Make agentic installation safer#22
Conversation
There was a problem hiding this comment.
Code Review
This pull request updates the README.md to modify the prompt template used for installing the CodeAlive MCP server via an AI agent. It replaces the instruction to paste the API key directly into the prompt with a secure workflow where the agent retrieves the key from the clipboard. The review feedback suggests enhancing this prompt to instruct the agent to use silent commands when reading from the clipboard, preventing the API key from being exposed in command outputs or the model's context.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
| - For other clients: Follow the configuration snippets provided | ||
|
|
||
| Prefer the Remote HTTP option when available. If API key is not provided above, help me issue a CodeAlive API key first. | ||
| Prefer the Remote HTTP option when available. Do not ask me to paste an API key into chat. When the key is needed, ask me to create a CodeAlive API key and copy it to my clipboard. After I confirm, insert it directly from the clipboard into the required secure configuration without displaying, echoing, logging, or exposing it in command arguments, command output, or model context. If you cannot safely use the clipboard without exposing the value, tell me exactly where to paste it myself. |
There was a problem hiding this comment.
When the AI agent attempts to read from the clipboard (e.g., using pbpaste or xclip), the command's output is typically returned to the agent's execution environment and thus exposed in the model context/chat history. To prevent this, explicitly instruct the agent to perform the clipboard read and configuration write using a silent command or script that redirects stdout/stderr (e.g., to /dev/null), ensuring the secret never enters the command output.
| Prefer the Remote HTTP option when available. Do not ask me to paste an API key into chat. When the key is needed, ask me to create a CodeAlive API key and copy it to my clipboard. After I confirm, insert it directly from the clipboard into the required secure configuration without displaying, echoing, logging, or exposing it in command arguments, command output, or model context. If you cannot safely use the clipboard without exposing the value, tell me exactly where to paste it myself. | |
| Prefer the Remote HTTP option when available. Do not ask me to paste an API key into chat. When the key is needed, ask me to create a CodeAlive API key and copy it to my clipboard. After I confirm, insert it directly from the clipboard into the required secure configuration using a silent command or script (e.g., redirecting stdout/stderr to prevent the key from being returned as command output) without displaying, echoing, logging, or exposing it in command arguments, command output, or model context. If you cannot safely use the clipboard without exposing the value, tell me exactly where to paste it myself. |
What changed
Why
The agentic installation flow should not place credentials in chat history, command arguments, command output, or model context.
Validation
git diff --check