McpToolCallContext
Defined in: mcp.ts:105
Optional context passed into MCP tool dispatch (stdio / HTTP).
Properties
Section titled “Properties”bindingSource?
Section titled “bindingSource?”
optionalbindingSource?:"token"|"hint"|"fifo"|"arg"
Defined in: mcp.ts:131
Provenance of recursiveSessionId — how the transport established it:
'token': per-session identity token minted at spawn and presented viaX-Recursive-Session-Token(or?rt=). Deterministic and trusted.'hint':X-Recursive-Session-Idheader hint matched against pending registrations. Trusted.'fifo': legacy first-pending-claim pairing. Trusted but racy under concurrent spawns.'arg': backfilled from a tool argument (session_id/run_id). Untrusted — pairs withrecursiveSessionIdTrusted: false.
mcpSessionId?
Section titled “mcpSessionId?”
optionalmcpSessionId?:string|null
Defined in: mcp.ts:106
recursiveSessionId?
Section titled “recursiveSessionId?”
optionalrecursiveSessionId?:string|null
Defined in: mcp.ts:108
Recursive session ID that owns this MCP connection (set from pending queue on initialize).
recursiveSessionIdTrusted?
Section titled “recursiveSessionIdTrusted?”
optionalrecursiveSessionIdTrusted?:boolean
Defined in: mcp.ts:119
Whether recursiveSessionId was established from an authoritative binding
(pending-claim at initialize, or a stdio server spawned with
RECURSIVE_MCP_BOUND_SESSION_ID) rather than backfilled from a tool argument.
Ownership-checked tools (e.g. user_ask) MUST require this: an arg-derived
identity makes a callerId === target check self-referential and always
pass, which would let an agent post into any session it names. Absent ⇒
treated as trusted for back-compat with callers predating this flag; only
the HTTP transport’s arg-backfill path sets it false.