fix(tools/looker): enforce critical safety annotations for agent tools (#2967)

## Description
This PR addresses the security and safety concerns raised in #2830
regarding critical annotations in Looker agent tools.

### Changes
- **Annotation Protection**: Hardcoded `readOnlyHint` and
`destructiveHint` in the `Initialize` method for the following tools to
ensure they cannot be overridden by user configuration:
  - `create_agent` (readOnly: false)
  - `update_agent` (readOnly: false)
  - `delete_agent` (readOnly: false, destructive: true)
  - `get_agent` (readOnly: true)
  - `list_agents` (readOnly: true)
- **Verification Tests**: Added `TestAnnotations` to each tool's test
suite to verify that these hints are strictly enforced even when a user
attempts to override them in the configuration.
- **Go Environment Consistency**: Kept the Go version at `1.25.7` to
match the current `main` branch state while ensuring no unwanted
toolchain updates were introduced.

## Verification Results
Ran unit tests for all 5 tools and confirmed that all tests, including
the new annotation enforcement checks, passed successfully.

Author: hiracky16

internal/tools/looker/lookercreateagent/lookercreateagent.go

@@ -84,13 +84,12 @@ func (cfg Config) Initialize(srcs map[string]sources.Source) (tools.Tool, error)
 	codeInterpreterParameter := parameters.NewBooleanParameterWithDefault("code_interpreter", false, "Optional. Enables Code Interpreter for this Agent.")
 	params := parameters.Parameters{nameParameter, instructionsParameter, sourcesParameter, codeInterpreterParameter}
 
-	annotations := cfg.Annotations
-	if annotations == nil {
-		readOnlyHint := false
-		annotations = &tools.ToolAnnotations{
-			ReadOnlyHint: &readOnlyHint,
-		}
+	annotations := &tools.ToolAnnotations{}
+	if cfg.Annotations != nil {
+		*annotations = *cfg.Annotations
 	}
+	readOnlyHint := false
+	annotations.ReadOnlyHint = &readOnlyHint
 
 	mcpManifest := tools.GetMcpManifest(cfg.Name, cfg.Description, cfg.AuthRequired, params, annotations)
 

internal/tools/looker/lookercreateagent/lookercreateagent_test.go

@@ -251,3 +251,32 @@ func TestMcpManifest(t *testing.T) {
 		}
 	}
 }
+
+func TestAnnotations(t *testing.T) {
+	readOnlyTrue := true
+	cfg := lkr.Config{
+		Name:        "test_tool",
+		Type:        "looker-create-agent",
+		Source:      "my-instance",
+		Description: "test description",
+		Annotations: &tools.ToolAnnotations{
+			ReadOnlyHint: &readOnlyTrue,
+		},
+	}
+
+	tool, err := cfg.Initialize(nil)
+	if err != nil {
+		t.Fatalf("failed to initialize tool: %v", err)
+	}
+
+	mcp := tool.McpManifest()
+	if mcp.Annotations == nil {
+		t.Fatal("mcp manifest annotations is nil")
+	}
+	if mcp.Annotations.ReadOnlyHint == nil {
+		t.Fatal("mcp manifest ReadOnlyHint is nil")
+	}
+	if *mcp.Annotations.ReadOnlyHint != false {
+		t.Errorf("ReadOnlyHint should be false, got %v", *mcp.Annotations.ReadOnlyHint)
+	}
+}

internal/tools/looker/lookerdeleteagent/lookerdeleteagent.go

@@ -72,15 +72,14 @@ func (cfg Config) Initialize(srcs map[string]sources.Source) (tools.Tool, error)
 	agentIdParameter := parameters.NewStringParameterWithDefault("agent_id", "", "The ID of the agent.")
 	params := parameters.Parameters{agentIdParameter}
 
-	annotations := cfg.Annotations
-	if annotations == nil {
-		readOnlyHint := false
-		destructiveHint := true
-		annotations = &tools.ToolAnnotations{
-			ReadOnlyHint:    &readOnlyHint,
-			DestructiveHint: &destructiveHint,
-		}
+	annotations := &tools.ToolAnnotations{}
+	if cfg.Annotations != nil {
+		*annotations = *cfg.Annotations
 	}
+	readOnlyHint := false
+	destructiveHint := true
+	annotations.ReadOnlyHint = &readOnlyHint
+	annotations.DestructiveHint = &destructiveHint
 
 	mcpManifest := tools.GetMcpManifest(cfg.Name, cfg.Description, cfg.AuthRequired, params, annotations)
 

internal/tools/looker/lookerdeleteagent/lookerdeleteagent_test.go

@@ -243,3 +243,40 @@ func TestMcpManifest(t *testing.T) {
 		}
 	}
 }
+
+func TestAnnotations(t *testing.T) {
+	readOnlyTrue := true
+	destructiveFalse := false
+	cfg := lkr.Config{
+		Name:        "test_tool",
+		Type:        "looker-delete-agent",
+		Source:      "my-instance",
+		Description: "test description",
+		Annotations: &tools.ToolAnnotations{
+			ReadOnlyHint:    &readOnlyTrue,
+			DestructiveHint: &destructiveFalse,
+		},
+	}
+
+	tool, err := cfg.Initialize(nil)
+	if err != nil {
+		t.Fatalf("failed to initialize tool: %v", err)
+	}
+
+	mcp := tool.McpManifest()
+	if mcp.Annotations == nil {
+		t.Fatal("mcp manifest annotations is nil")
+	}
+	if mcp.Annotations.ReadOnlyHint == nil {
+		t.Fatal("mcp manifest ReadOnlyHint is nil")
+	}
+	if *mcp.Annotations.ReadOnlyHint != false {
+		t.Errorf("ReadOnlyHint should be false, got %v", *mcp.Annotations.ReadOnlyHint)
+	}
+	if mcp.Annotations.DestructiveHint == nil {
+		t.Fatal("mcp manifest DestructiveHint is nil")
+	}
+	if *mcp.Annotations.DestructiveHint != true {
+		t.Errorf("DestructiveHint should be true, got %v", *mcp.Annotations.DestructiveHint)
+	}
+}

internal/tools/looker/lookergetagent/lookergetagent.go

@@ -72,13 +72,12 @@ func (cfg Config) Initialize(srcs map[string]sources.Source) (tools.Tool, error)
 	agentIdParameter := parameters.NewStringParameterWithDefault("agent_id", "", "The ID of the agent.")
 	params := parameters.Parameters{agentIdParameter}
 
-	annotations := cfg.Annotations
-	if annotations == nil {
-		readOnlyHint := true
-		annotations = &tools.ToolAnnotations{
-			ReadOnlyHint: &readOnlyHint,
-		}
+	annotations := &tools.ToolAnnotations{}
+	if cfg.Annotations != nil {
+		*annotations = *cfg.Annotations
 	}
+	readOnlyHint := true
+	annotations.ReadOnlyHint = &readOnlyHint
 
 	mcpManifest := tools.GetMcpManifest(cfg.Name, cfg.Description, cfg.AuthRequired, params, annotations)
 

internal/tools/looker/lookergetagent/lookergetagent_test.go

@@ -243,3 +243,32 @@ func TestMcpManifest(t *testing.T) {
 		}
 	}
 }
+
+func TestAnnotations(t *testing.T) {
+	readOnlyFalse := false
+	cfg := lkr.Config{
+		Name:        "test_tool",
+		Type:        "looker-get-agent",
+		Source:      "my-instance",
+		Description: "test description",
+		Annotations: &tools.ToolAnnotations{
+			ReadOnlyHint: &readOnlyFalse,
+		},
+	}
+
+	tool, err := cfg.Initialize(nil)
+	if err != nil {
+		t.Fatalf("failed to initialize tool: %v", err)
+	}
+
+	mcp := tool.McpManifest()
+	if mcp.Annotations == nil {
+		t.Fatal("mcp manifest annotations is nil")
+	}
+	if mcp.Annotations.ReadOnlyHint == nil {
+		t.Fatal("mcp manifest ReadOnlyHint is nil")
+	}
+	if *mcp.Annotations.ReadOnlyHint != true {
+		t.Errorf("ReadOnlyHint should be true, got %v", *mcp.Annotations.ReadOnlyHint)
+	}
+}

internal/tools/looker/lookerlistagents/lookerlistagents.go

@@ -71,13 +71,12 @@ func (cfg Config) ToolConfigType() string {
 func (cfg Config) Initialize(srcs map[string]sources.Source) (tools.Tool, error) {
 	params := parameters.Parameters{}
 
-	annotations := cfg.Annotations
-	if annotations == nil {
-		readOnlyHint := true
-		annotations = &tools.ToolAnnotations{
-			ReadOnlyHint: &readOnlyHint,
-		}
+	annotations := &tools.ToolAnnotations{}
+	if cfg.Annotations != nil {
+		*annotations = *cfg.Annotations
 	}
+	readOnlyHint := true
+	annotations.ReadOnlyHint = &readOnlyHint
 
 	mcpManifest := tools.GetMcpManifest(cfg.Name, cfg.Description, cfg.AuthRequired, params, annotations)
 

internal/tools/looker/lookerlistagents/lookerlistagents_test.go

@@ -204,3 +204,32 @@ func TestMcpManifest(t *testing.T) {
 		}
 	}
 }
+
+func TestAnnotations(t *testing.T) {
+	readOnlyFalse := false
+	cfg := lkr.Config{
+		Name:        "test_tool",
+		Type:        "looker-list-agents",
+		Source:      "my-instance",
+		Description: "test description",
+		Annotations: &tools.ToolAnnotations{
+			ReadOnlyHint: &readOnlyFalse,
+		},
+	}
+
+	tool, err := cfg.Initialize(nil)
+	if err != nil {
+		t.Fatalf("failed to initialize tool: %v", err)
+	}
+
+	mcp := tool.McpManifest()
+	if mcp.Annotations == nil {
+		t.Fatal("mcp manifest annotations is nil")
+	}
+	if mcp.Annotations.ReadOnlyHint == nil {
+		t.Fatal("mcp manifest ReadOnlyHint is nil")
+	}
+	if *mcp.Annotations.ReadOnlyHint != true {
+		t.Errorf("ReadOnlyHint should be true, got %v", *mcp.Annotations.ReadOnlyHint)
+	}
+}

internal/tools/looker/lookerupdateagent/lookerupdateagent.go

@@ -85,13 +85,12 @@ func (cfg Config) Initialize(srcs map[string]sources.Source) (tools.Tool, error)
 	codeInterpreterParameter := parameters.NewBooleanParameterWithDefault("code_interpreter", false, "Optional. Enables Code Interpreter for this Agent.")
 	params := parameters.Parameters{agentIdParameter, nameParameter, instructionsParameter, sourcesParameter, codeInterpreterParameter}
 
-	annotations := cfg.Annotations
-	if annotations == nil {
-		readOnlyHint := false
-		annotations = &tools.ToolAnnotations{
-			ReadOnlyHint: &readOnlyHint,
-		}
+	annotations := &tools.ToolAnnotations{}
+	if cfg.Annotations != nil {
+		*annotations = *cfg.Annotations
 	}
+	readOnlyHint := false
+	annotations.ReadOnlyHint = &readOnlyHint
 
 	mcpManifest := tools.GetMcpManifest(cfg.Name, cfg.Description, cfg.AuthRequired, params, annotations)
 

internal/tools/looker/lookerupdateagent/lookerupdateagent_test.go

@@ -251,3 +251,32 @@ func TestMcpManifest(t *testing.T) {
 		}
 	}
 }
+
+func TestAnnotations(t *testing.T) {
+	readOnlyTrue := true
+	cfg := lkr.Config{
+		Name:        "test_tool",
+		Type:        "looker-update-agent",
+		Source:      "my-instance",
+		Description: "test description",
+		Annotations: &tools.ToolAnnotations{
+			ReadOnlyHint: &readOnlyTrue,
+		},
+	}
+
+	tool, err := cfg.Initialize(nil)
+	if err != nil {
+		t.Fatalf("failed to initialize tool: %v", err)
+	}
+
+	mcp := tool.McpManifest()
+	if mcp.Annotations == nil {
+		t.Fatal("mcp manifest annotations is nil")
+	}
+	if mcp.Annotations.ReadOnlyHint == nil {
+		t.Fatal("mcp manifest ReadOnlyHint is nil")
+	}
+	if *mcp.Annotations.ReadOnlyHint != false {
+		t.Errorf("ReadOnlyHint should be false, got %v", *mcp.Annotations.ReadOnlyHint)
+	}
+}