fix(core): ensure policy engine compatibility with isolated MCP servers

This commit addresses PR feedback regarding the prefixing of isolated subagent MCP servers and its potential to break existing security policies relying on standard FQNs.

1. Added `originalName` to `MCPServerConfig` and `originalServerName` to `DiscoveredMCPTool`.
2. Updated `CoreToolScheduler` to reconstruct the original FQN (without the `__agent__` prefix) when performing policy checks via the Policy Engine. This ensures policies mapping to standard `mcp_{server}_{tool}` formats still apply correctly to isolated agents.
3. Added a remote agent back to `NewAgentsNotification.test.tsx` to maintain coverage for both local and remote agents.
This commit is contained in:
Akhilesh Kumar
2026-03-13 17:30:32 +00:00
parent 3bf0a5579a
commit ee425228fe
7 changed files with 32 additions and 3 deletions
@@ -38,6 +38,13 @@ describe('NewAgentsNotification', () => {
},
},
},
{
name: 'Agent C',
description: 'Description C',
kind: 'remote' as const,
agentCardUrl: '',
inputConfig: { inputSchema: {} },
},
];
const onSelect = vi.fn();
@@ -11,6 +11,7 @@ exports[`NewAgentsNotification > renders agent list 1`] = `
│ │ - Agent A: Description A │ │
│ │ - Agent B: Description B │ │
│ │ (Includes MCP servers: github, postgres) │ │
│ │ - Agent C: Description C │ │
│ │ │ │
│ └────────────────────────────────────────────────────────────────────────────────────────────┘ │
│ │