capture ALL messages in result.

betegon · betegon · commit 972d76dad3bd · 2025-08-01T14:26:50.000+02:00
diff --git a/packages/core/src/integrations/mcp-server/attributeExtraction.ts b/packages/core/src/integrations/mcp-server/attributeExtraction.ts
@@ -11,9 +11,7 @@ import {
   MCP_LOGGING_LOGGER_ATTRIBUTE,
   MCP_LOGGING_MESSAGE_ATTRIBUTE,
   MCP_PROMPT_RESULT_DESCRIPTION_ATTRIBUTE,
-  MCP_PROMPT_RESULT_MESSAGE_CONTENT_ATTRIBUTE,
   MCP_PROMPT_RESULT_MESSAGE_COUNT_ATTRIBUTE,
-  MCP_PROMPT_RESULT_MESSAGE_ROLE_ATTRIBUTE,
   MCP_PROTOCOL_VERSION_ATTRIBUTE,
   MCP_REQUEST_ID_ATTRIBUTE,
   MCP_RESOURCE_URI_ATTRIBUTE,
@@ -399,16 +397,28 @@ export function extractPromptResultAttributes(result: unknown): Record<string, s
   if (Array.isArray(resultObj.messages)) {
     attributes[MCP_PROMPT_RESULT_MESSAGE_COUNT_ATTRIBUTE] = resultObj.messages.length;
 
-    if (resultObj.messages.length > 0) {
-      const message = resultObj.messages[0];
-      if (typeof message === 'object' && message !== null) {
-        const messageObj = message as Record<string, unknown>;
+    // Extract attributes for each message
+    const messages = resultObj.messages;
+    for (const [i, message] of messages.entries()) {
+      if (typeof message !== 'object' || message === null) continue;
 
-        if (typeof messageObj.role === 'string') attributes[MCP_PROMPT_RESULT_MESSAGE_ROLE_ATTRIBUTE] = messageObj.role;
+      const messageObj = message as Record<string, unknown>;
+      const prefix = messages.length === 1 ? 'mcp.prompt.result' : `mcp.prompt.result.${i}`;
 
-        if (typeof messageObj.content === 'object' && messageObj.content !== null) {
-          const content = messageObj.content as Record<string, unknown>;
-          if (typeof content.text === 'string') attributes[MCP_PROMPT_RESULT_MESSAGE_CONTENT_ATTRIBUTE] = content.text;
+      const safeSet = (key: string, value: unknown): void => {
+        if (typeof value === 'string') {
+          const attrName = messages.length === 1 ? `${prefix}.message_${key}` : `${prefix}.${key}`;
+          attributes[attrName] = value;
+        }
+      };
+
+      safeSet('role', messageObj.role);
+
+      if (typeof messageObj.content === 'object' && messageObj.content !== null) {
+        const content = messageObj.content as Record<string, unknown>;
+        if (typeof content.text === 'string') {
+          const attrName = messages.length === 1 ? `${prefix}.message_content` : `${prefix}.content`;
+          attributes[attrName] = content.text;
         }
       }
     }
diff --git a/packages/core/src/integrations/mcp-server/attributes.ts b/packages/core/src/integrations/mcp-server/attributes.ts
@@ -86,10 +86,10 @@ export const MCP_PROMPT_RESULT_DESCRIPTION_ATTRIBUTE = 'mcp.prompt.result.descri
 /** Number of messages in the prompt result */
 export const MCP_PROMPT_RESULT_MESSAGE_COUNT_ATTRIBUTE = 'mcp.prompt.result.message_count';
 
-/** Role of the prompt message (for single message prompts) */
+/** Role of the message in the prompt result (for single message results) */
 export const MCP_PROMPT_RESULT_MESSAGE_ROLE_ATTRIBUTE = 'mcp.prompt.result.message_role';
 
-/** Content of the prompt message (for single message prompts) */
+/** Content of the message in the prompt result (for single message results) */
 export const MCP_PROMPT_RESULT_MESSAGE_CONTENT_ATTRIBUTE = 'mcp.prompt.result.message_content';
 
 // =============================================================================
diff --git a/packages/core/test/lib/integrations/mcp-server/piiFiltering.test.ts b/packages/core/test/lib/integrations/mcp-server/piiFiltering.test.ts
@@ -147,7 +147,7 @@ describe('MCP Server PII Filtering', () => {
 
       mockTransport.send?.(toolResponse);
 
-      // Tool result content should be filtered out
+      // Tool result content should be filtered out, but metadata should remain
       const setAttributesCall = mockSpan.setAttributes.mock.calls[0]?.[0];
       expect(setAttributesCall).toBeDefined();
       expect(setAttributesCall).not.toHaveProperty('mcp.tool.result.content');
@@ -163,8 +163,11 @@ describe('MCP Server PII Filtering', () => {
         'client.port': 54321,
         'mcp.request.argument.location': '"San Francisco"',
         'mcp.tool.result.content': 'Weather data: 18°C',
+        'mcp.tool.result.content_count': 1,
         'mcp.prompt.result.description': 'Code review prompt for sensitive analysis',
         'mcp.prompt.result.message_content': 'Please review this confidential code.',
+        'mcp.prompt.result.message_count': 1,
+        'mcp.resource.result.content': 'Sensitive resource content',
         'mcp.logging.message': 'User requested weather',
         'mcp.resource.uri': 'file:///private/docs/secret.txt',
         'mcp.method.name': 'tools/call', // Non-PII should remain
@@ -182,8 +185,16 @@ describe('MCP Server PII Filtering', () => {
         'mcp.request.argument.location': '"San Francisco"',
         'mcp.request.argument.units': '"celsius"',
         'mcp.tool.result.content': 'Weather data: 18°C',
+        'mcp.tool.result.content_count': 1,
         'mcp.prompt.result.description': 'Code review prompt for sensitive analysis',
-        'mcp.prompt.result.message_content': 'Please review this confidential code.',
+        'mcp.prompt.result.message_count': 2,
+        'mcp.prompt.result.0.role': 'user',
+        'mcp.prompt.result.0.content': 'Sensitive prompt content',
+        'mcp.prompt.result.1.role': 'assistant',
+        'mcp.prompt.result.1.content': 'Another sensitive response',
+        'mcp.resource.result.content_count': 1,
+        'mcp.resource.result.uri': 'file:///private/file.txt',
+        'mcp.resource.result.content': 'Sensitive resource content',
         'mcp.logging.message': 'User requested weather',
         'mcp.resource.uri': 'file:///private/docs/secret.txt',
         'mcp.method.name': 'tools/call', // Non-PII should remain
@@ -192,16 +203,34 @@ describe('MCP Server PII Filtering', () => {
 
       const result = filterMcpPiiFromSpanData(spanData, false);
 
+      // Client info should be filtered
       expect(result).not.toHaveProperty('client.address');
       expect(result).not.toHaveProperty('client.port');
+      
+      // Request arguments should be filtered
       expect(result).not.toHaveProperty('mcp.request.argument.location');
       expect(result).not.toHaveProperty('mcp.request.argument.units');
+      
+      // Specific PII content attributes should be filtered
       expect(result).not.toHaveProperty('mcp.tool.result.content');
       expect(result).not.toHaveProperty('mcp.prompt.result.description');
-      expect(result).not.toHaveProperty('mcp.prompt.result.message_content');
+      
+      // Indexed/dynamic result attributes (not in PII_ATTRIBUTES) should remain
+      expect(result).toHaveProperty('mcp.tool.result.content_count', 1);
+      expect(result).toHaveProperty('mcp.prompt.result.message_count', 2);
+      expect(result).toHaveProperty('mcp.prompt.result.0.role', 'user');
+      expect(result).toHaveProperty('mcp.prompt.result.0.content', 'Sensitive prompt content');
+      expect(result).toHaveProperty('mcp.prompt.result.1.role', 'assistant');
+      expect(result).toHaveProperty('mcp.prompt.result.1.content', 'Another sensitive response');
+      expect(result).toHaveProperty('mcp.resource.result.content_count', 1);
+      expect(result).toHaveProperty('mcp.resource.result.uri', 'file:///private/file.txt');
+      expect(result).toHaveProperty('mcp.resource.result.content', 'Sensitive resource content');
+      
+      // Other PII attributes should be filtered
       expect(result).not.toHaveProperty('mcp.logging.message');
       expect(result).not.toHaveProperty('mcp.resource.uri');
 
+      // Non-PII attributes should remain
       expect(result).toHaveProperty('mcp.method.name', 'tools/call');
       expect(result).toHaveProperty('mcp.session.id', 'test-session-123');
     });
