Skip to Content
Back to changelog

Remote MCP source management and observability hook reliability

This release adds the initial UI and APIs for managing custom remote MCP sources, plus reliability fixes for the observability plugin hook flow and Claude Code plugin caching.

Features

  • Remote MCP source management UI and APIs #2608  - Adds the initial Remote MCP source management UI under the gram-remote-mcp feature flag, with a Custom remote server entry in the Add Source dropdown, a URL-only create form, and a detail page covering Overview, MCP Servers, and Settings tabs. Also adds remoteMcp.verifyURL for probing a candidate remote MCP server URL via an MCP initialize request, plus remote_mcp_server_id and toolset_id filter parameters on mcpServers.list. Renames the existing Third party server entry to Registry server. (Author: @bflad )

Bug fixes

  • Observability hook event flags and error handling #2682  - Fixes generated observability plugin hooks not firing correctly in production. Hook events now carry explicit async flags matching the public Gram plugin (false for blocking events like PreToolUse and UserPromptSubmit, true for fire-and-forget events like Stop and PostToolUse). The generated hook.sh script now captures the HTTP response body and status code separately and exits with code 2 on 4xx/5xx so an unreachable Gram server cannot silently bypass blocking policies. (Author: @bradcypert )
  • Claude Code plugin caching across sessions #2697  - Fixes Claude Code plugins not loading after restart. The marketplace URL returned by getPublishStatus now points directly at the git proxy (/marketplace/p/{token}.git) and the install instructions emit "source": "git" in the extraKnownMarketplaces snippet, which Claude Code caches reliably between sessions. The URL-based manifest endpoint and its rewrite logic have been removed. (Author: @bradcypert )
  • RBAC dev toolbar environment scope toggle #2684  - Fixes a crash in the RBAC dev toolbar when toggling environment:read or environment:write for the first time. Hardens toggleScope and setScopeResources to materialize a known-good baseline before spreading, and adds a defensive != null guard at the render site so legacy malformed localStorage state cannot crash either. (Author: @simplesagar )

Last updated on

AI everywhere.

Control here.

Talk to usLearn more