Hi @John_White 

Thanks a lot for taking the time to try out my SmartConsole AI Chat extension — I appreciate the positive feedback and I’m glad to hear you found it useful.

To address the question about why the extension was released with read‑only (show) capabilities:
the current public version was deliberately designed this way because it’s trained solely on Check Point’s official Management MCP, which only covers safe, non-destructive read‑only commands. As most of us know from real‑world firewall administration, even a single incorrect API write operation can have a massive operational impact. With an LLM in the loop — and its natural tendency to occasionally make confident but wrong assumptions — giving it unrestricted write access could, in the worst case, lead to misconfigurations, outages, or even severe disruptions in a production network.

Beyond the technical risk, there’s also a liability aspect. Hosting a publicly available extension that can modify customers’ security policies via AI would open the door to situations where a model‑generated change causes damage, and that’s simply not something I’m willing to expose users (or myself) to on a public forum.

That said:
For anyone who truly wants full read‑write capabilities, it's absolutely possible — but intentionally not enabled out of the box. You’d need to:

1. Download the extension file and implement the full Management API reference
2. Download and modify the JSON manifest to unlock full read-write access
3. Upload both files to your SmartCenter as described here
4. Load your unlocked ChatGPT Extension into your SmartConsole

I’m happy to assist with this in a private project setting, where proper guardrails, testing procedures, and responsible usage can be ensured. But it’s not something I plan to publish publicly on the CheckMates forum for the reasons above.

And one last note for those who are interested:
While I haven’t released a read‑write SmartConsole extension yet, I am currently working on one in a bit of a “stealth mode.” If it reaches the level of reliability and safety I’m aiming for, it might be very interesting to a lot of Check Point admins out there. More on that when it’s ready.

Thanks Danny!

Thank you for the detailed and thorough response ... I truly appreciate it.

In my case, I would only use the read-write capability within lab and proof-of-concept environments, not in production. I’m very interested in getting this working, as it would significantly enhance my efficiency and overall productivity.

Thanks again!
John

Hey, my old friend Andy! I hope you are doing well. 

I could be wrong, butI think it requires a paid API key. That’s what I used anyways and it worked fine.

-John

My man Jonny 🙂

I always knew you as a super smart dude and once again, you are 100% correct! I noticed same thing with Claude AI extension as well.

Haha! Thanks Andy!

Maybe someday you can teach me how to become MVP 🤓

In my eyes, you were always an MVP! I learned LOTS from working with you.

I’m always happy to help. Maybe I should start posting more here on checkmates 🤓

I know you are, Jonny. You are truly a great dude! And yes, you should post more, because lots of people would benefit from your knowledge.