feat: add description, allowedTools, and allowedResources options (#17)

* feat: add description, allowedTools, and allowedResources options
* test: consolidate startFakeServer helpers and add E2E options tests

Author: kurtisvg

README.md

@@ -78,6 +78,19 @@ Create an `mcp.json` file:
 Each entry in `mcpServers` is a downstream server that becomes a skill. The key
 is the skill name. The value depends on the transport type:
 
+### Common options
+
+All server types support these optional fields:
+
+| Field | Description |
+|-------|-------------|
+| `description` | Override the server's instructions shown by `list_skills` |
+| `allowedTools` | Only expose these tool names (default: all) |
+| `allowedResources` | Only expose these resource URIs (default: all) |
+
+Excluded tools are invisible everywhere — they won't appear in `use_skill`,
+can't be called via `execute_code`, and won't cause name-conflict prefixing.
+
 ### STDIO server
 
 Spawns the server as a child process. Only env vars explicitly listed in `env`
@@ -95,6 +108,8 @@ are passed to the child — the parent environment is not inherited.
     "database": {
       "command": "npx",
       "args": ["-y", "@modelcontextprotocol/server-sqlite", "mydb.db"],
+      "description": "SQL database for customer analytics",
+      "allowedTools": ["execute_sql", "list_tables"],
       "env": {
         "PATH": "/usr/local/bin:/usr/bin"
       }
@@ -159,6 +174,7 @@ go run . --config mcp.json --transport http --port 8080
 | `--transport` | `stdio` | Upstream transport: `stdio` or `http` |
 | `--host` | `localhost` | HTTP listen host |
 | `--port` | `8080` | HTTP listen port |
+| `--version` | | Print version and exit |
 
 ### Use with MCP clients
 

internal/config/config.go

@@ -19,6 +19,7 @@ const (
 // Server is the common interface for all server transport configurations.
 type Server interface {
 	TransportType() TransportType
+	Options() ServerOptions
 }
 
 func Load(path string) (map[string]Server, error) {
@@ -97,13 +98,23 @@ func unmarshalStrict(data []byte, v any) error {
 	return dec.Decode(v)
 }
 
+// ServerOptions contains optional fields shared by all server types.
+type ServerOptions struct {
+	Description      string   `json:"description,omitempty"`
+	AllowedTools     []string `json:"allowedTools,omitempty"`
+	AllowedResources []string `json:"allowedResources,omitempty"`
+}
+
+func (o ServerOptions) Options() ServerOptions { return o }
+
 // Server types
 
 type StdioServer struct {
 	Type    string            `json:"type"`
 	Command string            `json:"command"`
 	Args    []string          `json:"args,omitempty"`
 	Env     map[string]string `json:"env,omitempty"`
+	ServerOptions
 }
 
 func (*StdioServer) TransportType() TransportType { return TransportSTDIO }
@@ -112,6 +123,7 @@ type HTTPServer struct {
 	Type    string            `json:"type"`
 	URL     string            `json:"url"`
 	Headers map[string]string `json:"headers,omitempty"`
+	ServerOptions
 }
 
 func (*HTTPServer) TransportType() TransportType { return TransportHTTP }
@@ -120,6 +132,7 @@ type SSEServer struct {
 	Type    string            `json:"type"`
 	URL     string            `json:"url"`
 	Headers map[string]string `json:"headers,omitempty"`
+	ServerOptions
 }
 
 func (*SSEServer) TransportType() TransportType { return TransportSSE }

internal/config/config_test.go

@@ -199,6 +199,54 @@ func TestLoadedFieldValues(t *testing.T) {
 	}
 }
 
+func TestServerOptions(t *testing.T) {
+	t.Parallel()
+
+	jsonStr := `{
+		"mcpServers": {
+			"db": {
+				"command": "db-server",
+				"description": "SQL database for analytics",
+				"allowedTools": ["execute_sql", "list_tables"],
+				"allowedResources": ["schema://tables"]
+			},
+			"plain": {
+				"command": "plain-server"
+			}
+		}
+	}`
+	path := writeTestConfig(t, jsonStr)
+	servers, err := Load(path)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	db := servers["db"].(*StdioServer)
+	opts := db.Options()
+	if opts.Description != "SQL database for analytics" {
+		t.Errorf("Description = %q, want 'SQL database for analytics'", opts.Description)
+	}
+	if len(opts.AllowedTools) != 2 || opts.AllowedTools[0] != "execute_sql" || opts.AllowedTools[1] != "list_tables" {
+		t.Errorf("AllowedTools = %v, want [execute_sql list_tables]", opts.AllowedTools)
+	}
+	if len(opts.AllowedResources) != 1 || opts.AllowedResources[0] != "schema://tables" {
+		t.Errorf("AllowedResources = %v, want [schema://tables]", opts.AllowedResources)
+	}
+
+	// Server with no options should have zero values.
+	plain := servers["plain"].(*StdioServer)
+	plainOpts := plain.Options()
+	if plainOpts.Description != "" {
+		t.Errorf("expected empty description, got %q", plainOpts.Description)
+	}
+	if len(plainOpts.AllowedTools) != 0 {
+		t.Errorf("expected no allowed tools, got %v", plainOpts.AllowedTools)
+	}
+	if len(plainOpts.AllowedResources) != 0 {
+		t.Errorf("expected no allowed resources, got %v", plainOpts.AllowedResources)
+	}
+}
+
 func TestEnvVarExpansion(t *testing.T) {
 	t.Setenv("TEST_CMD", "my-server")
 	t.Setenv("TEST_ARG", "--verbose")

internal/e2e/e2e_test.go

@@ -6,6 +6,7 @@ import (
 	"strings"
 	"testing"
 
+	"skillful-mcp/internal/config"
 	"skillful-mcp/internal/mcpserver"
 
 	"github.com/modelcontextprotocol/go-sdk/mcp"
@@ -521,3 +522,134 @@ func TestE2EStructuredOutput(t *testing.T) {
 		}
 	})
 }
+
+func TestE2EServerOptions(t *testing.T) {
+	t.Parallel()
+	ctx := t.Context()
+
+	// Downstream server has 3 tools and 2 resources.
+	session := startFakeServer(t, ctx, "Original description",
+		[]mcp.Tool{
+			{Name: "allowed_tool", Description: "This tool is allowed"},
+			{Name: "blocked_tool", Description: "This tool is blocked"},
+			{Name: "another_allowed", Description: "Also allowed"},
+		},
+		[]mcp.Resource{
+			{URI: "file:///allowed.txt", Name: "allowed.txt", Description: "Allowed resource"},
+			{URI: "file:///blocked.txt", Name: "blocked.txt", Description: "Blocked resource"},
+		},
+	)
+
+	srv, err := mcpserver.NewServerFromSession(ctx, session, config.ServerOptions{
+		Description:      "Custom skill description",
+		AllowedTools:     []string{"allowed_tool", "another_allowed"},
+		AllowedResources: []string{"file:///allowed.txt"},
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	mgr, err := mcpserver.NewManagerFromServers(map[string]*mcpserver.Server{"filtered": srv})
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer mgr.Close()
+
+	upstream := connectTestClient(t, ctx, mgr)
+
+	t.Run("list_skills_shows_custom_description", func(t *testing.T) {
+		result, err := upstream.CallTool(ctx, &mcp.CallToolParams{Name: "list_skills"})
+		if err != nil {
+			t.Fatal(err)
+		}
+		tc := result.Content[0].(*mcp.TextContent)
+		if !strings.Contains(tc.Text, "Custom skill description") {
+			t.Errorf("expected custom description, got %q", tc.Text)
+		}
+		if strings.Contains(tc.Text, "Original description") {
+			t.Error("original description should be overridden")
+		}
+	})
+
+	t.Run("use_skill_shows_only_allowed_tools", func(t *testing.T) {
+		result, err := upstream.CallTool(ctx, &mcp.CallToolParams{
+			Name:      "use_skill",
+			Arguments: map[string]any{"skill_name": "filtered"},
+		})
+		if err != nil {
+			t.Fatal(err)
+		}
+		tc := result.Content[0].(*mcp.TextContent)
+		if !strings.Contains(tc.Text, "allowed_tool(") {
+			t.Errorf("expected allowed_tool signature, got %q", tc.Text)
+		}
+		if !strings.Contains(tc.Text, "another_allowed(") {
+			t.Errorf("expected another_allowed signature, got %q", tc.Text)
+		}
+		if strings.Contains(tc.Text, "blocked_tool") {
+			t.Error("blocked_tool should not appear")
+		}
+	})
+
+	t.Run("use_skill_shows_only_allowed_resources", func(t *testing.T) {
+		result, err := upstream.CallTool(ctx, &mcp.CallToolParams{
+			Name:      "use_skill",
+			Arguments: map[string]any{"skill_name": "filtered"},
+		})
+		if err != nil {
+			t.Fatal(err)
+		}
+		tc := result.Content[0].(*mcp.TextContent)
+		if !strings.Contains(tc.Text, "file:///allowed.txt") {
+			t.Errorf("expected allowed resource, got %q", tc.Text)
+		}
+		if strings.Contains(tc.Text, "file:///blocked.txt") {
+			t.Error("blocked resource should not appear")
+		}
+	})
+
+	t.Run("execute_code_can_call_allowed_tool", func(t *testing.T) {
+		code := `allowed_tool()`
+		result, err := upstream.CallTool(ctx, &mcp.CallToolParams{
+			Name:      "execute_code",
+			Arguments: map[string]any{"code": code},
+		})
+		if err != nil {
+			t.Fatal(err)
+		}
+		if result.IsError {
+			tc := result.Content[0].(*mcp.TextContent)
+			t.Fatalf("error: %s", tc.Text)
+		}
+	})
+
+	t.Run("execute_code_cannot_call_blocked_tool", func(t *testing.T) {
+		code := `blocked_tool()`
+		result, err := upstream.CallTool(ctx, &mcp.CallToolParams{
+			Name:      "execute_code",
+			Arguments: map[string]any{"code": code},
+		})
+		if err != nil {
+			t.Fatal(err)
+		}
+		if !result.IsError {
+			t.Error("expected error calling blocked tool")
+		}
+	})
+
+	t.Run("blocked_tool_does_not_cause_prefix", func(t *testing.T) {
+		// If blocked_tool were visible, tools with same name in other
+		// servers would get prefixed. Since it's filtered, no prefix needed.
+		result, err := upstream.CallTool(ctx, &mcp.CallToolParams{
+			Name:      "use_skill",
+			Arguments: map[string]any{"skill_name": "filtered"},
+		})
+		if err != nil {
+			t.Fatal(err)
+		}
+		tc := result.Content[0].(*mcp.TextContent)
+		// Tool names should not have "filtered_" prefix since there's no conflict.
+		if strings.Contains(tc.Text, "filtered_allowed_tool") {
+			t.Error("tools should not be prefixed when no conflict exists")
+		}
+	})
+}

internal/mcpserver/manager_test.go

@@ -81,11 +81,11 @@ func TestAllTools(t *testing.T) {
 	t.Parallel()
 	ctx := t.Context()
 
-	s1, err := NewServerFromSession(ctx, startFakeServer(t, ctx, "tool_a"))
+	s1, err := NewServerFromSession(ctx, startFakeServer(t, ctx, []string{"tool_a"}, nil))
 	if err != nil {
 		t.Fatal(err)
 	}
-	s2, err := NewServerFromSession(ctx, startFakeServer(t, ctx, "tool_b"))
+	s2, err := NewServerFromSession(ctx, startFakeServer(t, ctx, []string{"tool_b"}, nil))
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -104,11 +104,11 @@ func TestManagerServerTools(t *testing.T) {
 	t.Parallel()
 	ctx := t.Context()
 
-	s1, err := NewServerFromSession(ctx, startFakeServer(t, ctx, "tool_a"))
+	s1, err := NewServerFromSession(ctx, startFakeServer(t, ctx, []string{"tool_a"}, nil))
 	if err != nil {
 		t.Fatal(err)
 	}
-	s2, err := NewServerFromSession(ctx, startFakeServer(t, ctx, "tool_b"))
+	s2, err := NewServerFromSession(ctx, startFakeServer(t, ctx, []string{"tool_b"}, nil))
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -135,7 +135,7 @@ func TestManagerClose(t *testing.T) {
 	t.Parallel()
 
 	ctx := t.Context()
-	session := startFakeServer(t, ctx, "tool")
+	session := startFakeServer(t, ctx, []string{"tool"}, nil)
 	srv, err := NewServerFromSession(ctx, session)
 	if err != nil {
 		t.Fatal(err)