feat(core): subagent local execution and tool isolation (google-gemini#22718)

Author: akh64bit

packages/cli/src/test-utils/AppRig.tsx

@@ -280,14 +280,14 @@ export class AppRig {
   }
 
   private stubRefreshAuth() {
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion, @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-assignment
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
     const gcConfig = this.config as any;
     gcConfig.refreshAuth = async (authMethod: AuthType) => {
       gcConfig.modelAvailabilityService.reset();
 
       const newContentGeneratorConfig = {
         authType: authMethod,
-        // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
+
         proxy: gcConfig.getProxy(),
         apiKey: process.env['GEMINI_API_KEY'] || 'test-api-key',
       };
@@ -456,7 +456,7 @@ export class AppRig {
     const actualToolName = toolName === '*' ? undefined : toolName;
     this.config
       .getPolicyEngine()
-      // eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
+
       .removeRulesForTool(actualToolName as string, source);
     this.breakpointTools.delete(toolName);
   }
@@ -729,7 +729,7 @@ export class AppRig {
         .getGeminiClient()
         ?.getChatRecordingService();
       if (recordingService) {
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-type-assertion
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
         (recordingService as any).conversationFile = null;
       }
     }
@@ -749,7 +749,7 @@ export class AppRig {
     MockShellExecutionService.reset();
     ideContextStore.clear();
     // Forcefully clear IdeClient singleton promise
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-type-assertion
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
     (IdeClient as any).instancePromise = null;
     vi.clearAllMocks();
 

packages/core/src/agents/agent-scheduler.test.ts

@@ -42,6 +42,8 @@ describe('agent-scheduler', () => {
 
   it('should create a scheduler with agent-specific config', async () => {
     const mockConfig = {
+      getPromptRegistry: vi.fn(),
+      getResourceRegistry: vi.fn(),
       messageBus: mockMessageBus,
       toolRegistry: mockToolRegistry,
     } as unknown as Mocked<Config>;
@@ -91,6 +93,8 @@ describe('agent-scheduler', () => {
     } as unknown as Mocked<ToolRegistry>;
 
     const config = {
+      getPromptRegistry: vi.fn(),
+      getResourceRegistry: vi.fn(),
       messageBus: mockMessageBus,
     } as unknown as Mocked<Config>;
     Object.defineProperty(config, 'toolRegistry', {
@@ -123,6 +127,8 @@ describe('agent-scheduler', () => {
 
   it('should create an AgentLoopContext that has a defined .config property', async () => {
     const mockConfig = {
+      getPromptRegistry: vi.fn(),
+      getResourceRegistry: vi.fn(),
       messageBus: mockMessageBus,
       toolRegistry: mockToolRegistry,
       promptId: 'test-prompt',

packages/core/src/agents/agent-scheduler.ts

@@ -11,6 +11,8 @@ import type {
   CompletedToolCall,
 } from '../scheduler/types.js';
 import type { ToolRegistry } from '../tools/tool-registry.js';
+import type { PromptRegistry } from '../prompts/prompt-registry.js';
+import type { ResourceRegistry } from '../resources/resource-registry.js';
 import type { EditorType } from '../utils/editor.js';
 
 /**
@@ -25,6 +27,10 @@ export interface AgentSchedulingOptions {
   parentCallId?: string;
   /** The tool registry specific to this agent. */
   toolRegistry: ToolRegistry;
+  /** The prompt registry specific to this agent. */
+  promptRegistry?: PromptRegistry;
+  /** The resource registry specific to this agent. */
+  resourceRegistry?: ResourceRegistry;
   /** AbortSignal for cancellation. */
   signal: AbortSignal;
   /** Optional function to get the preferred editor for tool modifications. */
@@ -51,16 +57,19 @@ export async function scheduleAgentTools(
     subagent,
     parentCallId,
     toolRegistry,
+    promptRegistry,
+    resourceRegistry,
     signal,
     getPreferredEditor,
     onWaitingForConfirmation,
   } = options;
 
-  // Create a proxy/override of the config to provide the agent-specific tool registry.
   const schedulerContext = {
     config,
     promptId: config.promptId,
     toolRegistry,
+    promptRegistry: promptRegistry ?? config.getPromptRegistry(),
+    resourceRegistry: resourceRegistry ?? config.getResourceRegistry(),
     messageBus: toolRegistry.messageBus,
     geminiClient: config.geminiClient,
     sandboxManager: config.sandboxManager,

packages/core/src/agents/local-executor.test.ts

@@ -13,10 +13,43 @@ import {
   afterEach,
   type Mock,
 } from 'vitest';
+
+const {
+  mockSendMessageStream,
+  mockScheduleAgentTools,
+  mockSetSystemInstruction,
+  mockCompress,
+  mockMaybeDiscoverMcpServer,
+  mockStopMcp,
+} = vi.hoisted(() => ({
+  mockSendMessageStream: vi.fn().mockResolvedValue({
+    async *[Symbol.asyncIterator]() {
+      yield {
+        type: 'chunk',
+        value: { candidates: [] },
+      };
+    },
+  }),
+  mockScheduleAgentTools: vi.fn(),
+  mockSetSystemInstruction: vi.fn(),
+  mockCompress: vi.fn(),
+  mockMaybeDiscoverMcpServer: vi.fn().mockResolvedValue(undefined),
+  mockStopMcp: vi.fn().mockResolvedValue(undefined),
+}));
+
+vi.mock('../tools/mcp-client-manager.js', () => ({
+  McpClientManager: class {
+    maybeDiscoverMcpServer = mockMaybeDiscoverMcpServer;
+    stop = mockStopMcp;
+  },
+}));
+
 import { debugLogger } from '../utils/debugLogger.js';
 import { LocalAgentExecutor, type ActivityCallback } from './local-executor.js';
 import { makeFakeConfig } from '../test-utils/config.js';
 import { ToolRegistry } from '../tools/tool-registry.js';
+import { PromptRegistry } from '../prompts/prompt-registry.js';
+import { ResourceRegistry } from '../resources/resource-registry.js';
 import { DiscoveredMCPTool } from '../tools/mcp-tool.js';
 import { LSTool } from '../tools/ls.js';
 import { LS_TOOL_NAME, READ_FILE_TOOL_NAME } from '../tools/tool-names.js';
@@ -70,18 +103,6 @@ import type {
 import { getModelConfigAlias, type AgentRegistry } from './registry.js';
 import type { ModelRouterService } from '../routing/modelRouterService.js';
 
-const {
-  mockSendMessageStream,
-  mockScheduleAgentTools,
-  mockSetSystemInstruction,
-  mockCompress,
-} = vi.hoisted(() => ({
-  mockSendMessageStream: vi.fn(),
-  mockScheduleAgentTools: vi.fn(),
-  mockSetSystemInstruction: vi.fn(),
-  mockCompress: vi.fn(),
-}));
-
 let mockChatHistory: Content[] = [];
 const mockSetHistory = vi.fn((newHistory: Content[]) => {
   mockChatHistory = newHistory;
@@ -2722,6 +2743,67 @@ describe('LocalAgentExecutor', () => {
     });
   });
 
+  describe('MCP Isolation', () => {
+    it('should initialize McpClientManager when mcpServers are defined', async () => {
+      const { MCPServerConfig } = await import('../config/config.js');
+      const mcpServers = {
+        'test-server': new MCPServerConfig('node', ['server.js']),
+      };
+
+      const definition = {
+        ...createTestDefinition(),
+        mcpServers,
+      };
+
+      vi.spyOn(mockConfig, 'getMcpClientManager').mockReturnValue({
+        maybeDiscoverMcpServer: mockMaybeDiscoverMcpServer,
+      } as unknown as ReturnType<typeof mockConfig.getMcpClientManager>);
+
+      await LocalAgentExecutor.create(definition, mockConfig);
+
+      const mcpManager = mockConfig.getMcpClientManager();
+      expect(mcpManager?.maybeDiscoverMcpServer).toHaveBeenCalledWith(
+        'test-server',
+        mcpServers['test-server'],
+        expect.objectContaining({
+          toolRegistry: expect.any(ToolRegistry),
+          promptRegistry: expect.any(PromptRegistry),
+          resourceRegistry: expect.any(ResourceRegistry),
+        }),
+      );
+    });
+
+    it('should inherit main registry tools', async () => {
+      const parentMcpTool = new DiscoveredMCPTool(
+        {} as unknown as CallableTool,
+        'main-server',
+        'tool1',
+        'desc1',
+        {},
+        mockConfig.getMessageBus(),
+      );
+
+      parentToolRegistry.registerTool(parentMcpTool);
+
+      const definition = createTestDefinition();
+      definition.toolConfig = undefined; // trigger inheritance
+
+      vi.spyOn(mockConfig, 'getMcpClientManager').mockReturnValue({
+        maybeDiscoverMcpServer: vi.fn(),
+      } as unknown as ReturnType<typeof mockConfig.getMcpClientManager>);
+      const executor = await LocalAgentExecutor.create(
+        definition,
+        mockConfig,
+        onActivity,
+      );
+      const agentTools = (
+        executor as unknown as { toolRegistry: ToolRegistry }
+      ).toolRegistry.getAllToolNames();
+
+      expect(agentTools).toContain(parentMcpTool.name);
+    });
+  });
+
   describe('DeclarativeTool instance tools (browser agent pattern)', () => {
     /**
      * The browser agent passes DeclarativeTool instances (not string names) in
@@ -2827,13 +2909,11 @@ describe('LocalAgentExecutor', () => {
       const navTool = new MockTool({ name: 'navigate_page' });
 
       const definition = createInstanceToolDefinition([clickTool, navTool]);
-
       const executor = await LocalAgentExecutor.create(
         definition,
         mockConfig,
         onActivity,
       );
-
       const registry = executor['toolRegistry'];
       expect(registry.getTool('click')).toBeDefined();
       expect(registry.getTool('navigate_page')).toBeDefined();