Expand description
Code Mode - LLM-generated query validation and execution.
This crate provides the infrastructure for “Code Mode”, which allows MCP clients to generate and execute structured queries (GraphQL, SQL, REST) with a validation pipeline that ensures security and provides human-readable explanations.
§Architecture
describe_schema() → LLM generates code → validate_code() → user approval → execute_code()§Key Components
- Validation Pipeline: Parse → Policy Check → Security Analysis → Explanation → Token
- Approval Tokens: HMAC-signed tokens binding code hash to validation result
- Explanations: Template-based business-language descriptions of queries
- Policy Evaluation: Pluggable trait for Cedar/AVP/custom policy engines
§Example Usage
ⓘ
use pmcp_code_mode::{
CodeModeConfig, ValidationPipeline, ValidationContext
};
// Create a validation pipeline
let config = CodeModeConfig::enabled();
let pipeline = ValidationPipeline::new(config, b"secret-key".to_vec());
// Validate a query
let context = ValidationContext::new("user-123", "session-456", "schema-hash", "perms-hash");
let result = pipeline.validate_graphql_query("query { users { id name } }", &context)?;Re-exports§
pub use config::CodeModeConfig;pub use validation::ValidationContext;pub use validation::ValidationPipeline;pub use templates::TemplateContext;pub use handler::format_error_response;pub use handler::format_execution_error;pub use handler::CodeModeHandler;pub use handler::CodeModeToolBuilder;pub use handler::ExecuteCodeInput;pub use handler::ValidateCodeInput;pub use handler::ValidationResponse;pub use policy::AuthorizationDecision;pub use policy::OperationEntity;pub use policy::PolicyEvaluationError;pub use policy::PolicyEvaluator;pub use policy::ServerConfigEntity;pub use policy::get_baseline_policies;pub use policy::get_code_mode_schema_json;pub use schema_exposure::CodeModeExposurePolicy;pub use schema_exposure::DerivationMetadata;pub use schema_exposure::DerivationStats;pub use schema_exposure::DerivedSchema;pub use schema_exposure::ExposureMode;pub use schema_exposure::FilterReason;pub use schema_exposure::FilteredOperation;pub use schema_exposure::GlobalBlocklist;pub use schema_exposure::McpExposurePolicy;pub use schema_exposure::MethodExposurePolicy;pub use schema_exposure::Operation;pub use schema_exposure::OperationCategory;pub use schema_exposure::OperationDetails;pub use schema_exposure::OperationParameter;pub use schema_exposure::OperationRiskLevel;pub use schema_exposure::SchemaDeriver;pub use schema_exposure::SchemaFormat;pub use schema_exposure::SchemaMetadata;pub use schema_exposure::SchemaSource;pub use schema_exposure::ToolExposurePolicy;pub use schema_exposure::ToolOverride;
Modules§
- config
- Code Mode configuration.
- handler
- Code Mode Handler trait for unified soft-disable and tool management.
- policy
- Policy evaluation for Code Mode.
- policy_
annotations - Policy annotation parser for Cedar policies.
- schema_
exposure - Schema Exposure Architecture for MCP Built-in Servers.
- templates
- Code Mode instruction and policy templates.
- validation
- Validation pipeline for Code Mode.
Structs§
- Approval
Token - Approval token that authorizes code execution.
- Code
Location - Location in source code.
- GraphQL
Query Info - Information extracted from a parsed GraphQL query.
- GraphQL
Validator - GraphQL query validator.
- Hmac
Token Generator - HMAC-based token generator for MVP.
- Policy
Violation - A policy violation found during validation.
- Security
Analysis - Security analysis of code.
- Security
Issue - Potential security issues found during analysis.
- Template
Explanation Generator - Template-based explanation generator for MVP.
- Validation
Metadata - Detailed metadata about a validation.
- Validation
Result - Result of validating code through the pipeline.
Enums§
- Code
Type - Type of code being validated/executed.
- Complexity
- Estimated complexity of a query.
- Execution
Error - Errors that can occur during execution.
- GraphQL
Operation Type - GraphQL operation type.
- Risk
Level - Risk level assessed for a query or workflow.
- Security
Issue Type - Types of security issues.
- Unified
Action - Unified action model that maps to business permissions. Works consistently across GraphQL, OpenAPI, and SQL servers.
- Validation
Error - Errors that can occur during validation.
Traits§
- Explanation
Generator - Trait for generating human-readable explanations.
- Token
Generator - Trait for token generators.
Functions§
- canonicalize_
code - Canonicalize code for consistent hashing.
- compute_
context_ hash - Compute a context hash from schema and permissions.
- hash_
code - Compute the SHA-256 hash of canonicalized code.