MCP server anyOf schemas rejected by DeepSeek - should strip at gateway level

[wbrom42]

Summary

MCP servers that expose tool schemas with anyOf/oneOf keywords (e.g. Unusual Whales) cause all LLM requests to fail with 400 Invalid schema when the provider is DeepSeek. The gateway registers tools natively without stripping anyOf, and DeepSeek rejects them.

Error

400 Invalid schema for function 'unusual-whales__get_balance_sheet_screener': "date" is not valid under any of the schemas listed in the 'anyOf' keyword

Full gateway log entry

{
  "error": "LLM request failed: provider rejected the request schema or tool payload.",
  "failoverReason": "format",
  "model": "deepseek-v4-pro",
  "provider": "deepseek",
  "rawErrorPreview": "400 Invalid schema for function 'unusual-whales__get_balance_sheet_screener': 'date' is not valid under any of the schemas listed in the 'anyOf' keyword",
  "providerRuntimeFailureKind": "schema"
}

Happens in any session/context that has UW MCP tools registered -- cron jobs, direct chat, sub-agent runs. 48/48 crons affected.

Root Cause

The Unusual Whales MCP server exposes optional fields as anyOf unions (e.g. "date": {"anyOf": [{"type": "string"}, {"type": "integer"}]}). This is valid JSON Schema and accepted by Anthropic/OpenAI, but DeepSeek's API rejects schemas with anyOf/oneOf at the tool schema level.

The userland workaround is a strip_nullable_unions() function that collapses anyOf: [T, "null"] to {type: T, nullable: true}, but this only works if it runs in the agent process before schemas reach the LLM. The gateway registers MCP tools natively and sends raw schemas to the provider.

Proposed Fix

Add a lightweight schema sanitization step when registering MCP tools at the gateway level:

1. Walk all tool schemas for anyOf/oneOf keywords at registration time
2. Collapse nullable unions (anyOf: [T, "null"] -> {type: T, nullable: true})
3. For multi-branch anyOf (e.g. date as string|integer), collapse to first non-null variant
4. This is safe because MCP tool handlers re-validate arguments server-side

Environment

• OpenClaw 2026.5.12-beta.6 (c4292e0)
• DeepSeek v4 Flash + Pro providers
• Node v22.22.2
• Linux arm64

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by maintainer comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors can comment @clawsweeper re-review or @clawsweeper re-run on their own open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
Keep open: current main still has a plausible DeepSeek/MCP schema failure path because bundle MCP tools are materialized after provider tool-schema normalization and the DeepSeek provider does not currently register a tool-schema compatibility hook.

Reproducibility: yes. source-reproducible with high confidence: configure a bundle MCP server whose inputSchema contains anyOf/oneOf and run a DeepSeek turn; current main appends those MCP tools after provider normalization and DeepSeek has no schema normalizer.

Next step
The source path is narrow and actionable enough for a focused repair PR with unit coverage, while live DeepSeek proof can be added when credentials are available.

Review details

Best possible solution:

Keep provider-specific schema policy in provider-owned compatibility hooks, and ensure bundle MCP tools pass through that compatibility step before any DeepSeek request is sent.

Do we have a high-confidence way to reproduce the issue?

Yes, source-reproducible with high confidence: configure a bundle MCP server whose inputSchema contains anyOf/oneOf and run a DeepSeek turn; current main appends those MCP tools after provider normalization and DeepSeek has no schema normalizer.

Is this the best way to solve the issue?

No to a generic gateway-level strip as the first choice; the maintainable fix is to route MCP tools through the existing provider-owned tool-schema compatibility boundary and add DeepSeek-specific coverage there.

Acceptance criteria:

• node scripts/run-vitest.mjs src/agents/pi-bundle-mcp-tools.materialize.test.ts
• node scripts/run-vitest.mjs src/agents/runtime-plan/tools.test.ts src/agents/pi-embedded-runner/tool-schema-runtime.test.ts
• node scripts/run-vitest.mjs extensions/deepseek/index.test.ts src/plugin-sdk/provider-tools.test.ts src/agents/pi-tools.schema.test.ts

What I checked:

• Issue report includes real provider failure: The report includes a DeepSeek 400 schema rejection for an Unusual Whales MCP tool with providerRuntimeFailureKind="schema" and states the failure affects cron jobs, direct chat, and sub-agent runs whenever those MCP tools are registered.
• MCP catalog keeps server-provided inputSchema: Bundle MCP listTools output is copied into the catalog as inputSchema without provider-specific rewriting at catalog time. (src/agents/pi-bundle-mcp-runtime.ts:281, 5434769e47e6)
• MCP tool materialization lacks provider context: MCP tools call normalizeToolParameterSchema(tool.inputSchema) with no model provider or model compat options, so DeepSeek-specific unsupported keywords cannot be removed at this boundary. (src/agents/pi-bundle-mcp-materialize.ts:114, 5434769e47e6)
• Provider normalization runs before MCP tools are appended: The attempt normalizes the core tools first, then creates and appends bundle MCP tools later, so provider normalizeToolSchemas hooks do not cover bundle MCP schemas before effectiveTools are sent onward. (src/agents/pi-embedded-runner/run/attempt.ts:1606, 5434769e47e6)
• DeepSeek provider has no tool-schema hook: The DeepSeek plugin currently registers replay, stream, thinking, and model hooks, but no normalizeToolSchemas or inspectToolSchemas hook. (extensions/deepseek/index.ts:48, 5434769e47e6)
• Provider-owned hook is the intended boundary: ProviderPlugin explicitly documents normalizeToolSchemas as provider-owned cleanup before OpenClaw registers tools with the embedded runner, which argues against hard-coding DeepSeek policy in generic gateway code. (src/plugins/types.ts:1408, 5434769e47e6)

Likely related people:

• @vincentkoc: Blame on the current MCP materialization, attempt ordering, DeepSeek provider hook surface, and schema normalizer lines points to the recent runtime parity refactor. (role: recent area contributor; confidence: high; commits: 79212f9869b7, 74e7b8d47b18; files: src/agents/pi-bundle-mcp-materialize.ts, src/agents/pi-embedded-runner/run/attempt.ts, extensions/deepseek/index.ts)
• @steipete: Recent history shows adjacent MCP runtime splitting, DeepSeek plugin refactoring, and OpenAI tool-schema compatibility maintenance in the affected surfaces. (role: recent adjacent contributor; confidence: medium; commits: 7043705ef3f3, 9f2330363e2a, 8a5b4b07f986; files: src/agents/pi-bundle-mcp-runtime.ts, extensions/deepseek/index.ts, src/plugin-sdk/provider-tools.ts)
• Eva: Git history attributes the OpenAI provider-owned tool compatibility path and related schema map preservation to this author, which is adjacent to the DeepSeek compatibility gap. (role: provider tool-compat contributor; confidence: medium; commits: 6aa63b4fdd31, 4a20e9f257c6, f65ffdff962a; files: src/plugin-sdk/provider-tools.ts, extensions/openai/index.ts, src/agents/pi-tools-parameter-schema.ts)

Remaining risk / open question:

• No live DeepSeek/MCP repro was run during this read-only review; the failure assessment relies on the reporter's raw provider error plus current source inspection.
• The exact DeepSeek-safe rewrite for multi-branch unions should be validated before landing so useful constraints are not erased more broadly than necessary.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 5434769e47e6.

[almassolarenrgi]