# Pitfall Log

Project: modelcontextprotocol/python-sdk

Summary: Found 38 potential pitfall items; 8 are high/blocking. Highest priority: configuration - 来源证据：Duplicate `initialize` with changed parameters can overwrite `ServerSession.client_params`.

## 1. configuration · 来源证据：Duplicate `initialize` with changed parameters can overwrite `ServerSession.client_params`

- Severity: high
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个配置相关的待验证问题：Duplicate `initialize` with changed parameters can overwrite `ServerSession.client_params`
- User impact: 可能增加新用户试用和生产接入成本。
- Suggested check: 来源问题仍为 open，Pack Agent 需要复核是否仍影响当前版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_fbd28a768e3d4de5b6350068d5f755e6 | https://github.com/modelcontextprotocol/python-sdk/issues/2605 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 2. configuration · 来源证据：Streamable HTTP server silently drops in-flight request when client reuses a JSON-RPC id

- Severity: high
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个配置相关的待验证问题：Streamable HTTP server silently drops in-flight request when client reuses a JSON-RPC id
- User impact: 可能增加新用户试用和生产接入成本。
- Suggested check: 来源问题仍为 open，Pack Agent 需要复核是否仍影响当前版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_4ac932bd22b544cdb3fd360948cea40a | https://github.com/modelcontextprotocol/python-sdk/issues/2655 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 3. configuration · 来源证据：streamable_http_client: one concurrent request HTTPStatusError tears down sibling requests

- Severity: high
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个配置相关的待验证问题：streamable_http_client: one concurrent request HTTPStatusError tears down sibling requests
- User impact: 可能增加新用户试用和生产接入成本。
- Suggested check: 来源问题仍为 open，Pack Agent 需要复核是否仍影响当前版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_eea700d7503c4f4aa8ee4dcbd3db4591 | https://github.com/modelcontextprotocol/python-sdk/issues/2604 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 4. maintenance · 来源证据：FastMCP crashes when tool return type uses Python 3.10+ `A | B | C` union syntax

- Severity: high
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个维护/版本相关的待验证问题：FastMCP crashes when tool return type uses Python 3.10+ `A | B | C` union syntax
- User impact: 可能阻塞安装或首次运行。
- Suggested check: 来源问题仍为 open，Pack Agent 需要复核是否仍影响当前版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_a8726c44efdb4ae880d844a7d492b1e9 | https://github.com/modelcontextprotocol/python-sdk/issues/2591 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 5. security_permissions · 来源证据：Feature Proposal: Secure Tool/Resource/Prompt Decorators with Auth + Encrypted I/O

- Severity: high
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个安全/权限相关的待验证问题：Feature Proposal: Secure Tool/Resource/Prompt Decorators with Auth + Encrypted I/O
- User impact: 可能影响授权、密钥配置或安全边界。
- Suggested check: 来源问题仍为 open，Pack Agent 需要复核是否仍影响当前版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_8f0ce3f22c2e45b9af5ad37292daba8b | https://github.com/modelcontextprotocol/python-sdk/issues/1305 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 6. security_permissions · 来源证据：Progress notifications cause server to hang on stdio transport

- Severity: high
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个安全/权限相关的待验证问题：Progress notifications cause server to hang on stdio transport
- User impact: 可能阻塞安装或首次运行。
- Suggested check: 来源问题仍为 open，Pack Agent 需要复核是否仍影响当前版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_ed924e0ca71b419381464d8c25d237ef | https://github.com/modelcontextprotocol/python-sdk/issues/1141 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 7. security_permissions · 来源证据：Streamable HTTP server accepts mismatched `MCP-Protocol-Version` header and body `protocolVersion` on `initialize`

- Severity: high
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个安全/权限相关的待验证问题：Streamable HTTP server accepts mismatched `MCP-Protocol-Version` header and body `protocolVersion` on `initialize`
- User impact: 可能影响授权、密钥配置或安全边界。
- Suggested check: 来源问题仍为 open，Pack Agent 需要复核是否仍影响当前版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_84eac7ce86a345c38a09308517763962 | https://github.com/modelcontextprotocol/python-sdk/issues/2618 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 8. security_permissions · 来源证据：User-Agent header in sHTTP transport is not forwarded to auth flow

- Severity: high
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个安全/权限相关的待验证问题：User-Agent header in sHTTP transport is not forwarded to auth flow
- User impact: 可能影响授权、密钥配置或安全边界。
- Suggested check: 来源问题仍为 open，Pack Agent 需要复核是否仍影响当前版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_824f98c734544a28b3bfd8e982425150 | https://github.com/modelcontextprotocol/python-sdk/issues/1664 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 9. installation · 失败模式：installation: Bug: `anyio.Lock` in `oauth2.py` raises "current task is not holding this lock" under cross-t...

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: Bug: `anyio.Lock` in `oauth2.py` raises "current task is not holding this lock" under cross-task generator driving
- User impact: Developers may fail before the first successful local run: Bug: `anyio.Lock` in `oauth2.py` raises "current task is not holding this lock" under cross-task generator driving
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: Bug: `anyio.Lock` in `oauth2.py` raises "current task is not holding this lock" under cross-task generator driving. Context: Observed when using windows
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_7ab763a43233ec1e7dcaebc3255017a6 | https://github.com/modelcontextprotocol/python-sdk/issues/2644 | Bug: `anyio.Lock` in `oauth2.py` raises "current task is not holding this lock" under cross-task generator driving

## 10. installation · 失败模式：installation: FastMCP.__init__ clobbers root logger with INFO RichHandler — hangs stdio servers under back-...

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: FastMCP.__init__ clobbers root logger with INFO RichHandler — hangs stdio servers under back-pressure
- User impact: Developers may fail before the first successful local run: FastMCP.__init__ clobbers root logger with INFO RichHandler — hangs stdio servers under back-pressure
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: FastMCP.__init__ clobbers root logger with INFO RichHandler — hangs stdio servers under back-pressure. Context: Observed when using node, python, macos
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_4529ab733a6558a19e9c3f318ce112c5 | https://github.com/modelcontextprotocol/python-sdk/issues/2527 | FastMCP.__init__ clobbers root logger with INFO RichHandler — hangs stdio servers under back-pressure

## 11. installation · 失败模式：installation: Types-only install option

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: Types-only install option
- User impact: Developers may fail before the first successful local run: Types-only install option
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: Types-only install option. Context: Observed during installation or first-run setup.
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_4b31523e85ae0860236ec672488b4035 | https://github.com/modelcontextprotocol/python-sdk/issues/2581 | Types-only install option

## 12. configuration · 失败模式：configuration: Add `invalid_target` to `AuthorizationErrorCode` (RFC 8707)

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: Add `invalid_target` to `AuthorizationErrorCode` (RFC 8707)
- User impact: Developers may misconfigure credentials, environment, or host setup: Add `invalid_target` to `AuthorizationErrorCode` (RFC 8707)
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: Add `invalid_target` to `AuthorizationErrorCode` (RFC 8707). Context: Observed when using python
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_4c29698ade9229f6578bf641e5ca4aec | https://github.com/modelcontextprotocol/python-sdk/issues/2641 | Add `invalid_target` to `AuthorizationErrorCode` (RFC 8707), failure_mode_cluster:github_issue | fmev_81c61c3640860f857e3b46c6f8531177 | https://github.com/modelcontextprotocol/python-sdk/issues/2641 | Add `invalid_target` to `AuthorizationErrorCode` (RFC 8707)

## 13. configuration · 失败模式：configuration: Add dereference helper for tool inputSchema with nested Pydantic models

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: Add dereference helper for tool inputSchema with nested Pydantic models
- User impact: Developers may misconfigure credentials, environment, or host setup: Add dereference helper for tool inputSchema with nested Pydantic models
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: Add dereference helper for tool inputSchema with nested Pydantic models. Context: Observed when using python
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_b2ce8b41d7d1313880fbc1d46aab3d74 | https://github.com/modelcontextprotocol/python-sdk/issues/2586 | Add dereference helper for tool inputSchema with nested Pydantic models

## 14. configuration · 失败模式：configuration: Claude Code client sends tools/call without initialize handshake — SSE transport rejects with...

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: Claude Code client sends tools/call without initialize handshake — SSE transport rejects with -32602
- User impact: Developers may misconfigure credentials, environment, or host setup: Claude Code client sends tools/call without initialize handshake — SSE transport rejects with -32602
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: Claude Code client sends tools/call without initialize handshake — SSE transport rejects with -32602. Context: Observed when using python, linux
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_884755d92c4ee7ff54d4b4708f39069f | https://github.com/modelcontextprotocol/python-sdk/issues/2579 | Claude Code client sends tools/call without initialize handshake — SSE transport rejects with -32602

## 15. configuration · 失败模式：configuration: Feature Proposal: Secure Tool/Resource/Prompt Decorators with Auth + Encrypted I/O

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: Feature Proposal: Secure Tool/Resource/Prompt Decorators with Auth + Encrypted I/O
- User impact: Developers may misconfigure credentials, environment, or host setup: Feature Proposal: Secure Tool/Resource/Prompt Decorators with Auth + Encrypted I/O
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: Feature Proposal: Secure Tool/Resource/Prompt Decorators with Auth + Encrypted I/O. Context: Source discussion did not expose a precise runtime context.
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_c27e12906c0f7d454244f8102a06ef49 | https://github.com/modelcontextprotocol/python-sdk/issues/1305 | Feature Proposal: Secure Tool/Resource/Prompt Decorators with Auth + Encrypted I/O

## 16. configuration · 失败模式：configuration: MCP client does not retry authenticated request after successful OAuth token exchange

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: MCP client does not retry authenticated request after successful OAuth token exchange
- User impact: Developers may misconfigure credentials, environment, or host setup: MCP client does not retry authenticated request after successful OAuth token exchange
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: MCP client does not retry authenticated request after successful OAuth token exchange. Context: Observed when using python
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_de3aa46bd21d5cae2ad94a4a536299c9 | https://github.com/modelcontextprotocol/python-sdk/issues/2577 | MCP client does not retry authenticated request after successful OAuth token exchange

## 17. configuration · 失败模式：configuration: OAuth token refresh sends RFC 8707 resource parameter that Entra ID v2.0 rejects (AADSTS9010010)

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: OAuth token refresh sends RFC 8707 resource parameter that Entra ID v2.0 rejects (AADSTS9010010)
- User impact: Developers may misconfigure credentials, environment, or host setup: OAuth token refresh sends RFC 8707 resource parameter that Entra ID v2.0 rejects (AADSTS9010010)
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: OAuth token refresh sends RFC 8707 resource parameter that Entra ID v2.0 rejects (AADSTS9010010). Context: Observed when using python, docker
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_07b495ad5a45da97ecc1b984b9300cce | https://github.com/modelcontextprotocol/python-sdk/issues/2578 | OAuth token refresh sends RFC 8707 resource parameter that Entra ID v2.0 rejects (AADSTS9010010)

## 18. configuration · 失败模式：configuration: SSE transport: "Received request before initialization was complete" error with Claude Code c...

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: SSE transport: "Received request before initialization was complete" error with Claude Code client
- User impact: Developers may misconfigure credentials, environment, or host setup: SSE transport: "Received request before initialization was complete" error with Claude Code client
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: SSE transport: "Received request before initialization was complete" error with Claude Code client. Context: Observed when using python
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_31027dd837c7b2629b64e0af3be9fc95 | https://github.com/modelcontextprotocol/python-sdk/issues/1844 | SSE transport: "Received request before initialization was complete" error with Claude Code client

## 19. configuration · 失败模式：configuration: Streamable HTTP server accepts mismatched `MCP-Protocol-Version` header and body `protocolVer...

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: Streamable HTTP server accepts mismatched `MCP-Protocol-Version` header and body `protocolVersion` on `initialize`
- User impact: Developers may misconfigure credentials, environment, or host setup: Streamable HTTP server accepts mismatched `MCP-Protocol-Version` header and body `protocolVersion` on `initialize`
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: Streamable HTTP server accepts mismatched `MCP-Protocol-Version` header and body `protocolVersion` on `initialize`. Context: Observed when using python
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_0d875956519d754739d2f47b361a05c1 | https://github.com/modelcontextprotocol/python-sdk/issues/2618 | Streamable HTTP server accepts mismatched `MCP-Protocol-Version` header and body `protocolVersion` on `initialize`

## 20. configuration · 失败模式：configuration: Trying to connect to a MCP url got the follwing error any idea why ?

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: Trying to connect to a MCP url got the follwing error any idea why ?
- User impact: Developers may misconfigure credentials, environment, or host setup: Trying to connect to a MCP url got the follwing error any idea why ?
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: Trying to connect to a MCP url got the follwing error any idea why ?. Context: Observed when using python
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_9523da384e29bdf69864713f37e5176a | https://github.com/modelcontextprotocol/python-sdk/issues/2517 | Trying to connect to a MCP url got the follwing error any idea why ?

## 21. configuration · 来源证据：Agents talking to MCP Server, SSL verification is failing. Has some been through this?

- Severity: medium
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个配置相关的待验证问题：Agents talking to MCP Server, SSL verification is failing. Has some been through this?
- User impact: 可能增加新用户试用和生产接入成本。
- Suggested check: 来源显示可能已有修复、规避或版本变化，说明书中必须标注适用版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_914631b4623b42b58a37f604428d3bc8 | https://github.com/modelcontextprotocol/python-sdk/issues/1628 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 22. configuration · 来源证据：Trying to connect to a MCP url got the follwing error any idea why ?

- Severity: medium
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个配置相关的待验证问题：Trying to connect to a MCP url got the follwing error any idea why ?
- User impact: 可能增加新用户试用和生产接入成本。
- Suggested check: 来源显示可能已有修复、规避或版本变化，说明书中必须标注适用版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_a547a9416bda42e09bfdb76cb30cebd3 | https://github.com/modelcontextprotocol/python-sdk/issues/2517 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 23. configuration · 来源证据：how to return images from an mcp server

- Severity: medium
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个配置相关的待验证问题：how to return images from an mcp server
- User impact: 可能增加新用户试用和生产接入成本。
- Suggested check: 来源显示可能已有修复、规避或版本变化，说明书中必须标注适用版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_f045f1b17f2840588e0043d2c23b26be | https://github.com/modelcontextprotocol/python-sdk/issues/2557 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 24. capability · 能力判断依赖假设

- Severity: medium
- Evidence strength: source_linked
- Finding: README/documentation is current enough for a first validation pass.
- User impact: 假设不成立时，用户拿不到承诺的能力。
- Suggested check: 将假设转成下游验证清单。
- Guardrail action: 假设必须转成验证项；没有验证结果前不能写成事实。
- Evidence: capability.assumptions | github_repo:862584018 | https://github.com/modelcontextprotocol/python-sdk | README/documentation is current enough for a first validation pass.

## 25. runtime · 失败模式：runtime: Allow explicit `message_url` override in `mcp.client.sse.sse_client`

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this runtime risk before relying on the project: Allow explicit `message_url` override in `mcp.client.sse.sse_client`
- User impact: Developers may hit a documented source-backed failure mode: Allow explicit `message_url` override in `mcp.client.sse.sse_client`
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: Allow explicit `message_url` override in `mcp.client.sse.sse_client`. Context: Observed when using python
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_38851e8d85c6f19432856bbba26ef3e8 | https://github.com/modelcontextprotocol/python-sdk/issues/2255 | Allow explicit `message_url` override in `mcp.client.sse.sse_client`

## 26. runtime · 失败模式：runtime: FastMCP crashes when tool return type uses Python 3.10+ `A | B | C` union syntax

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this runtime risk before relying on the project: FastMCP crashes when tool return type uses Python 3.10+ `A | B | C` union syntax
- User impact: Developers may hit a documented source-backed failure mode: FastMCP crashes when tool return type uses Python 3.10+ `A | B | C` union syntax
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: FastMCP crashes when tool return type uses Python 3.10+ `A | B | C` union syntax. Context: Observed when using python
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_ba4b866b69ee970071b1debedd854e87 | https://github.com/modelcontextprotocol/python-sdk/issues/2591 | FastMCP crashes when tool return type uses Python 3.10+ `A | B | C` union syntax

## 27. runtime · 失败模式：runtime: RequestResponder.__exit__ leaks CancelledError on cancelled request, killing the stdio receiv...

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this runtime risk before relying on the project: RequestResponder.__exit__ leaks CancelledError on cancelled request, killing the stdio receive loop
- User impact: Developers may hit a documented source-backed failure mode: RequestResponder.__exit__ leaks CancelledError on cancelled request, killing the stdio receive loop
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: RequestResponder.__exit__ leaks CancelledError on cancelled request, killing the stdio receive loop. Context: Observed when using python, windows
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_4222d93626e7c215e5f89c3437d364ac | https://github.com/modelcontextprotocol/python-sdk/issues/2610 | RequestResponder.__exit__ leaks CancelledError on cancelled request, killing the stdio receive loop

## 28. runtime · 失败模式：runtime: streamable HTTP client parses zstd-compressed JSON response bytes as JSON

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this runtime risk before relying on the project: streamable HTTP client parses zstd-compressed JSON response bytes as JSON
- User impact: Developers may hit a documented source-backed failure mode: streamable HTTP client parses zstd-compressed JSON response bytes as JSON
- Suggested check: Before packaging this project, run the relevant install/config/quickstart check for: streamable HTTP client parses zstd-compressed JSON response bytes as JSON. Context: Observed when using python
- Guardrail action: State this as source-backed community evidence, not as Doramagic reproduction.
- Evidence: failure_mode_cluster:github_issue | fmev_6dab858cb2e7425fd52afd406c414889 | https://github.com/modelcontextprotocol/python-sdk/issues/2649 | streamable HTTP client parses zstd-compressed JSON response bytes as JSON, failure_mode_cluster:github_issue | fmev_78fb17ba8dc344c3013b7a2a4dd78b69 | https://github.com/modelcontextprotocol/python-sdk/issues/2649 | streamable HTTP client parses zstd-compressed JSON response bytes as JSON

## 29. maintenance · 来源证据：Allow explicit `message_url` override in `mcp.client.sse.sse_client`

- Severity: medium
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个维护/版本相关的待验证问题：Allow explicit `message_url` override in `mcp.client.sse.sse_client`
- User impact: 可能增加新用户试用和生产接入成本。
- Suggested check: 来源显示可能已有修复、规避或版本变化，说明书中必须标注适用版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_64695bc088354f31aed514c1509a8466 | https://github.com/modelcontextprotocol/python-sdk/issues/2255 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 30. maintenance · 维护活跃度未知

- Severity: medium
- Evidence strength: source_linked
- Finding: 未记录 last_activity_observed。
- User impact: 新项目、停更项目和活跃项目会被混在一起，推荐信任度下降。
- Suggested check: 补 GitHub 最近 commit、release、issue/PR 响应信号。
- Guardrail action: 维护活跃度未知时，推荐强度不能标为高信任。
- Evidence: evidence.maintainer_signals | github_repo:862584018 | https://github.com/modelcontextprotocol/python-sdk | last_activity_observed missing

## 31. security_permissions · 下游验证发现风险项

- Severity: medium
- Evidence strength: source_linked
- Finding: no_demo
- User impact: 下游已经要求复核，不能在页面中弱化。
- Suggested check: 进入安全/权限治理复核队列。
- Guardrail action: 下游风险存在时必须保持 review/recommendation 降级。
- Evidence: downstream_validation.risk_items | github_repo:862584018 | https://github.com/modelcontextprotocol/python-sdk | no_demo; severity=medium

## 32. security_permissions · 存在评分风险

- Severity: medium
- Evidence strength: source_linked
- Finding: no_demo
- User impact: 风险会影响是否适合普通用户安装。
- Suggested check: 把风险写入边界卡，并确认是否需要人工复核。
- Guardrail action: 评分风险必须进入边界卡，不能只作为内部分数。
- Evidence: risks.scoring_risks | github_repo:862584018 | https://github.com/modelcontextprotocol/python-sdk | no_demo; severity=medium

## 33. security_permissions · 来源证据：Add dereference helper for tool inputSchema with nested Pydantic models

- Severity: medium
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个安全/权限相关的待验证问题：Add dereference helper for tool inputSchema with nested Pydantic models
- User impact: 可能影响授权、密钥配置或安全边界。
- Suggested check: 来源显示可能已有修复、规避或版本变化，说明书中必须标注适用版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_8593f035989b47d9be01d49846994bac | https://github.com/modelcontextprotocol/python-sdk/issues/2586 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 34. security_permissions · 来源证据：Bug: `anyio.Lock` in `oauth2.py` raises "current task is not holding this lock" under cross-task generator driving

- Severity: medium
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个安全/权限相关的待验证问题：Bug: `anyio.Lock` in `oauth2.py` raises "current task is not holding this lock" under cross-task generator driving
- User impact: 可能影响授权、密钥配置或安全边界。
- Suggested check: 来源显示可能已有修复、规避或版本变化，说明书中必须标注适用版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_1f87ab18f1bd41f08edfee9d554fff11 | https://github.com/modelcontextprotocol/python-sdk/issues/2644 | 来源讨论提到 windows 相关条件，需在安装/试用前复核。

## 35. security_permissions · 来源证据：Context bloat - the bottle neck of MCP

- Severity: medium
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个安全/权限相关的待验证问题：Context bloat - the bottle neck of MCP
- User impact: 可能影响授权、密钥配置或安全边界。
- Suggested check: 来源显示可能已有修复、规避或版本变化，说明书中必须标注适用版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_b3028447aa1549b0acb817312bd398b5 | https://github.com/modelcontextprotocol/python-sdk/issues/2619 | 来源类型 github_issue 暴露的待验证使用条件。

## 36. security_permissions · 来源证据：Server OAuth metadata hardcodes token_endpoint_auth_methods_supported, breaking public client flows

- Severity: medium
- Evidence strength: source_linked
- Finding: GitHub 社区证据显示该项目存在一个安全/权限相关的待验证问题：Server OAuth metadata hardcodes token_endpoint_auth_methods_supported, breaking public client flows
- User impact: 可能影响升级、迁移或版本选择。
- Suggested check: 来源显示可能已有修复、规避或版本变化，说明书中必须标注适用版本。
- Guardrail action: 不得脱离来源链接放大为确定性结论；需要标注适用版本和复核状态。
- Evidence: community_evidence:github | cevd_4a64c4f8e4064f39adb8da663a976411 | https://github.com/modelcontextprotocol/python-sdk/issues/2260 | 来源讨论提到 python 相关条件，需在安装/试用前复核。

## 37. maintenance · issue/PR 响应质量未知

- Severity: low
- Evidence strength: source_linked
- Finding: issue_or_pr_quality=unknown。
- User impact: 用户无法判断遇到问题后是否有人维护。
- Suggested check: 抽样最近 issue/PR，判断是否长期无人处理。
- Guardrail action: issue/PR 响应未知时，必须提示维护风险。
- Evidence: evidence.maintainer_signals | github_repo:862584018 | https://github.com/modelcontextprotocol/python-sdk | issue_or_pr_quality=unknown

## 38. maintenance · 发布节奏不明确

- Severity: low
- Evidence strength: source_linked
- Finding: release_recency=unknown。
- User impact: 安装命令和文档可能落后于代码，用户踩坑概率升高。
- Suggested check: 确认最近 release/tag 和 README 安装命令是否一致。
- Guardrail action: 发布节奏未知或过期时，安装说明必须标注可能漂移。
- Evidence: evidence.maintainer_signals | github_repo:862584018 | https://github.com/modelcontextprotocol/python-sdk | release_recency=unknown