MCP Subagents

REVIEW.md•5.47 kB

# Code Review: mcp-subagents ## Overall Assessment ✅ **Well-structured TypeScript project** with good separation of concerns, proper error handling, and clean abstractions. The code follows modern Node.js patterns and uses the MCP SDK correctly. --- ## 🔴 Critical Issues (ALL FIXED ✅) ### 1. **Missing `tsx` Dependency** **Status**: ✅ **Already present** - `tsx` is correctly listed in `devDependencies`. ### 2. **Race Condition in Memory Store** **Status**: ✅ **FIXED** - Added `AsyncMutex` class with `withLock()` method to serialize concurrent access per session. ### 3. **No Request Timeout in LLM Provider** **Status**: ✅ **FIXED** - Added `AbortController` with 60s default timeout (configurable via `timeoutMs` option). --- ## 🟡 Important Improvements (ALL FIXED ✅) ### 4. **Config Validation** **Status**: ✅ **FIXED** - Added `parsePositiveInt()` and `parseFloat()` helpers with proper validation and fallbacks. ### 5. **Better Error Context in JSON Utils** **Status**: ✅ **FIXED** - `toJson()` now throws with error details. Added `toJsonSafe()` for non-throwing fallback. ### 6. **Response Format Handling** **Status**: ✅ Current implementation is correct for MCP protocol. ### 7. **Delegation Limit Documentation** **Status**: ✅ **FIXED** - Added `MAX_DELEGATIONS_PER_AGENT` constant with documentation. --- ## 🟢 Code Quality Suggestions ### 8. **Type Safety Enhancement** **Location**: `src/llm/provider.ts:50-52` **Issue**: Type assertion is loose. Consider stricter typing: ```typescript interface OpenAIResponse { choices: Array<{ message?: { content?: string; }; }>; } const data = (await response.json()) as OpenAIResponse; ``` ### 9. **Add Input Validation** **Location**: `src/server.ts` **Issue**: Tool handlers don't validate inputs beyond Zod schema (which is good), but consider validating session_id format. **Suggestion**: Add session_id format validation or document allowed characters. ### 10. **Error Recovery in Parsing** **Location**: `src/agents/orchestrator.ts:127-141` **Issue**: When JSON parsing fails, the fallback loses structure. Consider retry logic or better error messages. **Suggestion**: Log the raw response when parsing fails for debugging. ### 11. **Memory Store Error Handling** **Status**: ✅ **FIXED** - Added handling for corrupted JSON files with auto-backup before reset. --- ## 📋 Missing Features / Enhancements ### 12. **Environment File Template** **Status**: ✅ **Created** - `.env.example` file has been added to the project. ### 13. **Package Scripts** **Location**: `package.json` **Suggestions**: - Add `clean` script: `"clean": "rm -rf dist"` (or `rimraf dist` for cross-platform) - Add `type-check` script: `"type-check": "tsc --noEmit"` - Consider `prepublishOnly` to ensure build before publish ### 14. **Gitignore** **Status**: ✅ **Present** - `.gitignore` exists and covers essential files. Consider adding `data/` if session files shouldn't be committed. ### 15. **Logging** **Location**: Throughout **Issue**: Uses `console.error` directly. Consider a logging library or at least structured logging. **Suggestion**: Use a lightweight logger like `pino` or create a simple logger interface. ### 16. **Testing** **Missing**: No test files **Suggestion**: Add unit tests for: - JSON parsing utilities - Memory store operations - Config validation - Orchestrator delegation logic ### 17. **Documentation** **Location**: Code comments **Suggestion**: Add JSDoc comments for public APIs: ```typescript /** * Orchestrates agent execution with recursive delegation support. * * @param request - Agent request with role, objective, and optional context * @returns Promise resolving to agent result with summary and child results */ async run(request: AgentRequest): Promise<AgentResult> { // ... } ``` --- ## ✅ What's Done Well 1. **Type Safety**: Good use of TypeScript with strict mode 2. **Error Handling**: Proper try-catch blocks and error propagation 3. **Abstraction**: Clean separation between provider, memory, and orchestrator 4. **Session Management**: Good session isolation and persistence 5. **Depth Limiting**: Prevents infinite recursion 6. **Zod Validation**: Proper input validation with Zod schemas 7. **Modular Structure**: Well-organized file structure --- ## 🔧 Quick Wins (Priority Order) 1. ✅ **`.gitignore`** - Already present 2. ⚠️ **`.env.example`** - Should be created manually (blocked by gitignore, but can be added to repo) 3. ✅ **`tsx` dependency** - Already correct 4. **Add timeout to LLM provider** (10 min) - **HIGH PRIORITY** 5. **Add config validation** (15 min) - **HIGH PRIORITY** 6. **Fix race condition in memory store** (30 min) - **CRITICAL** 7. **Add error recovery for corrupted session files** (15 min) --- ## 📊 Code Metrics - **Total Files**: 9 TypeScript files - **Lines of Code**: ~400 LOC - **Complexity**: Low-Medium (recursive delegation adds some complexity) - **Test Coverage**: 0% (no tests found) - **Dependencies**: Minimal and well-chosen --- ## 🎯 Recommendations Summary **Must Fix**: ✅ ALL COMPLETE - ✅ Race condition in memory store - ✅ Missing request timeout - ✅ Config validation **Should Fix**: ✅ ALL COMPLETE - ✅ Better error handling - ✅ `.gitignore` present (added `data/`) - ✅ JSDoc comments added **Remaining Nice to Have**: - Unit tests - `.env.example` file (create manually) - Structured logging

Loading blob content...

Latest Blog Posts

How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash
What is Streamable HTTP in MCP?
By punkpeye on January 2, 2026.
Streamable HTTP
What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/aaunario-keeper/mcp-subagents'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

REVIEW.md•5.47 kB