Schemas
Input schemas for MeshKit MCP tools.
MeshKit MCP tools expose JSON-schema-like inputSchema objects so hosts and agents can see required fields before calling run(input).
The schema is part of the contract, but do not rely on the MeshKit tool runtime as your only schema firewall. The runtime validates object shape, required string fields, and byte limits. Your MCP host should enforce additionalProperties: false and pattern rules before execution when those rules matter.
Schema Type
All current tools use this shape:
type MeshkitMcpSchema = {
type: "object";
required?: string[];
additionalProperties: boolean;
properties: Record<string, unknown>;
};Every tool declares additionalProperties: false.
Runtime Validation
The tool runtime rejects:
- Non-object input.
- Arrays.
- Missing required fields.
- Required fields that are not strings.
- String fields above runtime byte limits.
The runtime does not use unknown fields. Hosts should reject unknown fields before calling run if the agent environment requires strict schema enforcement.
meshkit.files.put
{
type: "object",
additionalProperties: false,
required: ["content"],
properties: {
name: { type: "string", default: "agent-object" },
content: { type: "string", maxBytes: 1048576 },
contentType: { type: "string", default: "text/plain" },
},
}Runtime limits:
| Field | Limit |
|---|---|
content | 1048576 UTF-8 bytes |
name | 256 UTF-8 bytes |
contentType | 128 UTF-8 bytes |
meshkit.inspect
{
type: "object",
additionalProperties: false,
required: ["cid"],
properties: {
cid: { type: "string", minLength: 1 },
},
}Runtime limit:
| Field | Limit |
|---|---|
cid | 256 UTF-8 bytes |
meshkit.identity.create
{
type: "object",
additionalProperties: false,
required: ["id"],
properties: {
id: { type: "string", minLength: 1 },
},
}Runtime limit:
| Field | Limit |
|---|---|
id | 128 UTF-8 bytes |
meshkit.share.with
{
type: "object",
additionalProperties: false,
required: ["cid", "recipient"],
properties: {
cid: { type: "string", minLength: 1 },
recipient: { type: "string", minLength: 1 },
expiresIn: { type: "string", pattern: "^[0-9]+[mhd]$" },
},
}Runtime limits:
| Field | Limit |
|---|---|
cid | 256 UTF-8 bytes |
recipient | 128 UTF-8 bytes |
expiresIn | 16 UTF-8 bytes |
The schema advertises expiresIn as minutes, hours, or days, such as 30m, 2h, or 7d. Enforce that pattern in the MCP host if the transport does not enforce tool schemas.
Host-Side Validation Checklist
Before calling tool.run(input), the host should:
- Reject tools that are not on the workflow allowlist.
- Reject fields not present in the tool schema.
- Enforce schema patterns such as
expiresIn. - Require approval for identity creation and sharing.
- Redact or suppress raw input logging.
- Convert MeshKit errors into safe agent-visible responses.
Error Codes
| Code | Cause |
|---|---|
invalid_tool_input | Input is not an object, a required field is missing, or a string field has the wrong type. |
input_too_large | A string exceeds the runtime byte limit. |
Underlying MeshKit calls can still throw provider, proof, identity, sharing, policy, or authorization errors after schema validation passes.