fix(claude-plugin): restrict docs-researcher to Context7 tools#2795
Open
fahreddinozcan wants to merge 1 commit into
Open
fix(claude-plugin): restrict docs-researcher to Context7 tools#2795fahreddinozcan wants to merge 1 commit into
fahreddinozcan wants to merge 1 commit into
Conversation
Without a tools allowlist the agent inherits the full main-thread toolset, including the Agent/Task tool, so it can recursively spawn subagents (observed in #2790 climbing past 100 with no self-termination). Restrict it to the two Context7 MCP tools, which removes Agent/Task and makes recursive spawning structurally impossible. Both identifier forms are listed: plugin MCP tools resolve as mcp__plugin_<plugin>_<server>__<tool> on a marketplace install but mcp__<server>__<tool> when loaded via --plugin-dir; unmatched entries are harmless no-ops, so listing both keeps the agent working under either load path. Fixes #2790
fahreddinozcan
force-pushed
the
fix/docs-researcher-tools-allowlist
branch
from
36ad0c1 to
c15b860
Compare
Elifnurdeniz
approved these changes
Jun 18, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds a
tools:allowlist to the bundleddocs-researcherClaude Code agent so it can only call the two Context7 MCP tools.tools:, the agent inherits the full main-thread toolset, including theAgent/Tasktool, allowing recursive subagent spawning (observed in [Bug]: (Claude Code) docs-researcher inherits the Agent tool and recursively spawned 100+ subagents — the run never terminated #2790 climbing past 100 agents with no self-termination).Agent/Task(plus unnecessary Bash/Write/Edit), making recursive spawning structurally impossible.mcp__plugin_<plugin>_<server>__<tool>on a marketplace install, but asmcp__<server>__<tool>when loaded via--plugin-dir. Unmatched entries are harmless no-ops, so listing both keeps the agent working under either load path.Verified: with the allowlist, a spawned
docs-researcherno longer has theAgent/Tasktool and loads without error under both load paths; without it, the agent reportsAgentin its toolset.Fixes #2790