mcp-data-platform-v0.21.0
What's New in v0.21.0
Three new MCP protocol capabilities, improved error semantics, and comprehensive documentation for all features introduced since v0.19.0.
Elicitation: User Confirmation for Expensive and Sensitive Queries
The platform can now prompt users for confirmation before executing queries that exceed cost thresholds or access PII-tagged columns. This uses the MCP elicitation/create protocol — clients that support it (e.g., Claude Desktop) will see interactive confirmation prompts; clients without support gracefully skip the check.
Cost estimation runs EXPLAIN (TYPE IO, FORMAT JSON) against Trino to estimate row counts before execution. When the estimate exceeds the configured threshold (default: 1M rows), the user sees a confirmation dialog with the estimate.
PII consent checks DataHub column tags for pii and sensitive markers on every table referenced in the query. If any PII columns are found, the user must confirm before the query proceeds.
Both features are fully opt-in and independently configurable:
elicitation:
enabled: true
cost_estimation:
enabled: true
row_threshold: 1000000 # prompt above 1M estimated rows
pii_consent:
enabled: true # prompt when query accesses PII columnsWhen a user declines, the tool returns an informational message (categorized as user_declined in audit logs) instead of executing the query. If EXPLAIN fails or PII metadata is unavailable, the query proceeds without interruption — elicitation always degrades gracefully.
Icons: Visual Metadata for Tools, Resources, and Prompts
A new middleware layer injects config-driven icons into tools/list, resources/templates/list, and prompts/list responses. Upstream toolkits (mcp-trino, mcp-datahub, mcp-s3) provide default icons for all their tools; this configuration overrides or extends them.
icons:
enabled: true
tools:
trino_query:
src: "https://example.com/custom-trino.svg"
mime_type: "image/svg+xml"
resources:
"schema://{catalog}.{schema}/{table}":
src: "https://example.com/schema.svg"
prompts:
knowledge_capture:
src: "https://example.com/knowledge.svg"Icons appear in MCP clients that render visual metadata (e.g., Claude Desktop's tool picker). The middleware runs as the outermost layer in the 8-layer middleware chain, decorating list responses after all other processing.
JSON-RPC Error Sentinels for Malformed Requests
Malformed tools/call requests (missing tool name, nil params, wrong params type) now return proper JSON-RPC protocol errors with CodeInvalidParams (-32602) instead of tool-level error results. This distinction matters for clients:
- Protocol errors (
*jsonrpc.Error): The request itself is invalid — clients should not retry with the same parameters - Tool errors (
CallToolResult.IsError): The request was valid but the operation failed — agents can reason about the message and adjust
Auth and authz failures remain as tool-level errors because the request is structurally valid — only permissions are insufficient. MCP agents handle these better (they reason about the error message and try different approaches) compared to protocol errors (which may trigger retries or abort).
Resource Links in DataHub Results
When resource templates are enabled (resources.enabled: true), DataHub search and entity results now include MCP resource links pointing to schema:// and availability:// resource templates. This lets agents follow up with resource reads for detailed schema or availability info without additional tool calls — creating a browseable graph of data resources.
Explicit Server Capabilities
The platform now declares explicit ServerCapabilities during initialization instead of relying on SDK auto-inference. This makes the server's contract visible in capability negotiation:
- Tools: Always declared (every deployment has
platform_infoat minimum) - Logging: Always declared (supports client logging via
logging/setLevel) - Resources: Declared when
resources.enabled: true - Prompts: Declared when prompts are configured (platform prompts, prompts dir, or knowledge capture)
Startup Validation
A new validateAgentInstructions() check runs at startup, scanning agent_instructions text for tokens that look like tool names and warning when they don't match any registered tool. This catches stale references after tool renames or removals — particularly useful for large instruction blocks that reference dozens of tools.
Documentation
Comprehensive configuration reference added for all features introduced in v0.20.0 and v0.21.0:
- Elicitation: Cost estimation and PII consent configuration with examples
- Icons: Tool, resource, and prompt icon overrides
- Resource templates:
schema://,glossary://,availability://URI patterns - Progress notifications: Trino query progress with
_meta.progressToken - Client logging: Server-to-client enrichment messages via
logging/setLevel - Middleware reference: Updated with 8-layer chain diagram (was 6), including
MCPIconMiddlewareandMCPClientLoggingMiddleware llms.txt/llms-full.txt: Updated indexes for AI consumption
Middleware Chain (8 layers)
The full request processing chain is now:
Request → Icons → ToolVisibility → AppsMetadata → MCPToolCall → MCPAudit → ClientLogging → MCPRules → MCPEnrichment → Handler
Upgrading from v0.20.0
All new features are opt-in. Existing configurations work without changes.
To enable the new capabilities, add any combination of:
# Elicitation (requires Trino toolkit)
elicitation:
enabled: true
cost_estimation:
enabled: true
row_threshold: 1000000
pii_consent:
enabled: true
# Icons
icons:
enabled: trueNo database migrations are required for this release.
Changelog
Full diff: v0.20.0...v0.21.0
- feat: elicitation, icons, jsonrpc errors, and docs for MCP protocol capabilities (#112)
Closes #102
Installation
Homebrew (macOS)
brew install txn2/tap/mcp-data-platformClaude Code CLI
claude mcp add mcp-data-platform -- mcp-data-platformDocker
docker pull ghcr.io/txn2/mcp-data-platform:v0.21.0Verification
All release artifacts are signed with Cosign. Verify with:
cosign verify-blob --bundle mcp-data-platform_0.21.0_linux_amd64.tar.gz.sigstore.json \
mcp-data-platform_0.21.0_linux_amd64.tar.gz