Skip to content

feat(security): harden mcp and action surfaces#43

Merged
JSONbored merged 1 commit into
mainfrom
codex/improve-tui-functionalities
May 6, 2026
Merged

feat(security): harden mcp and action surfaces#43
JSONbored merged 1 commit into
mainfrom
codex/improve-tui-functionalities

Conversation

@JSONbored
Copy link
Copy Markdown
Owner

@JSONbored JSONbored commented May 6, 2026

Summary

  • Upgrades Nightward’s MCP, action, Raycast, provider, TUI, release, and docs surfaces so users can actually take bounded actions instead of being pushed back to raw CLI commands.
  • Adds the Codex Security hardening pass for action writes, MCP inputs/paths, Raycast provider installs, backup snapshots, and npm archive extraction.

What changed

  • Added a shared Nightward action registry for disclosure, provider install/enable/disable, online-provider settings, schedule install/remove, backup snapshots, report/cache cleanup, and policy init/ignore-with-reason.
  • Expanded the MCP server into a schema-backed product surface with tools/resources/prompts, structured output, tool annotations, direct action apply, strict input validation, and scoped path checks.
  • Reworked Raycast and TUI action surfaces to preview/apply bounded registry actions with explicit confirmation.
  • Added Grype, Syft, and OpenSSF Scorecard provider support plus provider fixtures and mocked provider contract coverage.
  • Hardened state, audit, schedule, snapshot, and policy writes against symlinked Nightward-owned paths.
  • Hardened the npm launcher with archive-entry validation and optional strict Sigstore verification.
  • Replaced custom smoke/doc scripts with Vitest-backed suites for npm, Raycast, and site/docs contracts.
  • Updated MCP/Raycast/privacy/testing/threat-model/release docs and support matrix.

Why

  • The TUI, Raycast, and MCP surfaces were too informational and too easy to drift from CLI behavior.
  • Write-capable behavior needed one security boundary: disclosure acceptance, preview, confirmation, availability checks, redacted output, and audit logging.
  • The Codex Security pass found concrete pre-release hardening issues that needed fixes before calling this release secure.

Validation

  • make verify
  • make test-security
  • make fuzz-check skipped because cargo-fuzz is not installed
  • git diff --check
  • Final grep audit for direct shell provider install bypasses and stale release/security docs claims

Notes

  • Windows schedule install remains preview/fallback only.
  • Windows ARM64 remains deferred.
  • Live MCP/agent config mutation remains out of MCP v1 scope until preview, backup, rollback, and schema-specific tests exist.
  • Security scan artifacts were kept outside product docs under /tmp/codex-security-scans/nightward-2026-05-06/.

@JSONbored
feat(security): harden mcp and action surfaces
1afbab1 
Upgrade Nightward's MCP, TUI, Raycast, provider, release, and docs surfaces so write-capable behavior flows through the shared action registry with disclosure, confirmation, bounded paths, redaction, and audit logging.

Add regression coverage for MCP schemas/path scoping, Raycast provider install routing, symlink-safe state and snapshot writes, npm archive validation, provider fixtures, and docs contracts.

Signed-off-by: JSONbored <49853598+JSONbored@users.noreply.github.com>
@JSONbored JSONbored merged commit 3f9c2c8 into main May 6, 2026
15 checks passed
@JSONbored JSONbored deleted the codex/improve-tui-functionalities branch May 6, 2026 08:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@JSONbored