fix: don't expose MCP command strings in system prompt

Commands may contain credentials or sensitive env values. Only expose
server names to the model, not the full command strings.

Author: ammar-agent

src/node/services/systemMessage.ts

@@ -82,12 +82,13 @@ You are in a git worktree at ${workspacePath}
 /**
  * Build MCP servers context XML block.
  * Only included when at least one MCP server is configured.
+ * Note: We only expose server names, not commands, to avoid leaking secrets.
  */
 function buildMCPContext(mcpServers: MCPServerMap): string {
-  const entries = Object.entries(mcpServers);
-  if (entries.length === 0) return "";
+  const names = Object.keys(mcpServers);
+  if (names.length === 0) return "";
 
-  const serverList = entries.map(([name, command]) => `- ${name}: \`${command}\``).join("\n");
+  const serverList = names.map((name) => `- ${name}`).join("\n");
 
   return `
 <mcp>