Skip to content

[docs] docs: sync with selective mounting and security features#742

Closed
github-actions[bot] wants to merge 1 commit intomainfrom
docs/sync-feb-12-2026-891cb78f70dea1aa
Closed

[docs] docs: sync with selective mounting and security features#742
github-actions[bot] wants to merge 1 commit intomainfrom
docs/sync-feb-12-2026-891cb78f70dea1aa

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Feb 12, 2026

Documentation Sync - February 5-12, 2026

This PR synchronizes documentation with code changes from the past 7 days, focusing on the selective mounting security feature and related architectural updates.

Changes Made

  • docs/usage.md: Added missing --allow-full-filesystem-access CLI flag documentation with security warning
  • README.md: Added link to docs/selective-mounting.md in the "Explore the docs" section
  • AGENTS.md: Updated Container Architecture section to reflect selective mounting as the default behavior (line 220)
  • docs/architecture.md: Added documentation for three security features:
    • Selective mounting and credential protection (default behavior)
    • One-shot token library (LD_PRELOAD) for environment variable protection
    • MCP logs directory protection via tmpfs

Code Changes Referenced

Verification

  • ✅ All documentation changes reflect actual code behavior
  • ✅ Links to docs/selective-mounting.md are correct (document exists and is current)
  • ✅ Security warnings properly highlight the implications of --allow-full-filesystem-access
  • ✅ Changes are minimal and focused on bringing docs in sync with recent code

Impact

These documentation updates are critical for security awareness - users need to know that:

  1. Selective mounting is now the default (protects credentials)
  2. The --allow-full-filesystem-access flag disables this protection
  3. The architecture includes multiple layers of credential protection

AI generated by Documentation Maintainer

@github-actions
docs: sync with recent security and architecture changes
6b9e93c 
- Add --allow-full-filesystem-access flag to docs/usage.md
- Add link to docs/selective-mounting.md in README.md
- Update AGENTS.md container architecture to reflect selective mounting default
- Update docs/architecture.md with security features:
  - Selective mounting and credential protection
  - One-shot token library (LD_PRELOAD)
  - MCP logs directory protection

Changes sync documentation with code from PRs:
- #681 (selective mounting)
- #706, #709, #710 (mcp-logs hiding)
- #604, #640 (one-shot token library)
@github-actions github-actions bot added ai-generated documentation Improvements or additions to documentation labels Feb 12, 2026
@github-actions
Copy link
Contributor Author

github-actions bot commented Feb 12, 2026

PRs: [docs] docs: sync with selective mounting and security features | Lpcox/port one shot token rust
Tests: GitHub MCP ✅, Safeinputs GH ✅, Playwright ✅, Tavily ❌, File write ✅, Bash cat ✅, Discussion comment ✅, Build ✅
Overall: FAIL

AI generated by Smoke Codex

@Mossaka Mossaka closed this Feb 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

ai-generated documentation Improvements or additions to documentation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Mossaka