Found during the Herdr landed-PR review swarm for PR #41.
Problem
MCP elicitation support appears to auto-accept every server prompt with empty
content.
Evidence from the reviewed head:
src/connection/capabilities.ts:18 returns accept behavior for elicitation
requests.
For non-interactive CLI usage this should be explicit and fail-closed. A server
prompt should not be blanket-accepted without user policy, command-line opt-in,
or an application-provided response handler.
Acceptance criteria
- Non-interactive CLI behavior rejects, declines, or reports unsupported
elicitation by default.
- Any auto-accept mode is explicit and documented.
- Tests cover a server elicitation request that must not be accepted by default.
- Relevant typecheck/test command is run and recorded in the fixing PR.
Found during the Herdr landed-PR review swarm for PR #41.
Problem
MCP elicitation support appears to auto-accept every server prompt with empty
content.
Evidence from the reviewed head:
src/connection/capabilities.ts:18returns accept behavior for elicitationrequests.
For non-interactive CLI usage this should be explicit and fail-closed. A server
prompt should not be blanket-accepted without user policy, command-line opt-in,
or an application-provided response handler.
Acceptance criteria
elicitation by default.