Skip to content

feat(sdk): add tool call extension #1572

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
matoushavlena merged 2 commits into from
Dec 3, 2025
Merged

feat(sdk): add tool call extension #1572

matoushavlena merged 2 commits into from
Dec 3, 2025

Conversation

@pilartomas
Copy link
Contributor

@pilartomas pilartomas commented Nov 14, 2025
edited
Loading

Signed-off-by: Tomas Pilar [email protected]

Summary

This PR adds a new MCP Tool Call Extension to AgentStack SDK.

This new extension should not be confused with existing MCP Service Extension. The purpose of the latter is to allow A2A clients provide MCP servers dynamically. The new extension is more akin to the oAuth extension, providing additional support to arbitrary MCP clients.

Linked Issues

Closes #1560

Documentation

  • No Docs Needed:

If this PR adds new feature or changes existing. Make sure documentation is adjusted accordingly. If the docs is not needed, please explain why.

@matoushavlena
Copy link
Contributor

matoushavlena commented Nov 19, 2025

I think calling this an MCP extension is confusing. We should consider different naming (eliciation, tool approval, etc.).

@pilartomas
Copy link
Contributor Author

pilartomas commented Nov 19, 2025

The idea was that it will cover more than just tool approvals but I was thinking of some "capabilities" to turn on and off, we should have a discussion also with @tomkis on the right approach.

@pilartomas pilartomas changed the title feat(sdk): add mcp extension feat(sdk): add tool call extension Nov 20, 2025
@pilartomas pilartomas force-pushed the feat-mcp-extension branch 2 times, most recently from 9a8799b to 7f6f450 Compare November 20, 2025 13:50
@pilartomas pilartomas marked this pull request as ready for review November 20, 2025 13:55
@pilartomas pilartomas requested a review from tomkis November 20, 2025 13:55
@dosubot dosubot bot added the size:L This PR changes 100-499 lines, ignoring generated files. label Nov 20, 2025
pilartomas
pilartomas commented Nov 20, 2025
View reviewed changes
apps/agentstack-sdk-py/src/agentstack_sdk/a2a/extensions/mcp/tool_call.py Outdated
Comment on lines 28 to 32
class ToolCallResponse(pydantic.BaseModel):
action: Literal["accept", "reject"]

Copy link
Contributor Author

@pilartomas pilartomas Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Eventually, we may allow argument modification etc.

pilartomas
pilartomas commented Nov 20, 2025
View reviewed changes
apps/agentstack-sdk-py/src/agentstack_sdk/a2a/extensions/mcp/tool_call.py Outdated
Comment on lines 21 to 27
class ToolCallRequest(pydantic.BaseModel):
server: Implementation | None
name: str
arguments: dict[str, Any] | None
annotations: ToolAnnotations | None
Copy link
Contributor Author

@pilartomas pilartomas Nov 20, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Supports Claude-like user experience:

Agent would like to call tool X of server Y with arguments A, do you approve?

Implementation of always allow is left upon the client.

pilartomas
pilartomas commented Nov 20, 2025
View reviewed changes
@tomkis
Copy link
Collaborator

tomkis commented Nov 24, 2025

I started with the review by reading the docs - without any prior context.

My biggest concern currently is that i had to zoom in to the code to understand how it actually works; It's just a semantic layer on top of Input required that maps MCP tool metadata.

What i originally anticipated was an extension that would somehow automagically plug into the MCP client to handle the tool approval for me, which is not the case.

This is not necessarily a bad, however it is confusing because i think most users will be searching how to solve "real problem" - how do i let agenstack ui approve my MCP tools.

Couple suggestions:

  1. Preface the docs with explanation that this does not solve the actual approval, but only provides a message protocol how to request the approval
  2. Add real world example in beeai framework how you can actually intercept the tool calling
  3. I'd completly refrain from using single word MCP and depending on MCP interfaces -> create custom layer (that can mimic the MCP) so that people don't get confused that this is some MCP magic.

@pilartomas
Copy link
Contributor Author

pilartomas commented Nov 27, 2025

@tomkis Changed, please have another look 👍

@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Dec 1, 2025
@pilartomas
feat(sdk): add mcp extension
826b252 
Signed-off-by: Tomas Pilar <[email protected]>
@pilartomas
fixup!
7fde38f 
Signed-off-by: Tomas Pilar <[email protected]>
@matoushavlena matoushavlena merged commit 41f76c2 into main Dec 3, 2025
9 checks passed
@matoushavlena matoushavlena deleted the feat-mcp-extension branch December 3, 2025 07:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tomkis tomkis tomkis approved these changes

Assignees

No one assigned

Labels

lgtm This PR has been approved by a maintainer size:L This PR changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Feature]: MCP tool call approval mechanism

4 participants

@pilartomas @matoushavlena @tomkis