feat: add searchable MCP tool inventory

[Michaelyklam]

Thinking Path

• Issue Feature request: Searchable global tool list #697 asks for a searchable global MCP tool list, but the current Feature request: MCP server management panel with CLI toggle #696 data layer only exposes safe server status/tool counts without probing MCP servers.
• The safest WebUI-side MVP is therefore read-only and runtime-backed: expose detailed MCP tool rows only when Hermes already has tool schemas available, and fall back to the existing registry without starting or reconnecting MCP servers.
• The UI belongs beside the MCP server visibility panel in Settings → System so users can inspect server status and then search the known tool surface in one place.
• Because full enumeration of inactive configured servers still needs a richer Hermes Agent/gateway tool-inventory contract, this PR uses Refs Feature request: Searchable global tool list #697 rather than closing the issue.

What Changed

• Added GET /api/mcp/tools with sanitized MCP tool inventory rows: tool name, source server, description, active/enabled/status, and a compact schema summary.
• Kept schema payloads deliberately narrow: parameter name/type/required/description only, with defaults/examples/enums/raw schema omitted and descriptions redacted.
• Added a Settings → System “MCP Tools” section with client-side search over tool name, server, and description plus empty/error/no-match states.
• Added source/API regression coverage for payload sanitization, search affordances, i18n coverage, empty/error UI states, and no raw secret/schema overexposure.
• Included browser QA media for the filtered MCP Tools UI.

Why It Matters

• Users running MCP-heavy Hermes setups can quickly search the known active tool surface without reading configs or raw MCP schemas.
• The endpoint avoids surprising side effects: it does not probe, spawn, reconnect, or mutate MCP servers.
• The response shape can absorb a future richer runtime tools/tool_schemas contract while staying useful with the already-registered tool registry today.

Verification

• node --check static/panels.js
• node --check static/i18n.js
• /home/michael/.hermes/hermes-agent/venv/bin/python -m py_compile api/routes.py
• /home/michael/.hermes/hermes-agent/venv/bin/python -m pytest tests/test_issue697_mcp_tool_inventory.py -q → 6 passed in 1.57s
• /home/michael/.hermes/hermes-agent/venv/bin/python -m pytest tests/test_issue538_mcp_management.py tests/test_issue696_mcp_visibility_panel.py tests/test_issue697_mcp_tool_inventory.py tests/test_chinese_locale.py tests/test_japanese_locale.py tests/test_russian_locale.py tests/test_spanish_locale.py -q → 57 passed in 2.23s
• git diff --check
• Full isolated suite: env -u HERMES_CONFIG_PATH /home/michael/.hermes/hermes-agent/venv/bin/python -m pytest tests/ -q → 4299 passed, 2 skipped, 3 xpassed, 1 warning, 8 subtests passed in 404.73s
• Browser QA on isolated WebUI server (127.0.0.1:18797) with synthetic MCP Tools rows verified search filtering, source server badge, active status, description, and schema summary.

UI media:

Risks / Follow-ups

• Refs Feature request: Searchable global tool list #697 instead of closing it: full “every installed MCP server” inventory still needs Hermes Agent/gateway to expose detailed tool names/descriptions for inactive configured servers without WebUI probing them.
• This PR is stacked on PR feat: add MCP server visibility panel #1670 / issue Feature request: MCP server management panel with CLI toggle #696’s MCP server visibility data layer; merge feat: add MCP server visibility panel #1670 first or rebase this after it lands.
• Non-English locale strings for the new MCP Tools keys currently use English fallback wording to preserve key parity; translators can refine them later.

Model Used

• OpenAI Codex gpt-5.5 via Hermes Agent CLI with terminal, file, browser, and kanban tools.

[nesquena-hermes]

Closed by the v0.51.1 release in PR #1681 (merged at e23ba59). Massive thanks @Michaelyklam — this is now 19 merged PRs across the v0.50.292–v0.51.1 release window, an extraordinary contribution rate. Each PR was per-claim-vs-diff verified against your description and every security-relevant code path checked under independent review (Opus advisor, 6/6 questions clean). Your closes #N references are all accurate, your Thinking Path / What Changed / Why It Matters body template is consistently helpful, and your test coverage is solid behavioral scope (not source-string scaffolding) on every PR.

Live on production: https://github.com/nesquena/hermes-webui/releases/tag/v0.51.1

🚀