Skip to content

Comments

feat: Add tool annotations for improved LLM tool understanding#40

Merged
cfc4n merged 1 commit intogojue:masterfrom
bryankthompson:feat/add-tool-annotations
Jan 1, 2026
Merged

feat: Add tool annotations for improved LLM tool understanding#40
cfc4n merged 1 commit intogojue:masterfrom
bryankthompson:feat/add-tool-annotations

Conversation

@bryankthompson
Copy link
Contributor

@bryankthompson bryankthompson commented Dec 27, 2025

Summary

Adds MCP tool annotations (readOnlyHint, destructiveHint, title) to all 22 tools to help LLMs better understand tool behavior and make safer decisions about tool execution.

Changes

Command Service (1 tool)

  • execute_command: Destructive (executes shell commands)

Browser Service (13 tools)

Tool Classification
browser_navigate Destructive (navigates browser)
browser_screenshot Destructive (saves file to disk)
browser_click Destructive (interacts with page)
browser_fill Destructive (enters data)
browser_select Destructive (changes selection)
browser_hover Destructive (triggers events)
browser_evaluate Destructive (executes JavaScript)
browser_debug_enable Destructive (modifies debugger)
browser_set_breakpoint Destructive (sets breakpoint)
browser_remove_breakpoint Destructive (removes breakpoint)
browser_pause Destructive (pauses execution)
browser_resume Destructive (resumes execution)
browser_get_callstack Read-only (observes state)

Filesystem Service (8 tools)

Tool Classification
read_file Read-only
list_directory Read-only
search_files Read-only
get_file_info Read-only
list_allowed_directories Read-only
write_file Destructive
create_directory Destructive
move_file Destructive

Why This Matters

  • Annotations provide semantic metadata that helps LLMs understand tool behavior
  • LLMs can make better decisions about when to use tools and in what order
  • Enables safer tool execution by distinguishing read-only from destructive operations
  • MCP clients (like Claude Code) can auto-approve read-only tools without user confirmation

Testing

  • go build ./... passes
  • All 22 tools annotated with appropriate hints
  • Using existing mcp-go v0.29.0 annotation support (no SDK upgrade needed)

🤖 Generated with Claude Code

@web-flow @claude
feat: Add tool annotations for improved LLM tool understanding
7de46f4 
Add readOnlyHint and destructiveHint annotations to all 22 tools
to help LLMs better understand tool behavior and make safer decisions.

Changes:
- Command tools (1): execute_command marked as destructive
- Browser tools (13): navigate, click, fill, etc. marked as destructive;
  get_callstack marked as read-only
- Filesystem tools (8): read/list/search marked as read-only;
  write/create/move marked as destructive

This improves tool safety metadata for MCP clients.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@dosubot dosubot bot added size:M This PR changes 30-99 lines, ignoring generated files. enhancement New feature or request labels Dec 27, 2025
@cfc4n cfc4n requested a review from Copilot December 28, 2025 00:58
Copilot AI reviewed Dec 28, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds MCP tool annotations to improve LLM understanding of tool behavior and enable safer tool execution. The annotations include title, readOnlyHint, and destructiveHint fields for all 22 tools across three services.

Key changes:

  • Adds human-readable titles to all tools for better UI display
  • Classifies tools as either read-only or destructive to guide LLM decision-making
  • Enables MCP clients to potentially auto-approve read-only tools without user confirmation

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
pkg/services/filesystem/file_system.go Annotates 8 filesystem tools (5 read-only: read_file, list_directory, search_files, get_file_info, list_allowed_directories; 3 destructive: write_file, create_directory, move_file)
pkg/services/command/command.go Annotates execute_command as destructive with title "Execute Command"
pkg/services/browser/browser.go Annotates 13 browser tools (1 read-only: browser_get_callstack; 12 destructive: navigation, interaction, and debugging tools)

The annotations are consistently applied and the read-only/destructive classifications are logically correct based on each tool's behavior. No issues were identified in the changes.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@cfc4n cfc4n merged commit 0e532ce into gojue:master Jan 1, 2026
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

enhancement New feature or request size:M This PR changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bryankthompson @cfc4n @web-flow