Skip to content

[codex] Summarize MCP denials#96

Merged
Atomics-hub merged 1 commit into
masterfrom
codex/mcp-denial-summary
May 27, 2026
Merged

[codex] Summarize MCP denials#96
Atomics-hub merged 1 commit into
masterfrom
codex/mcp-denial-summary

Conversation

@Atomics-hub
Copy link
Copy Markdown
Owner

@Atomics-hub Atomics-hub commented May 27, 2026

Summary

  • add compact redacted denial summaries to blocked MCP tool, resource, and prompt responses
  • expose rule, reason, syscall, target, and missing capability without reflecting raw MCP payloads
  • extend release-audit smoke checks and docs for reviewer-visible denial evidence

Verification

  • cargo fmt --check
  • cargo test subprocess_mcp_proxy_mediates_real_stdio_child -- --nocapture
  • cargo test subprocess_mcp_proxy_blocks_resource_read_without_capability -- --nocapture
  • cargo test subprocess_mcp_proxy_mediates_prompts_list_and_get -- --nocapture
  • cargo test release_audit_subprocess_mcp_proxy_smoke_blocks_downstream_execution -- --nocapture
  • cargo test in_memory_mcp_proxy_does_not_execute_denied_call -- --nocapture
  • cargo test release_audit_subprocess_mcp_proxy_resource_smoke_covers_resource_boundary -- --nocapture
  • cargo test release_audit_subprocess_mcp_proxy_prompt_smoke_covers_prompt_boundary -- --nocapture
  • cargo test
  • cargo clippy --all-targets --all-features -- -D warnings
  • cargo run --locked -- release-audit

Note: opened as draft to keep the outage-era local-verified queue explicit; GitHub checks may now be partially restored, but PR #92 remains the first blocked merge candidate.

@Atomics-hub Atomics-hub marked this pull request as ready for review May 27, 2026 01:20
@Atomics-hub Atomics-hub force-pushed the codex/mcp-denial-summary branch from 6ec3cc5 to 5f94529 Compare May 27, 2026 01:22
@Atomics-hub Atomics-hub merged commit ed53f84 into master May 27, 2026
1 check passed
@Atomics-hub Atomics-hub deleted the codex/mcp-denial-summary branch May 27, 2026 01:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Atomics-hub