External Publication
Visit Post

Best practices for working with remote/local code Repo with MCP Connectors & Developer Mode

OpenAI Developer Community June 19, 2026
Source

Hi OpenAI Team and Community,

With the recent rollout of MCP (Model Context Protocol) support in ChatGPT Web / Developer Mode, we’ve seen a surge in users connecting their local repositories to GPT-5.5/Pro models, so I’ve been developing an MCP runtime called coding-tools-mcp since May.

My question is regarding the official stance on “Agentic Safety” for local/remote coding tools:

In my project, I’ve implemented Linux Landlock and Docker sandboxing to ensure the model cannot perform destructive operations or leak sensitive .env files, even if prompted.

  1. Does OpenAI have specific security guidelines for third-party MCP connectors accessing local/remote filesystems?
  2. Is there a preferred “Semantic Tool” pattern (e.g., using apply_patch vs. raw bash) that OpenAI recommends for better model alignment?

I believe that for MCP to be a viable professional tool, we need to move past simple “wrappers” and move toward secure, stateful runtimes. I’d love to get feedback on the architecture I’ve built: GitHub: xyTom/coding-tools-mcp Docs: coding-1afcb9be.mintlify.app

Looking forward to your thoughts!

Discussion in the ATmosphere

Loading comments...