fix: remove bogus /v1/pdp/evaluate default from PDP config

[beonde]

Problem

MCPServerIdentity.connect() was defaulting pdp_endpoint to {server_url}/v1/pdp/evaluate — an endpoint that doesn't exist. This was added yesterday as a WIP placeholder in commit 8b222e3 ("wip: per-request PDP approach (to be replaced by env-var wiring)").

The bogus default caused the guard's Phase 2 org-policy check to silently fail (HTTP 404), meaning org policy overrides (lockdown, selective) had no effect — only hardcoded @guard min_trust_level values applied.

This broke the policy-demo's Phase 2 (Lockdown) and Phase 3 (Selective) scenarios.

Fix

Default pdp_endpoint to empty string instead. Policy evaluation is local: the Go core fetches the OPA bundle via CAPISCIO_BUNDLE_URL and evaluates it with its embedded OPA engine. The pdp_endpoint should only be set when an explicit remote PDP service is deployed.

Architecture reminder

Client (Python SDK)
  └─ @guard decorator
       └─ Phase 1: inline trust-level check (gRPC → Go core EvaluateToolAccess)
       └─ Phase 2: org policy check (gRPC → Go core EvaluatePolicyDecision)
                        └─ Go core loads OPA bundle from CAPISCIO_BUNDLE_URL
                        └─ Evaluates policy LOCALLY with embedded OPA
                        └─ pdp_endpoint is ONLY for optional remote PDP fallback

[github-actions]

✅ Integration tests passed! capiscio-core gRPC tests working.

[Copilot]

Pull request overview

This PR aims to fix org-policy enforcement configuration during MCPServerIdentity.connect() by removing a previously introduced default PDP endpoint ({server_url}/v1/pdp/evaluate) that does not exist, and by documenting/logging that policy evaluation is intended to be local (via the Go core + OPA bundle) unless a remote PDP is explicitly configured.

Changes:

• Update connect() parameter docs for pdp_endpoint to describe it as an optional remote PDP URL.
• Change the effective PDP endpoint default from a derived URL to an empty string.
• Adjust logging to distinguish between “remote PDP configured” vs “local OPA bundle” modes.

[github-actions]

✅ Integration tests passed! capiscio-core gRPC tests working.

[beonde]

Addressing the two Copilot review comments about Phase 2 being disabled when pdp_endpoint is empty:

This is intentional and architecturally correct. The guard has two evaluation phases:

• Phase 1 (Go core EvaluateToolAccess): Handles badge verification AND local OPA policy evaluation via the pdpClient. This is initialized when the Go binary is built with -tags opa_no_wasm and receives a policy bundle via CAPISCIO_BUNDLE_URL. Phase 1 runs regardless of pdp_endpoint.

• Phase 2 (Python _evaluate_org_policy): A remote PDP call, gated on pip_cfg.pdp_endpoint being truthy. This is for external/remote policy decision points (future use case).

Before this PR, pdp_endpoint defaulted to f"{server_url}/v1/pdp/evaluate" — a non-existent endpoint that returned 404 silently. Now it defaults to "", which correctly skips the remote Phase 2 call while Phase 1 (local OPA) handles policy enforcement.

The docstring comment about "local OPA bundle evaluation" refers to Phase 1's behavior, not Phase 2. I'll update the docstring for clarity.

Verified end-to-end: the policy-demo runs successfully with EM-GUARD enforcement mode, local OPA bundle loaded, and policies enforced — all via Phase 1.