Skip to content

Comments

docs: add Maybe Don't integration guides#350

Open
robotdan wants to merge 3 commits intoOpenHands:mainfrom
maybedont:degroff/maybedont-integration
Open

docs: add Maybe Don't integration guides#350
robotdan wants to merge 3 commits intoOpenHands:mainfrom
maybedont:degroff/maybedont-integration

Conversation

@robotdan
Copy link

@robotdan robotdan commented Feb 20, 2026

Summary

  • Adds Maybe Don't as an MCP security proxy option on the MCP Settings page (openhands/usage/settings/mcp-settings.mdx)
  • Adds MaybeDontAnalyzer as a third-party security analyzer on the Security & Action Confirmation guide (sdk/guides/security.mdx)

MCP Settings Page

  • Docker quick-start for running Maybe Don't
  • Configuration examples for downstream MCP servers and pointing OpenHands at Maybe Don't
  • Overview of CEL and AI-powered policy validation
  • Cross-link to the security analyzer integration

Security Guide

  • MaybeDontAnalyzer setup with gateway_url parameter and MAYBE_DONT_GATEWAY_URL env var
  • Risk level mapping table (high/medium/low/unknown → SecurityRisk)
  • Ready-to-run example following existing patterns (expandable code block, RunExampleCode snippet)
  • Two-layer protection story: security analyzer (all actions) + MCP proxy (tool calls)

Context

This is part of the Maybe Don't OpenHands integration. The companion SDK PR adding MaybeDontAnalyzer is at OpenHands/software-agent-sdk#2142.

Test plan

  • Verify MCP settings page renders correctly with the new "Security with Maybe Don't" section
  • Verify security guide renders the new "Maybe Don't Security Analyzer" section with expandable example
  • Verify cross-links between the two pages work
  • Verify anchor links (#ready-to-run-example-maybe-dont, #maybe-dont-security-analyzer) resolve correctly

🤖 Generated with Claude Code

@claude
docs: add Maybe Don't integration guides
9cdb77f 
Add Maybe Don't as an MCP security proxy option on the MCP Settings page
and as a third-party security analyzer on the Security & Action
Confirmation guide.

MCP Settings:
- Docker quick-start for running Maybe Don't
- Configuration examples for downstream MCP servers
- Overview of CEL and AI-powered validation rules

Security Guide:
- MaybeDontAnalyzer setup and configuration
- Risk level mapping table
- Ready-to-run example with ConfirmRisky policy
- Cross-links between MCP proxy and security analyzer integrations

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
fix: Docker examples that actually work out of the box
05cc687 
- Add MAYBE_DONT_SERVER_LISTEN_ADDR=0.0.0.0:8080 (127.0.0.1 is
  unreachable from outside a container)
- Disable AI validation and audit report (require OpenAI API key)
- Use env vars for downstream MCP server config instead of YAML
  that has no volume mount instruction
- Add volume-mount alternative for complex configs
- Match inline example code to actual SDK file

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@robotdan robotdan mentioned this pull request Feb 20, 2026
Open
4 tasks
robotdan pushed a commit to maybedont/software-agent-sdk that referenced this pull request Feb 20, 2026
@claude
fix: Docker example in docstring that won't start
868df36 
- Add MAYBE_DONT_SERVER_LISTEN_ADDR=0.0.0.0:8080 (127.0.0.1 unreachable from host)
- Disable AI validation and audit report (require OpenAI API key)
- Match Docker command to docs PR (OpenHands/docs#350)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
fix: match inline example to SDK file (Docker env vars)
fe56d30 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xingyaoww xingyaoww Awaiting requested review from xingyaoww xingyaoww is a code owner

@enyst enyst Awaiting requested review from enyst enyst is a code owner

@mamoodi mamoodi Awaiting requested review from mamoodi mamoodi is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@robotdan