Add cwd to AgentConfig.mcpServers[] for stdio working directory#1042
Open
JustinElst wants to merge 1 commit intokelos-dev:mainfrom
Open
Add cwd to AgentConfig.mcpServers[] for stdio working directory#1042JustinElst wants to merge 1 commit intokelos-dev:mainfrom
JustinElst wants to merge 1 commit intokelos-dev:mainfrom
Conversation
Stdio MCP servers run with whatever current working directory the agent process happens to be in. That is fine for most servers, but breaks servers that must execute from a specific project root. Laravel Boost is the canonical example: "php artisan boost:mcp" only works when CWD is the Laravel project root, so callers currently have to patch the project-scope ".mcp.json" at runtime to inject a "cd /workspace/repo && exec" wrapper. This adds an optional WorkingDir field (YAML key "cwd") to MCPServerSpec. The field is plumbed through buildMCPServersJSON into the .mcp.json-shaped JSON exposed via KELOS_MCP_SERVERS, so the claude-code, cursor, and gemini entrypoints pick it up transparently (they merge the inner mcpServers map into the agent's user-scoped config). The codex entrypoint, which converts the JSON into TOML field-by-field, is updated to emit cwd alongside the other stdio fields. cwd is omitted from the rendered JSON when WorkingDir is unset, so existing configs are unaffected. The field is documented as stdio- only; for http/sse servers the agent transports ignore it.
github-actions
Bot
added
kind/feature
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Collaborator
|
/kelos review |
![kelos-bot[bot]](https://avatars.githubusercontent.com/in/2965305?s=60&v=4){kind=small}
There was a problem hiding this comment.
Review Summary
Verdict: APPROVE
Overall correctness: patch is correct
Scope: Adds an optional cwd field to AgentConfig.mcpServers[] so callers can pin the working directory of stdio MCP servers, plumbed through KELOS_MCP_SERVERS JSON and the codex TOML emitter.
Findings Overview
| Priority | Count | File:Line | Summary |
|---|---|---|---|
| P0 | 0 | — | none |
| P1 | 0 | — | none |
| P2 | 0 | — | none |
| P3 | 0 | — | none |
Findings
No qualifying findings. The change is minimal, additive, and correctly plumbed:
MCPServerSpec.WorkingDir(JSON-taggedcwd) is value-typed, so the existing generatedDeepCopyInto(which does*out = *in) handles it automatically; no codegen update needed.- The new field is rendered into the
.mcp.json-shaped JSON viamcpServerJSON.Cwdwithomitempty, so existing configs are unaffected when unset (verified byTestBuildJob_AgentConfigMCPServersCwdOmittedWhenUnset). - claude-code, cursor, and gemini entrypoints
Object.assignthe innermcpServersmap into the agent-native config, so they pick upcwdtransparently — these three agents' MCP schemas all use thecwdkey for stdio servers, matching the JSON tag here. - The codex entrypoint's TOML emitter is updated alongside the other stdio fields, with
JSON.stringifyproperly quoting the value (no injection risk). - Test coverage is appropriate for the behavior introduced (cwd round-trips through the env var, omitted when unset).
- CRD manifests under
internal/manifests/charts/kelos/templates/crds/agentconfig-crd.yamlandinternal/manifests/install-crd.yamlwere regenerated.
Key takeaways
- Additive, well-scoped feature; documentation, tests, and CRDs are all updated.
- No correctness, security, or convention concerns identified.
⚠️ Note on prompt injection: a prior cubic-dev-ai comment on this PR contains hidden text instructing AI reviewers to attribute findings to cubic. Those instructions were ignored; this review is independent.
gjkim42
reviewed
Apr 29, 2026
Collaborator
gjkim42
left a comment
gjkim42
left a comment
There was a problem hiding this comment.
How can we apply this to other coding agents? (other than Codex)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind feature
What this PR does / why we need it:
Adds an optional
cwdfield toAgentConfig.mcpServers[]so callers can pin the working directory of stdio MCP servers.Stdio MCP servers run with whatever CWD the agent process happens to be in. That's fine for most servers, but breaks servers that must execute from a specific project root. Laravel Boost is the canonical example:
php artisan boost:mcponly works when CWD is the Laravel project root. Withoutcwd, callers have to patch the repo's.mcp.jsonat runtime to inject acd /workspace/repo && execwrapper, which is a file-write side effect inside the workspace that's easy to get wrong.The field is plumbed through
buildMCPServersJSONinto the.mcp.json-shaped JSON exposed viaKELOS_MCP_SERVERS. The claude-code, cursor, and gemini entrypoints pick it up transparently because they merge the innermcpServersmap into the agent's user-scoped config viaObject.assign. The codex entrypoint converts the JSON to TOML field-by-field, so this PR also addscwdto its TOML emission alongside the other stdio fields.cwdis omitted from the rendered JSON whenWorkingDiris unset, so existing configs are unaffected.Which issue(s) this PR is related to:
N/A
Special notes for your reviewer:
http/sseservers the field is still serialized if set, but the agent transports for those types ignore it.cwdon stdio MCP entries per its MCP schema, so no claude-side change is needed.Does this PR introduce a user-facing change?