Add MCP auto-approve and agnostic assessments

- Auto-approve previously approved commands (same cmd + dir)
- Use Recommendation.None instead of IsAgnostic property
- Regex returns agnostic when no rules match

Author: gfraiteur

src/PostSharp.Engineering.BuildTools/Mcp/Models/CommandRecord.cs

@@ -13,6 +13,8 @@ public sealed class CommandRecord
 
     public required string Command { get; init; }
 
+    public required string WorkingDirectory { get; init; }
+
     public required string ClaimedPurpose { get; init; }
 
     public required bool Approved { get; init; }

src/PostSharp.Engineering.BuildTools/Mcp/Models/CommandRule.cs

@@ -40,10 +40,4 @@ public sealed class CommandRule
     /// If null, the rule applies whenever the pattern matches.
     /// </summary>
     public Func<CommandContext, bool>? Condition { get; init; }
-
-    /// <summary>
-    /// Gets a value indicating whether this rule is agnostic (defers to AI analysis).
-    /// When true, matching this rule will not influence the risk assessment - only AI will determine risk.
-    /// </summary>
-    public bool IsAgnostic { get; init; }
 }

src/PostSharp.Engineering.BuildTools/Mcp/Models/RiskAssessment.cs

@@ -20,6 +20,7 @@ public enum RiskLevel
 /// </summary>
 public enum Recommendation
 {
+    None,
     Approve,
     Reject
 }
@@ -41,12 +42,6 @@ public sealed class RiskAssessment
     /// </summary>
     public string? RuleName { get; init; }
 
-    /// <summary>
-    /// Gets a value indicating whether this assessment is agnostic (defers to AI analysis).
-    /// When true, this regex-based assessment should be ignored and only AI assessment used.
-    /// </summary>
-    public bool IsAgnostic { get; init; }
-
     public static RiskAssessment Default( string reason )
     {
         return new RiskAssessment

src/PostSharp.Engineering.BuildTools/Mcp/Services/ApprovalPrompter.cs

@@ -172,6 +172,7 @@ private static string GetRecommendationMarkup( Recommendation recommendation )
     {
         return recommendation switch
         {
+            Recommendation.None => "[dim]NONE (agnostic)[/]",
             Recommendation.Approve => "[green]APPROVE[/]",
             Recommendation.Reject => "[red]REJECT[/]",
             _ => recommendation.ToString()

src/PostSharp.Engineering.BuildTools/Mcp/Services/CommandHistoryService.cs

@@ -34,6 +34,7 @@ public IReadOnlyList<CommandRecord> GetHistory( string sessionId )
     public void Record(
         string sessionId,
         string command,
+        string workingDirectory,
         string claimedPurpose,
         bool approved,
         CommandResult result )
@@ -42,6 +43,7 @@ public void Record(
         {
             Timestamp = DateTime.UtcNow,
             Command = command,
+            WorkingDirectory = workingDirectory,
             ClaimedPurpose = claimedPurpose,
             Approved = approved,
             ExitCode = result.ExitCode,
@@ -62,6 +64,22 @@ public void Record(
             } );
     }
 
+    public bool WasPreviouslyApproved( string sessionId, string command, string workingDirectory )
+    {
+        if ( !this._sessions.TryGetValue( sessionId, out var history ) )
+        {
+            return false;
+        }
+
+        lock ( this._lock )
+        {
+            return history.Any( r =>
+                r.Approved &&
+                r.Command.Equals( command, StringComparison.Ordinal ) &&
+                r.WorkingDirectory.Equals( workingDirectory, StringComparison.OrdinalIgnoreCase ) );
+        }
+    }
+
     public void ClearSession( string sessionId )
     {
         this._sessions.TryRemove( sessionId, out _ );

src/PostSharp.Engineering.BuildTools/Mcp/Services/CommandRules.cs

@@ -291,29 +291,26 @@ public static class CommandRules
             Name = "export-env-variables",
             Pattern = new Regex( @"\$env:\w+\s*=", RegexOptions.IgnoreCase ),
             RiskLevel = RiskLevel.Low,
-            Recommendation = Recommendation.Approve,
-            Reason = "Setting environment variables - deferring to AI to determine if secrets are exposed",
-            IsAgnostic = true
+            Recommendation = Recommendation.None,
+            Reason = "Setting environment variables - deferring to AI to determine if secrets are exposed"
         },
 
         new CommandRule
         {
             Name = "env-var-reference-powershell",
             Pattern = new Regex( @"\$env:\w+", RegexOptions.IgnoreCase ),
             RiskLevel = RiskLevel.Low,
-            Recommendation = Recommendation.Approve,
-            Reason = "Environment variable reference detected - deferring to AI to determine if leaked",
-            IsAgnostic = true
+            Recommendation = Recommendation.None,
+            Reason = "Environment variable reference detected - deferring to AI to determine if leaked"
         },
 
         new CommandRule
         {
             Name = "env-var-reference-bash",
             Pattern = new Regex( @"\$\{?\w+\}?", RegexOptions.None ),
             RiskLevel = RiskLevel.Low,
-            Recommendation = Recommendation.Approve,
-            Reason = "Potential environment variable reference detected - deferring to AI analysis",
-            IsAgnostic = true
+            Recommendation = Recommendation.None,
+            Reason = "Potential environment variable reference detected - deferring to AI analysis"
         }
     };
 

src/PostSharp.Engineering.BuildTools/Mcp/Services/RegexRuleEngine.cs

@@ -58,17 +58,16 @@ public Task<RiskAssessment> EvaluateAsync(
                 Level = rule.RiskLevel,
                 Recommendation = rule.Recommendation,
                 Reason = rule.Reason,
-                RuleName = rule.Name,
-                IsAgnostic = rule.IsAgnostic
+                RuleName = rule.Name
             } );
         }
 
-        // No rules matched - return default LOW/APPROVE
+        // No rules matched - return agnostic (defer to AI analysis)
         return Task.FromResult( new RiskAssessment
         {
             Level = RiskLevel.Low,
-            Recommendation = Recommendation.Approve,
-            Reason = "No regex rules matched - command appears safe",
+            Recommendation = Recommendation.None,
+            Reason = "No regex rules matched - deferring to AI analysis",
             RuleName = null
         } );
     }

src/PostSharp.Engineering.BuildTools/Mcp/Services/RiskCombiner.cs

@@ -18,8 +18,8 @@ public static class RiskCombiner
     /// <returns>A combined risk assessment with the maximum risk level and most restrictive recommendation.</returns>
     public static RiskAssessment Combine( RiskAssessment aiAssessment, RiskAssessment regexAssessment )
     {
-        // If regex assessment is agnostic, use only AI assessment
-        if ( regexAssessment.IsAgnostic )
+        // If regex assessment has no recommendation (agnostic), use only AI assessment
+        if ( regexAssessment.Recommendation == Recommendation.None )
         {
             return aiAssessment;
         }

src/PostSharp.Engineering.BuildTools/Mcp/Tools/ExecuteCommandTool.cs

@@ -76,10 +76,42 @@ public async Task<CommandResult> ExecuteCommand(
 
             try
             {
-            // 1. Get session history
+            // 1. Check if this exact command was previously approved
+            if ( this._history.WasPreviouslyApproved( sessionId, command, workingDirectory ) )
+            {
+                AnsiConsole.MarkupLine( "[green]Auto-approved (previously approved)[/]" );
+                AnsiConsole.WriteLine();
+                AnsiConsole.Write( new Rule( "[blue]Executing Request[/]" ) );
+                AnsiConsole.WriteLine();
+
+                // Pleasant single beep for auto-approve (same as LOW risk)
+                try
+                {
+#pragma warning disable CA1416 // Platform compatibility - we handle non-Windows in catch
+                    Console.Beep( 1200, 150 );
+#pragma warning restore CA1416
+                }
+                catch
+                {
+                    // Beep may not be supported on all systems
+                }
+
+                var autoApprovedResult = await this._executor.ExecuteAsync( command, workingDirectory, cancellationToken );
+
+                AnsiConsole.WriteLine();
+                AnsiConsole.Write( new Rule( "[blue]Request Completed[/]" ) );
+                AnsiConsole.WriteLine();
+
+                // Record in history
+                this._history.Record( sessionId, command, workingDirectory, claimedPurpose, approved: true, autoApprovedResult );
+
+                return autoApprovedResult;
+            }
+
+            // 2. Get session history
             var sessionHistory = this._history.GetHistory( sessionId );
 
-            // 2. Risk analysis - run both AI and Regex analyzers in parallel
+            // 3. Risk analysis - run both AI and Regex analyzers in parallel
             var aiTask = this._analyzer.AnalyzeAsync(
                 command,
                 claimedPurpose,
@@ -98,10 +130,10 @@ public async Task<CommandResult> ExecuteCommand(
             var aiAssessment = assessments[0];
             var regexAssessment = assessments[1];
 
-            // 3. Combine assessments (take maximum risk)
+            // 4. Combine assessments (take maximum risk)
             var assessment = RiskCombiner.Combine( aiAssessment, regexAssessment );
 
-            // 4. Prompt user for approval (pass both assessments for display)
+            // 5. Prompt user for approval (pass both assessments for display)
             var approved = await this._prompter.RequestApprovalAsync(
                 command,
                 claimedPurpose,
@@ -110,7 +142,7 @@ public async Task<CommandResult> ExecuteCommand(
                 aiAssessment,
                 regexAssessment );
 
-            // 5. Execute if approved
+            // 6. Execute if approved
             CommandResult result;
 
             if ( approved )
@@ -134,8 +166,8 @@ public async Task<CommandResult> ExecuteCommand(
                 result = CommandResult.Rejected();
             }
 
-            // 6. Record in history
-            this._history.Record( sessionId, command, claimedPurpose, approved, result );
+            // 7. Record in history
+            this._history.Record( sessionId, command, workingDirectory, claimedPurpose, approved, result );
 
             return result;
             }