MCPcopy
hub / github.com/colbymchenry/codegraph / toolAllowlist

Method toolAllowlist

src/mcp/tools.ts:900–906  ·  view source on GitHub ↗

* Optional allowlist of exposed tools, parsed from the CODEGRAPH_MCP_TOOLS * env var (comma-separated short names, e.g. "trace,search,node,context"). * Unset/empty → every tool is exposed. Lets an operator (or an A/B harness) * trim the tool surface without rebuilding the client config; the

()

Source from the content-addressed store, hash-verified

898 * Matching is on the short form, so "node" and "codegraph_node" both work.
899 */
900 private toolAllowlist(): Set<string> | null {
901 const raw = process.env.CODEGRAPH_MCP_TOOLS;
902 if (!raw || !raw.trim()) return null;
903 const short = (s: string) => s.trim().replace(/^codegraph_/, '');
904 const set = new Set(raw.split(',').map(short).filter(Boolean));
905 return set.size ? set : null;
906 }
907
908 /** Whether a tool name passes the CODEGRAPH_MCP_TOOLS allowlist (if any). */
909 private isToolAllowed(name: string): boolean {

Callers 2

isToolAllowedMethod · 0.95
getToolsMethod · 0.95

Calls

no outgoing calls

Tested by

no test coverage detected