Best practices for working with remote/local code Repo with MCP Connectors & Developer Mode
OpenAI Developer Community
June 23, 2026
For remote/local repo work, I would separate the workflow into three trust zones rather than one broad MCP connection:
1. Read-only inspection: list files, read selected files, search symbols, summarize diffs.
2. Planned mutation: propose a file-level patch plan before any write-capable tool is exposed.
3. Execution: allow writes only after the target paths, command budget, and rollback condition are explicit.
The biggest failure mode is letting a connector prove it can access the repo, then immediately treating that as permission to mutate the repo. I would also keep a small audit note per run: repo/ref, allowed paths, tools granted, commands run, and files changed.
Discussion in the ATmosphere