Skip to content

docs: add MCP auto-discovery section to security FAQ #346

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
anandgupta42 merged 1 commit into from
Mar 21, 2026
Merged

docs: add MCP auto-discovery section to security FAQ #346

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 33 additions & 0 deletions docs/docs/reference/security-faq.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -152,6 +152,39 @@ MCP (Model Context Protocol) servers extend Altimate Code with additional tools.
!!! warning
Third-party MCP servers are not reviewed or audited by Altimate. Treat them like any other third-party dependency: review the source, check for updates, and limit their access.

## What is MCP auto-discovery?

Altimate Code can automatically discover MCP server definitions from other AI tools installed on your machine. This saves you from manually re-configuring servers you already use elsewhere. Sources include:

| Source | Config file | Scope |
|--------|------------|-------|
| VS Code | `.vscode/mcp.json` | Project |
| Cursor | `.cursor/mcp.json` | Project |
| GitHub Copilot | `.github/copilot/mcp.json` | Project |
| Claude Code | `.mcp.json` | Project + Home |
| Gemini CLI | `.gemini/settings.json` | Project + Home |
| Claude Desktop | `~/.claude.json` | Home |

**Security model:**

- **Home-directory configs** (your personal machine config) are treated as trusted and auto-enabled, since you installed them.
- **Project-scoped configs** (checked into a repo) are discovered but **disabled by default**. You must explicitly approve them via the `/discover-and-add-mcps` tool before they run.
Copy link

@coderabbitai coderabbitai bot Mar 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Search for the discover-and-add-mcps tool definition

# Search for tool registrations and definitions related to MCP discovery
rg -n 'discover.*add.*mcp|discover-and-add-mcp' packages/opencode/src/

# Also check tool registration patterns
ast-grep --pattern 'name: "discover-and-add-mcps"' packages/opencode/src/
ast-grep --pattern '"discover-and-add-mcps"' packages/opencode/src/

Repository: AltimateAI/altimate-code

Length of output: 420

Project-scoped MCP configs are auto-loaded by default, not disabled.

The documentation states that project-scoped configs are "disabled by default" and must be "explicitly approved via the /discover-and-add-mcps tool before they run." However, the implemented behavior auto-loads them at startup without per-server trust prompts. The opt-out is the experimental.auto_mcp_discovery: false flag. The tool name /discover-and-add-mcps is correctly referenced; update the description to match the actual default behavior (auto-loaded) and clarify when the tool is used versus when auto-discovery occurs.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@docs/docs/reference/security-faq.md` at line 171, Update the sentence about
project-scoped MCP configs to reflect that they are auto-loaded by default (not
disabled); mention the opt-out flag experimental.auto_mcp_discovery: false to
disable auto-loading, and clarify that the /discover-and-add-mcps tool is used
for manual discovery/approval workflows or when auto-discovery is turned off
rather than as a required step for every server.

- **Sensitive details are redacted** in discovery notifications. Server commands and URLs are only shown when you explicitly inspect them.
- **Prototype pollution, command injection, and path traversal** are hardened against with input validation and `Object.create(null)` result objects.

**To disable auto-discovery entirely:**

```json
{
"experimental": {
"auto_mcp_discovery": false
}
}
```

!!! tip
If your project repository contains `.vscode/mcp.json` or similar config files from other contributors, auto-discovery will find them but **will not start them** until you approve. Always review discovered servers before enabling them.

## How does the SQL analysis engine work?

As of v0.4.2, all 73 tool methods run natively in TypeScript via `@altimateai/altimate-core` (Rust napi-rs bindings). There is no Python dependency. The engine executes in-process with no subprocess, no network port, and no external service.
Expand Down
Loading