Fix case-insensitive Claude tool allowlist matching
This commit is contained in:
@@ -40,6 +40,7 @@ This middleware provides a first-pass hardening layer for agent-executed shell c
|
||||
- `registry`: resolved runtime `McpRegistry`
|
||||
- `resolveConfig(...)`: centralized MCP config resolution with persona tool-clearance applied
|
||||
- `createClaudeCanUseTool()`: helper for Claude SDK `canUseTool` callback so each tool invocation is allowlist/banlist-enforced before execution
|
||||
- Tool matching is case-insensitive at invocation time to handle provider-emitted names like `Bash` versus allowlist entries like `bash`.
|
||||
|
||||
## Known limits and TODOs
|
||||
|
||||
|
||||
Reference in New Issue
Block a user