Add --disable-builtin-tools flag to disable built-in MCP tools

CHANGELOG.md

@@ -6,6 +6,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 
 ### Added
 
+- Added `--disable-builtin-tools` flag to the `serve` command that allows disabling all built-in tools (load-component, unload-component, list-components, get-policy, grant/revoke permissions, search-components, reset-permission). When enabled, only loaded component tools will be available through the MCP server
 - Comprehensive Docker documentation and Dockerfile for running Wassette in containers with enhanced security isolation, including examples for mounting components, secrets, configuration files, and production deployment patterns with Docker Compose
 - `rust-toolchain.toml` file specifying Rust 1.90 as the stable toolchain version, ensuring consistent Rust version across development environments and CI/CD pipelines
 - AI agent development guides (`AGENTS.md` and `Claude.md`) that consolidate development guidelines from `.github/instructions/` into accessible documentation for AI agents working on the project

crates/mcp-server/src/tools.rs

@@ -21,11 +21,16 @@ const COMPONENT_LIST: &str = include_str!("../../../component-registry.json");
 
 /// Handles a request to list available tools.
 #[instrument(skip(lifecycle_manager))]
-pub async fn handle_tools_list(lifecycle_manager: &LifecycleManager) -> Result<Value> {
+pub async fn handle_tools_list(
+    lifecycle_manager: &LifecycleManager,
+    disable_builtin_tools: bool,
+) -> Result<Value> {
     debug!("Handling tools list request");
 
     let mut tools = get_component_tools(lifecycle_manager).await?;
-    tools.extend(get_builtin_tools());
+    if !disable_builtin_tools {
+        tools.extend(get_builtin_tools());
+    }
     debug!(num_tools = %tools.len(), "Retrieved tools");
 
     let response = rmcp::model::ListToolsResult {
@@ -36,41 +41,79 @@ pub async fn handle_tools_list(lifecycle_manager: &LifecycleManager) -> Result<V
     Ok(serde_json::to_value(response)?)
 }
 
+/// Check if a tool name is a builtin tool
+fn is_builtin_tool(name: &str) -> bool {
+    matches!(
+        name,
+        "load-component"
+            | "unload-component"
+            | "list-components"
+            | "get-policy"
+            | "grant-storage-permission"
+            | "grant-network-permission"
+            | "grant-environment-variable-permission"
+            | "revoke-storage-permission"
+            | "revoke-network-permission"
+            | "revoke-environment-variable-permission"
+            | "search-components"
+            | "reset-permission"
+    )
+}
+
 /// Handles a tool call request.
 #[instrument(skip_all, fields(method_name = %req.name))]
 pub async fn handle_tools_call(
     req: CallToolRequestParam,
     lifecycle_manager: &LifecycleManager,
     server_peer: Peer<RoleServer>,
+    disable_builtin_tools: bool,
 ) -> Result<Value> {
     info!("Handling tool call");
 
-    let result = match req.name.as_ref() {
-        "load-component" => handle_load_component(&req, lifecycle_manager, server_peer).await,
-        "unload-component" => handle_unload_component(&req, lifecycle_manager, server_peer).await,
-        "list-components" => handle_list_components(lifecycle_manager).await,
-        "get-policy" => handle_get_policy(&req, lifecycle_manager).await,
-        "grant-storage-permission" => {
-            handle_grant_storage_permission(&req, lifecycle_manager).await
-        }
-        "grant-network-permission" => {
-            handle_grant_network_permission(&req, lifecycle_manager).await
-        }
-        "grant-environment-variable-permission" => {
-            handle_grant_environment_variable_permission(&req, lifecycle_manager).await
-        }
-        "revoke-storage-permission" => {
-            handle_revoke_storage_permission(&req, lifecycle_manager).await
-        }
-        "revoke-network-permission" => {
-            handle_revoke_network_permission(&req, lifecycle_manager).await
-        }
-        "revoke-environment-variable-permission" => {
-            handle_revoke_environment_variable_permission(&req, lifecycle_manager).await
+    let result = if disable_builtin_tools && is_builtin_tool(req.name.as_ref()) {
+        // When builtin tools are disabled, reject calls to builtin tools
+        Err(anyhow::anyhow!("Built-in tools are disabled"))
+    } else {
+        // Handle builtin tools (if enabled) or component calls
+        match req.name.as_ref() {
+            "load-component" if !disable_builtin_tools => {
+                handle_load_component(&req, lifecycle_manager, server_peer).await
+            }
+            "unload-component" if !disable_builtin_tools => {
+                handle_unload_component(&req, lifecycle_manager, server_peer).await
+            }
+            "list-components" if !disable_builtin_tools => {
+                handle_list_components(lifecycle_manager).await
+            }
+            "get-policy" if !disable_builtin_tools => {
+                handle_get_policy(&req, lifecycle_manager).await
+            }
+            "grant-storage-permission" if !disable_builtin_tools => {
+                handle_grant_storage_permission(&req, lifecycle_manager).await
+            }
+            "grant-network-permission" if !disable_builtin_tools => {
+                handle_grant_network_permission(&req, lifecycle_manager).await
+            }
+            "grant-environment-variable-permission" if !disable_builtin_tools => {
+                handle_grant_environment_variable_permission(&req, lifecycle_manager).await
+            }
+            "revoke-storage-permission" if !disable_builtin_tools => {
+                handle_revoke_storage_permission(&req, lifecycle_manager).await
+            }
+            "revoke-network-permission" if !disable_builtin_tools => {
+                handle_revoke_network_permission(&req, lifecycle_manager).await
+            }
+            "revoke-environment-variable-permission" if !disable_builtin_tools => {
+                handle_revoke_environment_variable_permission(&req, lifecycle_manager).await
+            }
+            "search-components" if !disable_builtin_tools => {
+                handle_search_component(&req, lifecycle_manager).await
+            }
+            "reset-permission" if !disable_builtin_tools => {
+                handle_reset_permission(&req, lifecycle_manager).await
+            }
+            _ => handle_component_call(&req, lifecycle_manager).await,
         }
-        "search-components" => handle_search_component(&req, lifecycle_manager).await,
-        "reset-permission" => handle_reset_permission(&req, lifecycle_manager).await,
-        _ => handle_component_call(&req, lifecycle_manager).await,
     };
 
     if let Err(ref e) = result {

src/commands.rs

@@ -70,6 +70,11 @@ pub struct Serve {
     #[arg(long = "env-file")]
     #[serde(skip)]
     pub env_file: Option<PathBuf>,
+
+    /// Disable built-in tools (load-component, unload-component, list-components, etc.)
+    #[arg(long)]
+    #[serde(default)]
+    pub disable_builtin_tools: bool,
 }
 
 #[derive(Args, Debug, Clone, Serialize, Deserialize, Default)]

src/config.rs

@@ -134,6 +134,7 @@ mod tests {
             transport: Default::default(),
             env_vars: vec![],
             env_file: None,
+            disable_builtin_tools: false,
         }
     }
 
@@ -143,6 +144,7 @@ mod tests {
             transport: Default::default(),
             env_vars: vec![],
             env_file: None,
+            disable_builtin_tools: false,
         }
     }
 

src/main.rs

@@ -194,6 +194,7 @@ const BIND_ADDRESS: &str = "127.0.0.1:9001";
 pub struct McpServer {
     lifecycle_manager: LifecycleManager,
     peer: Arc<Mutex<Option<rmcp::Peer<rmcp::RoleServer>>>>,
+    disable_builtin_tools: bool,
 }
 
 /// Handle CLI tool commands by creating appropriate tool call requests
@@ -271,6 +272,7 @@ async fn create_lifecycle_manager(plugin_dir: Option<PathBuf>) -> Result<Lifecyc
             transport: Default::default(),
             env_vars: vec![],
             env_file: None,
+            disable_builtin_tools: false,
         })
         .context("Failed to load configuration")?
     };
@@ -297,10 +299,12 @@ impl McpServer {
     ///
     /// # Arguments
     /// * `lifecycle_manager` - The lifecycle manager for handling component operations
-    pub fn new(lifecycle_manager: LifecycleManager) -> Self {
+    /// * `disable_builtin_tools` - Whether to disable built-in tools
+    pub fn new(lifecycle_manager: LifecycleManager, disable_builtin_tools: bool) -> Self {
         Self {
             lifecycle_manager,
             peer: Arc::new(Mutex::new(None)),
+            disable_builtin_tools,
         }
     }
 
@@ -354,8 +358,15 @@ Key points:
         // Store peer on first request
         self.store_peer_if_empty(peer_clone.clone());
 
+        let disable_builtin_tools = self.disable_builtin_tools;
         Box::pin(async move {
-            let result = handle_tools_call(params, &self.lifecycle_manager, peer_clone).await;
+            let result = handle_tools_call(
+                params,
+                &self.lifecycle_manager,
+                peer_clone,
+                disable_builtin_tools,
+            )
+            .await;
             match result {
                 Ok(value) => serde_json::from_value(value).map_err(|e| {
                     ErrorData::parse_error(format!("Failed to parse result: {e}"), None)
@@ -373,8 +384,9 @@ Key points:
         // Store peer on first request
         self.store_peer_if_empty(ctx.peer.clone());
 
+        let disable_builtin_tools = self.disable_builtin_tools;
         Box::pin(async move {
-            let result = handle_tools_list(&self.lifecycle_manager).await;
+            let result = handle_tools_list(&self.lifecycle_manager, disable_builtin_tools).await;
             match result {
                 Ok(value) => serde_json::from_value(value).map_err(|e| {
                     ErrorData::parse_error(format!("Failed to parse result: {e}"), None)
@@ -519,7 +531,7 @@ async fn main() -> Result<()> {
                     .build()
                     .await?;
 
-                let server = McpServer::new(lifecycle_manager.clone());
+                let server = McpServer::new(lifecycle_manager.clone(), cfg.disable_builtin_tools);
 
                 // Start background component loading
                 let server_clone = server.clone();