feat(mcp): content_policy gate on create_idea + dispatch-defense (sub-project C, Phase 2) #53
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "feat/copilot-content-policy-mcp"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Sub-project C, Phase 2 - wires the AVG content-policy gate into the MCP idea-intake.
What
vendor/scrum4me-sharede29f3cd -> 9a0a0bd. mcp was behind (vendored #14); this syncs it to main, bringing #15 (copilot-roles: AccessLevel/CopilotAppUser/ProductMember.role+access) and #16 (content_policy + checker). 41 additive insertions to the generatedprisma/schema.prisma, 0 deletions. Baseline after the bump alone: typecheck clean, 805/805.create_ideagate (src/tools/create-idea.ts): after the access check, loadsproduct.content_policy,parseContentPolicy(fail-closed on malformed),checkContentPolicy(title + description); refuses withtoolErrorbefore any idea is created.src/lib/dispatch/idea-jobs.ts): re-checks the idea content against the product policy before dispatching anIDEA_*job (defense-in-depth for ideas that entered via an ungated path), throwingDispatchErroron a hit. Fail-closed.Tests
6 new (3 create_idea: forbidden refused / no-policy allowed / malformed fail-closed; 3 dispatch-defense: forbidden refused / clean allowed / malformed fail-closed). Full suite: typecheck clean, 811/811.
Notes
@shared/content-policy) was reviewed on scrum4me-shared #16 (3 codex + 3 adversarial rounds + 154 schema). This PR only wires it in.content_policy, so it must not deploy before the column is live (migrate-first).🤖 Generated with Claude Code