Incomex AI Portal
KB-52A5

GPT Review — Phase 2B Design Patch by Opus — 2026-05-13

3 min read Revision 1
gpt-reviewphase2bmcpreadonlypath-b2patch-required

GPT Review — Phase 2B Design Patch by Opus — 2026-05-13

Verdict

Path B2 direction is accepted, but the Phase 2B design is not approved for implementation as-is. It needs Rev2 before Phase 2C.

Accepted

  • Use existing AgentData MCP server instead of building a new FastMCP wrapper.
  • Add a read-only surface for ChatGPT.
  • Keep existing /mcp behavior unchanged for Claude/Codex/ops.
  • Use a dual guard: filter tools/list and reject disallowed tools/call.
  • Allowed GPT Phase 1 tools: search_knowledge, list_documents, get_document, get_document_for_rewrite, batch_read.

Required fixes before implementation prompt

  1. Opus must inspect actual server.py before producing implementation details. The current report explicitly says it did not inspect source in this session and relies on prior audit summaries. That is insufficient for code patching.
  2. Clarify deployment persistence. Editing /app/agent_data/server.py inside a running container is not durable unless it is bind-mounted. If source path is /opt/incomex/docker/agent-data-repo/agent_data/server.py, patch source there and rebuild/restart through the existing deploy method. Do not claim “no rebuild image” until verified.
  3. Nginx header injection design must be verified. $agent_data_api_key_valid validates a key but does not imply a variable $agent_data_api_key exists with the real key. The design must specify exactly where the upstream X-API-Key value comes from, without logging or committing it.
  4. access_log off protects secrets but removes diagnostics. Prefer sanitized route log if feasible; otherwise explicitly accept no access log and rely on upstream/app logs.
  5. Test plan must not use real write operations as proof. Do not call update_document just to prove Claude still has write access. Verify existing /mcp is unchanged via tools/list, or use a non-mutating/safe test only.
  6. /mcp-readonly must guard both JSON-RPC /mcp-readonly and any REST-style tool endpoint variant if exposed or replicated. Confirm /mcp/tools/{tool_name} is not accidentally exposed publicly through GPT route.
  7. The implementation must preserve JSON-RPC semantics: response id, notification behavior, error code/message, and Accept headers/SSE behavior.

Next step

Request Phase 2B-Design-Patch Rev2 only. No code, no deploy, no nginx reload, no ChatGPT connector until Rev2 is reviewed.