openclaw
diff --git a/‎docs/gateway/protocol.md‎
Lines changed: 8 additions & 2 deletions b/‎docs/gateway/protocol.md‎
Lines changed: 8 additions & 2 deletions
diff --git a/‎docs/web/webchat.md‎
Lines changed: 6 additions & 3 deletions b/‎docs/web/webchat.md‎
Lines changed: 6 additions & 3 deletions
diff --git a/‎src/agents/agent-bundle-mcp-materialize.ts‎
Lines changed: 52 additions & 26 deletions b/‎src/agents/agent-bundle-mcp-materialize.ts‎
Lines changed: 52 additions & 26 deletions
diff --git a/‎src/agents/agent-bundle-mcp-runtime.test.ts‎
Lines changed: 42 additions & 1 deletion b/‎src/agents/agent-bundle-mcp-runtime.test.ts‎
Lines changed: 42 additions & 1 deletion
diff --git a/‎src/agents/agent-bundle-mcp-runtime.ts‎
Lines changed: 52 additions & 1 deletion b/‎src/agents/agent-bundle-mcp-runtime.ts‎
Lines changed: 52 additions & 1 deletion
diff --git a/‎src/agents/agent-bundle-mcp-tools.materialize.test.ts‎
Lines changed: 12 additions & 0 deletions b/‎src/agents/agent-bundle-mcp-tools.materialize.test.ts‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎src/agents/agent-bundle-mcp-tools.request-boundary.test.ts‎
Lines changed: 12 additions & 0 deletions b/‎src/agents/agent-bundle-mcp-tools.request-boundary.test.ts‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎src/agents/agent-bundle-mcp-tools.ts‎
Lines changed: 4 additions & 0 deletions b/‎src/agents/agent-bundle-mcp-tools.ts‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎src/agents/agent-bundle-mcp-types.ts‎
Lines changed: 8 additions & 0 deletions b/‎src/agents/agent-bundle-mcp-types.ts‎
Lines changed: 8 additions & 0 deletions
@@ -562,8 +562,14 @@ terminal summary, and sanitized error text.
   - `sessionKey` is required.
   - The gateway derives trusted runtime context from the session server-side instead of accepting
     caller-supplied auth or delivery context.
-  - The response is session-scoped and reflects what the active conversation can use right now,
-    including core, plugin, and channel tools.
+  - The response is a session-scoped server-derived projection of the active inventory,
+    including core, plugin, channel, and already-discovered MCP server tools.
+  - `tools.effective` is read-only for MCP: it may project a warm session MCP catalog through the
+    final tool policy, but it does not create MCP runtimes, connect transports, or issue
+    `tools/list`. If no matching warm catalog exists, the response may include a notice such as
+    `mcp-not-yet-connected`, `mcp-not-yet-listed`, or `mcp-stale-catalog`.
+  - Effective tool entries use `source="core"`, `source="plugin"`, `source="channel"`, or
+    `source="mcp"`.
 - Operators may call `tools.invoke` (`operator.write`) to invoke one available tool through the
   same gateway policy path as `/tools/invoke`.
   - `name` is required. `args`, `sessionKey`, `agentId`, `confirm`, and
 
@@ -60,12 +60,15 @@ Normal agent-run final answers should be durable because the embedded runtime wr
 ## Control UI agents tools panel
 
 - The Control UI `/agents` Tools panel has two separate views:
-  - **Available Right Now** uses `tools.effective(sessionKey=...)` and shows what the current
-    session can actually use at runtime, including core, plugin, and channel-owned tools.
+  - **Available Right Now** uses `tools.effective(sessionKey=...)` and shows a server-derived
+    read-only projection of the current session inventory, including core, plugin, channel-owned,
+    and already-discovered MCP server tools.
   - **Tool Configuration** uses `tools.catalog` and stays focused on profiles, overrides, and
     catalog semantics.
 - Runtime availability is session-scoped. Switching sessions on the same agent can change the
-  **Available Right Now** list.
+  **Available Right Now** list. If configured MCP servers have not been connected or were changed
+  since the last discovery, the panel shows a notice instead of silently starting MCP transports
+  from the read path.
 - The config editor does not imply runtime availability; effective access still follows policy
   precedence (`allow`/`deny`, per-agent and provider/channel overrides).
 
 
@@ -9,7 +9,12 @@ import {
   normalizeReservedToolNames,
   TOOL_NAME_SEPARATOR,
 } from "./agent-bundle-mcp-names.js";
-import type { BundleMcpToolRuntime, SessionMcpRuntime } from "./agent-bundle-mcp-types.js";
+import type {
+  BundleMcpToolRuntime,
+  McpCatalogTool,
+  McpToolCatalog,
+  SessionMcpRuntime,
+} from "./agent-bundle-mcp-types.js";
 import { normalizeToolParameterSchema } from "./agent-tools-parameter-schema.js";
 import type { AgentToolResult } from "./runtime/index.js";
 import type { AnyAgentTool } from "./tools/common.js";
@@ -62,24 +67,18 @@ function toAgentToolResult(params: {
   };
 }
 
-export async function materializeBundleMcpToolsForRun(params: {
-  runtime: SessionMcpRuntime;
+/**
+ * Projects an already-listed MCP catalog into agent tools. Without `createExecute`,
+ * the projected tools are inventory-only and throw if execution is attempted.
+ */
+export function buildBundleMcpToolsFromCatalog(params: {
+  catalog: McpToolCatalog;
   reservedToolNames?: Iterable<string>;
-  disposeRuntime?: () => Promise<void>;
-}): Promise<BundleMcpToolRuntime> {
-  let disposed = false;
-  const releaseLease = params.runtime.acquireLease?.();
-  params.runtime.markUsed();
-  let catalog;
-  try {
-    catalog = await params.runtime.getCatalog();
-  } catch (error) {
-    releaseLease?.();
-    throw error;
-  }
+  createExecute?: (tool: McpCatalogTool) => AnyAgentTool["execute"];
+}): AnyAgentTool[] {
   const reservedNames = normalizeReservedToolNames(params.reservedToolNames);
-  const tools: BundleMcpToolRuntime["tools"] = [];
-  const sortedCatalogTools = [...catalog.tools].toSorted((a, b) => {
+  const tools: AnyAgentTool[] = [];
+  const sortedCatalogTools = [...params.catalog.tools].toSorted((a, b) => {
     const serverOrder = a.safeServerName.localeCompare(b.safeServerName);
     if (serverOrder !== 0) {
       return serverOrder;
@@ -112,15 +111,11 @@ export async function materializeBundleMcpToolsForRun(params: {
       label: tool.title ?? tool.toolName,
       description: tool.description || tool.fallbackDescription,
       parameters: normalizeToolParameterSchema(tool.inputSchema),
-      execute: async (_toolCallId: string, input: unknown) => {
-        params.runtime.markUsed();
-        const result = await params.runtime.callTool(tool.serverName, tool.toolName, input);
-        return toAgentToolResult({
-          serverName: tool.serverName,
-          toolName: tool.toolName,
-          result,
-        });
-      },
+      execute:
+        params.createExecute?.(tool) ??
+        (async () => {
+          throw new Error("bundle-mcp catalog projection cannot execute tools");
+        }),
     };
     setPluginToolMeta(agentTool, {
       pluginId: "bundle-mcp",
@@ -133,6 +128,37 @@ export async function materializeBundleMcpToolsForRun(params: {
   // turns (defensive — listTools() order is usually stable but not guaranteed).
   // Cannot fix name collisions: collision suffixes above are order-dependent.
   tools.sort((a, b) => a.name.localeCompare(b.name));
+  return tools;
+}
+
+export async function materializeBundleMcpToolsForRun(params: {
+  runtime: SessionMcpRuntime;
+  reservedToolNames?: Iterable<string>;
+  disposeRuntime?: () => Promise<void>;
+}): Promise<BundleMcpToolRuntime> {
+  let disposed = false;
+  const releaseLease = params.runtime.acquireLease?.();
+  params.runtime.markUsed();
+  let catalog;
+  try {
+    catalog = await params.runtime.getCatalog();
+  } catch (error) {
+    releaseLease?.();
+    throw error;
+  }
+  const tools = buildBundleMcpToolsFromCatalog({
+    catalog,
+    reservedToolNames: params.reservedToolNames,
+    createExecute: (tool) => async (_toolCallId: string, input: unknown) => {
+      params.runtime.markUsed();
+      const result = await params.runtime.callTool(tool.serverName, tool.toolName, input);
+      return toAgentToolResult({
+        serverName: tool.serverName,
+        toolName: tool.toolName,
+        result,
+      });
+    },
+  });
 
   return {
     tools,
 
@@ -2,7 +2,6 @@ import fs from "node:fs/promises";
 import os from "node:os";
 import path from "node:path";
 import { afterEach, describe, expect, it, vi } from "vitest";
-import { writeExecutable } from "./bundle-mcp-shared.test-harness.js";
 import { createBundleMcpJsonSchemaValidator } from "./agent-bundle-mcp-runtime.js";
 import { cleanupBundleMcpHarness } from "./agent-bundle-mcp-test-harness.js";
 import {
@@ -13,6 +12,7 @@ import {
   retireSessionMcpRuntimeForSessionKey,
 } from "./agent-bundle-mcp-tools.js";
 import type { SessionMcpRuntime } from "./agent-bundle-mcp-types.js";
+import { writeExecutable } from "./bundle-mcp-shared.test-harness.js";
 
 vi.mock("./embedded-agent-mcp.js", () => ({
   loadEmbeddedAgentMcpConfig: (params: {
@@ -168,6 +168,7 @@ function makeRuntime(
     markUsed: () => {
       lastUsedAt = Date.now();
     },
+    peekCatalog: () => null,
     getCatalog: async () => ({
       version: 1,
       generatedAt: 0,
@@ -724,6 +725,46 @@ describe("session MCP runtime", () => {
     expect(manager.listSessionIds()).not.toContain("session-a");
   });
 
+  it("peeks existing runtimes and populated catalogs without creating new runtimes", async () => {
+    let catalogReady = false;
+    const createRuntime: RuntimeFactory = (params) => {
+      const base = makeRuntime([{ toolName: "bundle_probe", description: "Bundle MCP probe" }]);
+      let cachedCatalog: ReturnType<SessionMcpRuntime["peekCatalog"]> = null;
+      return {
+        ...base,
+        sessionId: params.sessionId,
+        sessionKey: params.sessionKey,
+        workspaceDir: params.workspaceDir,
+        configFingerprint: params.configFingerprint ?? "fingerprint",
+        peekCatalog: () => cachedCatalog,
+        getCatalog: async () => {
+          const catalog = await base.getCatalog();
+          cachedCatalog = catalog;
+          catalogReady = true;
+          return catalog;
+        },
+      };
+    };
+    const manager = testing.createSessionMcpRuntimeManager({ createRuntime });
+
+    expect(manager.peekSession({ sessionId: "session-peek" })).toBeUndefined();
+
+    const runtime = await manager.getOrCreate({
+      sessionId: "session-peek",
+      sessionKey: "agent:test:session-peek",
+      workspaceDir: "/workspace",
+    });
+    expect(manager.peekSession({ sessionId: "session-peek" })).toBe(runtime);
+    expect(manager.peekSession({ sessionKey: "agent:test:session-peek" })).toBe(runtime);
+    expect(runtime.peekCatalog()).toBeNull();
+    expect(catalogReady).toBe(false);
+
+    await runtime.getCatalog();
+
+    expect(catalogReady).toBe(true);
+    expect(runtime.peekCatalog()?.tools.map((tool) => tool.toolName)).toEqual(["bundle_probe"]);
+  });
+
   it("recreates the session runtime when MCP config changes", async () => {
     const createRuntime: RuntimeFactory = (params) => {
       const probeText = String(
 
@@ -3,12 +3,12 @@ import { Client } from "@modelcontextprotocol/sdk/client/index.js";
 import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
 import type { Transport } from "@modelcontextprotocol/sdk/shared/transport.js";
 import type { CallToolResult } from "@modelcontextprotocol/sdk/types.js";
+import { AjvJsonSchemaValidator } from "@modelcontextprotocol/sdk/validation/ajv-provider.js";
 import type {
   JsonSchemaType,
   JsonSchemaValidator,
   jsonSchemaValidator,
 } from "@modelcontextprotocol/sdk/validation/types.js";
-import { AjvJsonSchemaValidator } from "@modelcontextprotocol/sdk/validation/ajv-provider.js";
 import { Compile } from "typebox/compile";
 import type { OpenClawConfig } from "../config/types.openclaw.js";
 import { logWarn } from "../logger.js";
@@ -242,6 +242,33 @@ function loadSessionMcpConfig(params: {
   };
 }
 
+/**
+ * Loads enabled MCP config metadata for a session without creating runtimes,
+ * connecting transports, or issuing MCP tools/list requests.
+ */
+export function resolveSessionMcpConfigSummary(params: {
+  workspaceDir: string;
+  cfg?: OpenClawConfig;
+}): { fingerprint: string; serverNames: string[] } {
+  const { loaded, fingerprint } = loadSessionMcpConfig({
+    workspaceDir: params.workspaceDir,
+    cfg: params.cfg,
+    logDiagnostics: false,
+  });
+  return {
+    fingerprint,
+    serverNames: Object.keys(loaded.mcpServers).toSorted((a, b) => a.localeCompare(b)),
+  };
+}
+
+/** Returns the session MCP config fingerprint with the same no-runtime/no-connect contract as the summary helper. */
+export function resolveSessionMcpConfigFingerprint(params: {
+  workspaceDir: string;
+  cfg?: OpenClawConfig;
+}): string {
+  return resolveSessionMcpConfigSummary(params).fingerprint;
+}
+
 function createDisposedError(sessionId: string): Error {
   return new Error(`bundle-mcp runtime disposed for session ${sessionId}`);
 }
@@ -421,6 +448,10 @@ export function createSessionMcpRuntime(params: {
       };
     },
     getCatalog,
+    /** Synchronous catalog snapshot only; must not connect transports or issue tools/list. */
+    peekCatalog() {
+      return catalog;
+    },
     markUsed() {
       lastUsedAt = Date.now();
     },
@@ -611,6 +642,13 @@ function createSessionMcpRuntimeManager(
     resolveSessionId(sessionKey) {
       return sessionIdBySessionKey.get(sessionKey);
     },
+    /** Synchronous lookup only; must not create runtimes or connect transports. */
+    peekSession(params) {
+      const sessionId =
+        params.sessionId ??
+        (params.sessionKey ? sessionIdBySessionKey.get(params.sessionKey) : undefined);
+      return sessionId ? runtimesBySessionId.get(sessionId) : undefined;
+    },
     async disposeSession(sessionId) {
       const inFlight = createInFlight.get(sessionId);
       createInFlight.delete(sessionId);
@@ -666,6 +704,19 @@ export async function getOrCreateSessionMcpRuntime(params: {
   return await getSessionMcpRuntimeManager().getOrCreate(params);
 }
 
+/** Looks up an existing session MCP runtime without creating it or connecting transports. */
+export function peekSessionMcpRuntime(params: {
+  sessionId?: string | null;
+  sessionKey?: string | null;
+}): SessionMcpRuntime | undefined {
+  const sessionId = normalizeOptionalString(params.sessionId);
+  const sessionKey = normalizeOptionalString(params.sessionKey);
+  return getSessionMcpRuntimeManager().peekSession({
+    ...(sessionId ? { sessionId } : {}),
+    ...(sessionKey ? { sessionKey } : {}),
+  });
+}
+
 export async function disposeSessionMcpRuntime(sessionId: string): Promise<void> {
   await getSessionMcpRuntimeManager().disposeSession(sessionId);
 }
 
@@ -51,6 +51,18 @@ function makeToolRuntime(
       },
       tools,
     }),
+    peekCatalog: () => ({
+      version: 1,
+      generatedAt: 0,
+      servers: {
+        [serverName]: {
+          serverName,
+          launchSummary: serverName,
+          toolCount: tools.length,
+        },
+      },
+      tools,
+    }),
     callTool: async () => ({
       content: [{ type: "text", text: params.resultText ?? "FROM-BUNDLE" }],
       isError: false,
 
@@ -55,6 +55,18 @@ function makeConfiguredRuntime(
       },
       tools,
     }),
+    peekCatalog: () => ({
+      version: 1,
+      generatedAt: 0,
+      servers: {
+        [serverName]: {
+          serverName,
+          launchSummary: serverName,
+          toolCount: tools.length,
+        },
+      },
+      tools,
+    }),
     callTool: async () => ({
       content: [{ type: "text", text: "FROM-CONFIG" }],
       isError: false,
 
@@ -14,10 +14,14 @@ export {
   disposeSessionMcpRuntime,
   getOrCreateSessionMcpRuntime,
   getSessionMcpRuntimeManager,
+  peekSessionMcpRuntime,
+  resolveSessionMcpConfigFingerprint,
+  resolveSessionMcpConfigSummary,
   retireSessionMcpRuntime,
   retireSessionMcpRuntimeForSessionKey,
 } from "./agent-bundle-mcp-runtime.js";
 export {
+  buildBundleMcpToolsFromCatalog,
   createBundleMcpToolRuntime,
   materializeBundleMcpToolsForRun,
 } from "./agent-bundle-mcp-materialize.js";
@@ -40,7 +40,10 @@ export type SessionMcpRuntime = {
   lastUsedAt: number;
   activeLeases?: number;
   acquireLease?: () => () => void;
+  /** Lists tools if needed and may connect MCP transports. */
   getCatalog: () => Promise<McpToolCatalog>;
+  /** Returns the cached catalog only; must not start runtimes, connect transports, or issue tools/list. */
+  peekCatalog: () => McpToolCatalog | null;
   markUsed: () => void;
   callTool: (serverName: string, toolName: string, input: unknown) => Promise<CallToolResult>;
   dispose: () => Promise<void>;
@@ -55,6 +58,11 @@ export type SessionMcpRuntimeManager = {
   }) => Promise<SessionMcpRuntime>;
   bindSessionKey: (sessionKey: string, sessionId: string) => void;
   resolveSessionId: (sessionKey: string) => string | undefined;
+  /** Looks up an existing runtime only; must not create runtimes or connect transports. */
+  peekSession: (params: {
+    sessionId?: string;
+    sessionKey?: string;
+  }) => SessionMcpRuntime | undefined;
   disposeSession: (sessionId: string) => Promise<void>;
   disposeAll: () => Promise<void>;
   sweepIdleRuntimes: () => Promise<number>;