Add tool annotations to server-fetch (1 tool, 0 annotated) #3572
Description
Request: Add tool annotations — @modelcontextprotocol/server-fetch
Context
The fetch server currently provides zero annotations on its 1 tool. For reference, @modelcontextprotocol/server-filesystem annotates all 14 of its tools with readOnlyHint, destructiveHint, and idempotentHint. We're requesting the same treatment here.
Current state — 0/1 tools annotated
| # | Tool | readOnlyHint |
destructiveHint |
idempotentHint |
openWorldHint |
|---|---|---|---|---|---|
| 1 | fetch |
— | — | — | — |
Suggested annotations
| # | Tool | readOnlyHint |
destructiveHint |
idempotentHint |
openWorldHint |
|---|---|---|---|---|---|
| 1 | fetch |
true |
false |
true |
true |
Rationale
fetch → readOnlyHint: true, idempotentHint: true, openWorldHint: true
This tool fetches a URL via HTTP GET and returns the content as markdown. It does not modify any data on the target server or locally. It is idempotent — fetching the same URL twice returns the same result (modulo server-side changes). It is open-world because it makes outbound HTTP requests to arbitrary URLs on the internet.
openWorldHint: true is particularly important here. The fetch tool can reach any URL, making it a key vector in multi-server setups where an agent could chain a read from a local tool (e.g. read_graph from the memory server) into an outbound fetch to exfiltrate data. Accurate annotations help clients enforce "allow reads, gate sends" policies.
Impact
This is a ~5 line metadata addition to the single tool registration. No behavior changes. The server-filesystem already sets the precedent for annotation coverage across reference servers.