema definitions lack "additionalProperties": false. When an AI agent passes an undeclared parameter, it is silently swallowed — no error, no warning.
Why this is a problem: AI agents rely on parameter declarations to understand what a tool accepts. If an agent infers that a tool should support path (because other tools do, or from the semantic context), it will pass path="src/" and receive results. The agent then assumes the scope is limited to src/ and reasons about the codebase based on incomplete data — potentially missing critical files, making wrong refactoring decisions, or reporting incorrect analysis. The failure is completely silent and undetectable from the agent's perspective.
Proposed: Add "additionalProperties": false to all input schemas so MCP clients return a validation error, or emit a warning in the server when unrecognized parameters are received.