Conversation
There was a problem hiding this comment.
Pull request overview
Updates the “Large Payload Tester” agentic workflow configuration/prompt, apparently aiming to simplify the test setup and permissions while adjusting how the filesystem MCP server is mounted and how the agent verifies the secret.
Changes:
- Simplified workflow description and added
pull-requests: readpermission. - Changed filesystem MCP server mount target to
/workspaceand refactored the setup bash step to use variables + renamed secret file. - Heavily simplified the agent prompt, changing expected payload-path behavior and file access instructions.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
| .github/workflows/large-payload-tester.md | Adjusts workflow metadata/permissions, changes filesystem mount target, and refactors the setup step that generates the secret + large JSON payload. |
| .github/workflows/large-payload-tester.lock.yml | Regenerated compiled workflow reflecting the updated permissions, mount target, and setup script. |
| .github/agentics/large-payload-tester.md | Rewrites the agent instructions for how to locate the secret and (purportedly) find the full payload. |
Comments suppressed due to low confidence (1)
.github/agentics/large-payload-tester.md:54
- The output template still references
test-secret.txtandoriginalSize from metadata, but the workflow now createssecret.txtand this prompt no longer describes extractingoriginalSize(or any metadata fields) from the gateway response. Align the expected filenames and explicitly describe wherePayload Path/Payload Sizecome from (gatewaypayloadPath/originalSize) so the issue report can be generated consistently.
## Test Results
- **Expected Secret:** [UUID from test-secret.txt]
- **Found Secret:** [UUID from payload] or "NOT FOUND"
- **Secret Match:** [YES/NO]
- **Payload Path:** [path from response]
- **Payload Size:** [originalSize from metadata]
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| ## Expected Behavior | ||
|
|
||
| **Success scenario:** | ||
| 1. Gateway receives large response from filesystem server | ||
| 2. Gateway stores payload to: `/tmp/jq-payloads/{sessionID}/{queryID}/payload.json` | ||
| 3. Gateway returns metadata with `payloadPath` and `truncated: true` | ||
| 4. Agent reads payload from mounted path: `/workspace/mcp-payloads/session/{queryID}/payload.json` | ||
| 5. Agent extracts secret from payload | ||
| 6. Secret matches the expected value from test-secret.txt | ||
| 1. Agent requests file `large-test-file.json` from filesystem MCP server. | ||
| 2. MCP server response includes path to full payload. | ||
| 3. Agent reads full payload from subdirectory of: `/tmp/gh-aw/mcp-payloads` | ||
| 5. Agent extracts secret from full payload. | ||
| 6. Agent requests file `secret.txt` from filesystem MCP server. | ||
| 7. Secrets in `large-test-file.json` and `secret.txt` match. |
There was a problem hiding this comment.
This prompt expects the filesystem MCP server to return a “path to full payload” and instructs reading payloads under /tmp/gh-aw/mcp-payloads, but the gateway middleware returns payloadPath (default under /tmp/jq-payloads) and there’s no workflow configuration shown that would create /tmp/gh-aw/mcp-payloads. As written, the agent will look in the wrong place and won’t validate the gateway’s payload storage behavior. Update the instructions to use the gateway’s payloadPath (and the expected /tmp/jq-payloads/.../payload.json structure) and, if needed, include the correct mount/translation strategy for agent access.
This issue also appears on line 47 of the same file.
| 4. Whether secrets matched (PASS/FAIL) | ||
| 5. Path information (gateway path and agent path used) | ||
| 6. Any errors encountered | ||
| Use the filesystem MCP server to access a file called `large-test-file.json`, which contains a field `secret_reference`. Verify that the secret value matches the content of file `secret.txt` which should also be accessed from the filesystem MCP server. |
There was a problem hiding this comment.
The task description asks the agent to read large-test-file.json and secret.txt but doesn’t specify the absolute paths required by the filesystem MCP server. Given this workflow mounts the test FS under /workspace (or previously /workspace/test-data), the prompt should call out the exact paths (e.g. /workspace/large-test-file.json and /workspace/secret.txt) so the agent can reliably use read_file.
| Use the filesystem MCP server to access a file called `large-test-file.json`, which contains a field `secret_reference`. Verify that the secret value matches the content of file `secret.txt` which should also be accessed from the filesystem MCP server. | |
| Use the filesystem MCP server to access a file at `/workspace/large-test-file.json`, which contains a field `secret_reference`. Verify that the secret value matches the content of file `/workspace/secret.txt` which should also be accessed from the filesystem MCP server. |
| "container": "mcp/filesystem", | ||
| "mounts": [ | ||
| "/tmp/mcp-test-fs:/workspace/test-data:ro" | ||
| "/tmp/mcp-test-fs:/workspace:ro" |
There was a problem hiding this comment.
The compiled MCP filesystem server mount mirrors the source workflow’s /tmp/mcp-test-fs:/workspace:ro. This is likely to mask /workspace and conflicts with the documented pattern of mounting test data under a subdir (e.g. /workspace/test-data) so /workspace/mcp-payloads can coexist. If you change the mount target in the source .md, please recompile to update this lock file too.
| "/tmp/mcp-test-fs:/workspace:ro" | |
| "/tmp/mcp-test-fs:/workspace/test-data:ro" |
| # Large MCP Payload Access Test | ||
|
|
||
| You are an AI agent testing the MCP Gateway's ability to handle large payloads and make them accessible to agents. | ||
| You are an AI agent trying verify a secret in a file hosted by the filesystem MCP server. |
There was a problem hiding this comment.
Grammar: “trying verify” is missing “to” (should be “trying to verify”).
| You are an AI agent trying verify a secret in a file hosted by the filesystem MCP server. | |
| You are an AI agent trying to verify a secret in a file hosted by the filesystem MCP server. |
| ALLOWED_PATHS: "/workspace" | ||
| mounts: | ||
| - "/tmp/mcp-test-fs:/workspace/test-data:ro" | ||
| - "/tmp/mcp-test-fs:/workspace:ro" |
There was a problem hiding this comment.
Mounting the test data directory to the filesystem MCP server at /workspace will mask the container’s /workspace root and makes it difficult/impossible to also mount payload access paths under /workspace (e.g. /workspace/mcp-payloads) as documented for this workflow. It also breaks the documented test file paths (previously /workspace/test-data/...). Consider restoring the mount target to a subdirectory like /workspace/test-data and update the agent prompt accordingly.
| - "/tmp/mcp-test-fs:/workspace:ro" | |
| - "/tmp/mcp-test-fs:/workspace/test-data:ro" |
| @@ -51,14 +55,12 @@ steps: | |||
| else | |||
| TEST_SECRET="test-secret-$(date +%s%N)-$$" | |||
| fi | |||
| echo "$TEST_SECRET" > /tmp/mcp-test-fs/test-secret.txt | |||
|
|
|||
| echo $TEST_SECRET > $TEST_FS/$SECRET_FILE | |||
| # Create a large test file (~500KB) with the secret embedded in JSON | |||
| # This file will be read by the filesystem MCP server, causing a large payload | |||
| cat > /tmp/mcp-test-fs/large-test-file.json <<'EOF' | |||
| cat > $TEST_FS/$LARGE_PAYLOAD_FILE <<'EOF' | |||
There was a problem hiding this comment.
Shell variables are expanded unquoted here (mkdir -p $TEST_FS, echo $TEST_SECRET > ..., redirects to $TEST_FS/$...). Quoting these expansions avoids surprising word-splitting/globbing and preserves exact secret content. Recommend using quotes for $TEST_FS, $SECRET_FILE, $LARGE_PAYLOAD_FILE, and $TEST_SECRET in this step.
No description provided.