External Publication
Visit Post

Best practices for working with remote/local code Repo with MCP Connectors & Developer Mode

OpenAI Developer Community June 23, 2026
Source
For remote/local repo work, I would separate the workflow into three trust zones rather than one broad MCP connection: 1. Read-only inspection: list files, read selected files, search symbols, summarize diffs. 2. Planned mutation: propose a file-level patch plan before any write-capable tool is exposed. 3. Execution: allow writes only after the target paths, command budget, and rollback condition are explicit. The biggest failure mode is letting a connector prove it can access the repo, then immediately treating that as permission to mutate the repo. I would also keep a small audit note per run: repo/ref, allowed paths, tools granted, commands run, and files changed.

Discussion in the ATmosphere

Loading comments...