Skip to content

example using graphql: https://api.github.com/graphql #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

example using graphql: https://api.github.com/graphql #11

wants to merge 3 commits into from

Conversation

@Cyr-Ch
Copy link

@Cyr-Ch Cyr-Ch commented Sep 20, 2025
edited by cubic-dev-ai bot
Loading

Summary by cubic

Adds a TypeScript example that calls GitHub’s GraphQL API via UTCP’s HTTP provider, plus an optional OpenAI-driven client for multi-step tool use. This makes it easy to model GraphQL operations as UTCP tools with .env-based auth.

  • New Features

    • Example project under typescript/graphql_http_example with README and example.env.
    • graphql_manual.json defines github.graphql_query and github.search_repos (auth via GITHUB_TOKEN).
    • llm_client_openai.ts lets a model choose tools and run multi-step calls (repo search or custom queries).
    • start:llm script to run the client (requires OPENAI_API_KEY and GITHUB_TOKEN).

  • Dependencies

    • Adds @utcp/sdk, openai, dotenv, ts-node (dev: typescript).

@Cyr-Ch Cyr-Ch requested a review from perrozzi September 20, 2025 19:47
@Cyr-Ch Cyr-Ch self-assigned this Sep 20, 2025
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Sep 20, 2025
View reviewed changes
Copy link

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

6 issues found across 7 files

Prompt for AI agents (all 6 issues) 

Understand the root cause of the following 6 issues and fix them.


<file name="typescript/graphql_http_example/tsconfig.json">

<violation number="1" location="typescript/graphql_http_example/tsconfig.json:5">
Use NodeNext module resolution to match Node ESM; current &quot;Node&quot; can mis-resolve package exports and file extensions under ts-node/esm.</violation>
</file>

<file name="typescript/graphql_http_example/example.env">

<violation number="1" location="typescript/graphql_http_example/example.env:1">
Non-empty placeholder will pass the missing-env check and may trigger secret-scanner false positives. Leave it empty to force validation and avoid scanner noise.</violation>

<violation number="2" location="typescript/graphql_http_example/example.env:2">
Non-empty placeholder will pass the missing-env check and may trigger secret-scanner false positives. Leave it empty to force validation and avoid scanner noise.</violation>
</file>

<file name="typescript/graphql_http_example/llm_client_openai.ts">

<violation number="1" location="typescript/graphql_http_example/llm_client_openai.ts:10">
Avoid deep imports into package internals; use the package public entrypoint to reduce breakage risk.</violation>

<violation number="2" location="typescript/graphql_http_example/llm_client_openai.ts:21">
Serializing tools directly may expose provider headers (e.g., Authorization) to the LLM; redact or omit provider configuration before embedding in the prompt.</violation>

<violation number="3" location="typescript/graphql_http_example/llm_client_openai.ts:123">
Unbounded history growth can lead to increased memory usage; consider capping or summarizing history.</violation>
</file>

Since this is your first cubic review, here's how it works:

  • cubic automatically reviews your code and comments on bugs and improvements
  • Teach cubic by replying to its comments. cubic learns from your replies and gets better over time
  • Ask questions if you need clarification on any suggestion

React with 👍 or 👎 to teach cubic. Mention @cubic-dev-ai to give feedback, ask questions, or re-run the review.

@Cyr-Ch
chore(graphql-http): align tsconfig with ESM; harden client and env
c9be6e4 
- switch moduleResolution to NodeNext for ts-node/esm
- replace deep @utcp/sdk imports with public entrypoint
- redact provider headers from tools before LLM prompts
- cap conversation history (20) and trim as it grows
- validate github.search_repos requires non-empty keywords
- empty example.env placeholders to avoid secret-scanner noise
@Cyr-Ch
fix dual tool design
81dd19e
@h3xxit h3xxit requested review from h3xxit and removed request for perrozzi October 6, 2025 16:02
@h3xxit
Copy link
Member

h3xxit commented Oct 6, 2025
edited
Loading

Hey, thanks for the PR! Note that this is still using the 0.1 outdated typescript library. The v1.0 is still in progess now at https://github.com/universal-tool-calling-protocol/typescript-utcp-sdk. Once that one is done, I can ping you to update it to the 1.0.

Until then feel free to use the python one, which is at 1.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@h3xxit h3xxit Awaiting requested review from h3xxit

At least 1 approving review is required to merge this pull request.

Assignees

@Cyr-Ch Cyr-Ch

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Cyr-Ch @h3xxit