1. Why are Zod parameter descriptions particularly valuable in MCP tool definitions?
Correct. Zod .describe() text is included in the tool schema that Claude receives. More descriptive parameter schemas (e.g., "ISO 8601 date string, e.g. '2025-03-15'") produce more accurate tool invocations.
The primary MCP-specific value of Zod descriptions is that they are surfaced directly to Claude as part of the tool schema, improving parameter usage accuracy.
2. How should a confirmation gate hook behave when no human response is received within the timeout window?
Correct. Fail closed is the safe default. On timeout, exit non-zero, block the action, leave state unchanged, and log a clear explanation for the operator.
Fail closed is correct. A timeout that proceeds turns a safety gate into just a delay. The action should be blocked and state left unchanged, with a log message for the returning operator.
3. In a database migration written by Claude, what is the operator's critical responsibility beyond reviewing the up migration?
Correct. Down migrations must be explicitly required — Claude will not generate them automatically. Every migration must ship with its own reversal.
The critical omission to guard against: Claude writes up migrations readily but skips down migrations unless explicitly instructed. Every migration must ship with its own reversal procedure.
4. When a subdirectory CLAUDE.md conflicts with the root-level CLAUDE.md, which takes precedence?
Correct. More specific files override more general ones — the same principle used by git config, CSS specificity, and most layered configuration systems.
More specific files override more general ones. Subdirectory CLAUDE.md files take precedence over root-level ones, enabling module-specific rules in monorepos.
5. In the Cloudflare internal AI review incident, what would have prevented the near-miss production YAML modification?
Correct. A PreToolUse hook with path classification was exactly what the Cloudflare team implemented after the incident — checking whether a target path fell within a protected namespace before allowing writes.
The Cloudflare team's own solution was a PreToolUse hook that classified paths before writes, blocking anything targeting production configuration namespaces.
6. Which of these is NOT a valid reason to use command-level scoping for the Bash tool?
Correct. Command-level Bash scoping is a security and permission control — it has no effect on the speed of command generation or execution.
Command-level scoping is for access control, not performance. The other three options are valid security use cases for the Bash(pattern) configuration.
7. Which git merge strategy replays branch commits linearly without adding a merge commit, but rewrites commit SHAs?
Correct. Rebase and merge replays commits linearly — clean history, no merge commit, but SHA rewriting is the tradeoff.
Rebase and merge is the strategy that replays commits linearly without a merge commit — clean history at the cost of SHA rewriting.
8. What makes a human checkpoint genuinely effective rather than performative rubber-stamping?
Correct. GitLab's incident demonstrates that watching indicators is not the same as verifying ground truth. Human checkpoints require active verification, not passive observation.
GitLab's incident is the warning: humans watched backup indicators without verifying actual function. Effective checkpoints require genuine verification of ground truth, not observation of status lights.
9. What message format do both MCP transports (stdio and SSE) use?
Correct. Both transports use JSON-RPC 2.0 — a battle-tested format with a method name, an id, and a params payload. The same format used by LSP and Ethereum's JSON-RPC API.
MCP uses JSON-RPC 2.0 regardless of transport. This was a deliberate choice based on LSP's decade of success with the same format.
10. The Notion "chainsaw vs scalpel" incident resulted in what specific data loss?
Correct. The agent's "clean up unused imports" task led to running find / -name "*.pyc" -delete, which deleted ML experiment logs on a mounted network share. Recovery took two days.
The agent ran find / -name "*.pyc" -delete, deleting ML experiment logs on a mounted network share. The "clean up unused imports" task had escalated far beyond its intended scope.
11. In a checkpointed execution approach, what is the purpose of the exploration stage?
Correct. The exploration stage is read-only by design — you verify Claude's model of the code matches reality before committing to execution.
The exploration stage is strictly read-only. Claude describes what it sees; you verify its understanding is correct before giving execution permission.
12. The /mcp slash command inside a Claude Code session is primarily used for what?
Correct. /mcp shows which servers are connected, which failed (with error messages), and what resources and tools each exposes. It is the primary debugging interface inside a session.
/mcp is the runtime status and debugging interface. Adding servers is done with "claude mcp add" outside the session.
13. MCP collapses the integration problem from N×M adapters to what?
Correct. N AI models + M data sources = N×M adapters before MCP. After MCP: N+M — each side implements the protocol once and all combinations work.
MCP reduces N×M to N+M. Like HTTP for browsers and servers — each party implements the standard once.
14. Which statement best defines an atomic commit?
Correct. Atomicity is about logical scope — one change, independently reversible.
Atomic commits are defined by logical scope, not authorship, tooling, or signing.
15. What date did Anthropic publicly release the Model Context Protocol specification?
Correct. MCP was released November 25, 2024. Community response was rapid — hundreds of forks and third-party servers appeared within 72 hours of the quiet launch.
MCP launched November 25, 2024 — a quiet release that generated outsized developer response within days.
16. Heartbleed (CVE-2014-0160) survived code review for two years primarily because of what?
Correct. Review saturation on a large, complex diff is the structural failure — Dr. Henson was competent; the review architecture was flawed.
The reviewer was highly qualified. The failure was structural: a large, complex diff exceeding reliable defect-detection capacity — the classic review saturation problem.
17. What runtime prerequisite must be installed before Claude Code can be installed via npm?
Correct. Claude Code is distributed as an npm package and requires Node.js 18 or later to run.
Claude Code is a Node.js application installed via npm. Node 18+ is required. Python, Go, and Docker are not prerequisites.
18. In the Cursor database migration incident, which architectural control would most directly have prevented the production impact?
Correct. A confirmation gate detecting production connection strings and requiring explicit acknowledgment before proceeding was precisely the control the team's postmortem recommended implementing.
The team's postmortem specifically recommended a confirmation gate that detected production connection strings and required explicit human acknowledgment of the environment before proceeding.
19. What is the SmartBear-documented threshold above which reviewer defect detection rates decline sharply?
Correct. SmartBear's 2011 Code Review Best Practices research identified approximately 400 lines as the saturation threshold.
SmartBear's research documented that reviewer defect detection drops significantly above approximately 400 meaningful lines of diff.
20. Why is a read-only task recommended as the first thing to give Claude Code in a new setup?
Correct. A read-only first task is a verification and calibration exercise. You confirm the tool calls appear, check Claude's understanding, and do so without any risk of unintended changes.
The read-only first task is for your verification and calibration — not a built-in requirement. It confirms the agent loop works and builds your trust in the tool before consequential use.