From ef336cdfb1c7369c661af92dbf0ab4659f3a6431 Mon Sep 17 00:00:00 2001
From: Vlad M <vlad@serpapi.com>
Date: Tue, 17 Feb 2026 16:21:52 +0100
Subject: [PATCH] [MCP] Fix security task def to readonly fs

---
 copilot/mcp-server-api/manifest.yml | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/copilot/mcp-server-api/manifest.yml b/copilot/mcp-server-api/manifest.yml
index 7180f6f..bc13a0e 100644
--- a/copilot/mcp-server-api/manifest.yml
+++ b/copilot/mcp-server-api/manifest.yml
@@ -21,8 +21,22 @@ exec: true
 network:
   connect: true # Enable Service Connect for intra-environment traffic between services.
 
-# storage:
-  # readonly_fs: true       # Limit to read-only access to mounted root filesystems.
+storage:
+  readonly_fs: true
+
+variables:
+  PYTHONDONTWRITEBYTECODE: "1"
+
+# Allow writes to /tmp
+taskdef_overrides:
+  - path: ContainerDefinitions[0].MountPoints[-]
+    value:
+      SourceVolume: "ephemeral-scratch"
+      ContainerPath: "/tmp"
+      ReadOnly: false
+  - path: Volumes[-]
+    value:
+      Name: "ephemeral-scratch"
 
 # Optional fields for more advanced use-cases.
 #