Skip to content

Auto-detect and inspect safe-inputs in MCP inspect with Go SDK #5709

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pelikhan merged 9 commits into from
Dec 7, 2025
Merged

Auto-detect and inspect safe-inputs in MCP inspect with Go SDK #5709

pelikhan merged 9 commits into from
Dec 7, 2025

Conversation

Copy link
Contributor

Copilot AI commented Dec 7, 2025
edited
Loading

  • Understand the issue: mcp inspect --safe-inputs should resolve imported safe-inputs from shared workflows
  • Modify spawnSafeInputsInspector to use workflow compiler to parse and merge imports
  • Test with copilot-pr-merged-report workflow that imports shared/gh.md
  • Add/update tests for imported safe-inputs scenario
  • Run code review - addressed all feedback
  • Complete validation (build, fmt, lint, recompile all pass)
  • Use Go SDK to inspect safe-inputs (instead of Node.js inspector)
  • Remove --safe-inputs flag and auto-detect safe-inputs in workflows
  • Address code review feedback (validation, cleanup comments)
  • Fix server name to "safeinputs" (no dash)

Summary

Successfully implemented automatic safe-inputs detection and inspection in the MCP inspect command. The gh aw mcp inspect command now:

  1. Automatically detects safe-inputs in workflows (no flag needed)
  2. Resolves imported safe-inputs from shared workflows using the workflow compiler
  3. Uses Go SDK for inspection showing tools in formatted tables like other MCP servers
  4. Inspects all MCP servers together including safe-inputs when present
  5. Uses correct server name "safeinputs" (without dash)

Changes

  1. Modified InspectWorkflowMCP to parse MCP servers from frontmatter, then separately use compiler for safe-inputs detection
  2. Created startSafeInputsServer helper function to start the safe-inputs HTTP server
  3. Automatically add safe-inputs to MCP configs list when present in workflow
  4. Removed --safe-inputs flag and updated help text
  5. Restored frontmatter validation with non-blocking warnings
  6. Simplified process cleanup logic (more cross-platform)
  7. Fixed server name to "safeinputs" (no dash)
  8. All validations pass (build, fmt, lint, tests)

Testing

Verified with copilot-pr-merged-report.md which imports shared/gh.md:

  • ✅ Correctly detects the imported gh tool without any flag
  • ✅ Inspects it with Go SDK alongside other MCP servers (GitHub)
  • ✅ Shows formatted table with tool status
  • ✅ Server name displays as "safeinputs"
Original prompt

MCP inspect should support imported safe input. Use the workflow parser to resolve the list of safe inputs (WorkflowData).

Try copilot-pr-merge-report.

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI and others added 3 commits December 7, 2025 03:21
@pelikhan
Initial plan: Support imported safe-inputs in MCP inspect
b8e9dad 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Support imported safe-inputs in MCP inspect
b7a04a6 
- Modified spawnSafeInputsInspector to use workflow compiler's ParseWorkflowFile
- This ensures imported safe-inputs from shared workflows are properly resolved
- Updated TestSpawnSafeInputsInspector_WithSafeInputs to use compiler
- Added TestSpawnSafeInputsInspector_WithImportedSafeInputs test case
- Tested with copilot-pr-merged-report workflow which imports shared/gh.md

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Remove trailing newline from test file (formatter)
cd803c1
Copilot AI changed the title [WIP] Add support for imported safe input in MCP inspect Fix MCP inspect to resolve imported safe-inputs Dec 7, 2025
Copilot AI requested a review from pelikhan December 7, 2025 03:34
@pelikhan
Copy link
Contributor

pelikhan commented Dec 7, 2025

@copilot once the safe-inputs are resolved and the safe-inputs server is started, do an inspection using the go-sdk just like the other mcp servers like github. Do not use the node.js mcp inspector.

@pelikhan
Use Go SDK to inspect safe-inputs instead of Node.js inspector
d3b8fb3 
- Modified spawnSafeInputsInspector to use inspectMCPServer with Go SDK
- Removed npx dependency check since we no longer launch the Node.js inspector
- Creates MCPServerConfig for safe-inputs HTTP server and inspects it like other MCP servers
- Shows tools in formatted table with allow/not-allow status
- Tests still pass as they validate file generation, not inspector behavior

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Contributor Author

Copilot AI commented Dec 7, 2025

@copilot once the safe-inputs are resolved and the safe-inputs server is started, do an inspection using the go-sdk just like the other mcp servers like github. Do not use the node.js mcp inspector.

Done in d3b8fb3. The safe-inputs inspector now uses the Go SDK (inspectMCPServer) to connect to and inspect the HTTP server, showing tools in a formatted table with allow/not-allow status—just like other MCP servers (GitHub, etc.).

The Node.js @modelcontextprotocol/inspector is no longer launched.

Output example:

📡 safe-inputs http (http://localhost:3000)

🛠️  Tool Access Status
┌─────────┬─────┬──────────────────────────────────────────────────┐
│Tool Name│Allow│Description                                       │
├─────────┼─────┼──────────────────────────────────────────────────┤
│gh       │✅   │Execute any gh CLI command. Provide the full co...│
└─────────┴─────┴──────────────────────────────────────────────────┘

Copilot AI changed the title Fix MCP inspect to resolve imported safe-inputs Fix MCP inspect to resolve imported safe-inputs and use Go SDK Dec 7, 2025
@pelikhan
Copy link
Contributor

pelikhan commented Dec 7, 2025

@copilot remove the --safe-inputs flag and always point the safeinputs server when present in the agentic workflow

@pelikhan
Copy link
Contributor

pelikhan commented Dec 7, 2025

@copilot server name is "safeinputs" no dash

@pelikhan
Remove --safe-inputs flag, auto-detect safe-inputs in workflows
929a5e4 
- Removed --safe-inputs flag from mcp inspect command
- Modified InspectWorkflowMCP to use compiler.ParseWorkflowFile for import resolution
- Automatically detect and start safe-inputs server when present in workflow
- Created startSafeInputsServer helper function to handle server startup
- Safe-inputs server is now inspected alongside other MCP servers
- Updated help text to reflect automatic safe-inputs detection
- All tests pass, fmt and lint clean

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Contributor Author

Copilot AI commented Dec 7, 2025

@copilot remove the --safe-inputs flag and always point the safeinputs server when present in the agentic workflow

Done in 929a5e4. The --safe-inputs flag has been removed. Safe-inputs servers are now automatically detected and inspected when present in agentic workflows.

Output example:

$ gh aw mcp inspect copilot-pr-merged-report

ℹ Found 2 MCP server(s) to inspect

📡 github docker (docker)
[... github server details ...]

📡 safe-inputs http (http://localhost:3000)

🛠️  Tool Access Status
┌─────────┬─────┬──────────────────────────────────────────────────┐
│Tool Name│Allow│Description                                       │
├─────────┼─────┼──────────────────────────────────────────────────┤
│gh       │✅   │Execute any gh CLI command. Provide the full co...│
└─────────┴─────┴──────────────────────────────────────────────────┘

The gh tool from imported shared/gh.md is automatically detected and inspected alongside other MCP servers.

@pelikhan
Copy link
Contributor

pelikhan commented Dec 7, 2025

@copilot server name is "safeinputs" no dash

Copilot AI and others added 2 commits December 7, 2025 04:03
@pelikhan
Address code review feedback
1243821 
- Remove duplicate workflow parsing (use compiler only for safe-inputs detection)
- Simplify process cleanup by removing platform-specific signal checks
- Remove unused syscall import
- Tests and lint pass

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Add frontmatter validation back and improve comments
82cf82b 
- Restore frontmatter validation with warnings in verbose mode
- Improve comments for process cleanup to explain error handling
- Continue inspection even if validation fails (non-blocking)
- Tests and lint pass

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title Fix MCP inspect to resolve imported safe-inputs and use Go SDK Auto-detect and inspect safe-inputs in MCP inspect with Go SDK Dec 7, 2025
@pelikhan
Fix server name from "safe-inputs" to "safeinputs"
de95dfd 
- Changed MCP server name from "safe-inputs" to "safeinputs" (no dash)
- Updated in both startSafeInputsServer and spawnSafeInputsInspector functions
- Tests pass, lint clean

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Contributor Author

Copilot AI commented Dec 7, 2025
edited
Loading

@copilot server name is "safeinputs" no dash

Fixed in de95dfd. Server name changed from "safe-inputs" to "safeinputs" (no dash).

Output:

📡 safeinputs http (http://localhost:3000)

@copilot server name is "safeinputs" no dash

Fixed in de95dfd. Server name changed from "safe-inputs" to "safeinputs" (no dash).

Output:

📡 safeinputs http (http://localhost:3000)

@pelikhan pelikhan marked this pull request as ready for review December 7, 2025 04:14
@pelikhan pelikhan merged commit 35bb7df into main Dec 7, 2025
5 checks passed
@pelikhan pelikhan deleted the copilot/add-imported-safe-input-support branch December 7, 2025 04:14
@github-actions github-actions bot mentioned this pull request Dec 7, 2025
Closed
github-actions bot added a commit that referenced this pull request Dec 7, 2025
@github-actions @claude
Update CLI documentation for recent features
5b5a53c 
Document three user-facing features from December 6-7:

1. gh aw init now creates .github/aw/logs/.gitignore (#5712)
   - Prevents workflow logs from being committed

2. Fuzzy workflow name matching (#5710)
   - Added Smart Features section with examples
   - Documents typo suggestions across all commands
   - Explains Levenshtein distance matching algorithm

3. Auto-detection of safe-inputs in mcp inspect (#5709)
   - Clarified that safe-inputs are automatically detected
   - Removed reference to deprecated --safe-inputs flag
   - Documents imported safe-inputs support

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
@github-actions github-actions bot mentioned this pull request Dec 7, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pelikhan pelikhan Awaiting requested review from pelikhan

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pelikhan