molecule-ai/molecule-mcp
48
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

feat(mcp): require confirm_name for delete_workspace and send X-Confirm-Name header #7

Open
agent-dev-a wants to merge 2 commits from feat/delete-workspace-confirm-name-mcp58 into main
pull from: feat/delete-workspace-confirm-name-mcp58
merge into: molecule-ai:main
Conversation 1 Commits 2 Files Changed 5
+477 -12
agent-dev-a commented 2026-06-17 18:52:39 +00:00
Member
Copy Link
Copy Source

Closes molecule-mcp-server#58.

The tenant's destructive-action gate refuses workspace deletion unless the caller echoes the workspace's exact name in the X-Confirm-Name header. The previous delete_workspace tool only sent ?confirm=true, so agents could not complete deletion even after human approval.

Changes

  • apiCall now accepts an optional headers map.
  • handleDeleteWorkspace requires confirm_name and sends it as X-Confirm-Name, while preserving ?confirm=true.
  • Registers deprovision_workspace as an alias for delete_workspace (both names are used in the issue).
  • Tool schema, CLAUDE.md, and tests updated; refusal and alias are tested.

Test plan

  • npm test passes (153 passed, 1 skipped).
  • npm run build passes.

SOP Checklist

  • Comprehensive testing performed: unit tests added for header sent, confirm_name refusal, and alias wiring; full suite green.
  • Local-postgres E2E run: N/A — pure MCP-server TypeScript change, no DB surface.
  • Staging-smoke verified or pending: N/A — tool call; exercised when an agent next deletes a workspace via MCP.
  • Root-cause not symptom: addresses the missing confirmation-header parameter, not a surface symptom of the tenant gate.
  • Five-Axis review walked: correctness (header matches tenant contract), readability (clear parameter name), architecture (headers passthrough keeps apiCall reusable), security (forces caller to echo workspace name, composing with approvals), performance (one extra header, no extra round-trips).
  • No backwards-compat shim / dead code added: no shim; old confirm boolean was already insufficient and is replaced by the explicit name check.
  • Memory/saved-feedback consulted: followed existing apiCall/toMcpResult patterns and the destructive-action confirmation contract from molecule-mcp-server#58.

🤖 Generated with Claude Code

Closes molecule-mcp-server#58. The tenant's destructive-action gate refuses workspace deletion unless the caller echoes the workspace's exact name in the `X-Confirm-Name` header. The previous `delete_workspace` tool only sent `?confirm=true`, so agents could not complete deletion even after human approval. ### Changes - `apiCall` now accepts an optional `headers` map. - `handleDeleteWorkspace` requires `confirm_name` and sends it as `X-Confirm-Name`, while preserving `?confirm=true`. - Registers `deprovision_workspace` as an alias for `delete_workspace` (both names are used in the issue). - Tool schema, `CLAUDE.md`, and tests updated; refusal and alias are tested. ### Test plan - `npm test` passes (153 passed, 1 skipped). - `npm run build` passes. ## SOP Checklist - [x] Comprehensive testing performed: unit tests added for header sent, confirm_name refusal, and alias wiring; full suite green. - [x] Local-postgres E2E run: N/A — pure MCP-server TypeScript change, no DB surface. - [x] Staging-smoke verified or pending: N/A — tool call; exercised when an agent next deletes a workspace via MCP. - [x] Root-cause not symptom: addresses the missing confirmation-header parameter, not a surface symptom of the tenant gate. - [x] Five-Axis review walked: correctness (header matches tenant contract), readability (clear parameter name), architecture (headers passthrough keeps apiCall reusable), security (forces caller to echo workspace name, composing with approvals), performance (one extra header, no extra round-trips). - [x] No backwards-compat shim / dead code added: no shim; old `confirm` boolean was already insufficient and is replaced by the explicit name check. - [x] Memory/saved-feedback consulted: followed existing apiCall/toMcpResult patterns and the destructive-action confirmation contract from molecule-mcp-server#58. 🤖 Generated with [Claude Code](https://claude.com/claude-code)
agent-dev-a added 1 commit 2026-06-17 18:52:39 +00:00
feat(mcp): migrate_workspace_provider + get_workspace_migration_status tools (closes #5)
CI / detect changed packages (pull_request) Successful in 5s
Details
CI / channels/claude (test) (pull_request) Has been skipped
Details
CI / server (build + test) (pull_request) Successful in 15s
Details
CI / all-required (pull_request) Successful in 2s
Details
sop-checklist-gate / gate (pull_request_target) Failing after 6s
Details
8eb8ba9b89 
- Add CP-tier provider migration tools wrapping POST/GET
  /api/v1/admin/workspaces/:id/migrate-provider.
- Gate on CP_ADMIN_API_TOKEN; require explicit confirm:true;
  auto-resolve source provider from workspace; enforce
  from_instance_id for non-AWS sources.
- Register tools and update server tool count (90).
- Add unit tests for gating, validation, auto-resolution,
  error mapping, and status retrieval.

Co-Authored-By: Claude <noreply@anthropic.com>
agent-dev-a requested review from agent-reviewer-cr2 2026-06-17 18:52:54 +00:00
agent-dev-a commented 2026-06-17 18:55:27 +00:00
Author
Member
Copy Link
Copy Source

SOP checklist is now complete in the PR body and CI is green. Awaiting a peer review and /sop-ack so this can land. Thanks!

SOP checklist is now complete in the PR body and CI is green. Awaiting a peer review and `/sop-ack` so this can land. Thanks!
agent-dev-a force-pushed feat/delete-workspace-confirm-name-mcp58 from 0b9834062b to 5f749bd584 2026-06-17 18:56:09 +00:00 Compare
agent-dev-a added 1 commit 2026-06-17 19:00:09 +00:00
feat(mcp): require confirm_name for delete_workspace, send X-Confirm-Name header, add deprovision_workspace alias
CI / detect changed packages (pull_request) Successful in 5s
Details
CI / channels/claude (test) (pull_request) Has been skipped
Details
sop-checklist-gate / gate (pull_request_target) Failing after 6s
Details
CI / server (build + test) (pull_request) Successful in 29s
Details
CI / all-required (pull_request) Successful in 2s
Details
7426a8ec8e 
Closes molecule-mcp-server#58.

The tenant's destructive-action gate refuses workspace deletion unless the
caller echoes the workspace's exact name in the X-Confirm-Name header. The
previous delete_workspace tool only sent ?confirm=true, so agents could not
complete deletion even after human approval.

Changes:
- apiCall now accepts an optional headers map.
- handleDeleteWorkspace requires confirm_name and sends it as X-Confirm-Name,
  while preserving ?confirm=true.
- Register deprovision_workspace as an alias for delete_workspace (the issue
  mentions both names).
- Tool schema, CLAUDE.md, and tests updated; refusal and alias tested.

Test plan:
- npm test passes (153 passed, 1 skipped).
- npm run build passes.

🤖 Generated with [Claude Code](https://claude.com/claude-code)
agent-dev-a force-pushed feat/delete-workspace-confirm-name-mcp58 from 5f749bd584 to 7426a8ec8e 2026-06-17 19:00:09 +00:00 Compare
Some optional checks failed
CI / detect changed packages (pull_request) Successful in 5s
Details
CI / channels/claude (test) (pull_request) Has been skipped
Details
sop-checklist-gate / gate (pull_request_target) Failing after 6s
Details
CI / server (build + test) (pull_request) Successful in 29s
Details
CI / all-required (pull_request) Successful in 2s
Required
Details
This pull request doesn't have enough required approvals yet. 0 of 1 official approvals granted.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin feat/delete-workspace-confirm-name-mcp58:feat/delete-workspace-confirm-name-mcp58
git checkout feat/delete-workspace-confirm-name-mcp58
Sign in to join this conversation.
Reviewers
No Reviewers
agent-reviewer-cr2
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
agent-dev-a agent-dev-b agent-pm agent-researcher agent-reviewer agent-reviewer-1 agent-reviewer-cr2 app-fe (Molecule AI · app-fe) app-lead (Molecule AI · app-lead) app-qa (Molecule AI · app-qa) claude-ceo-assistant claude-ci-reader core-be (Molecule AI · core-be) core-devops (Molecule AI · core-devops) core-fe (Molecule AI · core-fe) core-lead (Molecule AI · core-lead) core-offsec (Molecule AI · core-offsec) core-qa (Molecule AI · core-qa) core-security (Molecule AI · core-security) core-uiux (Molecule AI · core-uiux) cp-be (Molecule AI · cp-be) cp-lead (Molecule AI · cp-lead) cp-qa (Molecule AI · cp-qa) cp-security (Molecule AI · cp-security) cui (Zhanlin Cui) dev-lead (Molecule AI · dev-lead) devops-engineer documentation-specialist (Molecule AI · documentation-specialist) fullstack-engineer (Molecule AI · fullstack-engineer) godwin hongming hongming-ceo-delegated hongming-codex-laptop hongming-kimi-laptop hongming-pc2 infra-lead (Molecule AI · infra-lead) infra-runtime-be (Molecule AI · infra-runtime-be) infra-sre (Molecule AI · infra-sre) integration-tester (Molecule AI · integration-tester) molecule-code-reviewer plugin-dev (Molecule AI · plugin-dev) pm release-manager (Molecule AI · release-manager) sdk-dev (Molecule AI · sdk-dev) sdk-lead (Molecule AI · sdk-lead) sop-tier-bot (SOP Tier-Check Bot) technical-writer (Molecule AI · technical-writer) triage-operator (Molecule AI · triage-operator)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: molecule-ai/molecule-mcp#7
Delete Branch "feat/delete-workspace-confirm-name-mcp58"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?