spec: MCP prompts capability: query, discovery, and slash-command dispatch in Warp#11476
spec: MCP prompts capability: query, discovery, and slash-command dispatch in Warp#11476oz-for-oss[bot] wants to merge 1 commit into
Conversation
Co-Authored-By: David Engelmann <81196676+david-engelmann@users.noreply.github.com> Co-Authored-By: Oz <oz-agent@warp.dev>
|
@oz-for-oss[bot] I'm starting a first review of this spec-only pull request. You can view the conversation on Warp. I completed the review and no human review was requested for this pull request. Comment Powered by Oz |
![oz-for-oss[bot]](https://avatars.githubusercontent.com/in/3450139?s=60&v=4){kind=small}
There was a problem hiding this comment.
Overview
This PR adds product and technical specs for surfacing MCP prompt templates in Warp through prompt listing, slash-command discovery, argument collection, prompts/get, Agent Mode dispatch, telemetry, and validation.
Concerns
- The tech spec does not define how MCP
PromptMessagearrays with multiple roles/messages are flattened into one Agent Mode prompt body, which could lead to incompatible implementations. - Generated slash-command collision handling is not deterministic enough to guarantee stable command names across menu refreshes or reconnects.
Security
- Telemetry currently allows raw MCP prompt names even though those names are server-controlled metadata and may disclose private workflow or repository details.
Verdict
Found: 0 critical, 3 important, 0 suggestions
Request changes
Comment /oz-review on this pull request to retrigger a review (up to 3 times on the same pull request).
Powered by Oz
| - Resolve the selected `installation_id` and `prompt_name` against active manager state at invocation time. | ||
| - Build `GetPromptRequestParams` with the prompt name and argument map after local validation. | ||
| - Call `ReconnectingPeer::get_prompt`. | ||
| - Convert the returned prompt messages to a single text prompt body for Agent Mode. |
There was a problem hiding this comment.
| - `prompt_description: Option<String>` | ||
| - generated `command_name: String` | ||
| - argument metadata copied from `rmcp::model::Prompt` | ||
| Generate command names as `/mcp.<server-slug>.<prompt-slug>`. Slug generation should be deterministic, slash-safe, and covered by tests. Keep a per-snapshot map to detect generated-name collisions; append a short stable suffix derived from installation id and prompt name when needed. |
There was a problem hiding this comment.
| - If the queue-next-prompt setting is active and the current conversation is in progress, use the same queuing behavior as typed prompts rather than bypassing the queue. | ||
| Do not introduce a new AI action type unless implementation discovers that agent-visible structured results are required. MCP prompt invocation is user-initiated prompt composition, not an agent-requested tool action, so it can live in input/slash-command handling rather than the blocklist action queue. | ||
| ### 9. Telemetry and privacy | ||
| Extend `SlashCommandAcceptedDetails` or add a dedicated metadata event for MCP prompt acceptance. Include only non-content metadata: generated command family, installation id or redacted stable id, prompt name, has_arguments, argument_count, success/failure category, and whether the command was accepted in Agent View. Do not log argument values or rendered prompt content. |
There was a problem hiding this comment.
1 participant
Summary
prompts/list, active prompt metadata, slash-menu discovery, argument collection,prompts/get, Agent Mode dispatch, telemetry/privacy, and validation.Validation
Related issue: #10740