From 095c828f347377aca3fb943ad2c806199638ec0c Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 16 Apr 2026 18:24:23 +0000 Subject: [PATCH 1/3] Initial plan From 59f04cf8150a97d3a3f607aba8be62a4b576a7ff Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 16 Apr 2026 18:28:29 +0000 Subject: [PATCH 2/3] docs: correct tools field runtime enforcement behavior Agent-Logs-Url: https://github.com/github/gh-aw-mcpg/sessions/9c52f71f-431d-4d06-ba30-170a7cbdd160 Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com> --- docs/CONFIGURATION.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/CONFIGURATION.md b/docs/CONFIGURATION.md index 05ae498e..22b36fda 100644 --- a/docs/CONFIGURATION.md +++ b/docs/CONFIGURATION.md @@ -160,9 +160,10 @@ Run `./awmg --help` for full CLI options. Key flags: } ``` -- **`tools`** (optional): List of tool names intended to be exposed from this server - - **Note**: This field is stored but not currently enforced at runtime; all tools from the backend are always exposed regardless of this value - - Example: `["get_file_contents", "search_code"]` +- **`tools`** (optional): List of tool names to allow for this server + - Enforced at runtime: tools not in this list are hidden from `tools/list` responses and rejected with a 403 error on `tools/call` + - Use `["*"]` (wildcard) to allow all tools (default behavior when field is omitted) + - Example: `["get_file_contents", "search_code"]` (only these tools are accessible) - **`registry`** (optional): Informational URI to the server's entry in an MCP registry - Used for documentation and discoverability purposes only; not used at runtime From 64b3866ac1c33191fc778cba403313aebbe8f412 Mon Sep 17 00:00:00 2001 From: Landon Cox Date: Thu, 16 Apr 2026 12:08:19 -0700 Subject: [PATCH 3/3] Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- docs/CONFIGURATION.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/CONFIGURATION.md b/docs/CONFIGURATION.md index 22b36fda..611c41c1 100644 --- a/docs/CONFIGURATION.md +++ b/docs/CONFIGURATION.md @@ -161,7 +161,7 @@ Run `./awmg --help` for full CLI options. Key flags: ``` - **`tools`** (optional): List of tool names to allow for this server - - Enforced at runtime: tools not in this list are hidden from `tools/list` responses and rejected with a 403 error on `tools/call` + - Enforced at runtime: tools not in this list are hidden from `tools/list` responses and rejected when invoked via `tools/call` (for example, as an MCP/tool error) - Use `["*"]` (wildcard) to allow all tools (default behavior when field is omitted) - Example: `["get_file_contents", "search_code"]` (only these tools are accessible)