feat: implement native MCP server support with safety guardrails#145
feat: implement native MCP server support with safety guardrails#145Tech-no-mad wants to merge 5 commits into
Conversation
|
Hi @RafaelJohn9 , I've implemented the MCP server support as discussed in #140. |
|
Hi @Tech-no-mad , Could you kindly address the workflow errors. Also I'm deterred from merging this since we do not have |
RafaelJohn9
left a comment
There was a problem hiding this comment.
We need to add tests, fastmcp offers recommendation of implementing tests at: https://gofastmcp.com/development/tests, ,maybe we can draw insights from here 🤝
watersRand
left a comment
There was a problem hiding this comment.
Thanks for working on this! This is an excellent blueprint for the MCP server architecture—the use of enforce_security_guard and the explicit LLM agent instructions in the docstring are brilliant safety practices.Please note a few formatting noise issues and structural fixes:
Isolate the Linting: The automated formatting sweep is creating significant diff noise, completely obscuring your functional logic updates. Could we isolate the linting and styling fixes into a separate, independent commit or PR? This lets us track the core changes cleanly.
Expand Module Scope: Please remember to account for the wider integration footprint requested in the tracking issue. The implementation needs to provide tools for the full suite of M-Pesa operations—including C2B, B2C, B2B, Transaction Status, Account Balance, Reversals, Tax Remittance, and Dynamic QR—not just STK Push.
Fix Configuration Redundancy (stk_push): There is redundant environment variable lookup and parsing happening across both get_client() and individual tool actions (confusing API access credentials with merchant bank properties). Let’s centralize the configuration values (like keys, shortcodes, and passkeys) into a single configuration loader or class rather than re-querying os.environ inside every endpoint execution loop.
Remove Redundant Casts: FastMCP automatically uses your Python type hints (amount: int) to validate inputs via Pydantic before the tool runs. The manual amount=float(amount) typecasting inside the method is redundant. Trust the type hints and pass the variable directly.
Description
Type of Change
How Has This Been Tested?
Checklist
Screenshots (if applicable)
Additional Context