Struct McpConfig 

pub struct McpConfig {
    pub profile: Option<String>,
    pub allowlist: Option<HashMap<String, Vec<String>>>,
    pub profile_hint_in_errors: bool,
}

[mcp] block in config.toml — v0.6.4 addition. Today this only carries the named tool profile. v0.6.4 Track D will extend with [mcp.allowlist] for per-agent capability gating.

Resolution for profile: CLI flag > AI_MEMORY_PROFILE env (both merged by clap) > this config field > compiled default "core".

Fields

profile: Option<String>

Named tool profile. One of core, graph, admin, power, full, or a comma-separated custom list (e.g., core,graph,archive). Default core (v0.6.4 default flip).

allowlist: Option<HashMap<String, Vec<String>>>

v0.6.4-008 — per-agent capability allowlist. Maps an agent_id pattern to the families that agent may request via memory_capabilities --include-schema family=<f>. Patterns resolve to a Vec (the family names). The wildcard pattern "*" is the default for agents not otherwise listed. When the entire allowlist is absent (mcp.allowlist = None), the gate is disabled — every caller may expand any family (Tier-1 single-process semantics, profile flag rules).

Example config.toml:

[mcp.allowlist]
"alice" = ["core", "graph"]
"bob"   = ["full"]
"*"     = ["core"]

profile_hint_in_errors: bool

#1254 (MED, 2026-05-25) — error-oracle posture for tools/call against a tool that exists but is not loaded under the active profile.

Default false (production-secure): the daemon returns a minimal "unknown tool: <name>" regardless of whether the tool exists in another family. This prevents a lower-profile client from probing the surface of a higher-profile tool set (e.g. admin or power family names) by walking error messages.

Set to true to restore the v0.6.4-002 helpful hint (“tool ‘X’ is in family ‘Y’ which is not loaded under the active profile. Restart with --profile <name> …”). The hint is convenient for single-tenant dev environments where every operator sees the full surface anyway, but leaks family membership in any multi-tenant deployment.

Implementations

impl McpConfig

pub fn allowlist_decision( &self, agent_id: Option<&str>, family: &str, ) -> AllowlistDecision

v0.6.4-008 — resolve the allowlist decision for an agent requesting a family.

Returns:

• AllowlistDecision::Disabled if the entire allowlist is absent (Tier-1 default — gate is off).
• AllowlistDecision::Allow if a matching pattern includes the requested family (or "full").
• AllowlistDecision::Deny if a pattern matches but does not list the family.
• AllowlistDecision::Deny if no pattern matches and there is no "*" wildcard.

Pattern matching: exact match wins; otherwise the wildcard "*" is consulted. Multiple-pattern precedence follows longest-prefix order with stable tie-break by config order (since HashMap is unordered, we sort by key length descending for the comparison).

Trait Implementations

impl Clone for McpConfig

fn clone(&self) -> McpConfig

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for McpConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for McpConfig

fn default() -> McpConfig

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for McpConfig

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for McpConfig

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.