docs: update safety and boundary docs for Jenkins/GlitchTip (#79) (#89)

Co-authored-by: Jason Walker <913443@dadeschools.net>
Co-committed-by: Jason Walker <913443@dadeschools.net>
This commit was merged in pull request #89.
This commit is contained in:
2026-07-02 14:21:49 -05:00
committed by sysadmin
parent 4f5b732741
commit 0a61e8a92d
3 changed files with 11 additions and 2 deletions
+8
View File
@@ -13,3 +13,11 @@ To maintain a secure environment, all secrets, tokens, passwords, and sensitive
- System and application logs
- Tool return values/outputs
- Any form of persistent storage or console output
## 4. Read-Only First Policy
By default, MCP servers (such as `jenkins-mcp` and `ops-mcp`) operate in a **read-only** mode. Mutation capabilities are deny-by-default and fail-closed.
## 5. Mutation Gating
Any mutating action (e.g., Gitea issue creation from GlitchTip, or Jenkins builds) must be explicitly allowed by the execution profile.
- **Jenkins build triggers** are explicitly deferred for phase 1.
- **GlitchTip to Gitea issue filing** is documented as a gated, orchestrated workflow, not a direct unprompted automatic action.