Team Plugins
Select which plugins your team uses from the organization’s allowed list.
Team Leader Overview
As a team leader, you configure plugins, MCP servers, and settings for your team. This guide explains your responsibilities and options.
What You Control
Section titled “What You Control”MCP Servers
Configure MCP servers (context7, custom tools) for your team.
Session Settings
Set default timeouts and auto-resume behavior.
Project Overrides
Control whether developers can add project-specific settings.
What You Cannot Control
Section titled “What You Cannot Control”These are set at the organization level and cannot be overridden:
| Setting | Controlled By |
|---|---|
| Security blocks (plugins, servers, images) | Org Admin |
| Safety-net policy (block/warn/allow) | Org Admin |
| Allowed marketplaces | Org Admin |
| Network policy restrictions | Org Admin |
Configuration Options
Section titled “Configuration Options”You have two ways to manage your team’s configuration:
Option A: Inline Configuration
Section titled “Option A: Inline Configuration”Your team profile lives directly in the org config file. Changes require org admin to update the file.
Best for: Small teams, simple setups, teams that don’t need frequent changes.
Learn more about inline configuration →
Option B: GitOps (Federated Teams)
Section titled “Option B: GitOps (Federated Teams)”Your team maintains its own config repository. You can update plugins via PRs without involving org admin.
Best for: Autonomous teams, frequent updates, teams with specific tooling needs.
Learn more about GitOps configuration →
Your Team Profile
Section titled “Your Team Profile”A typical team profile includes:
{ "backend": { "description": "Backend development team", "additional_plugins": [ "scc-safety-net@sandboxed-code-official", "java-tools@internal" ], "additional_mcp_servers": { "context7": { "type": "http", "url": "https://context7.example.com" } }, "delegation": { "allow_project_overrides": true, "allow_additional_plugins": ["team-*"] }, "session": { "timeout_hours": 12 } }}Key Decisions
Section titled “Key Decisions”Which plugins should we enable?
Section titled “Which plugins should we enable?”- Start with
scc-safety-netfor git protection - Add language/framework specific tools your team needs
- Avoid enabling plugins “just in case” — keep it focused
Should we allow project overrides?
Section titled “Should we allow project overrides?”- Yes: Gives flexibility, good for diverse projects
- No: Ensures consistency, good for security-sensitive teams
What session timeout?
Section titled “What session timeout?”- 8 hours: Security-focused, forces daily re-auth
- 12 hours: Standard workday
- 24 hours: Long-running tasks, data processing
Validating Your Config
Section titled “Validating Your Config”Always validate before deploying:
scc team validateOr validate a specific config file:
scc org validate team-config.jsonNext Steps
Section titled “Next Steps”Inline Configuration
Simple setup, org-managed. Set up →
GitOps Configuration
Team-managed, more autonomy. Set up →
Managing Plugins
Choose and configure plugins. Learn more →