Skip to content

fix(mcp-proxy): tighten public trust and approval env hygiene#104

Merged
oleg-bk merged 6 commits into
mainfrom
codex/p1-2e-approval-center-env-minimization
Jul 6, 2026
Merged

fix(mcp-proxy): tighten public trust and approval env hygiene#104
oleg-bk merged 6 commits into
mainfrom
codex/p1-2e-approval-center-env-minimization

Conversation

@oleg-bk

@oleg-bk oleg-bk commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Summary

This PR closes the public adoption and trust hygiene batch for AgentVeil MCP Proxy:

  • updates the root README PyPI badge/link to 0.7.28
  • qualifies empty and chain-only evidence verification so empty bundles no longer show bare VERIFY: passed
  • improves CLI onboarding help and keeps init next-step guidance privacy bounded
  • adds a bounded agentveil-mcp-proxy demo flow that shows the generic redirect -> approval -> local proof loop without exposing policy/playbook depth
  • minimizes managed Approval Center child process environments across shared, launcher, and legacy Claude lifecycle paths

Why

The fixes address concrete public trust issues:

  • version/readme drift makes the package look stale
  • empty evidence verification could overclaim proof
  • flat CLI help hid the golden path
  • new users lacked a quick way to see the routed approval loop
  • managed Approval Center processes inherited full parent environments, including possible provider/cloud secrets

Validation

  • Focused tests for each slice passed locally.
  • Full local public SDK PR gate passed on HEAD=787c0a73580c4e28c59aa6e7abf8013d618af3b7:
    • 1566 passed, 1 skipped, 2 warnings
    • public_sdk_pr_gate: ok

Notes

  • The demo uses a single generic inline redirect and does not enumerate redirect playbooks, risk taxonomy, or private policy depth.
  • The PR does not perform a release. A patch release should be handled separately after merge and release gates.

Implemented with assistance from Codex.

oleg-bk added 6 commits July 6, 2026 11:40
Keep the root README version signal aligned with the published MCP proxy release.\n\nImplemented with assistance from Codex.
Avoid rendering proof-grade success for empty or chain-only evidence bundles. Add bounded verify contracts for no signed evidence and chain-only bundles.\n\nImplemented with assistance from Codex.
Group root help around the first-run path and preserve path-aware next steps after init.\n\nImplemented with assistance from Codex.
Add a guided local demo that shows generic redirect shape, the real approval flow, routed MCP retry, and bounded local proof without exposing policy catalogs or playbooks.\n\nImplemented with assistance from Codex.
Avoid printing absolute custom home/config paths in human init next-step guidance while still indicating that the same flags should be reused.\n\nImplemented with assistance from Codex.
Start managed Approval Center processes with a bounded environment instead of inheriting the full parent shell. Cover shared, launcher, and legacy Claude lifecycle spawn paths.\n\nImplemented with assistance from Codex.
@oleg-bk oleg-bk marked this pull request as ready for review July 6, 2026 13:17
@oleg-bk oleg-bk merged commit 29a1174 into main Jul 6, 2026
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant