From 27e039903177b0834a85e3e0453c5b61c7f5ba61 Mon Sep 17 00:00:00 2001
From: pwuersch <49908921+pwuersch@users.noreply.github.com>
Date: Thu, 30 Apr 2026 15:51:17 +0200
Subject: [PATCH 1/2] fix: allow hyphens for MCP server names

---
 packages/data-provider/specs/mcp.spec.ts | 34 +++++++++++++++++++++++-
 packages/data-provider/src/mcp.ts        |  4 +--
 2 files changed, 35 insertions(+), 3 deletions(-)

diff --git a/packages/data-provider/specs/mcp.spec.ts b/packages/data-provider/specs/mcp.spec.ts
index 573769c4fa..0c6e1094d1 100644
--- a/packages/data-provider/specs/mcp.spec.ts
+++ b/packages/data-provider/specs/mcp.spec.ts
@@ -1,6 +1,38 @@
-import { SSEOptionsSchema, MCPServerUserInputSchema } from '../src/mcp';
+import { MCPOptionsSchema, SSEOptionsSchema, MCPServerUserInputSchema } from '../src/mcp';
 
 describe('MCPServerUserInputSchema', () => {
+  describe('title validation', () => {
+    it('should accept hyphenated MCP server titles in config', () => {
+      const result = MCPOptionsSchema.safeParse({
+        type: 'sse',
+        url: 'https://example.com/mcp',
+        title: 'My-Test Server',
+      });
+
+      expect(result.success).toBe(true);
+    });
+
+    it('should accept hyphenated MCP server titles in user input', () => {
+      const result = MCPServerUserInputSchema.safeParse({
+        type: 'sse',
+        url: 'https://example.com/mcp',
+        title: 'My-Test Server',
+      });
+
+      expect(result.success).toBe(true);
+    });
+
+    it('should still reject unsupported title characters', () => {
+      const result = MCPOptionsSchema.safeParse({
+        type: 'sse',
+        url: 'https://example.com/mcp',
+        title: 'My_Test Server',
+      });
+
+      expect(result.success).toBe(false);
+    });
+  });
+
   describe('env variable exfiltration prevention', () => {
     it('should confirm admin schema resolves env vars (attack vector baseline)', () => {
       process.env.FAKE_SECRET = 'leaked-secret-value';
diff --git a/packages/data-provider/src/mcp.ts b/packages/data-provider/src/mcp.ts
index b22a599b9b..150dcfb8a1 100644
--- a/packages/data-provider/src/mcp.ts
+++ b/packages/data-provider/src/mcp.ts
@@ -3,10 +3,10 @@ import { TokenExchangeMethodEnum } from './types/agents';
 import { extractEnvVariable } from './utils';
 
 const BaseOptionsSchema = z.object({
-  /** Display name for the MCP server - only letters, numbers, and spaces allowed */
+  /** Display name for the MCP server - only letters, numbers, spaces, and hyphens allowed */
   title: z
     .string()
-    .regex(/^[a-zA-Z0-9 ]+$/, 'Title can only contain letters, numbers, and spaces')
+    .regex(/^[a-zA-Z0-9 -]+$/, 'Title can only contain letters, numbers, spaces, and hyphens')
     .optional(),
   /** Description of the MCP server */
   description: z.string().optional(),

From 3a81429e6d578c867c2226a80c11bebb185d3200 Mon Sep 17 00:00:00 2001
From: pwuersch <49908921+pwuersch@users.noreply.github.com>
Date: Thu, 30 Apr 2026 18:23:51 +0200
Subject: [PATCH 2/2] test: separate different MCP schema test cases

---
 packages/data-provider/specs/mcp.spec.ts | 26 ++++++++++++++----------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/packages/data-provider/specs/mcp.spec.ts b/packages/data-provider/specs/mcp.spec.ts
index 0c6e1094d1..985bccf697 100644
--- a/packages/data-provider/specs/mcp.spec.ts
+++ b/packages/data-provider/specs/mcp.spec.ts
@@ -1,6 +1,6 @@
 import { MCPOptionsSchema, SSEOptionsSchema, MCPServerUserInputSchema } from '../src/mcp';
 
-describe('MCPServerUserInputSchema', () => {
+describe('MCPOptionsSchema', () => {
   describe('title validation', () => {
     it('should accept hyphenated MCP server titles in config', () => {
       const result = MCPOptionsSchema.safeParse({
@@ -12,16 +12,6 @@ describe('MCPServerUserInputSchema', () => {
       expect(result.success).toBe(true);
     });
 
-    it('should accept hyphenated MCP server titles in user input', () => {
-      const result = MCPServerUserInputSchema.safeParse({
-        type: 'sse',
-        url: 'https://example.com/mcp',
-        title: 'My-Test Server',
-      });
-
-      expect(result.success).toBe(true);
-    });
-
     it('should still reject unsupported title characters', () => {
       const result = MCPOptionsSchema.safeParse({
         type: 'sse',
@@ -32,6 +22,20 @@ describe('MCPServerUserInputSchema', () => {
       expect(result.success).toBe(false);
     });
   });
+});
+
+describe('MCPServerUserInputSchema', () => {
+  describe('title validation', () => {
+    it('should accept hyphenated MCP server titles in user input', () => {
+      const result = MCPServerUserInputSchema.safeParse({
+        type: 'sse',
+        url: 'https://example.com/mcp',
+        title: 'My-Test Server',
+      });
+
+      expect(result.success).toBe(true);
+    });
+  });
 
   describe('env variable exfiltration prevention', () => {
     it('should confirm admin schema resolves env vars (attack vector baseline)', () => {