Skip to content

Teach MCP-aware prompts about task tokens#12

Draft
Copilot wants to merge 33 commits intore-writefrom
copilot/add-remote-mcp-support
Draft

Teach MCP-aware prompts about task tokens#12
Copilot wants to merge 33 commits intore-writefrom
copilot/add-remote-mcp-support

Conversation

Copy link

Copilot AI commented Mar 15, 2026
edited
Loading

The MCP/tooling prompts did not describe the new task-token model, so the assistant could misinterpret task-scoped credentials and claim they could be revoked directly. This update teaches the prompt stack how task tokens behave and fixes a coupled MCP tool-call handling bug in the same path.

  • Prompt behavior

    • Added shared task-token guidance to ChatViewModel for MCP-enabled sessions.
    • Injected that guidance into:
      • agent planning prompts
      • agent execution prompts
      • the main conversation system prompt
    • Guidance now makes the model aware that task tokens:
      • are valid only for the current task
      • grant only the minimum permissions needed
      • remain active until the user marks the task complete
      • cannot be revoked by the assistant

  • MCP execution path

    • Fixed ChatViewModel to unwrap Result<String> from McpClientService.callTool(...) before building MultiTurnToolResult.
    • This keeps MCP tool execution aligned with the rest of the multi-turn tool pipeline.

  • Focused regression coverage

    • Added prompt-level unit tests to lock in:
      • task-token guidance only appearing for MCP-aware prompts
      • planning prompts carrying the task-token semantics
      • non-MCP prompts remaining unchanged

  • Coupled compile fix

    • Resolved an existing AnimatedVisibility compile issue in McpStoreScreen encountered while validating the MCP/chat prompt path.

Example of the prompt guidance now injected for MCP-enabled flows:

internal fun buildTaskTokenGuidance(hasMcpTools: Boolean): String {
    if (!hasMcpTools) return ""
    return """
        Task tokens: Some MCP services use task-scoped tokens.
        Treat them as valid credentials for the current task only.
        They only grant the minimum permissions needed for that task
        and remain active until the user marks the task complete.
        You cannot revoke them yourself.
    """.trimIndent()
}

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI and others added 28 commits January 17, 2026 12:32
Initial plan
5e021e0
@Godzilla675
Add Remote MCP Server support with UI
385de84 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Address code review feedback - fix hardcoded values and security impr…
f537004 
…ovements

Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Fix DAO default parameters and explicit timestamp passing
2281975 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Fix MCP SSE support for Zapier MCP servers and build errors
f0651a2 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Improve SSE parsing to correctly handle event format per SSE spec
4996618 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Add proper Streamable HTTP transport support alongside SSE
df94f6e 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Fix code review comments on transport documentation
a360b6b 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Address code review feedback and add GitHub workflow for debug APK
669318b 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Fix race condition in error auto-clearing
34b3dba 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Merge pull request #1 from Godzilla675/copilot/add-remote-mcp-server-…
5f3ea4c 
…support

Add remote MCP server support with settings UI
@Godzilla675
Merge branch 'Siddhesh2377:re-write' into re-write
aac348a
Initial plan
dd31ae5
@Godzilla675
Enable BuildConfig for memory-vault
da0af0c 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Merge pull request #2 from Godzilla675/copilot/fix-debug-workflow-build
18aea53 
Enable BuildConfig generation for memory-vault debug build
Initial plan
c2e79bf
@Godzilla675
Integrate MCP tools with GGUF
148d979 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Refine MCP tool call execution
89dde9b 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Merge pull request #3 from Godzilla675/copilot/test-ai-models-access
524d6eb 
[WIP] Check AI models access to MCP servers and fix any issues
Initial plan
03cfc52
@Godzilla675
Add MCP server integration tests
d8692ff 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Fix MCP integration test input schemas to include required instructio…
8872229 
…ns field

Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Fix Streamable HTTP transport and improve MCP server tests
cdb24df 
- Fix parseResponse() to always try SSE parsing regardless of transport type
- Rename test class from McpServerIntegrationTest to McpServerTest
- Use exact assertions instead of permissive contains() checks
- Add helper function documentation and UUID format validation
- Reduce UUID test iterations from 100 to 10 for efficiency

Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Merge pull request #5 from Godzilla675/copilot/connect-ai-model-to-mc…
a87425a 
…p-server

Add MCP server integration tests
@Godzilla675
Fix MCP tool calling bugs: sanitizer, fallback parsing, error handling
dd3e72c 
- Fix sanitizeIdentifier creating double underscores for consecutive
  special characters (e.g., 'My--Tool' now correctly becomes 'my_tool')
- Add text-parsing fallback when native grammar fails to emit ToolCall
  events, preventing raw JSON from being displayed to users
- Fix race condition in executeToolCall by retrying syncMcpTools once
  if tool registry lookup returns null
- Clear stale tools in syncMcpTools catch block to prevent broken state
- Fix singleton close() not shutting down OkHttpClient dispatcher
  (which made subsequent requests fail permanently)
- Validate SSE parsed data has JSON-RPC fields before accepting
- Improve listTools error logging with server name context
- Add tests for sanitizeIdentifier edge cases

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@Godzilla675
feat: Add MCP Store and Termux integration
19e5004 
- MCP Store screen with browsable registry of MCP servers
  - Fetches registry from remote GitHub URL, falls back to bundled JSON
  - Category filtering, search, one-tap install to Room database
  - Badges for API key requirements and Termux dependencies
- Termux integration for running local Python MCP servers
  - TermuxBridge utility: detect Termux, run commands via RUN_COMMAND intent
  - pip install flow for Python-based MCP servers
  - Auto-configure localhost URLs for local servers
  - Setup dialog guides users to install Termux if not present
- Database migration v5→v6: add isLocal and sourceStoreId columns
- Navigation: McpStore route + Store button on McpServersScreen top bar
- Registry seeded with 10 popular MCP servers (Brave, GitHub, DuckDuckGo, etc.)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@Godzilla675
Merge upstream re-write: resolve conflicts, integrate MCP with Plugin…
0e3c723 
… system

Merge upstream changes (Character Cards, AI Memory, Plugin system, TTS,
multi-turn generation) while preserving MCP server support, MCP Store,
and Termux integration.

Key conflict resolutions:
- AppDatabase: bump to v7, add MIGRATION_6_7 for MCP tables alongside
  upstream's persona/ai_memory migrations (4→5, 5→6)
- ChatViewModel: take upstream's PluginManager agent loop, add MCP tool
  registry and execution fallback in agent loop
- Converters: keep both McpTransportType and StringList converters
- MainActivity: merge MCP and upstream screen routes (Personas, AiMemory,
  Settings, McpServers, McpStore)
- HomeDrawerScreen/HomeScreen: add MCP servers button alongside upstream's
  chatViewModel and onCharacterClick params
- LlmModelWorker: take upstream's new tool calling API
  (enableToolCallingGguf, multi-turn generation)
- ChatViewModelFactory: take upstream's Context param (MCP deps accessed
  via AppContainer)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Initial plan
1a0dc0d
Copilot AI changed the title [WIP] Add remote MCP support to new branch No repository changes required for branch synchronization request Mar 15, 2026
Copilot AI requested a review from Godzilla675 March 15, 2026 23:24
Copilot AI changed the title No repository changes required for branch synchronization request No code changes; request requires repository branch administration Mar 15, 2026
Copilot AI and others added 3 commits March 15, 2026 23:41
@Godzilla675
Add task token MCP prompt guidance
6b68330 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Refine task token prompt tests
92d15d1 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Simplify task token guidance wiring
3793da4 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
Copilot AI and others added 2 commits March 15, 2026 23:47
@Godzilla675
Finalize task token prompt wording
efac951 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
@Godzilla675
Fix final task token prompt grammar
30569d7 
Co-authored-by: Godzilla675 <131464726+Godzilla675@users.noreply.github.com>
Copilot AI changed the title No code changes; request requires repository branch administration Teach MCP-aware prompts about task tokens Mar 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Godzilla675 Godzilla675 Awaiting requested review from Godzilla675

Assignees

@Godzilla675 Godzilla675

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Godzilla675