secops_mcp_list_investigations_print_to_stdout_bug

[barnabys-drew]

list_investigations uses print() to stdout — can corrupt MCP stdio JSON-RPC frames

secops_mcp 0.1.3. secops_mcp/tools/investigation_management.py::list_investigations writes three diagnostic messages with print(...) (lines 79, 86, 91) instead of routing through the module logger like every other tool in the package. On the stdio MCP transport — default for Claude Code, Cursor, gemini-cli — stdout is the JSON-RPC wire channel. Unframed writes there can be logged as malformed-frame warnings by the client or, worst case, interleave with a legitimate response and break the next parse.

Current code:

print(f"Listing investigations (page_size={page_size})...")
# ...
print(f"Successfully retrieved {len(investigations)} investigation(s)")
# ...
print(error_msg)

The file already imports logging and creates logger = logging.getLogger("secops-mcp") at line 22. Fix:

-print(f"Listing investigations (page_size={page_size})...")
+logger.info(f"Listing investigations (page_size={page_size})...")
 ...
-print(f"Successfully retrieved {len(investigations)} investigation(s)")
+logger.info(f"Retrieved {len(investigations)} investigation(s)")
 ...
-print(error_msg)
+logger.error(error_msg, exc_info=True)

grep -nH 'print(' secops_mcp/tools/*.py to catch any others. Adding the ruff T201 rule to CI would prevent regressions — MCP stdio servers can't tolerate ad-hoc stdout writes.