[FEATURE] Human-in-the-loop for MCP tool execution #100
Description
Feature description
Introduce a configurable human-in-the-loop mechanism for MCP tool execution.
Problem it solves (optional)
Some servers provide editing tools (e.g. Confluence) and sometimes the model could incorrectly use a tool which will result in unwanted outcomes. Having a way to give permissions to use a tool will make things safer to use.
Proposed solution
Whenever a model decides to use a tool have a safeguard with an UI element that would prompt the user if they allow the usage of a certain tool. The permissions could be granular - one time grant, all the time for the specific tool or granted for the specific server. These configs could be configured somewhere in the settings.
Alternatives considered (optional)
Github Copilot Agent mode has this implemented to some extent and could be used as inspiration.
Additional context (optional)
N/A
Environment (optional)
- macOS version: [e.g. 13.0]
- Amazon Bedrock Client for Mac version: [e.g. 1.0.0]