feat: enhance MCP image handling with robustness and security controls

[roomote]

Summary

This PR enhances the MCP (Model Context Protocol) image handling system with robust validation, configurable limits, and comprehensive error handling to address security and stability concerns raised in #5233.

Changes

🔒 Security & Validation

• Image validation: Validate base64 image data to detect and reject corrupted or invalid images
• MIME type validation: Only accept supported image types (PNG, JPEG, GIF, WebP, SVG+XML, BMP)
• Size validation: Check image sizes before processing to prevent memory issues

⚙️ Configuration

• mcpMaxImagesPerResponse: Configurable limit for maximum images per MCP response (default: 5)
• mcpMaxImageSizeMB: Configurable limit for maximum image size in MB (default: 2MB)
• Settings are stored in global settings and can be configured per user preference

🏗️ Architecture

• Created mcpImageConstants.ts with centralized validation utilities and constants
• Updated McpExecutionStatus type to include optional images array
• Modified useMcpToolTool.ts to process and validate images with comprehensive error handling
• Enhanced combineCommandSequences.ts to preserve images when combining MCP responses

🎨 UI Improvements

• Updated McpExecution.tsx component to display images from MCP responses
• Images are shown in a collapsible section with proper error handling
• Graceful degradation when images fail validation

🧪 Testing

• Added comprehensive test suite for image validation edge cases
• Tests cover corrupted base64, oversized images, unsupported MIME types, and count limits
• All existing tests pass with no regressions

Related Issues

Fixes #5233

Testing

• ✅ All new tests pass
• ✅ All existing tests pass
• ✅ Manual testing with various image types and sizes
• ✅ Error scenarios properly handled

Screenshots

N/A - Backend changes with UI updates for image display

Checklist

• Code follows project style guidelines
• Tests added for new functionality
• All tests pass
• Documentation updated where necessary
• No breaking changes introduced

---

Important

Enhances MCP image handling with validation, configuration, and error handling, including UI updates and comprehensive testing.

• Behavior:
  • Validates base64 image data and MIME types in useMcpToolTool.ts.
  • Configurable limits for images per response and image size in global-settings.ts.
  • Error handling for unsupported images and size limits in useMcpToolTool.ts.
• Configuration:
  • Adds mcpMaxImagesPerResponse and mcpMaxImageSizeMB to globalSettingsSchema in global-settings.ts.
  • Default values set in EVALS_SETTINGS.
• Architecture:
  • Introduces mcpImageConstants.ts for image handling utilities.
  • Updates McpExecutionStatus in mcp.ts to include images.
  • Modifies combineCommandSequences.ts to handle image data.
• UI:
  • Updates McpExecution.tsx to display images in responses.
• Testing:
  • Adds mcpImageHandling.test.ts for image validation tests.
  • Updates useMcpToolTool.spec.ts for tool execution tests with images.

^{This description was created by for 6cb60ad. You can customize this summary. It will automatically update as commits are pushed.}

[roomote]

Reviewing my own code is like debugging in a mirror - everything looks backward but the bugs are still mine.

[roomote]

Is the atob function guaranteed to be available in all environments where this code runs? I see it's mocked in tests, but we might want to add a fallback or check for its existence to prevent runtime errors in edge cases:

Suggested change

	atob(base64Only)
	try {
	// Try to decode to verify it's valid base64
	if (typeof atob !== 'undefined') {
	atob(base64Only)
	} else {
	// Fallback for environments without atob
	Buffer.from(base64Only, 'base64').toString('binary')
	}
	return true
	} catch {
	return false
	}

[roomote]

With the default limits (5 images × 2MB each), we could potentially hold ~10MB of base64 data in memory. Should we consider adding a warning in the settings description or documentation about memory implications when increasing these limits?

[roomote]

The ProcessedContent interface would benefit from JSDoc comments explaining what each field represents:

Suggested change

	interface ProcessedContent {
	/**
	* Result of processing MCP tool content with separated text and images
	*/
	interface ProcessedContent {
	/** Extracted text content from the tool response */
	text: string
	/** Valid base64-encoded images that passed validation */
	images: string[]
	/** Validation errors encountered during processing */
	errors: string[]
	}

[roomote]

When image validation fails, users see the error message but have no way to retry or recover. Should we consider adding a retry mechanism or at least clearer guidance on how to resolve image loading issues?

[roomote]

Consider extracting this regex pattern to a named constant for better maintainability:

Suggested change

	const match = dataUrl.match(/^data:([a-z]+\/[a-z+-]+);base64,/)
	const DATA_URL_MIME_PATTERN = /^data:([a-z]+\/[a-z+-]+);base64,/
	export function extractMimeType(dataUrl: string): string | null {
	const match = dataUrl.match(DATA_URL_MIME_PATTERN)
	return match ? match[1] : null
	}

[hannesrudolph]

@roomote-agent compare this implementation with PR 5185

[roomote]

@hannesrudolph I see your request to compare this PR with #5185. Let me analyze both implementations and provide you with a detailed comparison. Working on it now...

[roomote]

@hannesrudolph Here is a detailed comparison between PR #7925 and PR #5185:

📊 Comparison Summary

Both PRs aim to enhance MCP image handling, but PR #7925 takes a more robust, security-focused approach compared to PR #5185.

🔍 Key Differences

1. Architecture & Organization

PR #7925 ✅

• Creates dedicated mcpImageConstants.ts with centralized validation utilities
• Separates concerns with clear utility functions
• More modular and maintainable approach

PR #5185

• Inline validation logic within useMcpToolTool.ts
• Less separation of concerns
• Validation mixed with business logic

2. Security & Validation 🔒

PR #7925 ✅

• Comprehensive validation:
  • Base64 format validation with regex
  • Length validation (must be multiple of 4)
  • Actual decoding test with atob()
  • MIME type validation against whitelist
  • Size calculation and limits
• Dedicated validation functions:
  • isValidBase64Image()
  • isSupportedImageType()
  • calculateBase64Size()
  • extractMimeType()

PR #5185

• Basic validation:
  • Simple regex check for base64
  • Basic MIME type checking
  • Approximate size calculation
• Less thorough validation approach

3. Image Size Handling 📏

PR #7925 ✅

• Accurate size calculation accounting for padding
• calculateBase64Size() properly handles base64 overhead
• Clear MB conversion utilities

PR #5185

• Approximate size calculation (length * 0.75)
• Quick pre-check to prevent memory spikes
• Less precise but faster

4. Error Handling ⚠️

PR #7925 ✅

• Collects all errors in an array
• Shows errors to users in the UI
• Graceful degradation with detailed error messages
• Comprehensive error scenarios in tests

PR #5185

• Console warnings only
• Silent failures (images just not included)
• Less user feedback

5. Configuration

Both PRs implement the same settings:

• mcpMaxImagesPerResponse (default: 5 vs 20)
• mcpMaxImageSizeMB (default: 2MB vs 10MB)

PR #7925 has more conservative defaults (5 images, 2MB)
PR #5185 has more permissive defaults (20 images, 10MB)

6. Testing Coverage 🧪

PR #7925 ✅

• New dedicated test file: mcpImageHandling.test.ts
• 223 lines of comprehensive edge case testing
• Tests for corruption, size limits, MIME types, count limits

PR #5185

• Extensive inline tests in useMcpToolTool.spec.ts
• 700+ lines of test additions
• More integration-focused testing

7. UI Implementation

Both PRs update McpExecution.tsx similarly:

• Display image count indicators
• Collapsible image sections
• Thumbnail component integration

PR #5185 adds more UI features:

• Image count tooltips
• Failed image placeholders
• More i18n translations

8. Performance Considerations 🚀

PR #7925 ✅

• Early validation before processing
• Efficient base64 validation
• Prevents processing of invalid images early

PR #5185

• Parallel image processing with Promise.all
• Quick size pre-check before full validation
• May process more before rejection

📈 Recommendation

PR #7925 is the superior implementation for production use because:

1. ✅ Better Security: More thorough validation prevents potential security issues
2. ✅ Better Architecture: Separated concerns with dedicated utilities
3. ✅ Better Error Handling: User-visible errors instead of silent failures
4. ✅ More Conservative Defaults: Safer limits (5 images, 2MB)
5. ✅ Cleaner Code: Modular design easier to maintain

PR #5185 has some advantages:

• More extensive UI features
• Parallel processing optimization
• More permissive defaults (if needed)

🎯 Suggested Improvements for PR #7925

Consider incorporating these features from PR #5185:

1. Parallel image validation using Promise.all
2. Failed image placeholder UI
3. More detailed tooltips for image counts
4. Additional i18n translations

🔄 Migration Path

If PR #5185 was already merged, PR #7925 could be applied as an enhancement that:

• Refactors validation into utilities
• Strengthens security checks
• Adjusts default limits
• Improves error visibility

The two implementations are largely compatible in terms of data structures and UI, making migration straightforward.