Move internal MCP server to backend, use Mintlify MCP for docs tools

[mantrakp04]

Summary

• Move the /api/internal/[transport] MCP route from the docs app to the backend, so the public ask_stack_auth MCP tool is served from the same origin as the AI query API it proxies to.
• Replace the bespoke docs-tools HTTP client in apps/backend/src/lib/ai/tools/docs.ts with an @ai-sdk/mcp client that talks to Mintlify's generated MCP server. The backend AI agent now consumes Mintlify's lower-level search/fetch tools directly instead of going through the docs app.
• Swap STACK_DOCS_INTERNAL_BASE_URL for STACK_MINTLIFY_MCP_URL (defaults to the Mintlify-hosted MCP URL).
• Move the @vercel/mcp-adapter dependency from docs to apps/backend.

Test plan

• pnpm typecheck
• pnpm lint
• e2e: new apps/e2e/tests/backend/endpoints/api/v1/internal/mcp.test.ts covers tools/list and validation on tools/call
• Manual: hit POST /api/internal/mcp on the backend and confirm ask_stack_auth is listed and callable
• Manual: confirm backend AI agent docs tools resolve via the Mintlify MCP URL

Summary by CodeRabbit

• New Features

  • Backend docs tooling now uses a Mintlify MCP server for documentation tools and discovery.

• Chores

  • Development environment variables updated to point to the Mintlify MCP endpoint.
  • Backend dependency added to support MCP integration; docs package dependency removed.

• Tests

  • Added end-to-end tests for the internal MCP endpoint and tool validation.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
stack-auth-hosted-components	Ready	Preview, Comment	Apr 28, 2026 10:44pm
stack-backend	Ready	Preview, Comment	Apr 28, 2026 10:44pm
stack-dashboard	Ready	Preview, Comment	Apr 28, 2026 10:44pm
stack-demo	Ready	Preview, Comment	Apr 28, 2026 10:44pm
stack-docs	Ready	Preview, Comment	Apr 28, 2026 10:44pm
stack-preview-backend	Ready	Preview, Comment	Apr 28, 2026 10:44pm
stack-preview-dashboard	Ready	Preview, Comment	Apr 28, 2026 10:44pm

[coderabbitai]

📝 Walkthrough

Walkthrough

Backend replaces a local HTTP-based docs-tools bridge with a Mintlify MCP client (driven by STACK_MINTLIFY_MCP_URL and @vercel/mcp-adapter), updates env vars and MCP routing, exposes remote tools via the MCP client, and adds E2E tests for MCP endpoints.

Changes

Cohort / File(s)	Summary
Environment Configuration apps/backend/.env, apps/backend/.env.development	Replaced/commented out STACK_DOCS_INTERNAL_BASE_URL and added STACK_MINTLIFY_MCP_URL pointing to a Mintlify MCP endpoint for backend docs tooling.
Backend Dependencies apps/backend/package.json, docs/package.json	Added @vercel/mcp-adapter@^1.0.0 to backend; removed the same dependency from docs package.
MCP Route Handler apps/backend/src/app/api/internal/[transport]/route.ts	Refactored backend API base URL resolution, removed prior NEXT_PUBLIC_STACK_API_URL emptiness error branch, switched PostHog wrapping to withPostHog, and adjusted MCP config to use serverInfo and minor description/formatting text.
Docs Tools Implementation apps/backend/src/lib/ai/tools/docs.ts	Replaced custom HTTP /api/internal/docs-tools implementation with a memoized Mintlify MCP client (getMintlifyMcpClient) and now returns client.tools(); on init failure returns a single docsUnavailable fallback tool.
E2E Tests apps/e2e/tests/backend/endpoints/api/v1/internal/mcp.test.ts	Added tests for MCP tools/list and tools/call JSON-RPC flows, including validation error assertions for missing required args.

Sequence Diagram

sequenceDiagram
    autonumber
    participant Agent as AI Agent / LLM
    participant Backend as Backend API (/api/internal/mcp)
    participant MCPClient as MCP Client (`@vercel/mcp-adapter`)
    participant Mintlify as Mintlify MCP Server

    Agent->>Backend: requests tools/list
    Backend->>MCPClient: forward tools/list via STACK_MINTLIFY_MCP_URL
    MCPClient->>Mintlify: HTTP POST JSON-RPC
    Mintlify-->>MCPClient: tools list response
    MCPClient-->>Backend: tool definitions
    Backend-->>Agent: return tools list

    Agent->>Backend: requests tools/call (ask_stack_auth ...)
    Backend->>MCPClient: forward tools/call (execute tool)
    MCPClient->>Mintlify: HTTP POST execute
    Mintlify-->>MCPClient: execution result / error
    MCPClient-->>Backend: result / error
    Backend-->>Agent: return result / validation error

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• Custom dashboards and unified ai no playground #1243 — modifies createDocsTools() to use MCP client patterns similar to this change.
• fix(ai): Accept header for docs-tools MCP endpoint #1334 — adjusted HTTP fetch behavior for the prior /api/internal/docs-tools bridge that this PR replaces.
• mcp / tools update + internal tool #1283 — earlier alternate changes to createDocsTools() (opposite approach); directly related to this implementation swap.

Suggested reviewers

• madster456
• N2D4

Poem

🐇 I hopped from localhost lanes to Mintlify’s stream,
Tools now answered by call, not by dream,
A memoized client hums under night,
If it falters, a fallback holds tight,
Hooray — docs found in a moonlit beam! 🥕📚

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 16.67% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the two main changes: moving the MCP server to the backend and switching to Mintlify MCP for docs tools.
Description check	✅ Passed	The description comprehensively covers the changes, test plan, and objectives; it aligns well with the actual file modifications shown in the summary.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch mcp-move-to-backend

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This PR moves the ask_stack_auth MCP route from the docs app to the backend, and replaces the bespoke docs-tools HTTP client with an @ai-sdk/mcp client that proxies to Mintlify's hosted MCP server. The dependency swap and env-var rename (STACK_DOCS_INTERNAL_BASE_URL → STACK_MINTLIFY_MCP_URL) are clean.

• P1 resilience gap in docs.ts: the singleton reset only fires on initial connection failure, not on subsequent client.tools() failures — a broken-after-connect client is never replaced, leaving the AI agent permanently in the docsUnavailable fallback until the process restarts.

Confidence Score: 4/5

Safe to merge after addressing the broken-client resilience gap in the MCP singleton.

One P1 finding: a successful initial connection followed by a client.tools() failure leaves the singleton unrecoverable, permanently degrading docs tooling until the process restarts. No P0 issues; the rest of the changes are clean.

apps/backend/src/lib/ai/tools/docs.ts — singleton reset logic needs to cover tools() failures, not just initial connection failures.

Important Files Changed

Filename	Overview
apps/backend/src/lib/ai/tools/docs.ts	Replaces bespoke HTTP docs-tool client with @ai-sdk/mcp singleton; has a P1 resilience gap where a successful-connect/failed-tools scenario permanently blocks reconnection.
apps/backend/src/app/api/internal/[transport]/route.ts	MCP route handler moved from docs app to backend with improved env-var handling; deviates from SmartRouteHandler convention (flagged separately as existing comment).
apps/e2e/tests/backend/endpoints/api/v1/internal/mcp.test.ts	New e2e tests covering tools/list and tools/call validation; straightforward and well-structured.
apps/backend/.env	Swaps STACK_DOCS_INTERNAL_BASE_URL for STACK_MINTLIFY_MCP_URL with updated comment.
docs/package.json	Removes @vercel/mcp-adapter dependency now that the MCP route lives in backend.

Sequence Diagram

sequenceDiagram
    participant LLMAgent as AI Agent (backend)
    participant DocsTools as createDocsTools()
    participant MintlifyMCP as Mintlify MCP Server
    participant MCPRoute as /api/internal/[transport]
    participant AIQuery as /api/latest/ai/query/generate

    Note over LLMAgent,MintlifyMCP: Tool registration (module init)
    LLMAgent->>DocsTools: createDocsTools()
    DocsTools->>MintlifyMCP: createMCPClient() + client.tools()
    MintlifyMCP-->>DocsTools: search/fetch tool definitions
    DocsTools-->>LLMAgent: tools ready

    Note over MCPRoute,AIQuery: External MCP caller
    MCPRoute->>AIQuery: POST /api/latest/ai/query/generate
    AIQuery->>LLMAgent: invoke AI agent with docs tools
    LLMAgent->>MintlifyMCP: search / fetch calls
    MintlifyMCP-->>LLMAgent: doc results
    LLMAgent-->>MCPRoute: ask_stack_auth response

Loading

Prompt To Fix All With AI

This is a comment left during a code review.
Path: apps/backend/src/lib/ai/tools/docs.ts
Line: 13-27

Comment:
**Broken client not reset — no recovery after `tools()` failure**

The `.catch` reset only fires when `createMCPClient` itself rejects (initial connection failure). If the client connects successfully but `client.tools()` later throws (e.g. Mintlify drops the connection after the handshake), `mintlifyMcpClientPromise` remains pointing at the resolved-but-broken client. Every subsequent call to `getMintlifyMcpClient()` returns that dead client, `tools()` keeps failing, and the agent is permanently stuck with the `docsUnavailable` fallback until the process restarts — even if Mintlify comes back online. The old `postDocsToolAction` made a fresh stateless HTTP call each time and recovered automatically.

Consider resetting the singleton on any failure path, not just initial creation:

```typescript
export async function createDocsTools() {
  try {
    const client = await getMintlifyMcpClient();
    return await client.tools();
  } catch (error) {
    mintlifyMcpClientPromise = null; // allow reconnection on next call
    captureError("mintlify-mcp-docs-tools", error);
    return {
      docsUnavailable: tool({ ... }),
    };
  }
}
```

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (2): Last reviewed commit: "Enhance error handling in createDocsTool..." | Re-trigger Greptile}

[Copilot]

Pull request overview

Moves the internal MCP endpoint from the docs app into the backend and updates the backend AI docs tool bundle to use Mintlify’s generated MCP server directly.

Changes:

• Relocates the /api/internal/[transport] MCP handler to apps/backend, proxying ask_stack_auth to the backend AI query API.
• Replaces the backend’s bespoke docs-tools HTTP client with an @ai-sdk/mcp client targeting Mintlify’s MCP server (STACK_MINTLIFY_MCP_URL).
• Adds e2e coverage for tools/list and tools/call validation on the new backend MCP endpoint.

Reviewed changes

Copilot reviewed 7 out of 8 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
pnpm-lock.yaml	Moves @vercel/mcp-adapter resolution from docs to backend and updates lock snapshots accordingly.
docs/package.json	Removes @vercel/mcp-adapter dependency from the docs app.
apps/e2e/tests/backend/endpoints/api/v1/internal/mcp.test.ts	Adds e2e tests for the backend MCP endpoint’s tool listing and argument validation.
apps/backend/src/lib/ai/tools/docs.ts	Switches docs tools to Mintlify MCP via @ai-sdk/mcp and new env var STACK_MINTLIFY_MCP_URL.
apps/backend/src/app/api/internal/[transport]/route.ts	Adds backend MCP handler for ask_stack_auth and proxies calls to /api/latest/ai/query/generate.
apps/backend/package.json	Adds @vercel/mcp-adapter dependency to the backend app.
apps/backend/.env.development	Updates dev env to use STACK_MINTLIFY_MCP_URL.
apps/backend/.env	Replaces STACK_DOCS_INTERNAL_BASE_URL with STACK_MINTLIFY_MCP_URL documentation.

Files not reviewed (1)

• pnpm-lock.yaml: Language not supported

Comments suppressed due to low confidence (1)

apps/backend/src/app/api/internal/[transport]/route.ts:9

• This route constructs a PostHog client without setting the host (elsewhere the backend uses https://eu.i.posthog.com in apps/backend/src/analytics.tsx) and without flushing/shutting down. In serverless/short-lived executions this can silently drop events or send them to the wrong region. Recommend reusing the existing withPostHog helper (or at least configuring host, flushAt, flushInterval, and calling shutdown()/flush() appropriately).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

apps/backend/src/app/api/internal/[transport]/route.ts (1)

64-70: ⚠️ Potential issue | 🟡 Minor

Avoid forwarding raw upstream error bodies to MCP clients.

errText here is the verbatim response body from /api/latest/ai/query/generate, which may include internal error details (stack/cause text) that you don't want exposed to arbitrary MCP callers. Consider returning a sanitized message and logging the full body server-side.

🛡️ Suggested change

         if (!res.ok) {
-          const errText = await res.text();
+          const errText = await res.text();
+          console.error("ask_stack_auth upstream error", { status: res.status, body: errText });
           return {
-            content: [{ type: "text", text: `Stack Auth AI error (${res.status}): ${errText}` }],
+            content: [{ type: "text", text: `Stack Auth AI error (${res.status}). Please retry or contact support.` }],
             isError: true,
           };
         }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/backend/src/app/api/internal/`[transport]/route.ts around lines 64 - 70,
The handler in route.ts currently returns the raw upstream error body (errText)
to MCP clients when res.ok is false; change this to log the full errText
server-side (using processLogger or similar) and return a sanitized error
content to the client such as "Upstream service error" including the HTTP
status, ensuring you do not forward stack traces or internal details; update the
block around res and the returned object (the code that builds content with
errText and isError) to use the sanitized message while keeping full errText
written to server logs for debugging.

🧹 Nitpick comments (3)

apps/backend/src/app/api/internal/[transport]/route.ts (2)

95-98: serverInfo.version is hardcoded.

0.1.0 will drift from the real backend version over time. Consider sourcing it from package.json (or a build-injected constant) so MCP clients can reason about server identity. Optional nit.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/backend/src/app/api/internal/`[transport]/route.ts around lines 95 - 98,
Replace the hardcoded serverInfo.version value in route.ts with a real
source-of-truth (e.g. import the version from package.json or use a
build-injected constant/env var) so the server reports the actual backend
version; update the assignment to serverInfo.version (in the object where
serverInfo.name is set) to read from that imported value or process/env variable
and ensure the import/constant is exported or injected at build time for runtime
use.

---

51-51: Use urlString template tag for URL construction.

Per repo conventions, URLs should be built with the urlString tag (or encodeURIComponent) rather than plain template interpolation, even when the path segments are constant.

♻️ Suggested change

-        const res = await fetch(`${getBackendApiBaseUrl()}/api/latest/ai/query/generate`, {
+        const res = await fetch(urlString`${getBackendApiBaseUrl()}/api/latest/ai/query/generate`, {

As per coding guidelines: "Use urlString`` or encodeURIComponent() instead of normal string interpolation for URLs, for consistency even if it's not strictly necessary".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/backend/src/app/api/internal/`[transport]/route.ts at line 51, Replace
the plain template-interpolated URL passed to fetch with the repo-convention
tagged template urlString to build the URL safely; locate the fetch call that
currently uses `${getBackendApiBaseUrl()}/api/latest/ai/query/generate` inside
route.ts and change it to use urlString`...` (or wrap path segments with
encodeURIComponent if urlString is unavailable), keeping getBackendApiBaseUrl()
as the base and preserving the fetch options.

apps/backend/src/lib/ai/tools/docs.ts (1)

10-25: Consider adding runtime error handling and explicit client lifecycle management.

The .catch here only invalidates the cache on initial connection failure from createMCPClient(). Once the promise resolves successfully, any subsequent transport failure (e.g., MCP server restart or network disruption) will not clear the cached client, causing the agent to keep reusing a broken connection. Add an onerror callback to the transport to detect and handle runtime errors:

createMCPClient({
  transport: {
    type: "http",
    url: getMintlifyMcpUrl(),
    onerror: (error) => {
      console.error('MCP transport error:', error);
      mintlifyMcpClientPromise = null; // invalidate cache on transport failure
    },
  },
  name: "stack-auth-backend-docs-agent",
})

Per the AI SDK MCP docs, also ensure the client is closed when no longer needed. For a long-lived backend, wire this into your graceful shutdown handler (e.g., on SIGTERM):

await mintlifyMcpClientPromise?.then(client => client.close());

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/backend/src/lib/ai/tools/docs.ts` around lines 10 - 25, The
getMintlifyMcpClient function currently only clears mintlifyMcpClientPromise on
initial createMCPClient() rejection but does not handle runtime transport errors
or client shutdown; update the createMCPClient call inside getMintlifyMcpClient
to add a transport.onerror handler that logs the error and sets
mintlifyMcpClientPromise = null to invalidate the cached client on runtime
failures, and ensure the created client is closed during process shutdown by
wiring await mintlifyMcpClientPromise?.then(client => client.close()) (or
equivalent) into your graceful shutdown/SIGTERM handler so the MCPClient
instance is properly terminated.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@apps/backend/.env.development`:
- Line 81: Remove the hardcoded STACK_MINTLIFY_MCP_URL from .env.development
(it's redundant with the default in docs.ts/getMintlifyMcpUrl()) or set it to an
empty value for isolated dev; then update the MCP client initialization (the
code that reads STACK_MINTLIFY_MCP_URL and/or calls getMintlifyMcpUrl()) to
treat an empty/undefined URL as "disabled" and skip making outbound calls (or
return a mock/no-op client) so local tests/dev don't hit the live Mintlify MCP
endpoint.

---

Outside diff comments:
In `@apps/backend/src/app/api/internal/`[transport]/route.ts:
- Around line 64-70: The handler in route.ts currently returns the raw upstream
error body (errText) to MCP clients when res.ok is false; change this to log the
full errText server-side (using processLogger or similar) and return a sanitized
error content to the client such as "Upstream service error" including the HTTP
status, ensuring you do not forward stack traces or internal details; update the
block around res and the returned object (the code that builds content with
errText and isError) to use the sanitized message while keeping full errText
written to server logs for debugging.

---

Nitpick comments:
In `@apps/backend/src/app/api/internal/`[transport]/route.ts:
- Around line 95-98: Replace the hardcoded serverInfo.version value in route.ts
with a real source-of-truth (e.g. import the version from package.json or use a
build-injected constant/env var) so the server reports the actual backend
version; update the assignment to serverInfo.version (in the object where
serverInfo.name is set) to read from that imported value or process/env variable
and ensure the import/constant is exported or injected at build time for runtime
use.
- Line 51: Replace the plain template-interpolated URL passed to fetch with the
repo-convention tagged template urlString to build the URL safely; locate the
fetch call that currently uses
`${getBackendApiBaseUrl()}/api/latest/ai/query/generate` inside route.ts and
change it to use urlString`...` (or wrap path segments with encodeURIComponent
if urlString is unavailable), keeping getBackendApiBaseUrl() as the base and
preserving the fetch options.

In `@apps/backend/src/lib/ai/tools/docs.ts`:
- Around line 10-25: The getMintlifyMcpClient function currently only clears
mintlifyMcpClientPromise on initial createMCPClient() rejection but does not
handle runtime transport errors or client shutdown; update the createMCPClient
call inside getMintlifyMcpClient to add a transport.onerror handler that logs
the error and sets mintlifyMcpClientPromise = null to invalidate the cached
client on runtime failures, and ensure the created client is closed during
process shutdown by wiring await mintlifyMcpClientPromise?.then(client =>
client.close()) (or equivalent) into your graceful shutdown/SIGTERM handler so
the MCPClient instance is properly terminated.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d249fd54-41df-412b-b5a0-e8c359287e24

📥 Commits

Reviewing files that changed from the base of the PR and between 65d87a4 and 03a8a52.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (7)

• apps/backend/.env
• apps/backend/.env.development
• apps/backend/package.json
• apps/backend/src/app/api/internal/[transport]/route.ts
• apps/backend/src/lib/ai/tools/docs.ts
• apps/e2e/tests/backend/endpoints/api/v1/internal/mcp.test.ts
• docs/package.json

💤 Files with no reviewable changes (1)

• docs/package.json

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@apps/backend/src/lib/ai/tools/docs.ts`:
- Around line 13-50: The cached MCP client (mintlifyMcpClientPromise) is never
cleared if a later client.tools() call fails, causing permanent use of a broken
client; update createDocsTools to catch failures from client.tools(), set
mintlifyMcpClientPromise = null before rethrowing or returning the fallback so
the next call re-initializes, i.e., wrap the await client.tools() call in
try/catch, on error clear mintlifyMcpClientPromise, call
captureError("mintlify-mcp-docs-tools", error) and then return the
docsUnavailable tool fallback.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ca967c0e-0632-44e7-8b6c-98146eb786e0

📥 Commits

Reviewing files that changed from the base of the PR and between 03a8a52 and 5941e97.

📒 Files selected for processing (1)

• apps/backend/src/lib/ai/tools/docs.ts

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

apps/backend/src/app/api/internal/[transport]/route.ts (1)

49-49: Use the repository URL helper style for endpoint construction.

Line 49 uses normal string interpolation to build a URL. Please switch to `urlString`` (or encode components) for consistency with project conventions.

As per coding guidelines: "Use urlString`` or encodeURIComponent() instead of normal string interpolation for URLs, for consistency even if it's not strictly necessary".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/backend/src/app/api/internal/`[transport]/route.ts at line 49, Replace
the string-interpolated fetch URL in the fetch call that assigns to res with the
repository's urlString`` helper (or encode dynamic parts with
encodeURIComponent) to follow project conventions; locate the fetch(...)
invocation that uses getBackendApiBaseUrl() in route.ts (the res = await
fetch(...) line) and reconstruct the request URL using urlString`` (or encode
path/query components) so the base URL and "/api/latest/ai/query/generate" are
combined via the template tag instead of normal string interpolation.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@apps/backend/src/app/api/internal/`[transport]/route.ts:
- Line 87: The response always appends a continuation hint even when
responseConversationId is empty; update the code that builds the content (the
array entry using responseConversationId in route.ts) to only append the
"[conversationId: ...]" instruction when responseConversationId is
present/truthy (e.g., conditionally build the text or push a second content
item). Locate the string construction that uses responseConversationId and wrap
the continuation hint so it is omitted when responseConversationId is falsy,
ensuring you still include the "(empty response)" fallback for the main text.
- Around line 41-45: The posthog.capture call inside withPostHog sending event
"ask_stack_auth_mcp" currently includes the raw question text; change it so you
do not send PII/secrets by removing or redacting the question field in
properties for the capture. Instead populate properties with intent-only
metadata such as reason, question_length (e.g., question?.length), a redacted
boolean flag, and any derived non-sensitive flags (e.g., contains_code,
contains_url) before calling posthog.capture in the withPostHog callback; update
the properties object construction where posthog.capture is invoked so it no
longer contains the raw question string.

---

Nitpick comments:
In `@apps/backend/src/app/api/internal/`[transport]/route.ts:
- Line 49: Replace the string-interpolated fetch URL in the fetch call that
assigns to res with the repository's urlString`` helper (or encode dynamic parts
with encodeURIComponent) to follow project conventions; locate the fetch(...)
invocation that uses getBackendApiBaseUrl() in route.ts (the res = await
fetch(...) line) and reconstruct the request URL using urlString`` (or encode
path/query components) so the base URL and "/api/latest/ai/query/generate" are
combined via the template tag instead of normal string interpolation.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: f9cbc92c-6b69-47d8-81a9-10452df21415

📥 Commits

Reviewing files that changed from the base of the PR and between 5941e97 and 260c853.

📒 Files selected for processing (1)

• apps/backend/src/app/api/internal/[transport]/route.ts