Skip to Content
Back to changelog

Custom detection rules with a rule playground, Shadow MCP access controls, and /mcp endpoints

This release adds AI-assisted custom detection rules with a built-in rule playground, ships management APIs, runtime enforcement, and a dashboard for Shadow MCP access rules, and serves MCP endpoints from /mcp/{slug} with a fallback to the legacy toolsets lookup.

Features

  • MCP endpoints served from /mcp #3068  - Serves mcp_endpoints and mcp_servers from /mcp/{slug} with a fallback to the legacy toolsets lookup. (Author: @bflad )
  • AI-suggested custom detection rules with a rule playground #2992  - Adds a risk.customRules.suggest endpoint that turns a one-line description into a prefilled custom detection rule, landing the operator in an editable review form with a suggested rule ID, title, description, regex, and severity. A new rule playground lets operators paste a sample into the Detection Rules detail sheet and run it through the same scanner code (gitleaks, Presidio, prompt-injection, regex) the worker uses via the risk.rules.test endpoint. (Author: @mfbx9da4 )
  • Shadow MCP approval requests and access rules #2763  - Adds management APIs for Shadow MCP approval requests and access rules, backed by a Redis-backed access store. (Author: @alx-xo )
  • Runtime enforcement of Shadow MCP access rules #2771  - Enforces Shadow MCP access rules at runtime, allowing approved access rule exceptions while preserving existing block policy behavior. (Author: @alx-xo )
  • Shadow MCP access rules dashboard #2831  - Adds a dashboard UI for reviewing Shadow MCP requests and managing project-scoped access rules. (Author: @alx-xo )
  • Tool variations menu on the source Tools tab #3083  - Adds a tool variations menu to the source detail Tools tab. (Author: @bflad )

Bug fixes

  • Full Svix portal capabilities for admins #3074  - The Svix app portal now correctly grants full capabilities to org admins and read-only access to non-admin members, fixing an inverted capability check and an earlier empty-capabilities slice that resulted in read-only sessions. (Author: @disintegrator )
  • Login journey for allowed orgs #2949  - Fixes the login journey for allowed orgs. (Author: @dennnis-ez )
  • Clearable logs filter search bars #3096  - Logs filter search bars can now be cleared with the Escape key or by emptying the box, not just the × button, across the MCP Server Logs filter bar and the shared search bar. Escape only clears when there is text to clear, so an empty box lets the key bubble up to close a surrounding popover. (Author: @simplesagar )
  • Sidebar nav hover highlight #3092  - Fixes the sidebar nav hover highlight snapping back to the active route when moving between items. (Author: @alx-xo )

Last updated on

AI everywhere.

Control here.

Talk to usLearn more