MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-05-15 14:23:02 -07:00
Code Issues Packages Projects Releases Wiki Activity

format files

Browse Source
This commit is contained in:
A.K.M. Adib
2026-03-30 18:14:08 -04:00
parent 7865d06fad
commit 38213d910c
5 changed files with 14 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/reference/policy-engine.md
+4 -1
View File
@@ -439,7 +439,10 @@ The Gemini CLI ships with a set of default policies to provide a safe
out-of-the-box experience.
- **Read-only tools** (like `read_file`, `glob`) are generally **allowed**.
- **MCP Read-only tools**: MCP tools that explicitly declare themselves as read-only via the `readOnlyHint` annotation are automatically allowed, but **only if tool sandboxing is enabled**. If sandboxing is disabled, they default to `ask_user`.
- **MCP Read-only tools**: MCP tools that explicitly declare themselves as
read-only via the `readOnlyHint` annotation are automatically allowed, but
**only if tool sandboxing is enabled**. If sandboxing is disabled, they
default to `ask_user`.
- **Agent delegation** defaults to **`ask_user`** to ensure remote agents can
prompt for confirmation, but local sub-agent actions are executed silently and
checked individually.
docs/tools/mcp-server.md
+5 -1
View File
@@ -653,7 +653,11 @@ When confirmation is required, users can choose:
#### Read-only bypass
If an MCP tool provides a `readOnlyHint` in its metadata (annotations) AND tool sandboxing is enabled, the Gemini CLI will automatically execute it without prompting for confirmation, regardless of the configured approval mode. This ensures a seamless experience for safe, data-fetching operations while maintaining system security.
If an MCP tool provides a `readOnlyHint` in its metadata (annotations) AND tool
sandboxing is enabled, the Gemini CLI will automatically execute it without
prompting for confirmation, regardless of the configured approval mode. This
ensures a seamless experience for safe, data-fetching operations while
maintaining system security.
### 3. Execution
packages/cli/src/commands/mcp/add.test.ts
+3 -1
View File
@@ -113,7 +113,9 @@ describe('mcp add command', () => {
},
});
const debugLoggerWarnSpy = vi.spyOn(debugLogger, 'warn').mockImplementation(() => {});
const debugLoggerWarnSpy = vi
.spyOn(debugLogger, 'warn')
.mockImplementation(() => {});
await parser.parseAsync('add sandbox-server /path/to/server');
packages/cli/src/commands/mcp/add.ts
+2 -1
View File
@@ -153,7 +153,8 @@ async function addMcpServer(
sanitizationConfig: {
enableEnvironmentVariableRedaction: true,
allowedEnvironmentVariables: [],
blockedEnvironmentVariables: settings.merged.advanced?.excludedEnvVars ?? [],
blockedEnvironmentVariables:
settings.merged.advanced?.excludedEnvVars ?? [],
},
emitMcpDiagnostic: () => {},
isTrustedFolder: () => true,
packages/core/src/tools/mcp-client.ts
-1
View File
@@ -2406,4 +2406,3 @@ export function isEnabled(
)
);
}