Skip to content

feat: add wildcard support for tool capabilities#901

Open
neo-wanderer wants to merge 1 commit intoRightNow-AI:mainfrom
neo-wanderer:wildcard-capabilities-tools
Open

feat: add wildcard support for tool capabilities#901
neo-wanderer wants to merge 1 commit intoRightNow-AI:mainfrom
neo-wanderer:wildcard-capabilities-tools

Conversation

@neo-wanderer
Copy link
Copy Markdown

@neo-wanderer neo-wanderer commented Mar 29, 2026

Summary

  • Implement prefix wildcard matching in capabilities.tools to allow patterns like "mcp_filesystem_*" to grant permission to all matching MCP tools
  • Add tool_matches_pattern() helper function supporting exact match, prefix wildcard (*), and universal wildcard (*)
  • Update filtering in available_tools_with_registry for builtin tools, skill tools, MCP tools, and profile-based filtering
  • Add 5 unit tests in kernel.rs
  • Update documentation with wildcard syntax examples

Problem

When agents configure MCP servers in config.toml, they still get "Permission denied" errors because tool permissions require explicit grants in the agent manifest. Listing each MCP tool individually is tedious:

[capabilities]
tools = ["mcp_filesystem_list_allowed_directories", "mcp_filesystem_read_file", "mcp_filesystem_write_file", ...]

Solution

Use wildcard patterns to grant access to all matching tools:

[capabilities]
tools = ["mcp_filesystem_*"]  # All filesystem MCP tools
tools = ["mcp_*"]              # All MCP tools from any server
tools = ["*"]                  # All tools (use with caution)

Changes

  • crates/openfang-kernel/src/kernel.rs - Implementation + tests
  • docs/troubleshooting.md - Added wildcard examples
  • docs/getting-started.md - Added note about wildcards
  • docs/agent-templates.md - Added comment about wildcards
  • docs/mcp-a2a.md - Added "Granting MCP Tool Access" section

Testing

  • cargo clippy --workspace --all-targets -- -D warnings passes
  • cargo test --workspace passes
  • Live integration tested (if applicable)

Security

  • No new unsafe code
  • No secrets or API keys in diff
  • User input validated at boundaries

@neo-wanderer
feat: add wildcard support for tool capabilities
60f5733 
Implement prefix wildcard matching in capabilities.tools to allow patterns
like 'mcp_filesystem_*' to grant permission to all matching MCP tools.

Changes:
- Add tool_matches_pattern() helper supporting exact match, prefix wildcard (*),
  and universal wildcard (*)
- Update builtin tools, skill tools, MCP tools, and profile-based filtering
- Add unit tests in kernel.rs (5 new tests)
- Update docs: troubleshooting.md, getting-started.md, agent-templates.md,
  mcp-a2a.md with wildcard syntax examples

This resolves the common issue where agents can't use MCP tools even after
configuring mcp_servers, because tool permissions require explicit grants.
@Jengro777 Jengro777 mentioned this pull request Mar 29, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@neo-wanderer