Skip to content

Comments

SEP-1938: agencyHint tool annotation#1938

Open
thoorp wants to merge 14 commits intomodelcontextprotocol:mainfrom
thoorp:thoorp-patch-1
Open

SEP-1938: agencyHint tool annotation#1938
thoorp wants to merge 14 commits intomodelcontextprotocol:mainfrom
thoorp:thoorp-patch-1

Conversation

@thoorp
Copy link
Contributor

@thoorp thoorp commented Dec 7, 2025

This PR migrates SEP-1792 (“Add agencyHint tool annotation”) from the GitHub issue tracker into the seps/ directory, following the updated SEP workflow.

It adds seps/1938-agency-hint-tool-annotation.md in the standard SEP format, documenting the new agencyHint boolean in the ToolAnnotations interface. The SEP includes sections on motivation, specification, rationale, backward compatibility, reference implementation, and security implications.

Original discussion: #1792

Motivation and Context

Agentic tools can perform multi-step operations and require different UX and safety handling compared to simple tools. Adding the agencyHint annotation will allow clients to identify such tools and apply appropriate confirmation or monitoring flows.

How Has This Been Tested?

This is a documentation change only; no executable code is introduced.

Breaking Changes

None. The new annotation is optional and additive. Existing tools and clients are unaffected.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the [MCP Documentation](https://modelcontextprotocol.io)
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

Additional context

This PR follows the new SEP process update (Nov 28, 2025) to migrate SEP proposals into pull requests rather than issues.

…o MCP specification

This SEP introduces the `agencyHint` tool annotation to the Model Context Protocol, allowing clients to identify agentic tools that perform complex operations. It provides guidance for tool authors and clients on how to use this new annotation effectively.
@thoorp
Copy link
Contributor Author

thoorp commented Dec 7, 2025

@LucaButBoring - please take a look when you get a chance.

Copy link
Contributor

@LucaButBoring LucaButBoring left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Made some small suggestions - the main ones are just to remove the mentions of taskHint, since we turned that into execution.taskSupport just prior to the 11/25 release.

The reference implementation section is also intended to actually link to a draft SDK PR, I don't anticipate that being very difficult for this, though.

@LucaButBoring
Copy link
Contributor

@000-000-000-000-000 Mind adding me as the assignee on this, since I'm sponsoring it?

@LucaButBoring
Copy link
Contributor

Also the PR name should be adjusted to something like SEP-1938: agencyHint tool annotation, I don't have permission to do that myself

@LucaButBoring
Copy link
Contributor

Oh right, and regarding the GHA failure - @thoorp just run npm run prep:changes on this, and it should fix it.

@localden localden added proposal SEP proposal without a sponsor. SEP labels Dec 9, 2025
@thoorp
Copy link
Contributor Author

thoorp commented Dec 11, 2025

Oh right, and regarding the GHA failure - @thoorp just run npm run prep:changes on this, and it should fix it.

This is done. Will look into other comments and making the SEP complete.

@thoorp thoorp closed this Dec 11, 2025
@thoorp thoorp reopened this Dec 11, 2025
Copy link
Contributor

@LucaButBoring LucaButBoring left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, just left one minor comment - will see about raising this to Core Maintainers (first time sponsoring an SEP so no reliable ETA yet, but I'll relay statuses and give an ETA as soon as I have one).


Tool authors _should_ set `agencyHint: true` when:

- The tool encapsulates an internal “agent loop” (e.g., plan–act–observe cycles, tool-chaining, or autonomous retries).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: I think tool-chaining and autonomous retries are a bit too generic to include in this parenthetical - maybe we should remove the parenthetical entirely and just rely on (or reuse) the semantics described above this to avoid confusion.

@LucaButBoring
Copy link
Contributor

@localden can we mark this as in-review? I think it's in good enough shape now to raise it for CM discussion.

@thoorp thoorp changed the title Add SEP: agencyHint tool annotation SEP-1938: agencyHint tool annotation Dec 16, 2025
Copy link

@vinoo999 vinoo999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Like the intention of this SEP here. Would be great to see if we can align the review of this with some of the granular features proposed in SEP 1984.
In particular, I think the separation between "agentic" behavior (aiProcessingHint in 1984) and "long running" behavior (slowExecutionHint) are important UX and governance concerns.

I'd be interested in going over specific combination of hints and consistent reproducible UX/governance patterns for the varying hints proposed in 1984 and if that granularity also makes sense to split 1938 into 2 hints (naming aside :) )

@LucaButBoring
Copy link
Contributor

I think it would be reasonable to remove "long-running" verbiage from the spec around this hint (cc: @thoorp). Agency doesn't necessarily imply something being long-running, and what "long-running" even means is subjective according to the particular host application and server.

I'm not sure if I agree a long-running hint is useful just yet, but I'll leave that discussion to #1984.

@thoorp
Copy link
Contributor Author

thoorp commented Dec 18, 2025

Yeah, I will update the description to keep the focus on Autonomous / Agentic aspect.

@vinoo999
Copy link

For the "agency" piece on the governance side, #1984 defines the aiProcessingHint

Indicates whether the tool involves AI or LLM processing. This includes any tool that uses machine learning models, language models, or AI services for processing data or generating responses. When undefined, clients should make no assumptions about AI processing.

Do you think these "ai capabilities" can be encapsulated or are separate to an "agency" hint? I think this SEP currently well covers the UX of agency, but not necessarily the governance of tools that can/should be allowed in particular applications. i.e. would like to add in the description that agency implies AI usage explicitly.

@thoorp
Copy link
Contributor Author

thoorp commented Dec 20, 2025

For the "agency" piece on the governance side, #1984 defines the aiProcessingHint

Indicates whether the tool involves AI or LLM processing. This includes any tool that uses machine learning models, language models, or AI services for processing data or generating responses. When undefined, clients should make no assumptions about AI processing.

Do you think these "ai capabilities" can be encapsulated or are separate to an "agency" hint? I think this SEP currently well covers the UX of agency, but not necessarily the governance of tools that can/should be allowed in particular applications. i.e. would like to add in the description that agency implies AI usage explicitly.

Like the suggestion to include AI usage explicitly. Done.

@localden
Copy link
Contributor

@thoorp this SEP does not have an assigned sponsor. Are you looking to continue working on it and find sponsorship?

@thoorp
Copy link
Contributor Author

thoorp commented Jan 21, 2026

@thoorp this SEP does not have an assigned sponsor. Are you looking to continue working on it and find sponsorship?

@LucaButBoring should be added as a sponsor. Pls help take care of it, if you can.

@LucaButBoring LucaButBoring self-assigned this Jan 21, 2026
@LucaButBoring
Copy link
Contributor

I have permission to assign myself now - updated.

@LucaButBoring LucaButBoring added in-review SEP proposal ready for review. and removed proposal SEP proposal without a sponsor. labels Jan 21, 2026
@LucaButBoring
Copy link
Contributor

@localden FYI this has been in the review pipeline for a few weeks now, would be great to get an idea of when this will make it to the floor.


Clients _may_ use `agencyHint` to:

- Apply stronger confirmation or review flows before invoking agentic tools.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if we're mixing things here:

It seems what this hint is trying to address is an element of risk that arises from non-determinism of agents. That fact that a tool is "agentic" is an implementation detail: what we care about here is risk levels from non-determinism.

For the progress/logs, etc. that feels like a separate thing from agency (or non-determinism). That's just something you'd like with any long-running tasks with intermediate output.

I wonder if nondeterminismHint would get more at what this is trying to achieve.

My worry is that (1) "agency" is quite a vague concept, so people will be unsure when to set this hint, and (2) you may have tools that are risky/nondeterminstic without having agentic implementation, and those might not be shown appropriately in UI even though they should.

Or maybe a simple "riskLevelHint" would be sufficient...

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd like to understand two things:

  • does an agentic tool that uses sampling requests for its inference in an agent loop count?
  • in GitHub MCP we trigger Copilot Coding Agent via 2 tools, and I would like to know if they should be annotated, the response is deterministic (just job information like the PR the coding agent opens) but the side-effect is an autonomous agent working on code in the cloud, using whatever access and MCPs it is granted.

I'm not sure nondeterminism covers the second case

I think for annotations they need to be very clear:

  • why does a client/end user need to know this
  • why is it not covered by other annotations
  • is it clear to server authors when it should be used

And I am not certain in clear on answers to those questions.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pja-ant Nondeterminism doesn't fully capture the risk at play, here, and we shouldn't confuse the two concepts. If I have (as a contrived example of a non-risky, nondeterministic tool) a tool that can either search the web or read a file, and it randomly does one action or the other, that's probably not a very risky tool to use, but it is a nondeterministic one.

If, on the other hand, I have a tool that can either do nothing or create a costly compute resource at random, that is then a risky, nondeterministic tool. Risk is tied to both what the most costly action that can be taken is, in addition to how likely that action is to occur. In the case of agency, that's a special case where I don't necessarily know the full range of actions that may occur, but I'm fairly certain they lie in a particular range of reasonable actions, and with a relatively low (but non-zero) probability of negative actions.


@SamMorrowDrums This sounds like a partial refutation of @pja-ant's comments, if I'm reading this right, but to answer your questions in the context of agencyHint specifically:

does an agentic tool that uses sampling requests for its inference in an agent loop count?

Yes, it would.

in GitHub MCP we trigger Copilot Coding Agent via 2 tools, and I would like to know if they should be annotated, the response is deterministic (just job information like the PR the coding agent opens) but the side-effect is an autonomous agent working on code in the cloud, using whatever access and MCPs it is granted.

This also sounds like a use case for agencyHint.

  • why does a client/end user need to know this

So that I know how likely it is for negative outcomes to occur as a side-effect of a tool being invoked, and can review the inputs more carefully.

  • why is it not covered by other annotations
  • readOnlyHint should be self-explanatory
  • destructiveHint is technically-correct, but not in a useful way when it comes to agents; they may take destructive actions, but the destructive actions they may take are a function of their own capabilities and the input prompt they are provided with.
  • idempotentHint should also be self-explanatory
  • openWorldHint is also technically-correct, but again not in a useful way when it comes to agents. A tool-agent's domain of interaction may be closed and yet still "open enough" for it to cause damage if unconstrained or given sensitive information.
  • is it clear to server authors when it should be used

From the Semantics section of this proposal:

  • When present and set to true, this signals that the tool may perform:
    • Multi-step reasoning or planning,
    • Goal-directed behavior that may result in multiple underlying actions.


This SEP proposes a new optional boolean tool annotation, `agencyHint`, on the `ToolAnnotations` interface in the Model Context Protocol (MCP) specification.

The goal of `agencyHint` is to tell clients that a tool represents an _agentic_ capability: it may perform multi-step reasoning, planning, or autonomous decision-making, using AI, toward a goal, rather than a single atomic operation. This hint lets clients differentiate agent-like tools from simple procedural ones, enabling better UX patterns (e.g., confirmation flows, progress UI, or monitoring) without changing the underlying protocol semantics.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sold on adding this without having specific examples of how clients would want to use it, ideally from client developers themselves.

A strong signal would be if we saw clients already treating this category differently by doing things like hard coded lists for popular servers they cared about or resorting to string matching on tool names or classifying tool descriptions to come up with these hints themselves.

Absent a signal like that, it seems like we're introducing complexity for a category that's not well understood or in demand from its target audience.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Responsible AI policies often require human-in-the-loop, an elevated level of transparency, audit trails, and proper handling of user intent end-to-end. It's a matter of finding out what's on the otherside of the line. The proposed agencyHint simply informs the governance of tools, if and when, they become agentic.


This SEP proposes a new optional boolean tool annotation, `agencyHint`, on the `ToolAnnotations` interface in the Model Context Protocol (MCP) specification.

The goal of `agencyHint` is to tell clients that a tool represents an _agentic_ capability: it may perform multi-step reasoning, planning, or autonomous decision-making, using AI, toward a goal, rather than a single atomic operation. This hint lets clients differentiate agent-like tools from simple procedural ones, enabling better UX patterns (e.g., confirmation flows, progress UI, or monitoring) without changing the underlying protocol semantics.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we have clear definitions on what is an agent vs what is a tool? How does this change messaging patterns...

Feels like we are trying to say that this Tool has a different kind of compute behind it. I'm not sure that information is necessary. We don't distinguish HTTP requests based on whether its a static web page or a giant set of microservices.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While we don't distinguish HTTP requests based on if something is static or not, we do generally distinguish high-cost/risk HTTP requests from low-cost/risk ones, if we know that information ahead of time (that is, it's a use case decision, not a technical one).

In the case of agencyHint, what this means is that because we as the end-users do not necessarily tightly-control the upstream tools or capabilities of the associated agent behind a given tool, we should exercise increased caution regarding when an agentic tool is invoked, and review that tool's inputs/outputs more carefully.

As for a direct answer to the question, the Semantics section addresses this:

  • Multi-step reasoning or planning,
  • Goal-directed behavior that may result in multiple underlying actions.

@localden localden moved this from In Review to Review Batch in SEP Review Pipeline Feb 4, 2026
@sep-automation-bot
Copy link

Maintainer Activity Check

Hi @LucaButBoring!

You're assigned to this SEP but there hasn't been any activity from you in 18 days.

Please provide an update on:

  • Current status of your review/work
  • Any blockers or concerns
  • Expected timeline for next steps

If you're no longer able to sponsor this SEP, please let us know so we can find another maintainer.


This is an automated message from the SEP lifecycle bot.

@LucaButBoring
Copy link
Contributor

Voting concluded this weekend, with 0 CM votes in favor and 5 against. The key points of feedback were:

  1. What specifically agency is was still too poorly-defined.
  2. Tool hints in general are currently somewhat difficult to use, and there aren't actually many cases where applications are currently surfacing them in any way right now, let alone a meaningful one.

I believe this proposal still fills an important gap in hint coverage, however, and I'm discussing next steps with @thoorp. I'll provide another update after we agree on a course of action.

@LucaButBoring
Copy link
Contributor

We're aligned on moving this under a potential Annotations WG and adapting it to a unified solution. Discussing the specifics on Discord for the moment (link).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

in-review SEP proposal ready for review. SEP

Projects

None yet

Development

Successfully merging this pull request may close these issues.

8 participants