docs: add MCP auto-discovery section to security FAQ

[anandgupta42]

What does this PR do?

Adds a new "What is MCP auto-discovery?" section to the security FAQ documenting the feature introduced in #311. Covers:

• Table of all 6 supported external config sources (VS Code, Cursor, Copilot, Claude, Gemini)
• Trust model: home-directory configs auto-enabled vs project-scoped disabled by default
• Security hardening (prototype pollution, command injection, path traversal)
• How to disable the feature via auto_mcp_discovery: false

Type of change

• Documentation update

How did you verify your code works?

• Reviewed the auto-discovery implementation in src/mcp/discover.ts and adversarial tests to ensure accuracy of documented security controls
• Verified markdown renders correctly with admonitions and table formatting

Checklist

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• New and existing tests pass locally with my changes

🤖 Generated with Claude Code

Summary by CodeRabbit

• Documentation
  • Added FAQ section explaining MCP auto-discovery functionality for discovering MCP server definitions from other installed AI tools.
  • Documented the security model including trust levels, approval processes, and security hardening measures.
  • Added instructions on disabling auto-discovery and clarified that discovered servers require explicit approval before starting.

[claude]

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review.

[coderabbitai]

Warning

Rate limit exceeded

@anandgupta42 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 15 minutes and 52 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: ba73e395-8949-4afa-8831-e01a9c483f7c

📥 Commits

Reviewing files that changed from the base of the PR and between 934fdf5 and 81d34b1.

📒 Files selected for processing (1)

• .opencode/opencode.jsonc

📝 Walkthrough

Walkthrough

Added a new "What is MCP auto-discovery?" section to the security FAQ documenting automatic discovery of MCP server definitions from installed AI tools, including the security model (home-directory configs auto-enabled, project-scoped configs require approval), hardening measures against injection attacks, and configuration options.

Changes

Cohort / File(s)	Summary
Security Documentation docs/docs/reference/security-faq.md	Added "What is MCP auto-discovery?" section explaining automatic MCP server discovery from external tools, security policies (trust model, approval workflow), security hardening (input validation, prototype pollution prevention), and configuration to disable auto-discovery.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• feat: auto-discover MCP servers from external AI tool configs #311: Documents the MCP auto-discovery feature implementation, security model, and experimental.auto_mcp_discovery configuration flag being introduced.

Poem

🐰 A bunny's ode to discovery's light,
MCP servers found with caution and might,
From trusted homes to projects that wait,
Security checks keep configs first-rate,
We hop through docs, so open and bright! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: adding an MCP auto-discovery section to the security FAQ documentation.
Description check	✅ Passed	The description covers the purpose and details of the changes, verification steps, and includes checklist items, but doesn't fully align with the required template structure (missing explicit 'Summary', 'Test Plan', and 'Checklist' section headers as defined in the template).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch docs/security-faq-mcp-auto-discovery

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/docs/reference/security-faq.md`:
- Line 171: Update the sentence about project-scoped MCP configs to reflect that
they are auto-loaded by default (not disabled); mention the opt-out flag
experimental.auto_mcp_discovery: false to disable auto-loading, and clarify that
the /discover-and-add-mcps tool is used for manual discovery/approval workflows
or when auto-discovery is turned off rather than as a required step for every
server.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 1db58543-eb67-469d-9cf0-3dabebcc00fc

📥 Commits

Reviewing files that changed from the base of the PR and between d19d813 and 934fdf5.

📒 Files selected for processing (1)

• docs/docs/reference/security-faq.md

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Search for the discover-and-add-mcps tool definition

# Search for tool registrations and definitions related to MCP discovery
rg -n 'discover.*add.*mcp|discover-and-add-mcp' packages/opencode/src/

# Also check tool registration patterns
ast-grep --pattern 'name: "discover-and-add-mcps"' packages/opencode/src/
ast-grep --pattern '"discover-and-add-mcps"' packages/opencode/src/

Repository: AltimateAI/altimate-code

Length of output: 420

---

Project-scoped MCP configs are auto-loaded by default, not disabled.

The documentation states that project-scoped configs are "disabled by default" and must be "explicitly approved via the /discover-and-add-mcps tool before they run." However, the implemented behavior auto-loads them at startup without per-server trust prompts. The opt-out is the experimental.auto_mcp_discovery: false flag. The tool name /discover-and-add-mcps is correctly referenced; update the description to match the actual default behavior (auto-loaded) and clarify when the tool is used versus when auto-discovery occurs.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/docs/reference/security-faq.md` at line 171, Update the sentence about
project-scoped MCP configs to reflect that they are auto-loaded by default (not
disabled); mention the opt-out flag experimental.auto_mcp_discovery: false to
disable auto-loading, and clarify that the /discover-and-add-mcps tool is used
for manual discovery/approval workflows or when auto-discovery is turned off
rather than as a required step for every server.