fix(dashboard): surface proxy MCPs in role picker, drop misleading No Tools badge#3132
Conversation
…o Tools" badge External MCP "proxy" servers (e.g. Incident.io, Notion via the registry) cannot enumerate their tools until a user authenticates against them. Two surfaces were treating them as empty: - MCP list and table views showed a "No Tools" badge. - The "Specific MCP Servers" picker in the role-grant drawer skipped them entirely, so admins could not grant access to those servers. The backend already supports server-level grants for these (call-time mcp:connect check), so this is purely a UI surface fix.
🦋 Changeset detectedLatest commit: 5aa87c0 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
1 issue found across 5 files
Reply with feedback, questions, or to request a fix.
Fix all with cubic | Re-trigger cubic
Proxy servers carry no enumerable tools, so the "Specific tools" panel would render them as a non-functional "0 tools available" row with a checkbox that does nothing. They still belong in the "Specific servers" picker for server-level grants; this just filters them out of the per-tool view.
DemoWalks through:
Before this PR, GitHub (and any other proxy MCP) was filtered out of this picker entirely because it has zero enumerable tools at deploy time, so admins had no way to grant access to it via RBAC. After: it's listed at the server level. Per-tool selection still hides it (cubic's follow-up catch), since there are no tools to pick from there. https://github.com/speakeasy-api/gram/releases/download/_gh-attach-assets/recording-ssaflq.mp4 |
simplesagar
left a comment
simplesagar
left a comment
There was a problem hiding this comment.
Ok with this change. Please get a second eyes from @walker-tx , thanks!
Got a second eyes from @qstearns will that do? |
Auth-gated proxy MCPs in the catalog (GitHub, Make, etc.) carry no enumerable tools because the registry can't list them until a user authenticates against the remote. Showing "No Tools" on these cards was misleading. Same treatment as the MCP list views: detect remote-only entries (has remotes, zero tools) and suppress the badge.
4 participants
Demo
https://github.com/speakeasy-api/gram/releases/download/_gh-attach-assets/recording-8k5cci.mp4
Why
External MCP "proxy" servers (e.g. Incident.io, Notion installed via the registry) can't enumerate their tools until a user authenticates against them. Two dashboard surfaces treated those servers as empty:
The backend already supports server-level grants for these via the call-time
mcp:connectcheck; only the UI was hiding them.What changed
ToolCollectionBadgegains anemptyLabelprop. Passnullto render nothing when the tool list is empty (default behavior is unchanged).MCPCard,MCPTableRow, and the catalog views (ServerCard,ServerTableRow) detect external MCP proxy entries (tooltype === "externalmcp"with a:proxyname suffix), strip them from the visible tool count, and suppress the badge when the toolset is a proxy server.GrantRuleDrawerContent'suseMCPServersno longer drops servers that contain a proxy entry. The proxy entry itself is filtered from the per-server tool list (it isn't a grantable tool URN), but the server stays in the picker so admins can grant at the server level.Before
After
Summary by cubic
Surface external MCP proxy servers in the role picker and suppress misleading "No Tools" badges across MCP and catalog views. Enables server-level grants for providers like Incident.io and Notion and keeps tool counts accurate.
ToolCollectionBadge: addemptyLabelto customize or hide the empty state.Written for commit 5aa87c0. Summary will update on new commits.