feat(js/plugins/anthropic): validate MCP server referenced by exactly one toolset

amondnet · amondnet · commit 66127b821073 · 2026-01-06T17:29:35.000+09:00
Per Anthropic MCP Connector documentation, each MCP server must be
referenced by exactly one MCPToolset in the tools array.

- Add validation: server not referenced by any toolset → error
- Add validation: server referenced by multiple toolsets → error
- Add 7 new tests for MCP configuration validation
- Update README with new validation rule
diff --git a/js/plugins/anthropic/README.md b/js/plugins/anthropic/README.md
@@ -166,6 +166,7 @@ The plugin validates MCP configuration at runtime:
 - MCP server URLs must use HTTPS protocol
 - MCP server names must be unique
 - MCP toolsets must reference servers defined in `mcp_servers`
+- Each MCP server must be referenced by exactly one toolset
 
 ### Beta API Limitations
 
diff --git a/js/plugins/anthropic/src/types.ts b/js/plugins/anthropic/src/types.ts
@@ -211,6 +211,7 @@ export const AnthropicThinkingConfigSchema = AnthropicBaseConfigSchema.extend({
  * Validates MCP configuration:
  * - MCP server names must be unique
  * - MCP toolsets must reference servers defined in mcp_servers
+ * - Each MCP server must be referenced by exactly one toolset
  */
 function validateMcpConfig(
   config: z.infer<typeof AnthropicThinkingConfigSchema>,
@@ -250,6 +251,35 @@ function validateMcpConfig(
       }
     );
   }
+
+  // Validate each MCP server is referenced by exactly one toolset
+  if (config.mcp_servers && config.mcp_servers.length > 0) {
+    const toolsetReferences = new Map<string, number>();
+    (config.mcp_toolsets ?? []).forEach(
+      (t: z.infer<typeof McpToolsetSchema>) => {
+        const count = toolsetReferences.get(t.mcp_server_name) ?? 0;
+        toolsetReferences.set(t.mcp_server_name, count + 1);
+      }
+    );
+    config.mcp_servers.forEach(
+      (server: z.infer<typeof McpServerConfigSchema>, i: number) => {
+        const refCount = toolsetReferences.get(server.name) ?? 0;
+        if (refCount === 0) {
+          ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            path: ['mcp_servers', i, 'name'],
+            message: `MCP server '${server.name}' is not referenced by any toolset. Each server must be referenced by exactly one mcp_toolset.`,
+          });
+        } else if (refCount > 1) {
+          ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            path: ['mcp_servers', i, 'name'],
+            message: `MCP server '${server.name}' is referenced by ${refCount} toolsets. Each server must be referenced by exactly one mcp_toolset.`,
+          });
+        }
+      }
+    );
+  }
 }
 
 export const AnthropicConfigSchema =
diff --git a/js/plugins/anthropic/tests/types_test.ts b/js/plugins/anthropic/tests/types_test.ts
@@ -17,7 +17,11 @@
 import * as assert from 'assert';
 import { z } from 'genkit';
 import { describe, it } from 'node:test';
-import { AnthropicConfigSchema, resolveBetaEnabled } from '../src/types.js';
+import {
+  AnthropicConfigSchema,
+  McpServerConfigSchema,
+  resolveBetaEnabled,
+} from '../src/types.js';
 
 describe('resolveBetaEnabled', () => {
   it('should return true when config.apiVersion is beta', () => {
@@ -87,3 +91,170 @@ describe('resolveBetaEnabled', () => {
     assert.strictEqual(resolveBetaEnabled(config, 'beta'), true);
   });
 });
+
+describe('McpServerConfigSchema', () => {
+  it('should require HTTPS URL', () => {
+    const httpConfig = {
+      type: 'url' as const,
+      url: 'http://example.com/mcp',
+      name: 'test-server',
+    };
+    const result = McpServerConfigSchema.safeParse(httpConfig);
+    assert.strictEqual(result.success, false);
+    if (!result.success) {
+      assert.ok(
+        result.error.issues.some((i) =>
+          i.message.includes('HTTPS')
+        )
+      );
+    }
+  });
+
+  it('should accept HTTPS URL', () => {
+    const httpsConfig = {
+      type: 'url' as const,
+      url: 'https://example.com/mcp',
+      name: 'test-server',
+    };
+    const result = McpServerConfigSchema.safeParse(httpsConfig);
+    assert.strictEqual(result.success, true);
+  });
+});
+
+describe('AnthropicConfigSchema MCP validation', () => {
+  it('should fail when server is not referenced by any toolset', () => {
+    const config = {
+      mcp_servers: [
+        {
+          type: 'url' as const,
+          url: 'https://example.com/mcp',
+          name: 'orphan-server',
+        },
+      ],
+      // No mcp_toolsets
+    };
+    const result = AnthropicConfigSchema.safeParse(config);
+    assert.strictEqual(result.success, false);
+    if (!result.success) {
+      assert.ok(
+        result.error.issues.some((i) =>
+          i.message.includes('not referenced by any toolset')
+        )
+      );
+    }
+  });
+
+  it('should fail when server is referenced by multiple toolsets', () => {
+    const config = {
+      mcp_servers: [
+        {
+          type: 'url' as const,
+          url: 'https://example.com/mcp',
+          name: 'multi-ref-server',
+        },
+      ],
+      mcp_toolsets: [
+        {
+          type: 'mcp_toolset' as const,
+          mcp_server_name: 'multi-ref-server',
+        },
+        {
+          type: 'mcp_toolset' as const,
+          mcp_server_name: 'multi-ref-server',
+        },
+      ],
+    };
+    const result = AnthropicConfigSchema.safeParse(config);
+    assert.strictEqual(result.success, false);
+    if (!result.success) {
+      assert.ok(
+        result.error.issues.some((i) =>
+          i.message.includes('referenced by 2 toolsets')
+        )
+      );
+    }
+  });
+
+  it('should pass when server is referenced by exactly one toolset', () => {
+    const config = {
+      mcp_servers: [
+        {
+          type: 'url' as const,
+          url: 'https://example.com/mcp',
+          name: 'valid-server',
+        },
+      ],
+      mcp_toolsets: [
+        {
+          type: 'mcp_toolset' as const,
+          mcp_server_name: 'valid-server',
+        },
+      ],
+    };
+    const result = AnthropicConfigSchema.safeParse(config);
+    assert.strictEqual(result.success, true);
+  });
+
+  it('should fail when mcp_server names are not unique', () => {
+    const config = {
+      mcp_servers: [
+        {
+          type: 'url' as const,
+          url: 'https://example.com/mcp1',
+          name: 'duplicate-name',
+        },
+        {
+          type: 'url' as const,
+          url: 'https://example.com/mcp2',
+          name: 'duplicate-name',
+        },
+      ],
+      mcp_toolsets: [
+        {
+          type: 'mcp_toolset' as const,
+          mcp_server_name: 'duplicate-name',
+        },
+      ],
+    };
+    const result = AnthropicConfigSchema.safeParse(config);
+    assert.strictEqual(result.success, false);
+    if (!result.success) {
+      assert.ok(
+        result.error.issues.some((i) =>
+          i.message.includes('must be unique')
+        )
+      );
+    }
+  });
+
+  it('should fail when toolset references unknown server', () => {
+    const config = {
+      mcp_servers: [
+        {
+          type: 'url' as const,
+          url: 'https://example.com/mcp',
+          name: 'real-server',
+        },
+      ],
+      mcp_toolsets: [
+        {
+          type: 'mcp_toolset' as const,
+          mcp_server_name: 'real-server',
+        },
+        {
+          type: 'mcp_toolset' as const,
+          mcp_server_name: 'unknown-server',
+        },
+      ],
+    };
+    const result = AnthropicConfigSchema.safeParse(config);
+    assert.strictEqual(result.success, false);
+    if (!result.success) {
+      assert.ok(
+        result.error.issues.some((i) =>
+          i.message.includes("unknown server 'unknown-server'")
+        )
+      );
+    }
+  });
+});
