Skip to content

Make agentic installation safer#22

Merged
rodion-m merged 1 commit into
mainfrom
agent/safer-agentic-installation
Jul 15, 2026
Merged

Make agentic installation safer#22
rodion-m merged 1 commit into
mainfrom
agent/safer-agentic-installation

Conversation

@rodion-m

Copy link
Copy Markdown
Member

What changed

  • removed the instruction to paste a CodeAlive API key into the agent prompt
  • instructed the agent to request clipboard-based secret entry without displaying or logging the key
  • added a safe manual-paste fallback when clipboard access would expose the value

Why

The agentic installation flow should not place credentials in chat history, command arguments, command output, or model context.

Validation

  • git diff --check
  • repository pre-push dependency audit

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the README.md to modify the prompt template used for installing the CodeAlive MCP server via an AI agent. It replaces the instruction to paste the API key directly into the prompt with a secure workflow where the agent retrieves the key from the clipboard. The review feedback suggests enhancing this prompt to instruct the agent to use silent commands when reading from the clipboard, preventing the API key from being exposed in command outputs or the model's context.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread README.md
- For other clients: Follow the configuration snippets provided

Prefer the Remote HTTP option when available. If API key is not provided above, help me issue a CodeAlive API key first.
Prefer the Remote HTTP option when available. Do not ask me to paste an API key into chat. When the key is needed, ask me to create a CodeAlive API key and copy it to my clipboard. After I confirm, insert it directly from the clipboard into the required secure configuration without displaying, echoing, logging, or exposing it in command arguments, command output, or model context. If you cannot safely use the clipboard without exposing the value, tell me exactly where to paste it myself.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-medium medium

When the AI agent attempts to read from the clipboard (e.g., using pbpaste or xclip), the command's output is typically returned to the agent's execution environment and thus exposed in the model context/chat history. To prevent this, explicitly instruct the agent to perform the clipboard read and configuration write using a silent command or script that redirects stdout/stderr (e.g., to /dev/null), ensuring the secret never enters the command output.

Suggested change
Prefer the Remote HTTP option when available. Do not ask me to paste an API key into chat. When the key is needed, ask me to create a CodeAlive API key and copy it to my clipboard. After I confirm, insert it directly from the clipboard into the required secure configuration without displaying, echoing, logging, or exposing it in command arguments, command output, or model context. If you cannot safely use the clipboard without exposing the value, tell me exactly where to paste it myself.
Prefer the Remote HTTP option when available. Do not ask me to paste an API key into chat. When the key is needed, ask me to create a CodeAlive API key and copy it to my clipboard. After I confirm, insert it directly from the clipboard into the required secure configuration using a silent command or script (e.g., redirecting stdout/stderr to prevent the key from being returned as command output) without displaying, echoing, logging, or exposing it in command arguments, command output, or model context. If you cannot safely use the clipboard without exposing the value, tell me exactly where to paste it myself.

@rodion-m rodion-m merged commit c4fdbac into main Jul 15, 2026
6 checks passed
@rodion-m rodion-m deleted the agent/safer-agentic-installation branch July 15, 2026 17:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant