Skip to main content
TripleBits Apprentice - Software for Agents

Menu

Sign In Register

Manage External MCP Permissions

Manage Apprentice external MCP permissions across capabilities, server bindings, per-tool Allow Ask Deny policies, prompts, saved approvals, and guardrails.

22 views

Manage External MCP Permissions

External MCP permissions decide how an agent may use tools from installed MCP servers.

Use these controls carefully because MCP tools can connect to external services, read remote data, or make changes outside Apprentice.

Permission Layers

External MCP tool use can be affected by:

  • Capabilities > External MCP Tools.
  • Global MCP server install and runtime state.
  • Agent MCP server binding enabled or disabled.
  • Per-tool policy: Allow, Ask, or Deny.
  • Permission prompts and saved approvals.
  • AI Guardrails, if configured.

When a tool is blocked, check these layers in order.

Allow, Ask, Deny

Per-tool policies are configured in the agent's MCP Servers tab.

Allow means the tool can run automatically for that agent.

Ask means Apprentice prompts before the tool call runs.

Deny means the tool is blocked for that agent.

For a new MCP server:

  1. Enable the server for one test agent.
  2. Set all tools to Ask.
  3. Run one small manual request.
  4. Review the exact tool calls.
  5. Move only the safe, repetitive tools to Allow.
  6. Move risky or unrelated tools to Deny.

When To Use Ask

Use Ask when a tool can:

  • Write to an external service.
  • Send messages.
  • Create tickets or tasks.
  • Change repository state.
  • Read sensitive business data.
  • Trigger paid or rate-limited operations.

When To Use Deny

Use Deny when:

  • The agent's job does not need the tool.
  • The tool can mutate external state in a risky way.
  • The tool overlaps with a safer built-in workflow.
  • You are using a shared MCP server with tools for several workflows.

When To Use Allow

Use Allow for tools that are:

  • Narrow.
  • Predictable.
  • Low-risk.
  • Required frequently.
  • Already tested through Ask.

Examples include read-only lookup tools or harmless status checks, depending on the server.

Review Activity

After MCP use, open Activity and Run Detail.

Look for:

  • Which MCP tools were called.
  • Whether prompts appeared.
  • Whether the result matched the agent's job.
  • Whether any tool should be moved from Ask to Deny or Allow.

Troubleshooting

If an MCP tool never runs, check External MCP Tools capability and the tool policy.

If a server is excluded from runtime, check MCP Runtime Health.

If permissions are too noisy, allow only the narrow tools that are repeatedly needed.

If permissions are too broad, move the risky tools back to Ask or Deny.

Next Step

After MCP permissions are stable, connect the agent to schedules or integrations only if the workflow needs automation.