Skip to content

MCP Track B Phase B3: expose initial read-only personal SimpleChat MCP tools #1018

Description

@Bionic711

Summary

Implement the initial read-only personal-scope inbound SimpleChat MCP tools from #1013 after the inbound auth/governance foundation is in place.

Initial Tool Set

  • show_user_profile
  • list_conversations
  • get_conversation_messages
  • list_personal_documents
  • list_personal_prompts
  • search_personal_documents
  • list_agent_template_tags

Scope

  • Reuse existing SimpleChat authorization helpers and service functions where possible.
  • Return minimized profile data; do not return raw token claims by default.
  • Ensure conversation and message access is limited to the delegated user or valid collaboration access.
  • Ensure personal documents/prompts are limited to the delegated user's personal workspace.
  • Restrict search to personal documents only.
  • Require pagination and maximum result limits.
  • Respect the agent template gallery feature flag for list_agent_template_tags.
  • Add audit logging per tool call without logging secrets or sensitive document/message content.

Acceptance Criteria

  • Each initial tool is explicit in the inbound MCP registry.
  • Each tool checks inbound MCP auth and governance before execution.
  • show_user_profile returns minimized profile data.
  • list_conversations returns only visible conversations for the delegated user.
  • get_conversation_messages rejects inaccessible conversations.
  • list_personal_documents returns only the delegated user's personal documents.
  • list_personal_prompts returns only the delegated user's personal prompts.
  • search_personal_documents enforces personal scope and bounded top_n.
  • list_agent_template_tags respects the agent template gallery feature flag.
  • Tests cover positive and negative access paths for every tool.

Notes

Parent: #1013
Depends on the inbound auth/governance foundation issue.
Planning doc: docs/explanation/features/MCP_PLUGIN_ROBUSTNESS_PLAN.md
Priority: P1
Size: L

Metadata

Metadata

Assignees

Labels

enhancementNew feature or requestsecurity_improvementThis issue results in an improvement to security

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
Pending Evaluation

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions