UNPKG

@sebastienrousseau/dotfiles

Version:

The Trusted Shell Platform — Universal dotfiles managed by Chezmoi. Features Bash & Zsh for macOS, Linux & WSL. Rust modern tooling & enterprise-grade security.

dotfiles.io

sebastienrousseau/dotfiles

79 lines (54 loc) 2.25 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
--- render_with_liquid: false --- # MCP Policy MCP is treated as a controlled execution boundary. ## Default posture The tracked default is `strict-local`. Properties: - local-first - least privilege - no broad filesystem roots - no wildcard or unsafe flags - no network-facing MCP servers enabled by default - machine-readable validation output ## Policy artifact The source of truth lives in [mcp-policy.json](/home/seb/.dotfiles/dot_config/dotfiles/mcp-policy.json). Approved package pins live in [mcp-lock.json](/home/seb/.dotfiles/dot_config/dotfiles/mcp-lock.json). Tracked server registry entries live in [mcp-registry.json](/home/seb/.dotfiles/dot_config/dotfiles/mcp-registry.json). Current defaults: - Allowed launchers: `npx`, `node`, `uvx` - Trusted transports: `stdio`, `http` - Blocked filesystem roots: `/`, `/home`, `/Users` - Blocked argument patterns: `^--allow-.*`, `^--unsafe$`, `^\\*$` - Network-facing servers disabled by default: `github`, `brave-search`, `fetch`, `puppeteer`, `filesystem` - Approved packages must resolve through the tracked MCP lock manifest - Every active server must match the tracked MCP registry - HTTP transports must use `https://` and registry-declared OAuth2 ## Validation Run: ```bash dot mcp --strict dot mcp -s -j dot mcp registry ``` The JSON form is the audit artifact for CI, release validation, and workstation attestation. ## Change control Any change to MCP policy requires: 1. A signed commit 2. A matching test update 3. A release note if the effective trust boundary changes 4. A policy bundle review when enterprise defaults change ## Supply-chain controls Phase 2 adds explicit package locking for default MCP servers. Current approved refs: - `mcp-server-git@2025.1.14` - `@modelcontextprotocol/server-memory@2025.8.4` - `mcp-server-sqlite@2025.1.14` `dot mcp --strict` and `dot mcp -s` now verify that: - package refs are version-pinned - the pinned refs match the tracked lock manifest - non-approved package refs are rejected in strict mode - active servers match the tracked registry entries - remote HTTP transports are HTTPS and OAuth-backed Policy bundle baselines live in [policy-bundles.json](/home/seb/.dotfiles/dot_config/dotfiles/policy-bundles.json).