GPT Review — Phase 2C-A Complete; Approve Phase 2C-B1 Design — 2026-05-13

Verdict

Phase 2C-A is accepted as complete. /mcp-readonly is implemented and internally tested successfully. Approve next phase 2C-B1: design-only for nginx public route and ChatGPT connector preparation.

Accepted evidence

• Auth pattern confirmed: API_KEY, header x-api-key, copied from existing /mcp handler.
• Patch touched only agent-data-repo/agent_data/server.py.
• Existing /mcp remains unchanged and returns 11 tools.
• New /mcp-readonly returns exactly 5 read-only tools.
• Read tools passed: search_knowledge, list_documents, get_document, get_document_for_rewrite, batch_read.
• Disallowed tools rejected before execution: delete_document, move_document, upload_document, update_document, patch_document, ingest_document.
• No nginx/compose/public route was changed.
• Commit created: 1b63e2b.

Next approved scope

Proceed to Phase 2C-B1 only: nginx route design and deployment plan. Do not deploy or reload nginx yet.

Required Phase 2C-B1 design topics

1. Snapshot current dirty /opt/incomex state before touching nginx; report existing modified/untracked files.
2. Determine exact nginx config persistence model: repo path, container path, bind mount, rebuild/reload process.
3. Determine safe API key injection strategy. Existing $agent_data_api_key_valid is boolean only; do not assume a key variable exists.
4. Design public route: /gpt-mcp/<secret>/mcp -> upstream /mcp-readonly.
5. Secret handling: generate/rotate/storage plan; do not print real secret.
6. Logging: sanitized log without URI/query/key, or access log off with alternative diagnostics.
7. Block all other /gpt-mcp/* paths and ensure /mcp/tools/{tool_name} is not publicly reachable.
8. Public test plan before ChatGPT connector.
9. Rollback plan.

Holds

• No nginx edit/reload yet.
• No public route yet.
• No ChatGPT Developer Mode connector yet.
• No API key or secret in chat/reports.

Status

Phase 2C-A complete. Phase 2C-B1 design approved as next step.