fix(mcp): enforce tool name validation in deploy modal

[waleedlatif1]

Summary

• The MCP "Tool name" field showed the rule "lowercase letters, numbers, and underscores only" but never enforced it — invalid input (e.g. epic-sun3 3) saved silently, then the server rewrote it to epic_sun3_3, so the persisted name differed from what the user typed
• Added client-side validation mirroring the Chat tab's identifier pattern: blocks save, disables the server selector, and surfaces an inline error + red border when the name has invalid characters or exceeds 64 chars

Type of Change

• Bug fix

Testing

Tested manually

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		Jun 4, 2026 6:15pm

[cursor]

PR Summary

Low Risk
Deploy-modal UI validation only; no auth, API, or persistence logic changes beyond preventing invalid submits.

Overview
The MCP deploy modal Tool name field now validates input before save instead of relying on the server to silently rewrite invalid names via sanitizeToolName.

Client rules mirror the persisted shape: lowercase alphanumerics with single underscores between segments, no leading/trailing or doubled underscores, max 64 characters. Invalid names show an inline error and error styling on the input, Save stays disabled via onCanSaveChange, handleSave no-ops, and the server multi-select stays disabled until the name is fixed (with a short hint to fix the tool name).

^{Reviewed by Cursor Bugbot for commit 2979b35. Configure here.}

[greptile-apps]

Greptile Summary

This PR enforces client-side validation on the MCP "Tool name" field to prevent the server from silently rewriting the user's input via sanitizeToolName. The regex /^[a-z0-9]+(_[a-z0-9]+)*$/ now mirrors the server's output constraints exactly, and a 64-character cap is added.

• Adds toolNameError useMemo that validates the trimmed name, blocks the save button and server selector, and surfaces an inline red-border error with descriptive text.
• Adds a contextual hint ("Fix the tool name to select servers") below the disabled combobox when validation fails, so users understand why the control is greyed out.
• Guards both onCanSaveChange and handleSave with the error state, so invalid names can never reach the server.

Confidence Score: 5/5

Safe to merge — a self-contained client-side validation addition with no changes to server logic or data flow.

The change is narrowly scoped to a single UI component: it adds a regex guard and length cap, wires them into existing save/enable gates, and surfaces feedback inline. The chosen pattern exactly mirrors the server's sanitization output, so the name the user sees is the name the server will persist. No state, store, or API contract is altered.

No files require special attention.

Important Files Changed

Filename	Overview
apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/deploy/components/deploy-modal/components/mcp/mcp.tsx	Adds client-side validation for tool name field using pattern /^[a-z0-9]+(_[a-z0-9]+)*$/ and a 64-char cap; gates save and server selector on valid input; surfaces inline error and combobox hint.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[User types in Tool Name input] --> B{Name is empty?}
    B -- Yes --> C[No error, save blocked by empty guard\nCombobox disabled]
    B -- No --> D{Length over 64?}
    D -- Yes --> E[Error: must be 64 chars or fewer\nRed border shown, combobox disabled]
    D -- No --> F{Matches valid pattern?}
    F -- No --> G[Error: use lowercase letters and numbers\nRed border shown, combobox disabled with hint]
    F -- Yes --> H[No error, combobox enabled]
    H --> I{Has unsaved changes?}
    I -- Yes --> J[Save button enabled]
    I -- No --> K[Save button disabled]
    J --> L[handleSave sends to server]

Loading

_{Reviews (2): Last reviewed commit: "fix(mcp): align tool-name regex with ser..." | Re-trigger Greptile}

[waleedlatif1]

@greptile

[waleedlatif1]

@cursor review

[cursor]

✅ Bugbot reviewed your changes and found no new issues!

Comment @cursor review or bugbot run to trigger another review on this PR

^{Reviewed by Cursor Bugbot for commit 2979b35. Configure here.}