Skip to content

feat: per-mode MCP server allowlist (allowedMcpServers)#12019

Draft
roomote-v0[bot] wants to merge 1 commit intomainfrom
feature/per-mode-mcp-server-allowlist
Draft

feat: per-mode MCP server allowlist (allowedMcpServers)#12019
roomote-v0[bot] wants to merge 1 commit intomainfrom
feature/per-mode-mcp-server-allowlist

Conversation

@roomote-v0
Copy link
Copy Markdown
Contributor

@roomote-v0 roomote-v0 bot commented Mar 27, 2026
edited
Loading

Related GitHub Issue

Closes: #12004

Description

This PR attempts to address Issue #12004 by adding an optional allowedMcpServers field to ModeConfig that acts as a per-mode allowlist for MCP servers. Feedback and guidance are welcome.

How it works:

  • When allowedMcpServers is defined on a mode config (e.g. in .roomodes), only MCP servers whose names are in the list will have their tools injected for that mode.
  • When allowedMcpServers is omitted or empty, all enabled MCP servers are included -- preserving current default behavior.

Key implementation details:

  • Type definition (packages/types/src/mode.ts): Added allowedMcpServers: z.array(z.string()).optional() to modeConfigSchema.
  • MCP tool generation (src/core/prompts/tools/native-tools/mcp_server.ts): getMcpServerTools() now accepts an optional allowedMcpServers parameter and filters the server list before building tool definitions.
  • Build tools pipeline (src/core/task/build-tools.ts): Resolves the current mode config and passes allowedMcpServers to getMcpServerTools().
  • System prompt (src/core/prompts/system.ts): The MCP capabilities section now respects allowedMcpServers -- if none of the allowed servers exist, the MCP capabilities message is omitted.

Configuration example:

{
  "customModes": [
    {
      "slug": "database-architect",
      "name": "Database Architect",
      "roleDefinition": "You manage the database schema...",
      "groups": ["read", "edit", "mcp"],
      "allowedMcpServers": ["postgres-mcp", "redis-mcp"]
    }
  ]
}

Design decisions:

  • Whitelist-only approach (no blocklist) -- simpler to reason about and matches the requester's needs. A blocklist could be added later.
  • Server-name matching uses the key from mcpServers config (same name shown in the UI).
  • Fully backward compatible -- the field is optional; when absent, behavior is identical to current.

Test Procedure

  • Added 5 new tests for modeConfigSchema in packages/types/src/__tests__/mode.test.ts verifying the new allowedMcpServers field (valid arrays, empty arrays, undefined, non-string rejection).
  • Added 5 new tests for getMcpServerTools() in src/core/prompts/tools/native-tools/__tests__/mcp_server.spec.ts covering allowlist filtering (undefined passthrough, empty array passthrough, selective filtering, no-match, single server).
  • All 20 tests pass locally.

Pre-Submission Checklist

  • Issue Linked: This PR is linked to an approved GitHub Issue (see "Related GitHub Issue" above).
  • Scope: My changes are focused on the linked issue (one major feature/fix per PR).
  • Self-Review: I have performed a thorough self-review of my code.
  • Testing: New and/or updated tests have been added to cover my changes.
  • Documentation Impact: Documentation for .roomodes configuration may need updating to mention the new allowedMcpServers field.
  • Contribution Guidelines: I have read and agree to the Contributor Guidelines.

Documentation Updates

  • Yes, documentation updates may be needed to describe the allowedMcpServers field in custom mode configuration.

Additional Notes

  • UI updates for the mode editor (showing MCP server checkboxes) are not included in this initial PR but could be a follow-up enhancement.

Interactively review PR in Roo Code Cloud

@roomote
feat: add per-mode MCP server allowlist (allowedMcpServers)
27b4b30 
Add an optional allowedMcpServers field to ModeConfig that acts as a
whitelist for MCP servers on a per-mode basis. When defined, only the
listed MCP servers tools are injected for that mode. When omitted or
empty, all enabled MCP servers are included (preserving current behavior).

This addresses context bloat and tool limit issues when running multiple
MCP servers with models that have strict tool limits (e.g. 128-tool limit).

Changes:
- packages/types/src/mode.ts: Add allowedMcpServers to modeConfigSchema
- src/core/prompts/tools/native-tools/mcp_server.ts: Accept allowedMcpServers filter
- src/core/task/build-tools.ts: Pass allowedMcpServers from mode config
- src/core/prompts/system.ts: Filter MCP capabilities in system prompt

Closes #12004
@roomote-v0 roomote-v0 bot mentioned this pull request Mar 27, 2026
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mrubens mrubens Awaiting requested review from mrubens mrubens will be requested when the pull request is marked ready for review mrubens is a code owner

@cte cte Awaiting requested review from cte cte will be requested when the pull request is marked ready for review cte is a code owner

@jr jr Awaiting requested review from jr jr will be requested when the pull request is marked ready for review jr is a code owner

@hannesrudolph hannesrudolph Awaiting requested review from hannesrudolph hannesrudolph will be requested when the pull request is marked ready for review hannesrudolph is a code owner

@daniel-lxs daniel-lxs Awaiting requested review from daniel-lxs daniel-lxs will be requested when the pull request is marked ready for review daniel-lxs is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[ENHANCEMENT] Per-Mode MCP Server Restrictions (Whitelist/Blacklist) to Prevent Context Bloat

1 participant

@roomote