fix(mcp): handle command-type integrations in detail page and prevent name collisions

Author: jordan-umusu

…a0df056_add_mcp_command_server_fields.py …5514ca9_add_mcp_command_server_fields.pyalembic/versions/cde97a0df056_add_mcp_command_server_fields.py renamed to alembic/versions/2bedc5514ca9_add_mcp_command_server_fields.py alembic/versions/cde97a0df056_add_mcp_command_server_fields.py renamed to alembic/versions/2bedc5514ca9_add_mcp_command_server_fields.py

@@ -1,8 +1,8 @@
 """add_mcp_command_server_fields
 
-Revision ID: cde97a0df056
-Revises: 5a3b7c8d9e0f
-Create Date: 2026-01-23 16:29:45.546977
+Revision ID: 2bedc5514ca9
+Revises: c8d7e5a4b321
+Create Date: 2026-02-02 14:42:10.977157
 
 """
 
@@ -14,14 +14,13 @@
 from alembic import op
 
 # revision identifiers, used by Alembic.
-revision: str = "cde97a0df056"
-down_revision: str | None = "5a3b7c8d9e0f"
+revision: str = "2bedc5514ca9"
+down_revision: str | None = "c8d7e5a4b321"
 branch_labels: str | Sequence[str] | None = None
 depends_on: str | Sequence[str] | None = None
 
 
 def upgrade() -> None:
-    # ### commands auto generated by Alembic - please adjust! ###
     op.add_column(
         "mcp_integration",
         sa.Column(
@@ -39,27 +38,20 @@ def upgrade() -> None:
     )
     op.add_column(
         "mcp_integration",
-        sa.Column(
-            "command_env", postgresql.JSONB(astext_type=sa.Text()), nullable=True
-        ),
+        sa.Column("encrypted_command_env", sa.LargeBinary(), nullable=True),
     )
     op.add_column("mcp_integration", sa.Column("timeout", sa.Integer(), nullable=True))
     op.alter_column(
         "mcp_integration", "server_uri", existing_type=sa.VARCHAR(), nullable=True
     )
-    # ### end Alembic commands ###
 
 
 def downgrade() -> None:
-    # ### commands auto generated by Alembic - please adjust! ###
-    # Delete command-type integrations first (they have NULL server_uri)
-    op.execute("DELETE FROM mcp_integration WHERE server_type = 'command'")
     op.alter_column(
         "mcp_integration", "server_uri", existing_type=sa.VARCHAR(), nullable=False
     )
     op.drop_column("mcp_integration", "timeout")
-    op.drop_column("mcp_integration", "command_env")
+    op.drop_column("mcp_integration", "encrypted_command_env")
     op.drop_column("mcp_integration", "command_args")
     op.drop_column("mcp_integration", "command")
     op.drop_column("mcp_integration", "server_type")
-    # ### end Alembic commands ###

frontend/src/app/workspaces/[workspaceId]/integrations/mcp/[mcpIntegrationId]/page.tsx

@@ -1,14 +1,23 @@
 "use client"
 
 import { zodResolver } from "@hookform/resolvers/zod"
-import { AlertCircle, ChevronLeft, Loader2, Save, Trash2 } from "lucide-react"
+import {
+  AlertCircle,
+  ChevronLeft,
+  Loader2,
+  Pencil,
+  Save,
+  Terminal,
+  Trash2,
+} from "lucide-react"
 import Link from "next/link"
 import { useParams, useRouter } from "next/navigation"
 import { useCallback, useState } from "react"
 import { useForm } from "react-hook-form"
 import { z } from "zod"
 import type { MCPIntegrationRead } from "@/client"
 import { ProviderIcon } from "@/components/icons"
+import { MCPIntegrationDialog } from "@/components/integrations/mcp-integration-dialog"
 import { CenteredSpinner } from "@/components/loading/spinner"
 import {
   AlertDialog,
@@ -167,6 +176,212 @@ function McpIntegrationDetailContent({
   mcpIntegration: MCPIntegrationRead
 }) {
   const workspaceId = useWorkspaceId()
+
+  // Command-type integrations use the dialog for editing
+  if (mcpIntegration.server_type === "command") {
+    return (
+      <CommandTypeIntegrationView
+        mcpIntegration={mcpIntegration}
+        workspaceId={workspaceId}
+      />
+    )
+  }
+
+  // URL-type integrations use the inline form
+  return (
+    <UrlTypeIntegrationForm
+      mcpIntegration={mcpIntegration}
+      workspaceId={workspaceId}
+    />
+  )
+}
+
+function CommandTypeIntegrationView({
+  mcpIntegration,
+  workspaceId,
+}: {
+  mcpIntegration: MCPIntegrationRead
+  workspaceId: string
+}) {
+  const router = useRouter()
+  const { deleteMcpIntegration, deleteMcpIntegrationIsPending } =
+    useDeleteMcpIntegration(workspaceId)
+  const [deleteDialogOpen, setDeleteDialogOpen] = useState(false)
+  const [deleteConfirmText, setDeleteConfirmText] = useState("")
+  const [editDialogOpen, setEditDialogOpen] = useState(false)
+
+  const handleDelete = useCallback(async () => {
+    if (deleteConfirmText !== mcpIntegration.name) return
+    try {
+      await deleteMcpIntegration(mcpIntegration.id)
+      router.push(`/workspaces/${workspaceId}/integrations`)
+    } catch (error) {
+      console.error("Failed to delete MCP integration:", error)
+    }
+  }, [
+    deleteConfirmText,
+    mcpIntegration,
+    deleteMcpIntegration,
+    router,
+    workspaceId,
+  ])
+
+  const handleDeleteDialogOpenChange = (open: boolean) => {
+    setDeleteDialogOpen(open)
+    if (!open) {
+      setDeleteConfirmText("")
+    }
+  }
+
+  return (
+    <div className="container mx-auto max-w-4xl p-6 mb-20 mt-12">
+      {/* Header */}
+      <div className="mb-8">
+        <Link
+          href={`/workspaces/${workspaceId}/integrations`}
+          className="inline-flex items-center text-sm text-muted-foreground hover:text-foreground mb-4"
+        >
+          <ChevronLeft className="mr-1 size-4" />
+          Back to integrations
+        </Link>
+        <div className="flex items-start justify-between">
+          <div className="flex items-start gap-4">
+            <div className="flex size-12 items-center justify-center rounded-lg border bg-muted">
+              <Terminal className="size-6 text-muted-foreground" />
+            </div>
+            <div>
+              <h1 className="text-3xl font-bold">{mcpIntegration.name}</h1>
+              {mcpIntegration.description && (
+                <p className="mt-1 text-muted-foreground">
+                  {mcpIntegration.description}
+                </p>
+              )}
+              <div className="mt-2 flex gap-2">
+                <Badge variant="outline">Command</Badge>
+              </div>
+            </div>
+          </div>
+        </div>
+      </div>
+
+      {/* Configuration Card */}
+      <Card>
+        <CardContent className="pt-6 space-y-4">
+          <div>
+            <Label className="text-muted-foreground text-xs">Command</Label>
+            <p className="font-mono text-sm mt-1">
+              {mcpIntegration.command || "-"}
+            </p>
+          </div>
+          {mcpIntegration.command_args &&
+            mcpIntegration.command_args.length > 0 && (
+              <div>
+                <Label className="text-muted-foreground text-xs">
+                  Arguments
+                </Label>
+                <p className="font-mono text-sm mt-1">
+                  {mcpIntegration.command_args.join(" ")}
+                </p>
+              </div>
+            )}
+          {mcpIntegration.has_command_env && (
+            <div>
+              <Label className="text-muted-foreground text-xs">
+                Environment
+              </Label>
+              <p className="text-sm text-muted-foreground mt-1">
+                Environment variables configured (hidden for security)
+              </p>
+            </div>
+          )}
+          {mcpIntegration.timeout && (
+            <div>
+              <Label className="text-muted-foreground text-xs">Timeout</Label>
+              <p className="text-sm mt-1">{mcpIntegration.timeout} seconds</p>
+            </div>
+          )}
+
+          <div className="flex gap-2 pt-4 border-t">
+            <Button variant="outline" onClick={() => setEditDialogOpen(true)}>
+              <Pencil className="mr-2 size-4" />
+              Edit
+            </Button>
+            <MCPIntegrationDialog
+              mcpIntegrationId={mcpIntegration.id}
+              open={editDialogOpen}
+              onOpenChange={setEditDialogOpen}
+              hideTrigger
+            />
+            <Button
+              variant="destructive"
+              onClick={() => setDeleteDialogOpen(true)}
+              disabled={deleteMcpIntegrationIsPending}
+            >
+              <Trash2 className="mr-2 size-4" />
+              Delete
+            </Button>
+          </div>
+        </CardContent>
+      </Card>
+
+      {/* Delete Dialog */}
+      <AlertDialog
+        open={deleteDialogOpen}
+        onOpenChange={handleDeleteDialogOpenChange}
+      >
+        <AlertDialogContent>
+          <AlertDialogHeader>
+            <AlertDialogTitle>Delete MCP integration?</AlertDialogTitle>
+            <AlertDialogDescription>
+              This will permanently delete the MCP integration &quot;
+              {mcpIntegration.name}&quot;. This action cannot be undone.
+            </AlertDialogDescription>
+          </AlertDialogHeader>
+          <div className="py-4">
+            <Label htmlFor="confirm-delete" className="text-sm">
+              Type <strong>{mcpIntegration.name}</strong> to confirm
+            </Label>
+            <Input
+              id="confirm-delete"
+              value={deleteConfirmText}
+              onChange={(e) => setDeleteConfirmText(e.target.value)}
+              className="mt-2"
+              placeholder={mcpIntegration.name}
+            />
+          </div>
+          <AlertDialogFooter>
+            <AlertDialogCancel>Cancel</AlertDialogCancel>
+            <AlertDialogAction
+              onClick={handleDelete}
+              disabled={
+                deleteConfirmText !== mcpIntegration.name ||
+                deleteMcpIntegrationIsPending
+              }
+              className="bg-destructive text-destructive-foreground hover:bg-destructive/90"
+            >
+              {deleteMcpIntegrationIsPending ? (
+                <>
+                  <Loader2 className="mr-2 size-4 animate-spin" />
+                  Deleting...
+                </>
+              ) : (
+                "Delete integration"
+              )}
+            </AlertDialogAction>
+          </AlertDialogFooter>
+        </AlertDialogContent>
+      </AlertDialog>
+    </div>
+  )
+}
+
+function UrlTypeIntegrationForm({
+  mcpIntegration,
+  workspaceId,
+}: {
+  mcpIntegration: MCPIntegrationRead
+  workspaceId: string
+}) {
   const router = useRouter()
   const { updateMcpIntegration, updateMcpIntegrationIsPending } =
     useUpdateMcpIntegration(workspaceId)

frontend/src/components/integrations/mcp-integration-dialog.tsx

@@ -193,20 +193,30 @@ const formSchema = z
         data.command_env.trim() !== ""
       ) {
         try {
-          const parsed = JSON.parse(data.command_env)
-          return (
-            typeof parsed === "object" &&
-            parsed !== null &&
-            !Array.isArray(parsed)
-          )
+          const parsed = JSON.parse(data.command_env) as unknown
+          if (
+            typeof parsed !== "object" ||
+            parsed === null ||
+            Array.isArray(parsed)
+          ) {
+            return false
+          }
+          // Validate all values are strings (API expects Record<string, string>)
+          for (const value of Object.values(parsed)) {
+            if (typeof value !== "string") {
+              return false
+            }
+          }
+          return true
         } catch {
           return false
         }
       }
       return true
     },
     {
-      message: "Environment variables must be a valid JSON object",
+      message:
+        "Environment variables must be a valid JSON object with string values only",
       path: ["command_env"],
     }
   )
@@ -333,10 +343,11 @@ export function MCPIntegrationDialog({
             .filter(Boolean)
         : undefined
 
-      // Parse command_env from JSON string to object
-      const commandEnv = values.command_env?.trim()
-        ? (JSON.parse(values.command_env) as Record<string, string>)
-        : undefined
+      // Parse command_env from JSON string to object (only for command-type servers)
+      const commandEnv =
+        values.server_type === "command" && values.command_env?.trim()
+          ? (JSON.parse(values.command_env) as Record<string, string>)
+          : undefined
 
       const baseParams = {
         name: values.name.trim(),

tracecat/agent/preset/service.py

@@ -271,12 +271,15 @@ async def _resolve_mcp_integrations(
                     )
                     continue
 
+                # Decrypt command_env if present
+                command_env = integrations_service.decrypt_command_env(mcp_integration)
+
                 # Re-validate command config at resolution time
                 try:
                     validate_mcp_command_config(
                         command=mcp_integration.command,
                         args=mcp_integration.command_args,
-                        env=mcp_integration.command_env,
+                        env=command_env,
                         name=mcp_integration.slug,
                     )
                 except MCPValidationError as e:
@@ -297,8 +300,8 @@ async def _resolve_mcp_integrations(
                 }
                 if mcp_integration.command_args:
                     command_config["args"] = mcp_integration.command_args
-                if mcp_integration.command_env:
-                    command_config["env"] = mcp_integration.command_env
+                if command_env:
+                    command_config["env"] = command_env
                 if mcp_integration.timeout:
                     command_config["timeout"] = mcp_integration.timeout
 

tracecat/agent/runtime/claude_code/runtime.py

@@ -402,9 +402,13 @@ async def run(self, payload: RuntimeInitPayload) -> None:
             stderr_queue: asyncio.Queue[str] = asyncio.Queue()
             # Add command-based MCP servers (stdio)
             # These run as subprocesses inside the sandbox and require internet access
+            reserved_names = frozenset(mcp_servers.keys())
             if payload.mcp_command_servers:
                 for cmd_server in payload.mcp_command_servers:
                     server_name = cmd_server["name"]
+                    # Avoid collision with reserved names by adding suffix
+                    if server_name in reserved_names:
+                        server_name = f"{server_name}-cmd"
                     server_config: dict[str, Any] = {
                         "command": cmd_server["command"],
                     }