You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
github.com/modelcontextprotocol/go-sdk is the official Go SDK for the Model Context Protocol (MCP) β the foundational dependency of this entire project. It provides the server/client infrastructure, transport implementations (stdio, streamable HTTP, SSE), JSON-RPC session management, and capability negotiation. This project is essentially a thin but sophisticated layer on top of this SDK, proxying MCP between agents and backend servers.
Version: v1.4.1 (latest, rapidly evolving β 5 releases tracked from v1.3.0-pre.1 to v1.4.1)
Current Usage in gh-aw-mcpg
Files: 12 production files, all importing as sdk "github.com/modelcontextprotocol/go-sdk/mcp"
Import Count: 12 production + 15 test file imports
β Session reconnect logic for expired HTTP sessions
Research Findings
Protocol Status
The MCP protocol is evolving rapidly. The go-sdk v1.4.1 supports the 2025-03-26 spec (streamable HTTP) as primary and the 2024-11-05 spec (SSE) as deprecated. The project correctly reflects this with its deprecation warning on SSE connections.
SDK Capabilities Used vs Available
Feature
Available
Used
stdio transport
β
β
Streamable HTTP server
β
β
Streamable HTTP client
β
β
SSE client
β
β
In-memory transport
β
β
sdk.TextContent
β
β
sdk.ImageContent
β
β
sdk.EmbeddedResourceContent
β
β
Tool annotations
β
β (not forwarded)
Paginated ListTools
β
β (single page only)
sdk.AddTool (typed handlers)
β
Intentionally bypassed
Improvement Opportunities
π Bug: Image and Resource Content Types Silently Dropped
When a backend returns "image" content ({"type":"image","data":"base64...","mimeType":"image/png"}), the data and mimeType fields are not captured. The default case then creates sdk.TextContent{Text: ""} β an empty text item, silently discarding the image. Same issue for "resource" content.
Impact: Any backend that returns image content (e.g. screenshot tools, vision tools) will have that content silently dropped and replaced with an empty text item.
Fix: Expand the content parsing struct and add explicit cases:
Content []struct {
Typestring`json:"type"`Textstring`json:"text,omitempty"`Datastring`json:"data,omitempty"`// for imageMIMETypestring`json:"mimeType,omitempty"`// for imageResourcemap[string]interface{} `json:"resource,omitempty"`// for resource
} `json:"content"`
All three list methods call the SDK exactly once with empty params. The SDK's result structs include a NextCursor field for paginated backends. With large tool sets (e.g., GitHub MCP server has 50+ tools, which could grow), a paginated backend would silently drop tools after the first page.
The MCP 2025 spec adds annotations to tools (e.g., readOnlyHint, destructiveHint, openWorldHint). When listing backend tools, annotations are present in the tools/list response but the current parsing struct does not capture them:
These annotations help clients (especially AI agents) understand tool safety characteristics. Forwarding them through the gateway would improve agent safety awareness.
Recommendations (Prioritized)
[BUG - High] Fix image/resource content type handling in ConvertToCallToolResult β backends returning non-text content silently drop data
[Enhancement - Medium] Add error message text content to newErrorCallToolResult β improves debuggability for MCP clients
[Enhancement - Medium] Implement paginated listTools/listResources/listPrompts β prevents silent tool loss with large backends
[Enhancement - Low] Forward tool annotations from backend tools to gateway-registered tools
Next Steps
Fix ConvertToCallToolResult to handle "image" and "resource" content types
Add TestConvertToCallToolResult_ImageContent test case in internal/mcp/tool_result_test.go
Update newErrorCallToolResult to include error message in content
Implement pagination loop in listTools, listResources, listPrompts
Add annotations field to backend tool parsing struct
Generated by Go Fan πΉ Module summary saved to: specs/mods/go-sdk.md (cache) Run ID: Β§23635978953
Note
π Integrity filter blocked 12 items
The following items were blocked because they don't meet the GitHub integrity level.
modelcontextprotocol/go-sdk@755b9edlist_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".
get_file_contents get_file_contents: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".
itchyny/gojq@183cbeclist_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".
golang/term@9d2dc07list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".
πΉ Go Fan Report: modelcontextprotocol/go-sdk
Module Overview
github.com/modelcontextprotocol/go-sdkis the official Go SDK for the Model Context Protocol (MCP) β the foundational dependency of this entire project. It provides the server/client infrastructure, transport implementations (stdio, streamable HTTP, SSE), JSON-RPC session management, and capability negotiation. This project is essentially a thin but sophisticated layer on top of this SDK, proxying MCP between agents and backend servers.Version: v1.4.1 (latest, rapidly evolving β 5 releases tracked from v1.3.0-pre.1 to v1.4.1)
Current Usage in gh-aw-mcpg
sdk "github.com/modelcontextprotocol/go-sdk/mcp"NewServer,NewClient,Server.AddTool,NewStreamableHTTPHandler,CommandTransport,StreamableClientTransport,SSEClientTransport,NewInMemoryTransports,ClientSession.*methodsUsage Pattern Summary
internal/mcp/internal/server/internal/middleware/CallToolResult/CallToolRequesttypesinternal/testutil/mcptest/NewInMemoryTransportsHighlights of good SDK usage:
slog.Loggerintegration in allServerOptions,ClientOptions, andStreamableHTTPOptionssdk.NewInMemoryTransports()for elegant in-process test transportserver.AddToolmethod (vssdk.AddToolfunction) to bypass strict schema validation β correctly handles backends using JSON Schema draft-07Research Findings
Protocol Status
The MCP protocol is evolving rapidly. The go-sdk v1.4.1 supports the 2025-03-26 spec (streamable HTTP) as primary and the 2024-11-05 spec (SSE) as deprecated. The project correctly reflects this with its deprecation warning on SSE connections.
SDK Capabilities Used vs Available
sdk.TextContentsdk.ImageContentsdk.EmbeddedResourceContentListToolssdk.AddTool(typed handlers)Improvement Opportunities
π Bug: Image and Resource Content Types Silently Dropped
File:
internal/mcp/tool_result.goβConvertToCallToolResultThe content parsing struct only captures
TypeandText:When a backend returns
"image"content ({"type":"image","data":"base64...","mimeType":"image/png"}), thedataandmimeTypefields are not captured. Thedefaultcase then createssdk.TextContent{Text: ""}β an empty text item, silently discarding the image. Same issue for"resource"content.Impact: Any backend that returns image content (e.g. screenshot tools, vision tools) will have that content silently dropped and replaced with an empty text item.
Fix: Expand the content parsing struct and add explicit cases:
Then in the switch:
π Quick Win: Pagination for tools/list, resources/list, prompts/list
File:
internal/mcp/connection.goβlistTools,listResources,listPromptsAll three list methods call the SDK exactly once with empty params. The SDK's result structs include a
NextCursorfield for paginated backends. With large tool sets (e.g., GitHub MCP server has 50+ tools, which could grow), a paginated backend would silently drop tools after the first page.Fix: Implement a pagination loop:
π Quick Win: Include Error Message in
newErrorCallToolResultFile:
internal/server/unified.goCurrently error results have
IsError: truebut no content, leaving MCP clients with no explanation:MCP spec recommends including the error description as text content. This helps MCP clients (and AI agents) understand what went wrong:
β¨ Feature Opportunity: Forward Tool Annotations from Backends
File:
internal/server/tool_registry.goβregisterToolsFromBackendThe MCP 2025 spec adds
annotationsto tools (e.g.,readOnlyHint,destructiveHint,openWorldHint). When listing backend tools, annotations are present in thetools/listresponse but the current parsing struct does not capture them:These annotations help clients (especially AI agents) understand tool safety characteristics. Forwarding them through the gateway would improve agent safety awareness.
Recommendations (Prioritized)
ConvertToCallToolResultβ backends returning non-text content silently drop datanewErrorCallToolResultβ improves debuggability for MCP clientslistTools/listResources/listPromptsβ prevents silent tool loss with large backendsNext Steps
ConvertToCallToolResultto handle"image"and"resource"content typesTestConvertToCallToolResult_ImageContenttest case ininternal/mcp/tool_result_test.gonewErrorCallToolResultto include error message in contentlistTools,listResources,listPromptsGenerated by Go Fan πΉ
Module summary saved to: specs/mods/go-sdk.md (cache)
Run ID: Β§23635978953
Note
π Integrity filter blocked 12 items
The following items were blocked because they don't meet the GitHub integrity level.
list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".get_file_contents: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".list_commits: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".get_latest_release: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".list_tags: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".get_latest_release: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".list_releases: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".list_releases: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".list_releases: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".list_releases: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".list_releases: has lower integrity than agent requires. The agent cannot read data with integrity below "unapproved".To allow these resources, lower
min-integrityin your GitHub frontmatter: