fix(mcp-app): host name resolution, tool annotations, and widget improvements (tldraw#8168)

In order to improve MCP client identity tracking and fix several widget
UX issues, this PR refactors the MCP app with a clean commit history.

Clean reimplementation of
[`max/mcp-fixes`](https://github.com/tldraw/tldraw/tree/max/mcp-fixes).

**Key changes:**

- **Rename `cloudflare-worker.ts` → `worker.ts`** for clarity
- **Fix build scripts** so dev:stdio, dev:tunnel, and deploy always
build the widget first
- **Centralize server metadata** — use shared constants (name, version,
title, etc.) across server and widget; bump version to 0.1.0; extract
`injectBootstrapData()` helper
- **Add client host name resolution** — resolve connecting client
identity (cursor, vscode, claude, chatgpt) from MCP client version
string; thread through bootstrap data; use for domain resolution instead
of raw client strings; persist in worker SQLite
- **Extract image guard and app context** into separate modules; rename
context to `McpAppContext`
- **Improve widget UI** — show "Build it" only in code editors; reorder
share panel buttons; use download icon; simplify state; use typed host
context; query host capabilities for fullscreen/download
- **Add explicit tool annotations** — `readOnlyHint`/`destructiveHint`
on all tools so MCP clients can make better auto-approval decisions
- **Add README** with architecture overview, setup instructions, and dev
workflow

### Change type

- [x] `improvement`

### Test plan

1. Connect via Cursor — verify "Build it" button appears, download and
fullscreen buttons work
2. Connect via Claude Desktop — verify "Build it" is hidden, download
and fullscreen work
3. Connect via ChatGPT — verify resource domain resolves correctly
4. Run `yarn dev:stdio` — verify widget builds before server starts

- [ ] Unit tests
- [ ] End to end tests

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **Medium Risk**
> Moderate risk because it changes MCP server metadata/bootstrap
injection and client-based domain resolution across both Node and Worker
entry points, which could affect connectivity or resource loading in
different hosts.
> 
> **Overview**
> **Client/host identity is now normalized and propagated end-to-end.**
The server/worker resolve a canonical host name
(`cursor`/`vscode`/`claude`/`chatgpt`) from the MCP client string,
persist it in the Durable Object, and embed it into the widget bootstrap
so the UI and HTTP `domain` selection use the same identity.
> 
> **Server/tool registration is tightened and standardized.** Server
metadata is centralized via shared constants (including a version bump
to `0.1.0`), bootstrap HTML injection is extracted to a helper, and all
tools now include explicit `readOnlyHint`/`destructiveHint` annotations
(plus annotations for the app-only `event` tool).
> 
> **Widget UX and host integration are refined.** Host context handling
is typed/safer, fullscreen/download buttons are gated by host
capabilities, the Share panel is reordered with an icon download button,
and the "Build it" action is shown only for code-editor hosts;
image/asset/embed inputs are proactively blocked via extracted
`image-guard` overrides.
> 
> **Dev/deploy ergonomics and docs.** `dev:stdio`, `dev:http`,
`dev:tunnel`, and `deploy` now always build the widget first, the
Cloudflare entry point is set to `src/worker.ts`, and a new `README.md`
documents architecture and setup.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
5d15524. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Author: max-drake

apps/mcp-app/README.md

@@ -0,0 +1,140 @@
+# MCP app
+
+This is the tldraw MCP app. It exposes an interactive tldraw canvas to AI agents via the [Model Context Protocol](https://modelcontextprotocol.io/), so agents in Cursor, Claude Desktop, ChatGPT, and VS Code can draw diagrams and shapes on a canvas during a conversation.
+
+## Architecture
+
+The app has two parts: a **server** and a **widget**.
+
+### Server
+
+The server registers MCP tools (`create_shapes`, `update_shapes`, `delete_shapes`, `diagram_drawing_read_me`) and serves the widget HTML as an MCP App resource.
+
+There are two entry points:
+
+- `main.ts` — Node.js stdio transport, for local clients like Claude Desktop and Cursor
+- `src/worker.ts` — Cloudflare Workers with a Durable Object (`TldrawMCP`) backed by SQLite for persistent checkpoint storage
+
+Both entry points share tool registration logic in `src/register-tools.ts`.
+
+### Widget
+
+The widget is a React app (`src/widget/mcp-app.tsx`) that renders a full tldraw canvas inside the MCP host's iframe. Vite bundles it into a single HTML file (`dist/mcp-app.html`) using `vite-plugin-singlefile`, which the server injects bootstrap data into before serving.
+
+The widget handles streaming previews (shapes appear as the model streams tool arguments), checkpoint persistence to `localStorage`, and syncing state back to the server.
+
+## Developing
+
+Run all commands from `apps/mcp-app`.
+
+### Package scripts
+
+| Command           | What it does                                                                        |
+| ----------------- | ----------------------------------------------------------------------------------- |
+| `yarn build`      | Build the widget HTML                                                               |
+| `yarn dev`        | Build widget + start local Cloudflare worker (HTTP MCP on `localhost:8787`)         |
+| `yarn dev:stdio`  | Start a local stdio MCP server                                                      |
+| `yarn dev:tunnel` | Start a Cloudflare tunnel + local worker with `WORKER_ORIGIN` set to the tunnel URL |
+| `yarn deploy`     | Build widget + deploy the Cloudflare worker to production                           |
+
+`yarn dev:tunnel` requires the `cloudflared` CLI to be installed on your machine.
+
+### Cursor setup
+
+Add up to three servers in `~/.cursor/mcp.json`:
+
+```json
+{
+	"mcpServers": {
+		"tldraw": {
+			"transport": "http",
+			"url": "https://tldraw-mcp-app.tldraw.workers.dev/mcp"
+		},
+		"tldraw-local": {
+			"command": "npx",
+			"args": ["-y", "mcp-remote", "http://127.0.0.1:8787/mcp"]
+		},
+		"tldraw-local-stdio": {
+			"command": "yarn",
+			"args": [
+				"--cwd",
+				"<path-to-tldraw-repo>/tldraw/apps/mcp-app",
+				"run",
+				"-s",
+				"tsx",
+				"main.ts",
+				"--stdio"
+			]
+		}
+	}
+}
+```
+
+`--cwd` ensures Cursor launches in the app folder. `-s` stops yarn from writing non-JSON noise to stdout, which breaks the stdio transport.
+
+### Claude Desktop setup
+
+Update `~/Library/Application Support/Claude/claude_desktop_config.json`:
+
+```json
+{
+	"mcpServers": {
+		"tldraw": {
+			"command": "npx",
+			"args": ["-y", "mcp-remote", "https://tldraw-mcp-app.tldraw.workers.dev/mcp"]
+		},
+		"tldraw-local": {
+			"command": "npx",
+			"args": ["-y", "mcp-remote", "http://127.0.0.1:8787/mcp"]
+		},
+		"tldraw-local-stdio": {
+			"command": "yarn",
+			"args": [
+				"--cwd",
+				"<path-to-tldraw-repo>/tldraw/apps/mcp-app",
+				"run",
+				"-s",
+				"tsx",
+				"main.ts",
+				"--stdio"
+			]
+		}
+	}
+}
+```
+
+### ChatGPT local dev
+
+ChatGPT requires an HTTPS origin, so you need a Cloudflare tunnel. You must be a workspace admin.
+
+1. Run `yarn dev:tunnel` in `apps/mcp-app`
+2. It prints a `https://...trycloudflare.com` tunnel URL
+3. In ChatGPT web (not the desktop app), go to **Apps** and add your app using that tunnel URL
+4. You can then test in both ChatGPT web and the desktop app
+
+`dev:tunnel` automatically wires `WORKER_ORIGIN` to the tunnel URL.
+
+### Iteration loop
+
+1. Make code changes in `apps/mcp-app`
+2. Run the relevant script (`dev`, `dev:stdio`, or `dev:tunnel`)
+3. Disconnect and reconnect the MCP server in your client (or reload the page/app)
+4. When making widget changes, make sure to rebuild — `yarn dev` does this automatically
+
+Reconnecting the server after changes is the most reliable way to pick up new code, especially when the widget HTML changes.
+
+## License
+
+The code in this folder is Copyright (c) 2024-present tldraw Inc. The tldraw SDK is provided under the [tldraw license](https://github.com/tldraw/tldraw/blob/main/LICENSE.md).
+
+## Trademarks
+
+Copyright (c) 2024-present tldraw Inc. The tldraw name and logo are trademarks of tldraw. Please see our [trademark guidelines](https://github.com/tldraw/tldraw/blob/main/TRADEMARKS.md) for info on acceptable usage.
+
+## Contact
+
+Find us on Twitter/X at [@tldraw](https://twitter.com/tldraw).
+
+## Community
+
+Have questions, comments or feedback? [Join our discord](https://discord.tldraw.com/?utm_source=github&utm_medium=readme&utm_campaign=sociallink). For the latest news and release notes, visit [tldraw.dev](https://tldraw.dev).

apps/mcp-app/package.json

@@ -8,10 +8,10 @@
 		"build:widget": "node ../../packages/tldraw/scripts/copy-css-files.mjs && vite build && mv dist/index.html dist/mcp-app.html",
 		"build": "yarn build:widget",
 		"dev": "yarn dev:http",
-		"dev:stdio": "tsx main.ts --stdio",
-		"dev:http": "yarn build:widget && wrangler dev",
-		"dev:tunnel": "bash dev-tunnel.sh",
-		"deploy": "yarn build:widget && wrangler deploy",
+		"dev:stdio": "yarn build && tsx main.ts --stdio",
+		"dev:http": "yarn build && wrangler dev",
+		"dev:tunnel": "yarn build && bash dev-tunnel.sh",
+		"deploy": "yarn build && wrangler deploy",
 		"lint": "yarn run -T tsx ../../internal/scripts/lint.ts",
 		"test": "yarn run -T vitest --passWithNoTests",
 		"test-ci": "yarn run -T vitest run --passWithNoTests",

apps/mcp-app/server.ts

@@ -1,8 +1,17 @@
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js'
 import type { TLShape } from 'tldraw'
 import { registerTools } from './src/register-tools'
-import type { ServerDeps } from './src/shared/types'
-import { MAX_CHECKPOINTS } from './src/shared/types'
+import type { MCP_APP_HOST_NAMES, ServerDeps } from './src/shared/types'
+import {
+	MAX_CHECKPOINTS,
+	MCP_SERVER_DESCRIPTION,
+	MCP_SERVER_INSTRUCTIONS,
+	MCP_SERVER_NAME,
+	MCP_SERVER_TITLE,
+	MCP_SERVER_VERSION,
+	MCP_SERVER_WEBSITE_URL,
+} from './src/shared/types'
+import { resolveMcpAppHostName } from './src/shared/utils'
 import { loadCachedCanvasWidgetHtml } from './src/tools/loadCachedCanvasWidgetHtml'
 
 // --- Server factory ---
@@ -68,15 +77,27 @@ export function createServer() {
 		return entry?.bindings ?? []
 	}
 
-	const server = new McpServer({
-		name: 'tldraw',
-		version: '1.0.0',
-	})
+	let clientHostName: MCP_APP_HOST_NAMES | undefined
+
+	const server = new McpServer(
+		{
+			name: MCP_SERVER_NAME,
+			version: MCP_SERVER_VERSION,
+			title: MCP_SERVER_TITLE,
+			description: MCP_SERVER_DESCRIPTION,
+			websiteUrl: MCP_SERVER_WEBSITE_URL,
+		},
+		{
+			instructions: MCP_SERVER_INSTRUCTIONS,
+		}
+	)
 
 	server.server.oninitialized = () => {
 		const clientInfo = server.server.getClientVersion()
+		const resolved = resolveMcpAppHostName(clientInfo?.name ?? '')
+		if (resolved) clientHostName = resolved
 		console.error(
-			`[tldraw-mcp] Client connected: ${clientInfo?.name ?? 'unknown'} v${clientInfo?.version ?? '?'}`
+			`[tldraw-mcp] Client connected: ${clientHostName ?? 'unknown'} v${clientInfo?.version ?? '?'}`
 		)
 	}
 
@@ -106,6 +127,7 @@ export function createServer() {
 	registerTools(server, deps, {
 		httpDomain: httpDomain.openai || httpDomain.claude ? httpDomain : undefined,
 		log: console.error,
+		getClientHostName: () => clientHostName,
 	})
 
 	return server

apps/mcp-app/src/register-tools.ts

@@ -44,10 +44,23 @@ import { READ_ME_CONTENT } from './tools/read-me'
 /**
  * Shared tool/resource registration logic for both Node.js and Cloudflare Workers entry points.
  *
- * Both `server.ts` (Node) and `src/cloudflare-worker.ts` (Workers) call `registerTools()`
+ * Both `server.ts` (Node) and `src/worker.ts` (Workers) call `registerTools()`
  * with platform-specific storage backends.
  */
 
+// --- Helpers ---
+
+function injectBootstrapData(html: string, bootstrap: Record<string, unknown>): string {
+	const toBase64 =
+		typeof Buffer !== 'undefined' ? (s: string) => Buffer.from(s).toString('base64') : btoa
+	const encoded = toBase64(JSON.stringify(bootstrap))
+	const bootstrapScript = `<script>window.__TLDRAW_BOOTSTRAP__=JSON.parse(atob("${encoded}"))</script>`
+	// Replace the LAST </head> — the inlined JS bundle may contain </head> as a string literal
+	const lastIdx = html.lastIndexOf('</head>')
+	if (lastIdx === -1) return html
+	return html.slice(0, lastIdx) + bootstrapScript + html.slice(lastIdx)
+}
+
 // --- Registration ---
 
 export function registerTools(
@@ -75,6 +88,7 @@ export function registerTools(
 				readOnlyHint: true,
 				idempotentHint: true,
 				openWorldHint: false,
+				destructiveHint: false,
 			},
 		},
 		async (): Promise<CallToolResult> => {
@@ -97,7 +111,8 @@ export function registerTools(
 			description: 'Creates shapes, drawings, and diagrams on the tldraw canvas.',
 			inputSchema: createShapesInputSchema,
 			annotations: {
-				destructiveHint: true,
+				readOnlyHint: false,
+				destructiveHint: false,
 				idempotentHint: false,
 				openWorldHint: false,
 			},
@@ -179,6 +194,7 @@ export function registerTools(
 			description: 'Updates existing shapes, diagrams, and drawings on the tldraw canvas.',
 			inputSchema: updateShapesInputSchema,
 			annotations: {
+				readOnlyHint: false,
 				destructiveHint: true,
 				idempotentHint: false,
 				openWorldHint: false,
@@ -301,6 +317,7 @@ export function registerTools(
 			description: 'Deletes shapes by id from a JSON string (string[]).',
 			inputSchema: deleteShapesInputSchema,
 			annotations: {
+				readOnlyHint: false,
 				destructiveHint: true,
 				idempotentHint: false,
 				openWorldHint: false,
@@ -381,6 +398,7 @@ export function registerTools(
 			inputSchema: z.object({ checkpointId: z.string().min(1) }),
 			annotations: {
 				readOnlyHint: true,
+				destructiveHint: false,
 				idempotentHint: true,
 				openWorldHint: false,
 			},
@@ -471,7 +489,8 @@ export function registerTools(
 				bindingsJson: z.string().optional(),
 			}),
 			annotations: {
-				destructiveHint: true,
+				readOnlyHint: false,
+				destructiveHint: false,
 				idempotentHint: false,
 				openWorldHint: false,
 			},
@@ -527,6 +546,12 @@ export function registerTools(
 				event: z.string().min(1),
 				value: z.number().optional(),
 			}),
+			annotations: {
+				readOnlyHint: false,
+				destructiveHint: false,
+				idempotentHint: false,
+				openWorldHint: true,
+			},
 			_meta: { ui: { visibility: ['app'] } },
 		},
 		async ({ event, value }: { event: string; value?: number }): Promise<CallToolResult> => {
@@ -567,7 +592,8 @@ export function registerTools(
 			// has shapes synchronously on mount — before any streaming begins.
 			const activeId = deps.getActiveCheckpointId()
 			const sid = deps.getSessionId()
-			const bootstrap: Record<string, unknown> = { sessionId: sid }
+			const hostName = opts?.getClientHostName()
+			const bootstrap: Record<string, unknown> = { sessionId: sid, hostName }
 			if (activeId) {
 				const checkpoint = deps.loadCheckpoint(activeId)
 				if (checkpoint) {
@@ -577,30 +603,17 @@ export function registerTools(
 					bootstrap.bindings = checkpoint.bindings
 				}
 			}
-			const toBase64 =
-				typeof Buffer !== 'undefined' ? (s: string) => Buffer.from(s).toString('base64') : btoa
-			const encoded = toBase64(JSON.stringify(bootstrap))
-			const bootstrapScript = `<script>window.__TLDRAW_BOOTSTRAP__=JSON.parse(atob("${encoded}"))</script>`
-			// Replace the LAST </head> — the inlined JS bundle may contain </head> as a string literal
-			const lastIdx = html.lastIndexOf('</head>')
-			if (lastIdx !== -1) {
-				html = html.slice(0, lastIdx) + bootstrapScript + html.slice(lastIdx)
-			}
+			html = injectBootstrapData(html, bootstrap)
 
 			// Resolve domain from client identity (only when serving over HTTP with configured domains)
 			let domain: string | undefined
 			if (opts?.httpDomain?.openai || opts?.httpDomain?.claude) {
-				const clientName = server.server.getClientVersion()?.name ?? ''
-				if (clientName === 'openai-mcp') {
+				if (hostName === 'chatgpt') {
 					domain = opts.httpDomain.openai
-				} else if (
-					clientName === 'claude-ai' ||
-					clientName === 'Anthropic' ||
-					clientName === 'Anthropic/ClaudeAI'
-				) {
+				} else if (hostName === 'claude') {
 					domain = opts.httpDomain.claude
 				}
-				log(`[tldraw-mcp] Serving resource to "${clientName}" with domain: ${domain}`)
+				log(`[tldraw-mcp] Serving resource to "${hostName}" with domain: ${domain}`)
 			}
 
 			return {

apps/mcp-app/src/shared/types.ts

@@ -24,10 +24,12 @@ export interface RegisterToolsOptions {
 	log?(...args: unknown[]): void
 	/** Analytics engine dataset. */
 	analytics?: AnalyticsEngineDataset
+	/** Returns the resolved host name of the connected client. */
+	getClientHostName(): MCP_APP_HOST_NAMES | undefined
 }
 
 export const MCP_SERVER_NAME = 'tldraw'
-export const MCP_SERVER_VERSION = '1.0.0'
+export const MCP_SERVER_VERSION = '0.1.0'
 export const MCP_SERVER_TITLE = 'tldraw Canvas'
 export const MCP_SERVER_DESCRIPTION =
 	'An interactive tldraw canvas with tools for diagramming, drawing, and more.'
@@ -55,3 +57,5 @@ export const ALLOWED_IMAGE_TYPES: Record<string, string> = Object.fromEntries(
 )
 
 export const MAX_CHECKPOINTS = 200
+
+export type MCP_APP_HOST_NAMES = 'cursor' | 'vscode' | 'claude' | 'chatgpt'

apps/mcp-app/src/shared/utils.ts

@@ -1,5 +1,6 @@
 import type { CallToolResult } from '@modelcontextprotocol/sdk/types.js'
 import type { TLShape } from 'tldraw'
+import type { MCP_APP_HOST_NAMES } from './types'
 
 export function isPlainObject(value: unknown): value is Record<string, unknown> {
 	return typeof value === 'object' && value !== null && !Array.isArray(value)
@@ -41,3 +42,19 @@ export function errorResponse(toolName: string, err: unknown, hint?: string): Ca
 export function generateCheckpointId(): string {
 	return crypto.randomUUID().replace(/-/g, '').slice(0, 18)
 }
+
+export function resolveMcpAppHostName(potentialHostName: string): MCP_APP_HOST_NAMES | undefined {
+	const normalizedPotentialHostName = potentialHostName.trim().toLowerCase()
+	if (normalizedPotentialHostName.includes('cursor-vscode')) return 'cursor' // we expect something like "cursor-vscode (via mcp-remote 0.1.37)"
+	if (normalizedPotentialHostName.includes('visual studio code')) return 'vscode' // we expect something like "Visual Studio Code (via mcp-remote 0.1.37)"
+	if (normalizedPotentialHostName.includes('openai-mcp')) return 'chatgpt' // we expect something like "openai-mcp"
+	if (normalizedPotentialHostName.includes('claude-ai')) return 'claude' // we expect something like "claude-ai (via mcp-remote 0.1.37)"
+
+	return undefined
+}
+
+const CODE_EDITOR_HOST_NAMES: MCP_APP_HOST_NAMES[] = ['cursor', 'vscode']
+
+export function isHostCodeEditor(hostName: MCP_APP_HOST_NAMES): boolean {
+	return CODE_EDITOR_HOST_NAMES.includes(hostName)
+}