Skip to content

fix: redact MCP invalid JSON errors when tool logging is disabled#3088

Open
Aphroq wants to merge 2 commits intoopenai:mainfrom
Aphroq:fix/mcp-invalid-json-redaction
Open

fix: redact MCP invalid JSON errors when tool logging is disabled#3088
Aphroq wants to merge 2 commits intoopenai:mainfrom
Aphroq:fix/mcp-invalid-json-redaction

Conversation

@Aphroq
Copy link
Copy Markdown
Contributor

@Aphroq Aphroq commented May 2, 2026

Summary

Redacts malformed MCP tool input from ModelBehaviorError in src/agents/mcp/util.py when DONT_LOG_TOOL_DATA is enabled.

Previously, invoke_mcp_tool() suppressed debug logging in no-tool-data mode but still embedded the raw input_json in the raised exception, which could leak secrets through logs, traces, or error reporting pipelines. This change makes the exception path follow the same redaction policy as logging, while preserving the existing full-payload behavior when tool-data logging is explicitly enabled.

Also adds regression coverage in tests/mcp/test_mcp_util.py for both redacted and non-redacted modes.

Test plan

  • Ran the repository verification stack via bash .agents/skills/code-change-verification/scripts/run.sh
  • Verified targeted MCP bad-JSON tests in tests/mcp/test_mcp_util.py
  • Confirmed full repository checks passed, including format, lint, typecheck, and tests

Issue number

Closes #3087

Checks

  • I've added new tests (if relevant)
  • I've added/updated the relevant documentation
  • I've run make lint and make format
  • I've made sure tests pass

@github-actions github-actions Bot added bug Something isn't working feature:mcp labels May 2, 2026
@seratch seratch added this to the 0.15.x milestone May 4, 2026
@seratch
Copy link
Copy Markdown
Member

seratch commented May 4, 2026

@codex review

1 similar comment
@seratch
Copy link
Copy Markdown
Member

seratch commented May 4, 2026

@codex review

chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed May 4, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 07c2d8ef82

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread src/agents/mcp/util.py
if _debug.DONT_LOG_TOOL_DATA:
logger.debug(f"Invalid JSON input for tool {tool.name}")
logger.debug(error_message)
raise ModelBehaviorError(error_message) from None
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot May 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Remove hidden JSON context in redacted error path

In redaction mode, raise ModelBehaviorError(error_message) from None suppresses traceback display but still leaves the original JSONDecodeError in __context__, whose .doc contains the full input_json (including secrets). Any telemetry/introspection that serializes exception context can still leak tool payloads, so the redaction fix is incomplete.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

bug Something isn't working feature:mcp

Projects

None yet

Milestone

0.15.x

Development

Successfully merging this pull request may close these issues.

MCP invalid JSON errors still include raw tool input when DONT_LOG_TOOL_DATA is enabled

2 participants

@Aphroq @seratch