Update new version

[ymatagne]

Summary by CodeRabbit

Release Notes

• New Features
  • AI-powered MCP server discovery, testing, and security analysis
  • YAML-based test suite execution for MCP tools with multi-step workflows
  • Performance benchmarking and monitoring for MCP services
  • Snapshot capture, comparison, and diff reporting
  • Enhanced security scanning with schema analysis and adversarial probing
  • Improved CLI with comprehensive help system and color-coded output

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
nuts	Error		Feb 17, 2026 3:42am

[coderabbitai]

Caution

Review failed

The pull request is closed.

📝 Walkthrough

Walkthrough

This pull request introduces a comprehensive AI-powered Model Context Protocol (MCP) testing and analysis suite. The changes add an AI integration layer with provider abstraction and prompting, a full MCP client with discovery, testing, performance profiling, security scanning, and snapshot capabilities, centralized error handling via NutsError, a complete CLI restructuring with Clap-based command dispatch, and a rich output rendering system with colors and formatted views. Multiple existing commands are updated to use a new Claude model variant and refactored renderer utilities.

Changes

Cohort / File(s)	Summary
AI Integration Module src/ai/mod.rs, src/ai/prompts.rs, src/ai/provider.rs, src/ai/service.rs	New centralized AI subsystem with provider trait abstraction, Anthropic implementation, comprehensive prompt generators for MCP testing/security/analysis, and AiService facade managing tokens and conversation buffers.
MCP Protocol Support src/mcp/mod.rs, src/mcp/types.rs, src/mcp/client.rs, src/mcp/discovery.rs	New MCP client wrapper supporting stdio/SSE/HTTP transports, server capability discovery with human/JSON formatting, and MCP type definitions (tools, resources, prompts, transports).
MCP Advanced Features src/mcp/test_runner.rs, src/mcp/security.rs, src/mcp/perf.rs, src/mcp/snapshot.rs, src/mcp/generate.rs	Comprehensive YAML-driven test runner with multi-step workflows and assertion engine, security scanning with schema analysis and adversarial probing, performance testing with latency statistics, snapshot capture/comparison/formatting, and AI-assisted test generation.
CLI Restructuring & Main src/main.rs, src/commands/mod.rs	Complete Clap-based CLI overhaul with global flags (json, quiet, verbose, no_color, env), expanded subcommand hierarchy (Call, Perf, Security, Ask, Mcp with nested transports/actions, Config, Shell), and centralized command dispatch logic.
Command Updates src/commands/ask.rs, src/commands/call.rs, src/commands/explain.rs, src/commands/discover.rs, src/commands/fix.rs, src/commands/generate.rs, src/commands/mock.rs, src/commands/monitor.rs, src/commands/perf.rs, src/commands/predict.rs, src/commands/security.rs, src/commands/test.rs, src/commands/config.rs	Updated to use new Claude Sonnet 4.5 model variant (claude-sonnet-4-5-20250929), refactored to use renderer/colors output system, improved error handling, and minor formatting/control-flow adjustments.
Error Handling Infrastructure src/error.rs	Introduces centralized NutsError enum with variants for HTTP, AI, Config, MCP, Protocol, Flow, Auth, Io, and InvalidInput, with From trait implementations for common error types.
Output Rendering System src/output/mod.rs, src/output/colors.rs, src/output/renderer.rs, src/output/welcome.rs	New output abstraction with semantic color functions (success, error, warning, info, JSON syntax highlighting), comprehensive renderers for status lines/JSON bodies/tables/errors/test results/security reports/discovery/perf/snapshots, and user-facing welcome/help text utilities.
Core Infrastructure & Config src/config.rs, src/shell.rs, src/flows/mod.rs, src/flows/manager.rs, src/completer.rs, src/services/mock_data.rs, src/models/analysis.rs, src/models/metrics.rs	Shell refactored to use renderer/colors for output and help text, flows manager formatting adjustments, model/config minor updates, Anthropic model string bumped in mock_data service, minor whitespace normalization.
Dependencies & Documentation Cargo.toml, CLAUDE.md	Added dependencies: thiserror, miette, comfy-table, regex, rmcp. Documentation restructured to describe NUTS two-mode architecture, MCP protocol support, AI features, execution flow, error handling patterns, and module organization.
Website website/src/app/page.tsx, website/src/app/readme/page.tsx	Updated marketing copy and terminal examples from generic API testing focus to MCP server testing emphasis; added MCP Server Testing feature cards and command reference section.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant CLI as CLI / Main
    participant Cmd as Commands
    participant MCP as MCP Client
    participant Server as MCP Server
    participant AI as AI Service
    participant Out as Output/Renderer

    User->>CLI: nuts mcp discover --stdio "command"
    CLI->>Cmd: dispatch to mcp_discover
    Cmd->>MCP: connect_stdio(command)
    MCP->>Server: establish transport
    Cmd->>MCP: discover()
    MCP->>Server: ListTools, ListResources, ListPrompts
    Server-->>MCP: ServerCapabilities
    Cmd->>Out: render_discovery(capabilities)
    Out-->>User: formatted server info, tools, resources

    User->>CLI: nuts mcp security --http https://api/mcp
    CLI->>Cmd: dispatch to mcp_security
    Cmd->>MCP: connect_http(url)
    MCP->>Server: establish HTTP transport
    Cmd->>MCP: list_tools()
    Server-->>MCP: [Tool{name, schema}]
    Cmd->>AI: security_scan(client, ai_service)
    AI->>MCP: call_tool(with adversarial inputs)
    Server-->>MCP: ToolResult
    AI->>AI: analyze_schema, probe_tool, analyze_resources
    AI->>AI: ai_analyze_tools (via AiService)
    AI-->>Cmd: SecurityReport{findings, risk_level}
    Cmd->>Out: render_security_report(report)
    Out-->>User: colorized findings, severity, recommendations

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Suggested labels

ai-integration, mcp-support, cli-refactor, output-rendering, error-handling

Poem

🐰 A hop through the code, protocols bright,
MCP servers now dance in our sight,
With Claude as our guide and tests to run fast,
The NUTS suite has grown—quite the feat at last!

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch update_new_version

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[wellcode-ai]

🔍 General Code Quality Feedback

🔍 Comprehensive Code Review

Consolidated Feedback

• 🔍 Code Review Analysis

Overall Assessment: The pull request introduces significant changes across multiple files, enhancing the AI capabilities of the NUTS framework. However, the lack of a detailed description and potential gaps in testing and documentation raise concerns about maintainability and quality assurance.

Critical Issues:

• Issue 1: Missing PR Description → The PR lacks a description, making it difficult to understand the intent and scope of changes. Actionable solution: Provide a comprehensive description summarizing the changes, their purpose, and any relevant context.
• Issue 2: Insufficient Test Coverage → There are no visible tests for the new functionality introduced in the AI service and MCP client. Actionable solution: Implement unit tests for the new AI service and MCP client methods, covering edge cases and error conditions to ensure robustness.
• Issue 3: Error Handling in McpClient → The connect_stdio method in McpClient is incomplete and lacks error handling. Actionable solution: Complete the method implementation and ensure proper error handling is in place to manage connection failures gracefully.

Improvements:

• Suggestion 1: Code Duplication and Complexity → The generate_tests function in generate.rs contains repeated logic for spinner management. How to implement: Extract spinner logic into a helper function to reduce duplication and improve readability.
• Suggestion 2: Documentation Gaps → While some functions have comments, many critical areas lack documentation, especially around complex logic in AiService and McpClient. How to implement: Add doc comments for all public functions and structs, explaining their purpose, parameters, and return values to enhance maintainability.
• Suggestion 3: Security Considerations → Ensure that user inputs are validated and sanitized to prevent potential injection attacks. How to implement: Review all input handling in the generate_tests and mcp_test_generation functions, adding validation checks as necessary.

Positive Notes:

• The use of structured error handling with the NutsError enum is commendable, providing clear diagnostics for various error scenarios.
• The implementation of the AiService and McpClient demonstrates a good understanding of encapsulation and separation of concerns, which aids maintainability.

Next Steps:

1. Add a detailed PR description to clarify the intent and scope of changes.
2. Implement unit tests for the new functionality, focusing on edge cases and error handling.
3. Complete the connect_stdio method in McpClient and ensure robust error handling.
4. Refactor duplicated spinner logic in generate_tests to improve code clarity.
5. Enhance documentation for all public functions and complex logic areas to facilitate future maintenance.
6. Review input handling for security vulnerabilities and implement necessary validation.

By addressing these critical issues and improvements, the quality and maintainability of the codebase will be significantly enhanced, reducing the risk of bugs and security vulnerabilities in production.

🤖 Generated by Wellcode.ai

[wellcode-ai]

Code Quality Report

Overall Score: 69/100 | Efficiency: 74 | Quality: 67 | Wellness: 65

---

Summary

This pull request shows good development practices with room for improvement in some areas. The work aligns well with team standards and contributes to project health.

Key Metrics

Category	Score	Highlights
Efficiency	74/100	Review Response Time: 0min, First Response Time: 0min
Quality	67/100	Documentation: 88.07970779778823
Wellness	65/100	Feedback Reception: 1, Maintenance Trend: 100

Work Analysis

• Feature Development: 59% (balanced approach)
• Maintenance Work: 41%
• Work Approach: Generally well-planned

Recommendations

1. Enhance PR Descriptions: Your current PR titled 'Update new version' has a very low PR description score (11.92).
2. Address Security and Code Quality Issues: Your security score is good (81.76), but there are medium-severity issues regarding API key exposure and input validation.
3. Increase Proactive Work: Your proactive work score is at 60, which indicates a balance between reactive and planned work.

Developer Progress

• Recent: 78 PRs merged, 56450 lines changed
• This PR: +70 points (Infinity% to next level)
• Rank: #? on team leaderboard

Team Performance

🏆 Team Leaderboard

Rank	Developer	Level	Points
🥇	@ymatagne	Legend 569	57765
🥈	@pimoussTO	Engineer	437
🥉	@coderabbitai[bot]	Apprentice	159

---

Generated by Wellcode.ai • View detailed report →