* feat: add MCP connection pool with health check and retry mechanism
* feat: add proactive connection health check before tool calls
- Add GetConnectionWithHealthCheck method to perform health check before reusing connections
- Add performHealthCheck method to test connection health with ListTools call
- Modify InvokableRun to use health-checked connections
- This prevents first tool call failure when connection is broken
- Improves user experience by ensuring connections are healthy before tool execution
---------
Co-authored-by: 茂勋 <shancangchen.csc@alibaba-inc.com>
* feat: add --tls-skip-verify flag for self-signed certificates
Adds support for skipping TLS certificate verification when connecting to
providers with self-signed certificates. This is particularly useful for
local Ollama instances secured with HTTPS.
- Add --tls-skip-verify command-line flag with security warnings
- Update ProviderConfig to include TLSSkipVerify field
- Modify HTTP client creation for all providers (Ollama, OpenAI, Anthropic, Google, Azure)
- Create helper functions for TLS-aware HTTP client creation
- Add comprehensive unit tests for TLS skip verify functionality
- Update documentation with usage examples and security warnings
Fixes#113🤖 Generated with [opencode](https://opencode.ai)
Co-Authored-By: opencode <noreply@opencode.ai>
* feat: add TLS skip verify support to script mode
- Add TLSSkipVerify field to Config struct for script frontmatter
- Update script parsing to handle tls-skip-verify in YAML frontmatter
- Pass TLS configuration to model creation in script mode
- Add example script demonstrating TLS skip verify usage
- Update script examples documentation
This allows scripts to specify tls-skip-verify: true in their frontmatter
to connect to providers with self-signed certificates.
🤖 Generated with [opencode](https://opencode.ai)
Co-Authored-By: opencode <noreply@opencode.ai>
---------
Co-authored-by: opencode <noreply@opencode.ai>
* feat: enhance hooks with LLM feedback capabilities
- Add new HookOutput fields for LLM interaction (feedback, context, systemPrompt, modifyInput/Output)
- Implement Continue functionality to gracefully stop sessions from hooks
- Implement SuppressOutput to hide tool results from user display
- Add UserPromptSubmit context injection to provide additional context to LLM
- Update mergeHookOutputs to handle new fields
- Add comprehensive unit tests for new hook output processing
- Create example Python hook demonstrating LLM feedback features
This enhancement allows hooks to:
- Provide feedback and context that reaches the LLM
- Modify tool inputs/outputs before processing
- Control session flow with Continue field
- Suppress output display while still sending to LLM
- Inject system prompts and context for better LLM responses
🤖 Generated with [opencode](https://opencode.ai)
Co-Authored-By: opencode <noreply@opencode.ai>
* fix: make tool blocking visible to LLM
When a PreToolUse hook blocks a tool execution, the LLM now receives an error message
indicating the tool was blocked, allowing it to adapt its approach.
Changes:
- Track when tools are blocked by PreToolUse hooks
- Replace tool execution results with error messages when blocked
- Add test to verify blocking functionality
- Add ToolBlockChecker type for future enhancements
This ensures the LLM is aware when its tool calls are blocked by security policies
and can respond appropriately rather than being unaware of the block.
🤖 Generated with [opencode](https://opencode.ai)
Co-Authored-By: opencode <noreply@opencode.ai>
* refactor: remove unimplemented LLM feedback fields
Removed the following unimplemented fields from HookOutput:
- Feedback
- Context
- SystemPrompt
- ModifyInput
- ModifyOutput
These fields were added speculatively but not fully implemented.
Keeping only the working functionality:
- Continue/StopReason for session control
- SuppressOutput for hiding tool results
- Decision/Reason for blocking tools
The critical tool blocking visibility feature remains intact.
🤖 Generated with [opencode](https://opencode.ai)
Co-Authored-By: opencode <noreply@opencode.ai>
---------
Co-authored-by: opencode <noreply@opencode.ai>
* Add comprehensive hooks system for MCPHost lifecycle events
Implements a flexible hooks system based on Anthropic Claude Code specification:
- **Hook Events**: PreToolUse, PostToolUse, UserPromptSubmit, Stop
- **Hook Types**: Command execution with JSON input/output
- **Configuration**: XDG-compliant with layered config support
- **Security**: Command validation, timeout controls, safe execution
- **Common Fields**: Consistent session ID, timestamps, model info across all hooks
Key features:
- Hooks receive JSON via stdin and can control flow via stdout
- Pattern matching for tool-specific hooks (regex support)
- Enhanced Stop hook with agent response and metadata
- Centralized session management with consistent IDs
- Built-in examples for logging, validation, and monitoring
This enables users to:
- Log and audit all tool usage and prompts
- Implement custom security policies
- Track usage metrics and model performance
- Integrate with external systems
- Build custom workflows around MCPHost
🤖 Generated with [opencode](https://opencode.ai)
Co-Authored-By: opencode <noreply@opencode.ai>
* Enable hooks in script mode
Previously, hooks were only initialized and executed in normal mode but not
in script mode. This was because script mode had its own execution path that
bypassed the hook initialization code.
This fix:
- Adds hook initialization to runScriptMode function
- Creates hook executor with proper session ID and model info
- Passes the hook executor to runAgenticLoop
Now hooks work consistently across all execution modes (normal, script, and
interactive), ensuring uniform behavior for logging, validation, and monitoring.
🤖 Generated with [opencode](https://opencode.ai)
Co-Authored-By: opencode <noreply@opencode.ai>
* Remove unnecessary hooks.local.yml pattern
The .local.yml pattern adds unnecessary complexity. Users who want project-specific
hooks that aren't committed to git can simply add .mcphost/ to their .gitignore.
This simplifies the hooks configuration loading and makes it clearer that:
- Global user hooks go in ~/.config/mcphost/hooks.yml
- Project-specific hooks go in .mcphost/hooks.yml
- Git ignore management is left to the user
🤖 Generated with [opencode](https://opencode.ai)
Co-Authored-By: opencode <noreply@opencode.ai>
* Fix hooks test isolation and add --no-hooks flag
- Fix TestLoadHooksConfig by setting temporary XDG_CONFIG_HOME to prevent loading global hooks
- Add --no-hooks flag to disable all hooks execution across all modes
- Update README with documentation for the new flag
- Add test to verify hooks loading behavior
This allows users to temporarily disable hooks for security or debugging purposes.
🤖 Generated with [opencode](https://opencode.ai)
Co-Authored-By: opencode <noreply@opencode.ai>
---------
Co-authored-by: opencode <noreply@opencode.ai>
* Add builtin HTTP functionality
* Add GitHub Actions CI workflow
- Runs tests with race detection on push to main and PRs
- Verifies code generation is up to date
- Uses Go version from go.mod file
- Supports manual workflow dispatch
* Remove verify-codegen job from CI workflow
Simplifies CI to only run tests with race detection
* draft: rewrite single message when streaming (not full terminal)
* having the spinner align better with dots in compact mode
* fix user messages
* handle usage display
* fix formatting
* bash highlighting
---------
Co-authored-by: Nate Woods <big.nate.w@gmail.com>
This commit addresses issue #92 by extracting duplicated code between
normal mode (cmd/root.go) and script mode (cmd/script.go) into reusable
factory functions and utilities.
## Changes Made
### New Factory Files
- **internal/agent/factory.go**: Agent creation factory with spinner support
- `CreateAgent()` function with configurable options
- `ParseModelName()` utility for model string parsing
- Spinner function injection to avoid import cycles
- **internal/ui/factory.go**: CLI setup factory with standard configuration
- `SetupCLI()` function for consistent CLI initialization
- Usage tracking setup for supported providers
- Model info and tool count display
- **internal/config/merger.go**: Config loading and merging utilities
- `LoadAndValidateConfig()` for standard config loading
- `MergeConfigs()` for script frontmatter merging
### Updated Command Files
- **cmd/root.go**: Refactored to use new factories
- Replaced ~50 lines of agent creation logic
- Replaced ~30 lines of CLI setup logic
- Replaced ~20 lines of config loading logic
- Added agentUIAdapter to handle interface compatibility
- **cmd/script.go**: Refactored to use new factories
- Same factory usage as normal mode for consistency
- Maintained script-specific behavior (no spinners)
- Improved config merging with frontmatter
## Benefits
- **Reduced code duplication**: ~33 lines of duplicated code eliminated
- **Single source of truth**: Agent creation and CLI setup logic centralized
- **Consistent behavior**: Both modes now use identical underlying logic
- **Easier maintenance**: Changes apply to both modes automatically
- **Better testability**: Factory functions can be unit tested independently
- **Cleaner command files**: Focus on mode-specific logic only
## Testing
- All existing tests pass
- Build verification successful
- Both normal and script modes tested for basic functionality
- Code formatting and linting checks passed
🤖 Generated with [opencode](https://opencode.ai)
Co-authored-by: opencode <noreply@opencode.ai>
Fixes#89: Tools created without input properties were causing OpenAI function
calling validation errors with "object schema missing properties" message.
The issue occurred when MCP tools had no input parameters, resulting in OpenAPI
schemas with Type="object" but Properties=nil, which violates OpenAI's function
calling schema requirements.
Changes:
- Add schema validation fix in loadServerTools to ensure object schemas have
empty properties map when Properties is nil
- Add comprehensive regression test TestIssue89_ObjectSchemaMissingProperties
- Add additional test coverage for tools without properties
The fix ensures backward compatibility while resolving the validation error.
Users no longer need the workaround of adding dummy parameters to their tools.
🤖 Generated with [opencode](https://opencode.ai)
Co-authored-by: opencode <noreply@opencode.ai>
matscalia