Add tools array to github-agentic-workflows#39863
Merged
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request updates the repository’s .github/mcp.json configuration for the github-agentic-workflows MCP server, adding an explicit server type and a tool allowlist to scope which gh aw mcp-server tools are exposed.
Changes:
- Adds
"type": "local"to thegithub-agentic-workflowsMCP server entry. - Adds a
"tools"allowlist intended to constrain available MCP tools.
Show a summary per file
| File | Description |
|---|---|
.github/mcp.json |
Adds MCP server type and a tools allowlist for github-agentic-workflows. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 1/1 changed files
- Comments generated: 1
| "command": "gh", | ||
| "args": ["aw", "mcp-server"] | ||
| "args": ["aw", "mcp-server"], | ||
| "tools": ["compile", "audit", "logs", "inspect", "status", "audit-diff"] |
Contributor
|
✅ smoke-ci: safeoutputs CLI comment + comment-memory run (27709964719)
|
Contributor
Comment MemoryNote This comment is managed by comment memory.It stores persistent context for this thread in the code block at the top of this comment.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Tightens the
.github/mcp.jsonMCP server configuration forgithub-agentic-workflowsby adding atype: "local"declaration and an explicittoolsallowlist.Changes
.github/mcp.json— MCP server configuration (modified)type"local"tools["compile", "audit", "logs", "inspect", "status", "audit-diff"]Full diff (1 file, +3 / −1):
"github-agentic-workflows": { + "type": "local", "command": "gh", - "args": ["aw", "mcp-server"] + "args": ["aw", "mcp-server"], + "tools": ["compile", "audit", "logs", "inspect", "status", "audit-diff"] }Motivation
type: "local"explicitly marks this server as a locally-run process, making the intent unambiguous to MCP clients and tooling that distinguishes local vs. remote transports.toolsallowlist scopes exposure to only the six tools required by agentic workflows (compile,audit,logs,inspect,status,audit-diff), preventing unintended access to any additional tools thegh aw mcp-serverbinary may expose now or in the future.Impact
.github/mcp.jsononly — no Go source, tests, or other config files touchedChecklist
type: "local"aligns with MCP server spec for locally-spawned processescompile,audit,logs,inspect,status,audit-diff) are verified to exist ingh aw mcp-server