kb/openspec/changes/archive/2026-04-04-mcp-allowed-hosts/tasks.md

1. Configuration

• 1.1 Add KB_MCP_ALLOWED_HOSTS to mcp/config.py — read from env, default empty string
• 1.2 Add host-parsing helper that splits the comma-separated value, strips whitespace, and filters empty entries

2. Transport security

• 2.1 Build TransportSecuritySettings in mcp/server.py — merge localhost defaults with parsed KB_MCP_ALLOWED_HOSTS, derive allowed origins from allowed hosts
• 2.2 Pass transport_security= to the FastMCP() constructor

3. Compose files

• 3.1 Add KB_MCP_ALLOWED_HOSTS=${KB_MCP_ALLOWED_HOSTS:-} to the kb-mcp environment block in compose.cpu.yaml, compose.nvidia.yaml, and compose.rocm.yaml with a comment explaining the format

4. Verification

• 4.1 Test: unset KB_MCP_ALLOWED_HOSTS — confirm localhost connects, remote host gets 421
• 4.2 Test: set KB_MCP_ALLOWED_HOSTS to the server IP — confirm remote host connects successfully