feat: add code execution mode example and fix TypeScript addFormats u… #24
Conversation
…sage - Add 14-code-execution-mode.ts example demonstrating progressive disclosure pattern - Fix @ts-ignore issues with addFormats across sampling and workflow executors - Improve JSON schema handling in agentic executor with google-compatible schemas
There was a problem hiding this comment.
Pull Request Overview
This PR introduces a new "code execution mode" for MCPC agents that implements Anthropic's progressive disclosure pattern for efficient MCP tool interaction. The key innovation is allowing agents to execute JavaScript code that can call MCP tools directly, reducing token usage by ~98.7% through on-demand tool loading and in-execution data processing.
Key changes:
- New
code_executionexecution mode with progressive tool discovery and JavaScript execution - Support for dynamic tool search and code-based data processing
- Fixed
addFormatsTypeScript import issues across multiple executors
Reviewed Changes
Copilot reviewed 11 out of 11 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| packages/core/tests/executors/code_execution_test.ts | Comprehensive test coverage for code execution mode including tool search, code execution, error handling, and completion |
| packages/core/src/prompts/types.ts | Added code_execution to ExecutionMode type union |
| packages/core/src/prompts/index.ts | Added CODE_EXECUTION system prompt with progressive disclosure documentation |
| packages/core/src/plugins/built-in/mode-code-execution-plugin.ts | Plugin implementation for registering code execution mode tools |
| packages/core/src/plugins/built-in/index.ts | Integrated code execution plugin into built-in plugin system |
| packages/core/src/executors/code-execution/code-execution-tool-registrar.ts | Tool registration logic for code execution agents |
| packages/core/src/executors/code-execution/code-execution-executor.ts | Core executor implementing tool search and code execution via Function constructor |
| packages/core/examples/14-code-execution-mode.ts | Example demonstrating code execution mode but contains duplicate/incorrect content from example 01 |
| packages/core/src/executors/workflow/workflow-executor.ts | Fixed TypeScript error with addFormats import |
| packages/core/src/executors/sampling/base-sampling-executor.ts | Fixed TypeScript error with addFormats import |
| packages/core/src/executors/agentic/agentic-executor.ts | Fixed TypeScript error with addFormats import |
| verbose: true, | ||
| }); | ||
|
|
||
| addFormats.default(ajv); |
There was a problem hiding this comment.
The addFormats import uses .default property access which suggests a CommonJS default export. This pattern may fail in some module systems. Consider using addFormats(ajv) directly if the library supports ESM, or verify that this works correctly with Deno's npm compatibility layer.
| addFormats.default(ajv); | |
| addFormats(ajv); |
| const fn = new Function( | ||
| "console", | ||
| "callMCPTool", | ||
| `return (async () => { ${code} })();`, | ||
| ); |
There was a problem hiding this comment.
Using new Function() with user-provided code creates a code injection vulnerability. While this is intentional for the feature, there should be documentation or warnings about the security implications. The code has no sandboxing, timeout mechanism, or resource limits, allowing arbitrary code execution including access to process, file system operations, and network requests.
packages/core/src/executors/code-execution/code-execution-tool-registrar.ts
Outdated
Show resolved
Hide resolved
…-registrar.ts Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Add a TODO comment explaining that using new Function() with user-provided code introduces a code injection vulnerability. This clarifies the security risk for future reviewers and maintainers.
This pull request introduces a new "Code Execution Mode" to the MCP core, following Anthropic's MCP guidelines for efficient tool use via progressive disclosure and direct code execution. The implementation includes new executors, tool registration logic, a built-in plugin, and prompt templates, along with an example usage. It also updates the plugin system to support this new mode and fixes the usage of
ajv-formatsacross several executors.Major features and changes:
1. Code Execution Mode Implementation
CodeExecutionExecutorincode-execution-executor.ts, supporting progressive tool disclosure, efficient context/data handling, and direct JavaScript code execution with MCP tool access. It includes tracing, validation, and robust error handling.registerCodeExecutionToolincode-execution-tool-registrar.tsto register code execution agents with the server, define schemas, and integrate with the new executor.mode-code-execution-plugin.tsas a built-in plugin, enabling automatic registration and handling for the new mode. The plugin is integrated into the plugin system for seamless activation. [1] [2] [3] [4]ExecutionModetype to include"code_execution".2. Example and Documentation
14-code-execution-mode.tsdemonstrating how to use the new code execution mode with progressive disclosure, file management tools, and the new plugin.3. Dependency and Utility Fixes
ajv-formatsto useaddFormats.default(ajv)instead of the previous (incorrect) usage, ensuring compatibility and removing TypeScript ignore comments. [1] [2] [3]