Skip to content

[BUG] Subagents spawned via Task tool cannot execute MCP tools despite appearing in tool registry #16491

Open
#30288
Open
[BUG] Subagents spawned via Task tool cannot execute MCP tools despite appearing in tool registry#16491
#30288
Assignees
rekram1-node
@jeremyakers

Description

@jeremyakers
jeremyakers
opened on Mar 7, 2026

Description

Bug Description

When a subagent session is spawned via the Task tool, MCP tools from configured MCP servers appear in the subagent's tool registry but cannot be executed due to missing session permissions. The subagent can see the tools (e.g., tymemud-builder_read_room, context7_resolve-library-id) in its function list, but when attempting to call them, the permission system blocks execution.

What Happened

  • Parent agent successfully uses MCP tools (e.g., tymemud-builder_list_rooms_in_zone)
  • Subagent spawned via Task tool reports MCP tools are "not appearing in available function list" or gets permission denied
  • Subagent can see MCP tools in the registry but lacks permission to execute them
  • Permission check fails at execution time in packages/opencode/src/session/prompt.ts

Root Cause Analysis

In packages/opencode/src/tool/task.ts (lines 66-102), when creating a subagent session, only explicit permissions are granted for native tools (todowrite, todoread, task). MCP tools are not included in the session's permission array:

return await Session.create({
  parentID: ctx.sessionID,
  title: params.description + ` (@${agent.name} subagent)`,
  permission: [
    {
      permission: "todowrite",
      pattern: "*",
      action: "deny",
    },
    {
      permission: "todoread",
      pattern: "*",
      action: "deny",
    },
    // ... MCP tools NOT explicitly granted permission
  ],
})

When MCP tools are added to the tool registry in packages/opencode/src/session/prompt.ts (lines 830-921), they are wrapped with a permission check via ctx.ask(). The permission ruleset is merged from input.agent.permission and input.session.permission (line 778), but since subagent sessions don't have MCP tool permissions explicitly granted, the check fails.
Relevant Code Locations

File: packages/opencode/src/tool/task.ts, lines 66-102 - Subagent session creation
File: packages/opencode/src/session/prompt.ts, lines 773-780, 830-921 - Permission merging and MCP tool wrapping
File: packages/opencode/src/mcp/index.ts, line 598 - MCP tools retrieval

Impact

I have a number of MCP servers for things like grepai, and query tools for querying/updating non-SQL data stores. This issue makes it nearly impossible for any subagents to do useful work in my environment because they cannot access any of my MCP tools needed to do their work.

Plugins

oh-my-opencode

OpenCode version

1.2.20

Steps to reproduce

Steps to Reproduce

  1. Configure an MCP server in opencode.json

  2. Start OpenCode and verify MCP shows as "connected" via opencode mcp list

  3. Use parent agent to successfully call an MCP tool 

  4. Spawn a subagent via Task tool with a prompt that requires MCP tool usage

  5. Observe that subagent reports MCP tools are not available or gets permission denied when attempting to execute

Screenshot and/or share link

Image

Operating System

Ubuntu 22.04

Terminal

Web UI

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions