[aw-compat] Deprecated sandbox.mcp.* keys in 3 official repos not auto-fixed by gh aw fix

[github-actions]

Overview

The 2026-05-01 compatibility audit found that 3 official GitHub repositories fail strict-mode compilation due to deprecated sandbox.mcp.* keys that were previously valid but are now blocked.

These are not user syntax mistakes — they represent internal API keys that were once documented/used but are now marked as implementation details in the current strict mode validator.

Affected Repos and Keys

Repository	Stars	Deprecated Key	Occurrences
github/gh-aw-mcpg	123	sandbox.mcp.container	8+ files
github/gh-aw-firewall	62	sandbox.mcp.version	4 files
githubnext/gh-aw-test	7	sandbox.agent: false	16 files

Errors

sandbox.mcp.container (github/gh-aw-mcpg):

error: strict mode: 'sandbox.mcp.container' is not allowed because it is an internal implementation
detail. Remove 'sandbox.mcp.container' or set 'strict: false' to disable strict mode.
See: https://github.github.com/gh-aw/reference/sandbox/

sandbox.mcp.version (github/gh-aw-firewall):

error: strict mode: 'sandbox.mcp.version' is not allowed because it is an internal implementation
detail. Remove 'sandbox.mcp.version' or set 'strict: false' to disable strict mode.
See: https://github.github.com/gh-aw/reference/sandbox/

sandbox.agent: false (githubnext/gh-aw-test):

error: strict mode: 'sandbox.agent: false' is not allowed because it disables the agent sandbox
firewall. This removes important security protections. Remove 'sandbox.agent: false' or
set 'strict: false' to disable strict mode.

Root Cause Analysis

These keys appear to have been valid in earlier gh-aw versions when operators could customize the MCP server container or version, and when sandbox.agent: false was a supported escape hatch for testing. The strict mode validator now rejects them, but:

1. gh aw fix does not remove these keys automatically.
2. The error message correctly points to the docs, but the fix path requires manual edits.
3. github/gh-aw-mcpg is the official MCP gateway repo — its own workflows failing suggests a post-release validator tightening.

Suggested Remediations

For sandbox.mcp.container and sandbox.mcp.version: Remove the keys. The gh-aw runtime now manages the container and version internally based on the declared MCP toolsets.

For sandbox.agent: false: For intentional nosandbox testing:

• Add strict: false at the workflow level to opt out of strict validation.
• Or remove sandbox.agent: false and rely on the default (sandboxed) behavior.

Immediate Fix for github/gh-aw-mcpg

Run in each affected workflow file:

# Remove the sandbox.mcp.container block
gh aw fix --write  # Does NOT fix this currently — manual edit required

Manual edit: Remove the sandbox.mcp: block or the container: key under it.

References:

• §25206497318 — Audit run
• See also: #29469 (daily compatibility summary)
  Related to [aw-compat] Daily compatibility report: 9/17 repos fail strict-mode compile (2026-05-01) #29469

Generated by Daily AW Cross-Repo Compile Check · ● 688.8K · ◷

• expires on May 8, 2026, 8:30 AM UTC

[pelikhan]

@copilot add codemods to remove those keys