Rectify: Fleet Tag Visibility Leak — Startup Disable Invariant Immunity#3363
Merged
Trecek merged 4 commits intoMay 31, 2026
Merged
Conversation
Add test_startup_disables_all_visibility_tags (AST-level structural guard) asserting that server/__init__.py uses a for-loop over ALL_VISIBILITY_TAGS rather than hardcoded mcp.disable() calls. Add 5 negative-visibility regression tests to TestSessionTypeVisibility asserting fleet/fleet-dispatch tools are absent from non-fleet session types.
Replace two hardcoded mcp.disable(tags={"kitchen"}) and mcp.disable(tags={"plan-review"})
calls in server/__init__.py with a single loop over ALL_VISIBILITY_TAGS. This ensures fleet,
fleet-dispatch, kitchen-core, and headless tags are also disabled at startup, preventing
fleet tools from being visible in non-fleet sessions. Update server/CLAUDE.md to reflect
the new startup behavior, correct the ALL_VISIBILITY_TAGS listing (add plan-review), fix
the wrong filename reference (_type_constants.py → _type_constants_registries.py), and
update the anomalies and tool gating matrix entries.
…sables_all_visibility_tags Replace boolean `canonical_loop_found` flag with integer `canonical_loop_count` counter and change the assertion to `== 1`, enforcing that server/__init__.py has exactly one qualifying ALL_VISIBILITY_TAGS for-loop rather than at least one. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…tants Update Registry Constants header to reference _type_constants_registries.py (not _type_constants.py) and fix FLEET_DISPATCH_TOOLS description from "always tag-visible" to "hidden at startup" — aligning with the gating matrix and actual startup behavior. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Trecek
force-pushed
the
fleet-tag-visibility-leak-fleet-fleet-dispatch-tags-never-di/3337
branch
from
8fbb4a9 to
bcc2a7b
Compare
Trecek
deleted the
fleet-tag-visibility-leak-fleet-fleet-dispatch-tags-never-di/3337
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fleet-tagged and fleet-dispatch-tagged MCP tools are visible in
tools/listfor ALL session types becauseserver/__init__.pyonly disableskitchenandplan-reviewat startup — but_apply_session_type_visibility()assumes ALL conditional tags start disabled. The fix replaces manual per-tagmcp.disable()calls with a loop overALL_VISIBILITY_TAGS, matching what the test conftest already does, and adds an arch test that structurally prevents regression by asserting the startup disable set covers all conditionally-enabled tags.Closes #3337
Implementation Plan
Plan file:
/home/talon/projects/autoskillit-runs/remediation-20260530-161302-799487/.autoskillit/temp/rectify/rectify_fleet_tag_visibility_leak_2026-05-30_163500.md🤖 Generated with Claude Code via AutoSkillit
Token Usage Summary
* Step used a non-Anthropic provider; caching behavior may differ.
Token Efficiency
Model Usage Breakdown