safe-outputs.actions custom action tools not exposed to agent MCP toolset
Description
When configuring a custom action via safe-outputs.actions, the tool appears in the compiled workflow's tool list but is not available to the agent at runtime.
Configuration
safe-outputs:
actions:
upload_report:
uses: actions/upload-artifact@v4
description: Upload the CSDL Assessment Report as a workflow artifactExpected Behavior
The upload_report tool should be available to the agent and callable like other safe-output tools (add_comment, create_pull_request, etc.).
Actual Behavior
The agent reports: upload_report tool not in toolset
Agent output:
⚠️ Report artifact upload skipped (`upload_report` tool not in toolset); report file `CSDL_Assessment_Report_20260414_195246.md`
Evidence from Compiled Workflow
The tool IS correctly compiled:
-
Listed in the prompt's tool list:
Tools: add_comment(max:5), create_pull_request, push_to_pull_request_branch, missing_tool, missing_data, noop, upload_report
-
Action step is generated with correct conditional:
- name: Upload the CSDL Assessment Report as a workflow artifact
id: action_upload_report
if: steps.process_safe_outputs.outputs.action_upload_report_payload != ''
uses: actions/upload-artifact@v4
with:
name: ${{ fromJSON(steps.process_safe_outputs.outputs.action_upload_report_payload).name }}
path: ${{ fromJSON(steps.process_safe_outputs.outputs.action_upload_report_payload).path }}
-
Environment variable is set:
GH_AW_SAFE_OUTPUT_ACTIONS: "{\"upload_report\":\"upload_report\"}"
Analysis
The compiled workflow correctly includes:
- The tool in the
<safe-output-tools> section of the prompt
- The action step with proper conditional execution
- The environment variable mapping
However, unlike built-in safe-outputs (create_pull_request, add_comment), there is no dedicated prompt file generated for custom actions (e.g., safe_outputs_upload_report.md). This may be why the agent doesn't recognize the tool schema.
Workaround
Currently relying on the agent's general artifacts to capture the report file, but this makes it harder to find after downloading (buried in agent artifacts vs. a dedicated named artifact).
Version
Related
safe-outputs.actionscustom action tools not exposed to agent MCP toolsetDescription
When configuring a custom action via
safe-outputs.actions, the tool appears in the compiled workflow's tool list but is not available to the agent at runtime.Configuration
Expected Behavior
The
upload_reporttool should be available to the agent and callable like other safe-output tools (add_comment,create_pull_request, etc.).Actual Behavior
The agent reports:
upload_report tool not in toolsetAgent output:
Evidence from Compiled Workflow
The tool IS correctly compiled:
Listed in the prompt's tool list:
Action step is generated with correct conditional:
Environment variable is set:
Analysis
The compiled workflow correctly includes:
<safe-output-tools>section of the promptHowever, unlike built-in safe-outputs (
create_pull_request,add_comment), there is no dedicated prompt file generated for custom actions (e.g.,safe_outputs_upload_report.md). This may be why the agent doesn't recognize the tool schema.Workaround
Currently relying on the agent's general artifacts to capture the report file, but this makes it harder to find after downloading (buried in agent artifacts vs. a dedicated named artifact).
Version
Related
safe-outputs.actions#21752: feat: mount custom GitHub Actions as safe output tools viasafe-outputs.actions