Describe the bug
Description:
The ADO MCP server appears connected when using mcp show, and works correctly in Visual Studio Code, but fails when invoked via the Copilot CLI with a consistent error about "dangerous Request.Path values."
Steps to Reproduce:
- Ensure ADO MCP server is configured and running (mcp show confirms connection)
- Open Copilot CLI in the repo
- Invoke any ADO MCP command that includes email addresses (e.g., WIQL query filtering by AssignedTo)
- Observe the error response
Expected Behavior:
MCP commands that work in VS Code should also work in Copilot CLI without modification.
Actual Behavior:
Commands fail with:
Error executing WIQL query: {"$id":"1","innerException":null,"message":"A potentially dangerous Request.Path value was detected from the client (:).","typeName":"System.Web.HttpException, System.Web"...}
Error Occurs With:
- azure-devops-mcp-wit_query_by_wiql when filtering by [System.AssignedTo] (email contains :)
- azure-devops-mcp-wit_my_work_items (generic path issue)
- Any query/command that includes colons in parameters
Environment:
- Copilot CLI version:
1.0.49
- Model: claude-haiku-4.5
- ADO MCP server: connected (verified via mcp show)
- OS: macOS
- VS Code: works fine with same MCP configuration
Hypothesis:
The CLI may be handling URL encoding/path escaping differently than VS Code, or the MCP server proxy in CLI has stricter security validation that prevents colons in certain contexts.
Requested:
- Debug/fix MCP server communication in CLI to match VS Code behavior
- Or document if email filtering requires URL encoding in CLI (e.g., %3A for :)
I'm using a mcp server allowed by organization:
"azure-devops-mcp": {
"type": "stdio",
"command": "npx",
"args": [
"-y",
"@azure-devops/mcp@latest",
"${input:ado_org}"
],
...
"env": {
"ADO_MCP_AUTH_TOKEN": "{env:ADO_MCP_AUTH_TOKEN}"
},
Affected version
No response
Steps to reproduce the behavior
No response
Expected behavior
No response
Additional context
No response
Describe the bug
Description:
The ADO MCP server appears connected when using mcp show, and works correctly in Visual Studio Code, but fails when invoked via the Copilot CLI with a consistent error about "dangerous Request.Path values."
Steps to Reproduce:
Expected Behavior:
MCP commands that work in VS Code should also work in Copilot CLI without modification.
Actual Behavior:
Commands fail with:
Error executing WIQL query: {"$id":"1","innerException":null,"message":"A potentially dangerous Request.Path value was detected from the client (:).","typeName":"System.Web.HttpException, System.Web"...}
Error Occurs With:
Environment:
1.0.49
Hypothesis:
The CLI may be handling URL encoding/path escaping differently than VS Code, or the MCP server proxy in CLI has stricter security validation that prevents colons in certain contexts.
Requested:
I'm using a mcp server allowed by organization:
"azure-devops-mcp": {
"type": "stdio",
"command": "npx",
"args": [
"-y",
"@azure-devops/mcp@latest",
"${input:ado_org}"
],
...
"env": {
"ADO_MCP_AUTH_TOKEN": "{env:ADO_MCP_AUTH_TOKEN}"
},
Affected version
No response
Steps to reproduce the behavior
No response
Expected behavior
No response
Additional context
No response