Add native MCP config format, replace vmcp YAML#42
Merged
Conversation
JAORMX
force-pushed
the
feat/native-mcp-config-format
branch
from
38e26f8 to
b3b886d
Compare
jhrozek
reviewed
Mar 16, 2026
Contributor
jhrozek
left a comment
jhrozek
left a comment
There was a problem hiding this comment.
Review finding: security consideration around workspace-local agent overrides and MCP.Config propagation.
jhrozek
reviewed
Mar 16, 2026
Replace the vmcp config pass-through (`--mcp-config` accepting raw vmcp
YAML with `groupRef`, `incomingAuth.type`, etc.) with a simpler
brood-box-native format that exposes only the two sections we use:
`authz.policies` (Cedar policies) and `aggregation` (tool conflict
resolution).
Before:
groupRef: default
incomingAuth:
type: anonymous
authz:
type: cedar
policies: [...]
After:
authz:
policies: [...]
- Add MCPFileConfig domain types with Validate()
- Add config loader (YAML file → MCPFileConfig)
- Add translation layer (MCPFileConfig → vmcp types)
- Infer custom profile when config has Cedar policies
- Support inline mcp.config in global config YAML
- Update docs and CLAUDE.md examples
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Address PR review feedback: - Strip MCP.Config and MCP.Authz from workspace-local agent overrides in MergeConfigs to prevent Cedar policy injection via per-agent config - Move --mcp-authz-profile validation before MCP wiring block for clearer early errors on invalid profiles Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
JAORMX
force-pushed
the
feat/native-mcp-config-format
branch
from
b3b886d to
5396de9
Compare
jhrozek
approved these changes
Mar 16, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
--mcp-configaccepting raw vmcp YAML withgroupRef,incomingAuth.type, etc.) with a simpler brood-box-native format that exposes only the two sections we use:authz.policies(Cedar policies) andaggregation(tool conflict resolution)customauthz profile automatically when the MCP config contains Cedar policies — no need to pass--mcp-authz-profile customseparatelymcp.configin the global config YAML as an alternative to--mcp-configfile pathBefore:
After:
Changes by layer
pkg/domain/config/config.goMCPFileConfig,MCPFileAuthzConfig,MCPAggregationConfig,MCPWorkloadToolConfig,MCPToolOverridetypes withValidate();MCPConfig.ConfigPath→MCPConfig.Config *MCPFileConfiginternal/infra/mcp/configloader.goLoadMCPFileConfig(path)— reads YAML, validates, returns(nil, nil)for missing filesinternal/infra/mcp/translate.gotranslateAggregation()andtranslateAuthz()— converts brood-box snake_case to vmcp camelCase typesinternal/infra/mcp/provider.goconfigPath stringwithmcpConfig *MCPFileConfig; use translation instead of vmcp YAML loaderinternal/infra/mcp/profiles.gopkg/sandbox/sandbox.goresolveMCPConfigusesConfiginstead ofConfigPathcmd/bbox/main.goLoadMCPFileConfig, implicit custom profile inference, updated flag help textUSER_GUIDE.md,CLAUDE.mdTest plan
task verifypasses (fmt + lint + test, 0 issues, 0 failures)TestMCPFileConfig_Validate(14 cases),configloader_test.go(7 cases),translate_test.go(7 cases)main_test.goMCP override test,profiles_test.goerror messagebbox-mcp.yamlwith Cedar policies, verifybbox claude-code --mcp-config ./bbox-mcp.yamlworks--mcp-authz-profileneeded)mcp.config:struct in global config parses correctly🤖 Generated with Claude Code