Staying in control as AI becomes part of your coding workflow is essential. 🧵 We just released features that enhance security and transparency in @code:

🛡️ Stay in control of agent security with tool pre and post-approvals Tools that pull external data now let you review the data before it's used in chat, protecting against potential prompt injection attacks. Available for #fetch tool and MCP tools that declare openWorldHint.

🔐 Enhanced MCP authentication with modern standards Support for Client ID Metadata Document (CIMD) flow and dynamic scope escalation through WWW-Authenticate headers. More secure and scalable OAuth solutions for MCP.

📋 Control access to MCP servers in your organization with custom registries Organizations can now set up custom MCP registries and control which MCP servers teams can install and use. Configure with ⚙️ .serviceUrl and chat.mcp.access settings.

🔧 Streamlined trust management for better control Trust entire MCP servers and extensions at the source level through the Allow button dropdown. Manage pre and post-approval settings in one centralized location.