feat(config): enabled_tools/disabled_tools per-server allowlist/denylist in mcp_config.json#468
Open
nlaurance wants to merge 1 commit into
Open
Conversation
…enylist Adds two mutually exclusive fields to ServerConfig that let operators declare tool visibility statically in mcp_config.json rather than having to call the API or CLI after every fresh install. enabled_tools: ["list_issues", "get_issue"] // allowlist — only these visible disabled_tools: ["delete_repo", "force_push"] // denylist — hide these, allow rest Config validation rejects a server that has both fields set. On every applyDifferentialToolUpdate (server connect / tool refresh), applyConfigToolFilter walks the in-memory config, computes the desired enabled/disabled state for each discovered tool, and calls setToolEnabledNoEmit to persist it in BBolt. All existing enforcement paths (isToolCallable, retrieve_tools pre-ranking, call_tool_*) pick up the change automatically with no further modifications. Five unit tests cover: allowlist disables unlisted tools, allowlist re-enables a tool moved back into the list, denylist disables listed tools, no-op when neither field is set, and end-to-end integration through applyDifferentialToolUpdate. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
enabled_tools(allowlist) anddisabled_tools(denylist) fields toServerConfigso operators can declare tool visibility statically inmcp_config.jsonwithout needing to call the API or CLI after every fresh installapplyDifferentialToolUpdate(server connect / tool refresh), the newapplyConfigToolFiltersyncs the config declarations into BBoltToolApprovalRecord.Disabledflags, so all existing enforcement paths (isToolCallable,retrieve_toolspre-ranking,call_tool_*, direct mode) pick up the change automaticallyUsage
{ "mcpServers": [ { "name": "github", "url": "https://api.github.com/mcp", "enabled_tools": ["list_issues", "get_issue", "list_repos"] }, { "name": "filesystem", "url": "...", "disabled_tools": ["write_file", "delete_file", "execute_code"] } ] }Test plan
go test ./internal/config/ ./internal/runtime/— 349 tests passTestApplyConfigToolFilter_EnabledTools_DisablesNonListedTools— allowlist hides unlisted toolsTestApplyConfigToolFilter_DisabledTools_DisablesListedTools— denylist hides specified toolsTestApplyConfigToolFilter_NoFilter_NoChanges— no records written when neither field is setTestApplyConfigToolFilter_EnabledTools_ReEnablesTool— tool moved back into allowlist is re-enabledTestApplyDifferentialToolUpdate_RespectsEnabledToolsConfig— end-to-end throughapplyDifferentialToolUpdateTestValidateDetailed/enabled_tools_and_disabled_tools_are_mutually_exclusive— validation rejects both fields set simultaneouslygo build ./...— clean build🤖 Generated with Claude Code