fix(mcp): point quarantine remediation at quarantine_security, not upstream_servers#816
Merged
Merged
Conversation
…stream_servers The quarantined-server block message and add-server quarantine response told agents to run upstream_servers with operation 'list_quarantined' / 'inspect_quarantined', but those operations moved to the quarantine_security tool — following the instructions returns "Unknown operation: list_quarantined" (verified live in v0.47.0-rc.4 release QA), a dead-end remediation. The text also implied upstream_servers can unquarantine, which it cannot. Update instructions/next_steps/review_commands to reference quarantine_security and the tray/Web UI unquarantine path. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Deploying mcpproxy-docs with
|
| Latest commit: |
851f525
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://b57dc614.mcpproxy-docs.pages.dev |
| Branch Preview URL: | https://fix-quarantine-remediation-t.mcpproxy-docs.pages.dev |
Member
Author
|
Cross-model review (Codex CLI 0.135.0): ACCEPT — "The changes only update quarantine remediation guidance to point at the existing quarantine_security operations and add a regression assertion for that text. I did not identify any introduced correctness issues." Round 1/5, no findings to fix. |
|
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
📦 Build ArtifactsWorkflow Run: View Run Available Artifacts
How to DownloadOption 1: GitHub Web UI (easiest)
Option 2: GitHub CLI gh run download 28846921090 --repo smart-mcp-proxy/mcpproxy-go
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The quarantined-server block message and the add-server quarantine response told agents to run
upstream_serverswithoperation='list_quarantined'/'inspect_quarantined', but those operations live on thequarantine_securitytool — following the instructions returns "Unknown operation: list_quarantined" (verified live in v0.47.0-rc.4 release QA). A dead-end remediation for agents. The text also impliedupstream_serverscan unquarantine, which it cannot (tray/Web UI only, by design).Changes
instructions/next_steps/review_commandsin internal/server/mcp.go now referencequarantine_securityand the tray/Web UI unquarantine pathTests
TestDirectToolCallabilityBlock_ServerQuarantinedextended to assert the remediation referencesquarantine_securityand not the dead-end op (red before fix)./scripts/test-api-e2e.sh: 65/65 PASS · quarantine test suite green · golangci-lint v2: 0 issues🤖 Generated with Claude Code