feat: add MCP Apps (SEP-1865) support to platform and functions SDK

[danielkov]

Summary

• builds on Sagar's changes from feat: add MCP Apps (SEP-1865) support to platform and functions SDK #1788
• add MCP App support across the playground, functions SDK, seed flow, and local runner
• include follow-up fixes for runner lifecycle, deployment-scoped resource resolution, and non-local seed behavior
• clean up merge-only churn and align the SDK MIME expectations with the final MCP App content type

Screen.Recording.2026-04-01.at.12.16.03.mov

Runner-side changes

• local functions no longer assume a fixed :8888 port: the runner now binds a listener, writes the chosen address to an addr file, and the local orchestrator proxies to that live process
• local function calls now fail fast when the child process exits before opening its FIFO response pipe, instead of hanging until timeout
• the local backend wiring in server/cmd/gram/deps.go now instantiates the new LocalRunner orchestrator, which launches runner processes and proxies tool/resource traffic through them
• the JS entrypoint bootstrap now tolerates basename-invoked startup paths so local runner execution still calls main() when launched from copied script paths

Context

• Follow-up to the original PR: feat: add MCP Apps (SEP-1865) support to platform and functions SDK #1788

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
gram-docs-redirect	Ready	Preview, Comment	Apr 1, 2026 7:34pm

[claude]

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.

_{Tip: disable this comment in your organization's Code Review settings.}

[changeset-bot]

🦋 Changeset detected

Latest commit: 97af11b

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 4 packages

Name	Type
dashboard	Minor
server	Patch
@gram-ai/functions	Minor
@gram-ai/create-function	Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[devin-ai-integration]

Devin Review found 3 potential issues.

View 7 additional findings in Devin Review.

[devin-ai-integration]

🚩 fromGram() captures manifest snapshot once, won't reflect later tool/resource additions

In ts-framework/functions/src/mcp.ts:202, const manifest = g.manifest() is called once when fromGram() executes. The ListToolsRequestSchema and ListResourcesRequestSchema handlers at lines 209 and 302 use this captured snapshot. If tools or resources are added to the Gram instance after fromGram() is called, they won't be reflected. This appears intentional — fromGram() creates a server from a point-in-time snapshot — but it's a subtle contract worth documenting.

---

Was this helpful? React with 👍 or 👎 to provide feedback.

[danielkov]

TODO: make this work with flyio

[disintegrator]

Suggested change

	---
	"dashboard": patch
	"server": patch
	"@gram-ai/functions": patch
	---
	---
	"dashboard": minor
	"server": patch
	"@gram-ai/functions": minor
	---

[disintegrator]

Can you test this out on dev before going to to prod? Specifically interested in CSP abuses.

[disintegrator]

use inv.Check for these

[speakeasybot]

🚀 Preview Environment (PR #2061)

Preview URL: https://pr-2061.dev.getgram.ai

Component	Status	Details	Updated (UTC)
✅ Database	Ready	Existing database reused	2026-04-01 19:40:51.
✅ Images	Available	Container images ready	2026-04-01 19:40:34.

_{Gram Preview Bot}

[devin-ai-integration]

Devin Review found 2 new potential issues.

View 16 additional findings in Devin Review.

[devin-ai-integration]

🔴 sync.Once with request-scoped context permanently poisons runner binary build on cancellation

In ensureRunnerBinary, the ctx parameter is the caller's request context (from invokeLocalRunner → handleLocalProxyRequest → r.Context()). The go build command uses exec.CommandContext(ctx, ...), so if the first HTTP request that triggers the build is canceled (e.g., client disconnects) while the build is in progress, the build fails with context cancellation. Because sync.Once guarantees the function runs only once, l.binaryErr is permanently set to the cancellation error. All subsequent ToolCall and ReadResource calls will fail forever, even though the context cancellation was transient and unrelated to the build itself. The process must be restarted to recover.

Suggested change

	cmd := exec.CommandContext(ctx, "go", "build", "-o", l.binaryPath, "./functions/cmd/runner")
	cmd := exec.CommandContext(context.Background(), "go", "build", "-o", l.binaryPath, "./functions/cmd/runner")

---

Was this helpful? React with 👍 or 👎 to provide feedback.

[devin-ai-integration]

🚩 Parent process environment leaked to local runner subprocess

At deploy_local.go:383-389, os.Environ() passes the entire parent process environment to the runner subprocess, including potentially sensitive variables (database URLs, API keys, etc.). While this is a dev-only local runner where the parent and child share the same trust domain, the runner's user code (functions.js) executes in the same process and could read these environment variables. The Fly runner uses isolated VMs with explicit secrets management.

---

Was this helpful? React with 👍 or 👎 to provide feedback.