tool

package
v1.0.0-beta.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 18, 2026 License: AGPL-3.0 Imports: 3 Imported by: 0

Documentation

Overview

Package tool contains domain types for tool discovery and risk classification.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type RiskLevel 

type RiskLevel string

RiskLevel represents the security risk level of a tool. 

const (
	// RiskLevelLow indicates read-only, informational operations.
	// Examples: list_files, get_status, help, version.
	RiskLevelLow RiskLevel = "LOW"

	// RiskLevelMedium indicates read operations with potential sensitivity.
	// Examples: fetch_data, download_file, export_report, search_users.
	RiskLevelMedium RiskLevel = "MEDIUM"

	// RiskLevelHigh indicates write operations or network access.
	// Examples: file_write, create_user, update_config, send_email.
	RiskLevelHigh RiskLevel = "HIGH"

	// RiskLevelCritical indicates destructive operations, system commands, or admin ops.
	// Examples: file_delete, execute_command, shell_exec, admin_reset.
	RiskLevelCritical RiskLevel = "CRITICAL"
)

func ClassifyTool 

func ClassifyTool(tool Tool) RiskLevel

ClassifyTool determines the risk level of a tool based on its name. Classification is case-insensitive and uses pattern matching.

Priority order (highest to lowest):

  • CRITICAL: destructive operations (delete, exec, shell, admin)
  • HIGH: write operations (write, create, update, send)
  • MEDIUM: sensitive reads (fetch, download, export, search)
  • LOW: everything else (list, help, version)

Limitations:

  • Uses simple substring matching (e.g., "undelete" also matches "delete")
  • For v1, this is acceptable; admin overrides can address edge cases
  • Tool descriptions are not analyzed, only names

func (RiskLevel) IsValid 

func (r RiskLevel) IsValid() bool

IsValid returns true if the risk level is a known valid level.

type Tool 

type Tool struct {
	// Name is the unique identifier for this tool (required).
	Name string `json:"name"`

	// Title is an optional human-readable display name.
	Title *string `json:"title,omitempty"`

	// Description is an optional human-readable description.
	Description *string `json:"description,omitempty"`

	// InputSchema is the JSON Schema for the tool's parameters (required).
	InputSchema json.RawMessage `json:"inputSchema"`

	// OutputSchema is an optional JSON Schema for the tool's output.
	OutputSchema *json.RawMessage `json:"outputSchema,omitempty"`

	// RiskLevel is the computed security risk level (not from MCP, added by classifier).
	RiskLevel RiskLevel `json:"-"`
}

Tool represents a tool from the MCP tools/list response. Fields match the MCP specification 2025-06-18.

func ClassifyTools 

func ClassifyTools(tools []Tool) []Tool

ClassifyTools returns a new slice of tools with RiskLevel populated on each. The input slice is not modified.

type ToolCatalog 

type ToolCatalog struct {
	// Tools is the list of tools available from the server.
	Tools []Tool `json:"tools"`

	// NextCursor is the pagination cursor for fetching more tools.
	NextCursor *string `json:"nextCursor,omitempty"`

	// CachedAt is when this catalog was cached (UTC).
	CachedAt time.Time `json:"cachedAt"`

	// ServerID identifies which upstream server this catalog is from.
	ServerID string `json:"serverId"`
}

ToolCatalog represents a cached collection of tools from an upstream MCP server.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.