feat: run_tempalte no approval

[adityathebe]

related: flanksource/mission-control#2198

Summary by CodeRabbit

• New Features
  • Template execution no longer requires approval, streamlining the workflow for template operations.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
aws-preview	Ready	Preview	Jan 7, 2026 8:25am
flanksource-ui	Ready	Preview	Jan 7, 2026 8:25am

[coderabbitai]

Walkthrough

The "run_template" tool is added to the tools list that do not require approval, expanding the set of tools exempt from approval requirements within the MCP tool wrapper.

Changes

Cohort / File(s)	Summary
Tool approval configuration app/api/chat/tools.ts	Added "run_template" to TOOLS_WITH_NO_APPROVAL_REQUIRED list, exempting this tool from approval checks in wrapMcpToolsWithApproval

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title contains a typo ('tempalte' instead of 'template') and is somewhat vague about the specific change, but it does relate to the main objective of adding 'run_template' to the no-approval-required tools list.	Fix the typo: change 'run_tempalte' to 'run_template'. Consider making the title more specific about the functional impact, such as 'feat: allow run_template tool without MCP approval'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/run_template_no_mcp_approval_required

---

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e88af9e and c5b553f.

📒 Files selected for processing (1)

• app/api/chat/tools.ts

🔇 Additional comments (1)

app/api/chat/tools.ts (1)

5-6: Confirm whether "run_template" is a safe, read-only operation before bypassing approval.

The tool name suggests execution rather than a read query. Most other tools in the no-approval list perform read-only operations (search, get, list, describe, read). If "run_template" executes or modifies state, bypassing approval introduces a security risk. The backend implementation is not visible in this frontend repository, so verification with the team or backend documentation is needed.

The commit message itself contains a typo ("tempalte" instead of "template"), which may indicate this change wasn't fully tested.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}