Block direct imports and raw API mutation paths outside sanctioned MCP daemon #558

Closed
opened 2026-07-08 15:04:27 -05:00 by jcwalker3 · 1 comment
Owner

Problem Description

To prevent bypasses and ensure all operations conform strictly to the security policies, roles, and preflight purity checks of the Gitea Tools server, we must prevent direct imports/execution of the server code modules (like gitea_mcp_server) and raw API fallback mutations outside the sanctioned persistent daemon environment.

During debugging of deadlocks, scripts/commands directly imported python modules and set environment variables, or ran curl requests with credentials extracted from the keychain. This bypasses the preflight purity gates and violates the workflow hygiene constraints.

Required Resolution

  1. Module Import Guards: Implement execution guards inside gitea_mcp_server.py and other mutation modules that check if the module is being imported/run outside the official MCP server process (e.g. verify that the parent process or process environment matches the IDE daemon process, or raise an error if imported directly in a terminal shell session).
  2. Keychain Access Security: Harden keychain lookup to prevent raw token extraction scripts from running outside authorized contexts.
### Problem Description To prevent bypasses and ensure all operations conform strictly to the security policies, roles, and preflight purity checks of the Gitea Tools server, we must prevent direct imports/execution of the server code modules (like `gitea_mcp_server`) and raw API fallback mutations outside the sanctioned persistent daemon environment. During debugging of deadlocks, scripts/commands directly imported python modules and set environment variables, or ran curl requests with credentials extracted from the keychain. This bypasses the preflight purity gates and violates the workflow hygiene constraints. ### Required Resolution 1. **Module Import Guards:** Implement execution guards inside `gitea_mcp_server.py` and other mutation modules that check if the module is being imported/run outside the official MCP server process (e.g. verify that the parent process or process environment matches the IDE daemon process, or raise an error if imported directly in a terminal shell session). 2. **Keychain Access Security:** Harden keychain lookup to prevent raw token extraction scripts from running outside authorized contexts.
jcwalker3 added the status:in-progress label 2026-07-08 21:48:29 -05:00
Author
Owner

Issue claim heartbeat

<!-- gitea-issue-claim-heartbeat:v1 --> **Issue claim heartbeat** - kind: claim - issue: #558 - branch: feat/issue-558-block-direct-imports - phase: claimed - profile: prgs-author - pr: none - blocker: none - next_action: create worktree and begin implementation
sysadmin removed the status:in-progress label 2026-07-09 08:08:46 -05:00
Sign in to join this conversation.
No labels
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Scaled-Tech-Consulting/Gitea-Tools#558