[BUG] /mcp command displays tool annotations shifted by one position (off-by-one error)

Resolved 💬 3 comments Opened Jan 4, 2026 by mickdarling Closed Feb 19, 2026

Preflight Checklist

  • [x] I have searched existing issues and this bug hasn't been reported yet
  • [x] I can reproduce this bug consistently

Bug Description

The /mcp command displays tool annotations (readOnlyHint, destructiveHint) shifted by one position relative to the actual tool definitions. The server sends correct annotations, but Claude Code's display shows them associated with the wrong tools.

Expected Behavior

Tool annotations should be displayed for the correct tool. For example, with 5 CRUDE tools:

| Tool | Expected Display |
|------|------------------|
| mcp_aql_create | Neither (additive) |
| mcp_aql_read | Read-only |
| mcp_aql_update | Destructive |
| mcp_aql_delete | Destructive |
| mcp_aql_execute | Destructive |

Actual Behavior

Annotations appear shifted by one position:

| Tool | Actual Display |
|------|----------------|
| mcp_aql_create | Read-only ❌ |
| mcp_aql_read | Destructive ❌ |
| mcp_aql_update | Destructive ✅ |
| mcp_aql_delete | Destructive ✅ |
| mcp_aql_execute | Nothing shown ❌ |

Reproduction Steps

  1. Connect an MCP server that registers multiple tools with distinct annotations
  2. Run /mcp command in Claude Code
  3. Observe the tool list - annotations are shifted by one position

Verification

We verified the server is sending correct data by testing the tool registration directly:

node -e "
import('./dist/server/tools/MCPAQLTools.js').then(async m => {
  const tools = m.getMCPAQLTools(mockHandler);
  tools.forEach(t => {
    console.log(t.tool.name + ':');
    console.log('  readOnlyHint:', t.tool.annotations?.readOnlyHint);
    console.log('  destructiveHint:', t.tool.annotations?.destructiveHint);
  });
});
"

Output confirms server sends correct annotations:

mcp_aql_create:
  readOnlyHint: false
  destructiveHint: false
mcp_aql_read:
  readOnlyHint: true
  destructiveHint: false
mcp_aql_update:
  readOnlyHint: false
  destructiveHint: true
mcp_aql_delete:
  readOnlyHint: false
  destructiveHint: true
mcp_aql_execute:
  readOnlyHint: false
  destructiveHint: true

Impact

  • Users see misleading safety information for MCP tools
  • A read-only tool appears destructive, and vice versa
  • This could lead to incorrect trust decisions about tool capabilities

Environment

  • Claude Code version: Latest (as of 2026-01-04)
  • Platform: macOS
  • MCP Server: Custom server using @modelcontextprotocol/sdk

Additional Context

  • Bug persists after closing and reopening Claude Code
  • The pattern is consistent: each tool displays the annotations of the next tool in the list
  • The last tool shows no annotations (because there's no "next" tool to borrow from)

🤖 Generated with Claude Code

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗