fix mongodb error and some nits

Author: 4ndrelim

internal/services/toolkit/tools/xtramcp/loader_v2.go

@@ -53,7 +53,7 @@ func (loader *XtraMCPLoaderV2) LoadToolsFromBackend(toolRegistry *registry.ToolR
 
 	// Register each tool dynamically, passing the session ID
 	for _, toolSchema := range toolSchemas {
-		// some tools require secrutiy context injection e.g. user_id to authenticate
+		// some tools require security context injection e.g. user_id to authenticate
 		requiresInjection := loader.requiresSecurityInjection(toolSchema)
 
 		dynamicTool := NewDynamicToolV2(
@@ -78,7 +78,7 @@ func (loader *XtraMCPLoaderV2) LoadToolsFromBackend(toolRegistry *registry.ToolR
 	return nil
 }
 
-// checks if a tool schema contains parameters that should be inejected instead of LLM-generated
+// checks if a tool schema contains parameters that should be injected instead of LLM-generated
 func (loader *XtraMCPLoaderV2) requiresSecurityInjection(schema ToolSchemaV2) bool {
 	properties, ok := schema.InputSchema["properties"].(map[string]interface{})
 	if !ok {

internal/services/toolkit/tools/xtramcp/schema_filter.go

@@ -25,18 +25,21 @@ func filterSecurityParameters(schema map[string]interface{}) map[string]interfac
 }
 
 // creates a deep copy of the schema using JSON marshal/unmarshal
+// Uses JSON round-trip because map[string]interface{} contains nested structures
+// This ensures modifications to the copy don't affect the original schema.
 func deepCopySchema(schema map[string]interface{}) map[string]interface{} {
 	// Use JSON marshal/unmarshal for deep copy
 	jsonBytes, err := json.Marshal(schema)
 	if err != nil {
-		// If marshaling fails, return original schema
+		// Extremely unlikely with valid JSON schemas (MCP schemas are JSON-compatible)
+		// // If marshaling fails, return original schema
 		return schema
 	}
 
 	var copy map[string]interface{}
 	err = json.Unmarshal(jsonBytes, &copy)
 	if err != nil {
-		// If unmarshaling fails, return original schema
+		// Should never happen if marshal succeeded
 		return schema
 	}
 
@@ -52,7 +55,7 @@ func filterRequiredArray(required []interface{}, toRemove []string) []interface{
 		removeMap[r] = true
 	}
 
-	// filter our security params
+	// filter out security params
 	for _, item := range required {
 		if str, ok := item.(string); ok {
 			if !removeMap[str] {

internal/services/toolkit/tools/xtramcp/tool.go

@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -139,7 +140,7 @@ func (t *DynamicTool) injectSecurityContext(ctx context.Context, argsMap map[str
 	// 2. Validate user owns the project
 	_, err := t.projectService.GetProject(ctx, actor.ID, projectId)
 	if err != nil {
-		if err == mongo.ErrNoDocuments {
+		if errors.Is(err, mongo.ErrNoDocuments) {
 			return fmt.Errorf("authorization failed: project not found or access denied")
 		}
 		return fmt.Errorf("authorization check failed: %w", err)

internal/services/toolkit/tools/xtramcp/tool_v2.go

@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -140,7 +141,7 @@ func (t *DynamicToolV2) injectSecurityContext(ctx context.Context, argsMap map[s
 	// 2. Validate user owns the project
 	_, err := t.projectService.GetProject(ctx, actor.ID, projectId)
 	if err != nil {
-		if err == mongo.ErrNoDocuments {
+		if errors.Is(err, mongo.ErrNoDocuments) {
 			return fmt.Errorf("authorization failed: project not found or access denied")
 		}
 		return fmt.Errorf("authorization check failed: %w", err)