feat: add readonly hint annotations to all MCP tools

tembleking · tembleking · commit 4735fd20d489 · 2025-11-25T15:45:35.000+01:00
diff --git a/internal/infra/mcp/tools/tool_generate_sysql.go b/internal/infra/mcp/tools/tool_generate_sysql.go
@@ -53,6 +53,7 @@ func (h *ToolGenerateSysql) RegisterInServer(s *server.MCPServer) {
 			),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions("sage.exec"),
 	)
 	s.AddTool(tool, h.handle)
diff --git a/internal/infra/mcp/tools/tool_get_event_info.go b/internal/infra/mcp/tools/tool_get_event_info.go
@@ -43,6 +43,7 @@ func (h *ToolGetEventInfo) RegisterInServer(s *server.MCPServer) {
 			mcp.Required(),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions("policy-events.read"),
 	)
 
diff --git a/internal/infra/mcp/tools/tool_get_event_process_tree.go b/internal/infra/mcp/tools/tool_get_event_process_tree.go
@@ -61,6 +61,7 @@ func (h *ToolGetEventProcessTree) RegisterInServer(s *server.MCPServer) {
 			mcp.Required(),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions("policy-events.read"),
 	)
 
diff --git a/internal/infra/mcp/tools/tool_kubernetes_list_clusters.go b/internal/infra/mcp/tools/tool_kubernetes_list_clusters.go
@@ -30,6 +30,7 @@ func (t *KubernetesListClusters) RegisterInServer(s *server.MCPServer) {
 			mcp.DefaultNumber(10),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_kubernetes_list_cronjobs.go b/internal/infra/mcp/tools/tool_kubernetes_list_cronjobs.go
@@ -33,6 +33,7 @@ func (t *KubernetesListCronjobs) RegisterInServer(s *server.MCPServer) {
 			mcp.DefaultNumber(10),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_kubernetes_list_nodes.go b/internal/infra/mcp/tools/tool_kubernetes_list_nodes.go
@@ -32,6 +32,7 @@ func (t *KubernetesListNodes) RegisterInServer(s *server.MCPServer) {
 			mcp.DefaultNumber(10),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_kubernetes_list_pod_containers.go b/internal/infra/mcp/tools/tool_kubernetes_list_pod_containers.go
@@ -38,6 +38,7 @@ func (t *KubernetesListPodContainers) RegisterInServer(s *server.MCPServer) {
 			mcp.DefaultNumber(10),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_kubernetes_list_workloads.go b/internal/infra/mcp/tools/tool_kubernetes_list_workloads.go
@@ -42,6 +42,7 @@ func (t *KubernetesListWorkloads) RegisterInServer(s *server.MCPServer) {
 			mcp.DefaultNumber(10),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_list_runtime_events.go b/internal/infra/mcp/tools/tool_list_runtime_events.go
@@ -99,6 +99,7 @@ You can specify the severity of the events based on the following cases:
 			),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions("policy-events.read"),
 	)
 
diff --git a/internal/infra/mcp/tools/tool_run_sysql.go b/internal/infra/mcp/tools/tool_run_sysql.go
@@ -60,6 +60,7 @@ func (h *ToolRunSysql) RegisterInServer(s *server.MCPServer) {
 			),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions("sage.exec", "risks.read"),
 	)
 	s.AddTool(tool, h.handle)
diff --git a/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_count_pods_per_cluster.go b/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_count_pods_per_cluster.go
@@ -32,6 +32,7 @@ func (t *TroubleshootKubernetesListCountPodsPerCluster) RegisterInServer(s *serv
 			mcp.DefaultNumber(20),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_400_500_http_errors_in_pods.go b/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_400_500_http_errors_in_pods.go
@@ -36,6 +36,7 @@ func (t *TroubleshootKubernetesListTop400500HttpErrorsInPods) RegisterInServer(s
 			mcp.DefaultNumber(20),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_cpu_consumed_by_container.go b/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_cpu_consumed_by_container.go
@@ -34,6 +34,7 @@ func (t *TroubleshootKubernetesListTopCPUConsumedByContainer) RegisterInServer(s
 			mcp.DefaultNumber(20),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_cpu_consumed_by_workload.go b/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_cpu_consumed_by_workload.go
@@ -34,6 +34,7 @@ func (t *TroubleshootKubernetesListTopCPUConsumedByWorkload) RegisterInServer(s
 			mcp.DefaultNumber(20),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_memory_consumed_by_container.go b/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_memory_consumed_by_container.go
@@ -34,6 +34,7 @@ func (t *TroubleshootKubernetesListTopMemoryConsumedByContainer) RegisterInServe
 			mcp.DefaultNumber(20),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_memory_consumed_by_workload.go b/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_memory_consumed_by_workload.go
@@ -34,6 +34,7 @@ func (t *TroubleshootKubernetesListTopMemoryConsumedByWorkload) RegisterInServer
 			mcp.DefaultNumber(20),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_network_errors_in_pods.go b/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_network_errors_in_pods.go
@@ -36,6 +36,7 @@ func (t *TroubleshootKubernetesListTopNetworkErrorsInPods) RegisterInServer(s *s
 			mcp.DefaultNumber(20),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_restarted_pods.go b/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_restarted_pods.go
@@ -35,6 +35,7 @@ func (t *TroubleshootKubernetesListTopRestartedPods) RegisterInServer(s *server.
 			mcp.DefaultNumber(10),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_unavailable_pods.go b/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_top_unavailable_pods.go
@@ -34,6 +34,7 @@ func (t *TroubleshootKubernetesListTopUnavailablePods) RegisterInServer(s *serve
 			mcp.DefaultNumber(20),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_underutilized_pods_by_cpu_quota.go b/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_underutilized_pods_by_cpu_quota.go
@@ -32,6 +32,7 @@ func (t *TroubleshootKubernetesListUnderutilizedPodsByCPUQuota) RegisterInServer
 			mcp.DefaultNumber(10),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)
diff --git a/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_underutilized_pods_by_memory_quota.go b/internal/infra/mcp/tools/tool_troubleshoot_kubernetes_list_underutilized_pods_by_memory_quota.go
@@ -32,6 +32,7 @@ func (t *TroubleshootKubernetesListUnderutilizedPodsByMemoryQuota) RegisterInSer
 			mcp.DefaultNumber(10),
 		),
 		mcp.WithOutputSchema[map[string]any](),
+		mcp.WithReadOnlyHintAnnotation(true),
 		WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
 	)
 	s.AddTool(tool, t.handle)

Original file line number	Diff line number	Diff line change
`@@ -53,6 +53,7 @@ func (h ToolGenerateSysql) RegisterInServer(s server.MCPServer) {`
`53`	`53`	`),`
`54`	`54`	`),`
`55`	`55`	`mcp.WithOutputSchema[map[string]any](),`
	`56`	`+ mcp.WithReadOnlyHintAnnotation(true),`
`56`	`57`	`WithRequiredPermissions("sage.exec"),`
`57`	`58`	`)`
`58`	`59`	`s.AddTool(tool, h.handle)`
Original file line number	Diff line number	Diff line change
`@@ -43,6 +43,7 @@ func (h ToolGetEventInfo) RegisterInServer(s server.MCPServer) {`
`43`	`43`	`mcp.Required(),`
`44`	`44`	`),`
`45`	`45`	`mcp.WithOutputSchema[map[string]any](),`
	`46`	`+ mcp.WithReadOnlyHintAnnotation(true),`
`46`	`47`	`WithRequiredPermissions("policy-events.read"),`
`47`	`48`	`)`
`48`	`49`
Original file line number	Diff line number	Diff line change
`@@ -61,6 +61,7 @@ func (h ToolGetEventProcessTree) RegisterInServer(s server.MCPServer) {`
`61`	`61`	`mcp.Required(),`
`62`	`62`	`),`
`63`	`63`	`mcp.WithOutputSchema[map[string]any](),`
	`64`	`+ mcp.WithReadOnlyHintAnnotation(true),`
`64`	`65`	`WithRequiredPermissions("policy-events.read"),`
`65`	`66`	`)`
`66`	`67`
Original file line number	Diff line number	Diff line change
`@@ -30,6 +30,7 @@ func (t KubernetesListClusters) RegisterInServer(s server.MCPServer) {`
`30`	`30`	`mcp.DefaultNumber(10),`
`31`	`31`	`),`
`32`	`32`	`mcp.WithOutputSchema[map[string]any](),`
	`33`	`+ mcp.WithReadOnlyHintAnnotation(true),`
`33`	`34`	WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
`34`	`35`	`)`
`35`	`36`	`s.AddTool(tool, t.handle)`
Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,7 @@ func (t KubernetesListCronjobs) RegisterInServer(s server.MCPServer) {`
`33`	`33`	`mcp.DefaultNumber(10),`
`34`	`34`	`),`
`35`	`35`	`mcp.WithOutputSchema[map[string]any](),`
	`36`	`+ mcp.WithReadOnlyHintAnnotation(true),`
`36`	`37`	WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
`37`	`38`	`)`
`38`	`39`	`s.AddTool(tool, t.handle)`
Original file line number	Diff line number	Diff line change
`@@ -32,6 +32,7 @@ func (t KubernetesListNodes) RegisterInServer(s server.MCPServer) {`
`32`	`32`	`mcp.DefaultNumber(10),`
`33`	`33`	`),`
`34`	`34`	`mcp.WithOutputSchema[map[string]any](),`
	`35`	`+ mcp.WithReadOnlyHintAnnotation(true),`
`35`	`36`	WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
`36`	`37`	`)`
`37`	`38`	`s.AddTool(tool, t.handle)`
Original file line number	Diff line number	Diff line change
`@@ -38,6 +38,7 @@ func (t KubernetesListPodContainers) RegisterInServer(s server.MCPServer) {`
`38`	`38`	`mcp.DefaultNumber(10),`
`39`	`39`	`),`
`40`	`40`	`mcp.WithOutputSchema[map[string]any](),`
	`41`	`+ mcp.WithReadOnlyHintAnnotation(true),`
`41`	`42`	WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
`42`	`43`	`)`
`43`	`44`	`s.AddTool(tool, t.handle)`
Original file line number	Diff line number	Diff line change
`@@ -42,6 +42,7 @@ func (t KubernetesListWorkloads) RegisterInServer(s server.MCPServer) {`
`42`	`42`	`mcp.DefaultNumber(10),`
`43`	`43`	`),`
`44`	`44`	`mcp.WithOutputSchema[map[string]any](),`
	`45`	`+ mcp.WithReadOnlyHintAnnotation(true),`
`45`	`46`	WithRequiredPermissions(), // FIXME(fede): Add the required permissions. It should be `promql.exec` but somehow the token does not have that permission even if you are able to execute queries.
`46`	`47`	`)`
`47`	`48`	`s.AddTool(tool, t.handle)`
Original file line number	Diff line number	Diff line change
`@@ -99,6 +99,7 @@ You can specify the severity of the events based on the following cases:`
`99`	`99`	`),`
`100`	`100`	`),`
`101`	`101`	`mcp.WithOutputSchema[map[string]any](),`
	`102`	`+ mcp.WithReadOnlyHintAnnotation(true),`
`102`	`103`	`WithRequiredPermissions("policy-events.read"),`
`103`	`104`	`)`
`104`	`105`
Original file line number	Diff line number	Diff line change
`@@ -60,6 +60,7 @@ func (h ToolRunSysql) RegisterInServer(s server.MCPServer) {`
`60`	`60`	`),`
`61`	`61`	`),`
`62`	`62`	`mcp.WithOutputSchema[map[string]any](),`
	`63`	`+ mcp.WithReadOnlyHintAnnotation(true),`
`63`	`64`	`WithRequiredPermissions("sage.exec", "risks.read"),`
`64`	`65`	`)`
`65`	`66`	`s.AddTool(tool, h.handle)`