Summary
Document and test MCP proxy support end to end across configuration loading, upstream session lifecycle, notification forwarding, and security boundaries.
Why
This feature touches configuration, transport behavior, and security-sensitive boundaries. It should land with production-oriented tests and user documentation instead of relying on follow-up cleanup.
Deliverables
- Add unit and integration tests for config validation, provider wiring, remote session lifecycle, and notification forwarding.
- Add security-focused tests for invalid auth combinations, tool filtering, SSRF rejection, and stdio gating.
- Update
README.md, docs/PROFILE-GUIDE.md, and transport docs with setup and operational notes.
- Update
IMPLEMENTATION.md if the architecture changes materially.
- Update
CHANGELOG.md once implementation lands.
Acceptance criteria
- The implementation is covered by success and failure-path tests.
- Documentation explains remote HTTP first and stdio as optional/experimental.
- Operational limits and trust boundaries are documented clearly.
Suggested files
README.mddocs/PROFILE-GUIDE.mddocs/HTTP-TRANSPORT.mdIMPLEMENTATION.md- test files under
src/ and tests/
Agent-authored issue.
Summary
Document and test MCP proxy support end to end across configuration loading, upstream session lifecycle, notification forwarding, and security boundaries.
Why
This feature touches configuration, transport behavior, and security-sensitive boundaries. It should land with production-oriented tests and user documentation instead of relying on follow-up cleanup.
Deliverables
README.md,docs/PROFILE-GUIDE.md, and transport docs with setup and operational notes.IMPLEMENTATION.mdif the architecture changes materially.CHANGELOG.mdonce implementation lands.Acceptance criteria
Suggested files
README.mddocs/PROFILE-GUIDE.mddocs/HTTP-TRANSPORT.mdIMPLEMENTATION.mdsrc/andtests/Agent-authored issue.