Skip to content

Commit d4aa99d

Browse files
gfraiteurclaude
andcommitted
Tell the MCP risk analyzer that read-only git commands are pre-approved
The AI reviewer was rejecting git pushes claiming "tool constraints prevent git diff execution", even though the Claude CLI is invoked with git log/diff/ status/show on its --allowedTools list. Strengthen the prompt to state these commands are pre-approved and will execute, and that the model must never reject merely because it believes it cannot inspect the diff. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
1 parent ea31c7f commit d4aa99d

1 file changed

Lines changed: 15 additions & 5 deletions

File tree

src/PostSharp.Engineering.McpApprovalServer/Mcp/Services/RiskAnalyzer.cs

Lines changed: 15 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,13 @@ public sealed class RiskAnalyzer
3535
- `git reset --hard`: HIGH risk - can lose uncommitted work
3636
3737
### Git Push Content Analysis
38-
When a `git push` is requested, you have read access to the working directory.
38+
When a `git push` is requested, you have read access to the working directory and the
39+
read-only git commands `git log`, `git diff`, `git status` and `git show` are
40+
PRE-APPROVED and WILL execute — you can and must run them. They are part of your own
41+
tool allow-list and have nothing to do with the command being reviewed, so never reject
42+
or downgrade a request on the grounds that you "cannot run `git diff`" or that "tool
43+
constraints prevent diff inspection". If you believe you cannot inspect the diff, you are
44+
mistaken: just run the command.
3945
Inspect the commits that would be pushed yourself by running, for example:
4046
- `git log --oneline @{upstream}..HEAD` to list the commits
4147
- `git diff @{upstream}..HEAD` to see the actual changes
@@ -373,9 +379,11 @@ private static async Task<string> BuildAnalysisPromptAsync(
373379

374380
sb.AppendLine();
375381

376-
sb.AppendLine( "You have read access to the working directory above. Use the Read, Grep, Glob and read-only git" );
377-
sb.AppendLine( "commands (e.g. `git log`, `git diff`, `git status`, `git show`) to inspect files and pending commits" );
378-
sb.AppendLine( "yourself when you need more context to assess the risk." );
382+
sb.AppendLine( "You have read access to the working directory above. The Read, Grep, Glob tools and the" );
383+
sb.AppendLine( "read-only git commands `git log`, `git diff`, `git status` and `git show` are PRE-APPROVED" );
384+
sb.AppendLine( "and WILL execute — run them yourself whenever you need more context to assess the risk." );
385+
sb.AppendLine( "These tools are on your own allow-list and are unrelated to the command under review, so do" );
386+
sb.AppendLine( "NOT reject or escalate merely because you think you cannot inspect files or the diff: you can." );
379387
sb.AppendLine();
380388

381389
// Session history
@@ -406,11 +414,13 @@ private static async Task<string> BuildAnalysisPromptAsync(
406414
if ( IsGitPushCommand( command ) )
407415
{
408416
sb.AppendLine( "5. **CRITICAL FOR GIT PUSH**: Inspect the pending commits yourself with `git log @{upstream}..HEAD`" );
409-
sb.AppendLine( " and `git diff @{upstream}..HEAD`, then analyze the diff for:" );
417+
sb.AppendLine( " and `git diff @{upstream}..HEAD` (both are pre-approved and will execute), then analyze the diff for:" );
410418
sb.AppendLine( " - Secrets, API keys, passwords, tokens, or credentials" );
411419
sb.AppendLine( " - Inappropriate language, profanity, or unprofessional comments" );
412420
sb.AppendLine( " - Security vulnerabilities or suspicious code patterns" );
413421
sb.AppendLine( " - If ANY secrets or inappropriate content found: REJECT immediately" );
422+
sb.AppendLine( " Never reject the push on the grounds that you could not run `git diff` or inspect the changes —" );
423+
sb.AppendLine( " the command is available to you; actually run it before deciding." );
414424
}
415425

416426
sb.AppendLine();

0 commit comments

Comments
 (0)