fix(mcp): rewrite skill-shipped MCP command paths for the Claude target

[srid]

Summary

Self-defined MCP launchers shipped inside a skill package (e.g. juspay/nix-chrome-devtools-mcp) declare their command: using the cross-tool converged skill path .agents/skills/<name>/.... Every other target deploys skills to .agents/skills/, so the upstream value is correct as-declared — but Claude is the documented outlier (see install/skill_path_migration.py:55: ".claude/skills/ is excluded (Claude is not in the convergence set)"). Consumers whose apm.yml has target: claude end up with files at .claude/skills/<name>/... while .mcp.json still points at the non-existent .agents/skills/<name>/..., so Claude Code fails to launch the server.

Repro

# apm.yml
target: claude
dependencies:
  apm:
    - juspay/nix-chrome-devtools-mcp

$ apm install
$ ls .agents/skills/nix-chrome-devtools-mcp/bin/serve
ls: cannot access '.agents/skills/...': No such file or directory
$ ls .claude/skills/nix-chrome-devtools-mcp/bin/serve   # the file IS here
-rwxr-xr-x ...
$ jq -r '.mcpServers["chrome-devtools"].command' .mcp.json
.agents/skills/nix-chrome-devtools-mcp/bin/serve   # ← wrong

Fix

Override _format_server_config in ClaudeClientAdapter to rewrite the .agents/skills/ prefix to .claude/skills/ on the way out. Scoped to the prefix only — bare binaries (npx, node), absolute paths, and unrelated relative paths pass through unchanged.

Drift detection (_detect_mcp_config_drift) compares the upstream dep.to_dict() against the lockfile baseline (both upstream-shaped), not against on-disk paths, so the rewrite does not perturb idempotence. Verified: a second apm install reports "already configured" and the on-disk path remains rewritten.

Why this layer

• _build_self_defined_info in mcp_integrator.py builds one synthetic_info per dep that is reused across all target_runtimes — rewriting there would either need per-runtime copies or runtime-specific knowledge in the integrator.
• Each adapter already owns its target-specific shaping (cf. _normalize_mcp_entry_for_claude_code), and Claude is the only target that needs this rewrite, so a single override stays local.

Test plan

• New unit test: .agents/skills/<name>/... → .claude/skills/<name>/... end-to-end through configure_mcp_server → .mcp.json
• New unit test: pass-through for npx, absolute paths, ./scripts/..., .agents/other/...
• Full tests/unit/test_claude_mcp.py suite: 28 passed (+4 subtests)
• Adapter regression: tests/unit/adapters, tests/unit/test_copilot_adapter.py, tests/integration/test_claude_mcp_schema_fidelity.py: 116 passed
• Integration regression: tests/unit/integration, tests/integration/test_agent_skills_target.py: 1444 passed
• Manual E2E: re-ran apm install in a target: claude project consuming juspay/nix-chrome-devtools-mcp; .mcp.json now points at the deployed launcher and ./.claude/skills/nix-chrome-devtools-mcp/bin/serve boots successfully

[Copilot]

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Updates the Claude client adapter to rewrite self-defined MCP skill launcher paths from the cross-tool .agents/skills/ convention to Claude’s .claude/skills/ location so generated .mcp.json entries point to paths that exist after deployment.

Changes:

• Add command-prefix rewrite logic in ClaudeClientAdapter and apply it when formatting server config.
• Add unit tests verifying rewrite behavior for skill-path commands and no-op behavior for other command shapes.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
tests/unit/test_claude_mcp.py	Adds regression tests covering .agents/skills/ → .claude/skills/ rewriting and ensuring non-skill commands are unchanged.
src/apm_cli/adapters/client/claude.py	Implements the command-prefix rewrite and applies it to formatted server configs for Claude.

[srid]

This is ruff format's style (Black-style, E203) for slices whose index is a complex expression — and the project's configured formatter, per pyproject.toml. Both ruff check src/apm_cli/adapters/client/claude.py and ruff format --check pass; removing the space would in fact be re-added by ruff format.

It's also the dominant convention in src/apm_cli/ — a quick grep:

src/apm_cli/bundle/plugin_exporter.py:72:        normalized = normalized[len("skills/") :].lstrip("/")
src/apm_cli/utils/normalization.py:41:        return content[len(_BOM) :]
src/apm_cli/core/conflict_detector.py:115:                server_name = raw_key[len("mcp_servers.") :]
src/apm_cli/commands/policy.py:54:            return source[len(prefix) :]
src/apm_cli/bundle/lockfile_enrichment.py:153:                    mapped = dst_prefix + f[len(src_prefix) :]
src/apm_cli/core/command_logger.py:693:            reason = reason[len(prefix) :]
src/apm_cli/bundle/local_bundle.py:281:        return value[len("sha256:") :].strip().lower()
src/apm_cli/commands/marketplace/check.py:60:                            tag_name = tag_name[len("refs/tags/") :]
src/apm_cli/core/token_manager.py:242:                    token = line[len("password=") :]

Leaving as-is.

[github-actions]

APM Review Panel: ship_with_followups

Fix silent Claude MCP failure: rewrite .agents/skills/ command prefix to .claude/skills/ in ClaudeClientAdapter so self-defined skill packages resolve correctly at runtime.

cc @sergio-sisternes-epam -- a fresh advisory pass is ready for your review.

All six active panelists converge: the fix is correct, well-scoped, and introduces no regressions. python-architect confirms the Template Method override is the right pattern. supply-chain-security confirms no new path-traversal or credential risk. cli-logging-expert confirms the silent rewrite is appropriate for the happy path. The fix closes a real user-facing breakage -- Claude users installing skill packages with self-defined MCP launchers received a broken .mcp.json that failed silently only when Claude tried to start the server.

The highest-convergence signal is the missing CHANGELOG entry: both oss-growth-hacker and doc-writer flag it independently. This is not a paperwork concern -- a bug fix that affects Claude users but carries no CHANGELOG entry is a trust deficit. Users who hit the broken command path and worked around it manually will never know it was resolved; prospective contributors will not see evidence of responsive maintenance. A single line under [Unreleased] ### Fixed converts invisible maintenance into a community trust signal.

The test-coverage-expert finding is real but proportionate: unit tests cover the rewrite logic in isolation and the two passing tests are load-bearing evidence that the fix works. The missing integration-tier fixture test is a gap worth tracking -- if _format_server_config super-call or prefix constants drift, only unit coverage would catch it -- but it is not a reason to hold the PR. The devx-ux install-time warning suggestion is a genuine UX improvement and should be tracked as a follow-up issue, not a pre-merge requirement.

Aligned with: Multi-harness / multi-host -- Directly advances Claude harness fidelity: skill MCP launchers now resolve to the correct runtime path for Claude users. Portable by manifest -- Ensures the manifest-driven skill install produces a correct on-disk artifact (.mcp.json) across harnesses. Pragmatic as npm -- Silent runtime failure is the worst failure mode for a package manager; this fix makes Claude skill installs reliably functional without user intervention.

Growth signal. Claude is a high-visibility harness. A broken .mcp.json on skill install is a first-impression failure that converts curious Claude users into churned users. This fix, with a proper CHANGELOG entry, becomes a concrete signal that APM ships responsive, harness-aware fixes -- exactly the narrative that builds contributor and enterprise trust.

Panel summary

Persona	B	R	N	Takeaway
Python Architect	0	0	1	Minimal, well-scoped fix: Template Method override + isolated classmethod rewriter; only args-scope omission warrants a doc comment.
CLI Logging Expert	0	0	0	No CLI output changes; silent path rewrite is correct -- existing success/error surface is unchanged and appropriate.
DevX UX Expert	0	1	0	Fix is correct and invisible to users on the happy path; the only UX gap worth addressing is surfacing the broken-command-path failure at install time rather than silently deferring it to Claude runtime.
Supply Chain Security Expert	0	0	1	No supply-chain security regressions; the string-prefix rewrite is type-guarded, scope-limited, and does not amplify any pre-existing path or credential risk.
OSS Growth Hacker	0	1	0	Solid silent-failure fix for Claude users; needs a CHANGELOG entry so it converts to trust signal rather than invisible maintenance.
Doc Writer	0	1	0	Add a CHANGELOG [Unreleased] ### Fixed entry -- this bug fix affects Claude users and the section already exists but has no entry for this PR.
Test Coverage Expert	0	1	0	Unit tests are well-targeted and cover the rewrite logic in isolation; no integration-tier test verifies the on-disk .mcp.json command path after a real Claude skill install -- a recommended gap against the install-pipeline floor.

B = blocking-severity findings, R = recommended, N = nits.
Counts are signal strength, not gates. The maintainer ships.

Top 5 follow-ups

1. [OSS Growth Hacker + Doc Writer] Add CHANGELOG [Unreleased] ### Fixed entry for the Claude skill path rewrite. -- Dual-panelist convergence is the highest signal in this review. The fix is invisible to users without a changelog entry; with one, it becomes evidence of responsive maintenance and harness-aware quality. Suggested line: Fix Claude skill MCP launcher path: rewrite .agents/skills/ command prefix to .claude/skills/ in ClaudeClientAdapter so self-defined skill packages resolve correctly for Claude users. (#1465)
2. [Test Coverage Expert] Add integration-with-fixtures test: verify .claude/skills/ path in written .mcp.json after a real Claude skill install. -- Unit tests cover the rewrite logic but the install-pipeline surface has no integration-tier assertion. If prefix constants or the super-call drift, no automated check catches it before a user ships a broken .mcp.json. Track as a follow-up issue; suggested file: tests/integration/test_claude_mcp_schema_fidelity.py.
3. [DevX UX Expert] Add install-time existence check: emit _rich_warning if the rewritten command path does not exist on disk. -- Currently the broken-path failure is deferred to Claude runtime. A stat check after rewrite would surface the error at apm install time, aligning with the pragmatic-as-npm principle.
4. [Python Architect] Add a one-line docstring to _rewrite_self_defined_skill_command clarifying that only command is rewritten, not args. -- The intentional scope (command only) is not self-evident; without a comment a future contributor may file a follow-up bug or incorrectly extend the rewrite to args.
5. [Supply Chain Security Expert] Track path validation at the call-site as a future hardening task. -- The prefix rewrite preserves any traversal sequences already present in the command. Not a regression, but a resolved-path validation would close the theoretical risk surface.

Architecture

classDiagram
    direction LR
    class MCPClientAdapter {
        <<ABC>>
        +configure_mcp_server(name) bool
        +_format_server_config(info, env, vars) dict
    }
    class CopilotClientAdapter {
        <<ConcreteBase>>
        +_format_server_config(info, env, vars) dict
    }
    class ClaudeClientAdapter {
        <<ConcreteStrategy>>
        +_CONVERGED_SKILL_PREFIX str
        +_CLAUDE_SKILL_PREFIX str
        +_rewrite_self_defined_skill_command(cmd) str
        +_format_server_config(info, env, vars) dict
    }
    class CursorClientAdapter {
        <<ConcreteStrategy>>
        +_format_server_config(info, env, vars) dict
    }
    class GeminiClientAdapter {
        <<ConcreteStrategy>>
    }
    class WindsurfClientAdapter {
        <<ConcreteStrategy>>
    }
    MCPClientAdapter <|-- CopilotClientAdapter
    CopilotClientAdapter <|-- ClaudeClientAdapter
    CopilotClientAdapter <|-- CursorClientAdapter
    CopilotClientAdapter <|-- GeminiClientAdapter
    CopilotClientAdapter <|-- WindsurfClientAdapter
    note for ClaudeClientAdapter "Template Method: super()._format_server_config then rewrites .agents/skills/ -> .claude/skills/"
    class ClaudeClientAdapter:::touched
    classDef touched fill:#fff3b0,stroke:#d47600

Loading

flowchart TD
    A["configure_mcp_server (claude.py:249)"] --> B["_format_server_config (claude.py:67)"]
    B --> C["super()._format_server_config (copilot.py:408)"]
    C --> D["reads _raw_stdio.command (copilot.py:433)"]
    D --> E{"command starts with .agents/skills/?"}
    E -- yes --> F["_rewrite_self_defined_skill_command (claude.py:62) returns .claude/skills/... path"]
    E -- no --> G["command unchanged"]
    F --> H["config dict with rewritten command"]
    G --> H
    H --> I["FS write .mcp.json"]

Loading

Recommendation

Ship after adding the CHANGELOG entry (highest-convergence follow-up, one line, pre-merge preferred). All other follow-ups are post-merge: integration fixture test, install-time warning, docstring, and path validation. The fix is correct, the unit evidence is solid, and the only pre-merge gap is the missing changelog line that converts this invisible maintenance into a community trust signal.

---

Full per-persona findings

Python Architect

• [nit] args not rewritten -- acceptable but worth a comment at src/apm_cli/adapters/client/claude.py:62
  Only command is rewritten; args entries that might contain .agents/skills/ paths are left as-is. For the current skill launcher convention (command holds the binary path, args are flags) this is correct. A one-line docstring on _rewrite_self_defined_skill_command stating the intentional scope (command only, not args) would prevent a future contributor from filing a follow-up bug.
  Suggested: Add docstring: "Rewrites the command field only; args are intentionally left unchanged as skill launchers place the binary path in command, not args."

CLI Logging Expert

No findings.

DevX UX Expert

• [recommended] Silent runtime failure deferred from install to Claude launch at src/apm_cli/adapters/client/claude.py (_format_server_config)
  The fix corrects a silent runtime failure -- broken command path in .mcp.json only surfaces when Claude tries (and fails) to start the MCP server, not at apm install time. Consider adding an install-time existence check (or at least a warning) when the resolved command path does not exist on disk.
  Suggested: After rewriting the command, stat the resolved path and emit a _rich_warning if it does not exist. This turns a silent runtime break into a recoverable install-time prompt.

Supply Chain Security Expert

• [nit] Path traversal sequences in command are preserved by the prefix rewrite at src/apm_cli/adapters/client/claude.py
  The prefix rewrite preserves any path traversal sequences already present in the command (e.g. .agents/skills/../../../evil -> .claude/skills/../../../evil). This is not a regression introduced by this PR -- the risk existed before and is equal in both forms -- but it is a signal that the call-site should eventually validate the resolved path. No action required for this PR.

OSS Growth Hacker

• [recommended] No CHANGELOG entry for a user-facing Claude bug fix at CHANGELOG.md
  The [Unreleased] section has no entry for this fix. Claude users who hit the silent MCP failure would never know it was resolved -- and prospective Claude users evaluating APM won't see evidence that Claude first-run quality is actively maintained.
  Suggested: Add a line under [Unreleased] ### Fixed: Fix: rewrite .agents/skills/ command prefix to .claude/skills/ in ClaudeClientAdapter so skill MCP launchers resolve correctly for Claude users. (#1465)

Doc Writer

• [recommended] Missing CHANGELOG [Unreleased] entry for the Claude skill path rewrite fix at CHANGELOG.md
  This PR fixes a user-facing bug: Claude users installing skill packages with self-defined MCP launchers received broken command paths (.agents/skills/ instead of .claude/skills/). The CHANGELOG [Unreleased] section has a ### Fixed block (PR fix: handle MCP v0.1 runtimeArguments.variables in copilot and codex adapters #1461) but no entry for this fix. Per project conventions, bug fixes that affect user-observable behavior belong in CHANGELOG [Unreleased] ### Fixed. The 0.14.0 release notes explicitly document the .claude/skills/ routing contract, so readers who encounter this breakage and search the changelog will find no record of the fix.
  Suggested: Add under ## [Unreleased] ### Fixed: Fix Claude skill MCP launcher path: rewrite .agents/skills/ command prefix to .claude/skills/ in ClaudeClientAdapter so self-defined skill packages resolve correctly for Claude users. (#1465)

Test Coverage Expert

• [recommended] Install-pipeline surface: no integration-tier test verifying .claude/skills/ path in written .mcp.json
  Unit tests added are well-targeted but stay at unit tier. The tier-floor matrix requires integration-with-fixtures for the install-pipeline surface. No integration test in tests/integration/ covers the .agents/skills/ -> .claude/skills/ rewrite via a real fixture package. If _format_server_config super-call or prefix constants drift, unit tests catch the rewrite logic in isolation, but no integration-tier assertion would fail before a user ships a broken .mcp.json.
  Proof (passed at unit): tests/unit/test_claude_mcp.py::test_self_defined_skill_command_rewritten_to_claude_skills -- proves: When a skill MCP launcher declares .agents/skills/... as its command, configure_mcp_server writes .claude/skills/... to .mcp.json [devx, multi-harness-support]
  self.assertEqual(data['mcpServers']['chrome-devtools']['command'], '.claude/skills/nix-chrome-devtools-mcp/bin/serve')
  Proof (passed at unit): tests/unit/test_claude_mcp.py::test_self_defined_non_skill_command_left_unchanged -- proves: Bare binaries, absolute paths, and unrelated relative paths are not rewritten [devx]
  self.assertEqual(self.adapter._rewrite_self_defined_skill_command(raw_command), raw_command)
  Proof (missing at integration-with-fixtures): tests/integration/test_claude_mcp_schema_fidelity.py::test_skill_mcp_launcher_command_rewritten_to_claude_skills_prefix -- proves: After apm install of a Claude-targeted skill with an MCP launcher, the on-disk .mcp.json has a .claude/skills/ command path [devx, multi-harness-support, portability-by-manifest]

Auth Expert -- inactive

PR only rewrites a filesystem command path prefix in ClaudeClientAdapter._format_server_config; no auth flows, token resolution, credential handling, or AuthResolver touched.

_{This panel is advisory. It does not block merge. Re-apply the
panel-review label after addressing feedback to re-run.}

Note

🔒 Integrity filter blocked 4 items

The following items were blocked because they don't meet the GitHub integrity level.

• #1465 pull_request_read: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
• fix(mcp): rewrite skill-shipped MCP command paths for the Claude target #1465 pull_request_read: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
• 3a7389d list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
• #1465 search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

To allow these resources, lower min-integrity in your GitHub frontmatter:

tools:
  github:
    min-integrity: approved  # merged | approved | unapproved | none

Generated by PR Review Panel for issue #1465 · ● 2.6M · ◷