Roadmap: Task-scoped MCP execution profiles for LLM-operated Gitea workflows #10
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Context
MCP Control Plane should allow LLMs to handle routine Gitea workflow operations safely:
Roles should be fluid. A specific LLM should not be permanently assigned as “author,” “reviewer,” or “merger.”
Instead:
An LLM may perform different workflow roles only when operating through a task-appropriate MCP execution profile.
Desired model
Named Gitea MCP execution profiles:
Each profile must expose:
Required safety behavior
Before any mutating action, the MCP workflow must verify:
If identity cannot be verified, the workflow must fail closed.
Critical rule
A profile/session must not approve or merge a PR authored by the same authenticated Gitea user.
Relationship to MCP Control Plane security model
This roadmap builds on the security and trust-boundary model documented under issue #52.
It must preserve these rules:
Non-goals
Child issue checklist
Proposed labels
mcp·gitea·roadmap·security·dogfoodingDiscovered through dogfooding: while reviewing/merging PR #8 for issue #52, the LLM could inspect Gitea state but could not safely prove which Gitea account the MCP tool was authenticated as, blocking safe merge behavior.
Suggested implementation sequence
Rationale: #11 is the immediate blocker discovered during PR #8 dogfooding. Review/merge workflows (#14–#16) cannot safely proceed until the MCP can prove the authenticated Gitea identity. Audit logging (#18) lands before the runbooks (#17) so the documented workflows reference real audit behavior.
All child issues (#11 through #19) have been implemented, merged, and closed. The MCP Control Plane for Gitea is now complete. Closing this roadmap issue.