From f0cb32f562b8db0923d2c30f7f8a63db216a2632 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 19:43:27 +0000
Subject: [PATCH 01/10] Initial plan


From 42f4b1949c7b0cfabe9c8b65dd840c451b712be0 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 20:17:24 +0000
Subject: [PATCH 02/10] Rename safe-inputs to mcp-scripts with migration
 codemod

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
 ...log-mcp-startup-and-smoke-claude-status.md |   2 +-
 .changeset/patch-safe-inputs-runner.md        |   2 +-
 .../copilot-pr-merged-report.lock.yml         |  78 ++++-----
 .github/workflows/copilot-pr-merged-report.md |   4 +-
 .../workflows/daily-cli-performance.lock.yml  |  90 +++++-----
 .github/workflows/daily-cli-performance.md    |   2 +-
 .../daily-performance-summary.lock.yml        |  98 +++++------
 .../workflows/daily-performance-summary.md    |  24 +--
 .github/workflows/daily-regulatory.lock.yml   |  94 +++++-----
 .github/workflows/daily-regulatory.md         |   6 +-
 .github/workflows/go-logger.lock.yml          |  90 +++++-----
 .github/workflows/security-review.md          |   2 +-
 .github/workflows/shared/gh.md                |  26 +--
 ...-input.md => github-queries-mcp-script.md} |   6 +-
 .github/workflows/shared/go-make.md           |  56 +++---
 ...ta-safe-input.md => pr-data-mcp-script.md} |   6 +-
 .github/workflows/smoke-claude.lock.yml       | 162 +++++++++---------
 .github/workflows/smoke-claude.md             |   4 +-
 .github/workflows/smoke-codex.lock.yml        |  96 +++++------
 .github/workflows/smoke-copilot-arm.lock.yml  | 114 ++++++------
 .github/workflows/smoke-copilot-arm.md        |   4 +-
 .github/workflows/smoke-copilot.lock.yml      | 114 ++++++------
 .github/workflows/smoke-copilot.md            |   4 +-
 .github/workflows/smoke-gemini.lock.yml       |  78 ++++-----
 ...ig.cjs => generate_mcp_scripts_config.cjs} |   8 +-
 ...s => generate_mcp_scripts_config.test.cjs} |  30 ++--
 actions/setup/js/log_parser_shared.cjs        |   4 +-
 actions/setup/js/log_parser_shared.test.cjs   |   4 +-
 ...puts-runner.cjs => mcp-scripts-runner.cjs} |  10 +-
 ...r.test.cjs => mcp-scripts-runner.test.cjs} |  18 +-
 actions/setup/js/mcp_handler_go.cjs           |   2 +-
 actions/setup/js/mcp_handler_javascript.cjs   |   2 +-
 actions/setup/js/mcp_handler_python.cjs       |   2 +-
 actions/setup/js/mcp_handler_shell.cjs        |   2 +-
 ...ootstrap.cjs => mcp_scripts_bootstrap.cjs} |  16 +-
 ...est.cjs => mcp_scripts_bootstrap.test.cjs} |  24 +--
 ...ader.cjs => mcp_scripts_config_loader.cjs} |  14 +-
 ...cjs => mcp_scripts_config_loader.test.cjs} |  16 +-
 ..._server.cjs => mcp_scripts_mcp_server.cjs} |  40 ++---
 ...st.cjs => mcp_scripts_mcp_server.test.cjs} | 118 ++++++-------
 ...tp.cjs => mcp_scripts_mcp_server_http.cjs} |  26 +--
 ...s => mcp_scripts_mcp_server_http.test.cjs} |   4 +-
 ...ctory.cjs => mcp_scripts_tool_factory.cjs} |   4 +-
 ....cjs => mcp_scripts_tool_factory.test.cjs} |  12 +-
 ...idation.cjs => mcp_scripts_validation.cjs} |   2 +-
 ...st.cjs => mcp_scripts_validation.test.cjs} |  22 +--
 actions/setup/js/mcp_server_core.cjs          |   2 +-
 ...ts_logs.cjs => parse_mcp_scripts_logs.cjs} |  46 ++---
 ...st.cjs => parse_mcp_scripts_logs.test.cjs} | 146 ++++++++--------
 .../safe_outputs_mcp_error_messages.test.cjs  |   2 +-
 actions/setup/js/setup_sh_file_lists.test.cjs |  12 +-
 actions/setup/js/shim.cjs                     |   2 +-
 actions/setup/setup.sh                        |  56 +++---
 actions/setup/sh/check_mcp_servers_test.sh    |   4 +-
 ..._server.sh => start_mcp_scripts_server.sh} |  56 +++---
 .../sh/validate_gatewayed_server_test.sh      |   2 +-
 docs/copilot-cli-checksum-verification.md     |   4 +-
 docs/public/editor/autocomplete-data.json     |   4 +-
 .../schemas/mcp-gateway-config.schema.json    |   4 +-
 ...ma.json => mcp-scripts-config.schema.json} |   8 +-
 .../content/docs/guides/editing-workflows.md  |   2 +-
 docs/src/content/docs/guides/mcps.md          |   2 +-
 docs/src/content/docs/guides/upgrading.md     |   6 +-
 .../docs/introduction/how-they-work.mdx       |   2 +-
 .../docs/reference/environment-variables.md   |   6 +-
 docs/src/content/docs/reference/faq.md        |   2 +-
 .../docs/reference/frontmatter-full.md        |   2 +-
 .../frontmatter-hash-specification.md         |   6 +-
 .../src/content/docs/reference/frontmatter.md |   4 +-
 .../docs/reference/gh-aw-as-mcp-server.md     |   2 +-
 docs/src/content/docs/reference/glossary.md   |   4 +-
 docs/src/content/docs/reference/imports.md    |   2 +-
 .../src/content/docs/reference/mcp-gateway.md |   4 +-
 ...cation.md => mcp-scripts-specification.md} |  36 ++--
 .../{safe-inputs.md => mcp-scripts.md}        |  30 ++--
 docs/src/content/docs/reference/tools.md      |   2 +-
 docs/src/content/docs/setup/cli.md            |   2 +-
 pkg/cli/codemod_mcp_scripts.go                |  43 +++++
 ...ts_test.go => codemod_mcp_scripts_test.go} |  56 +++---
 pkg/cli/codemod_safe_inputs.go                |  43 -----
 pkg/cli/codemod_safe_inputs_to_mcp_scripts.go |  48 ++++++
 ...codemod_safe_inputs_to_mcp_scripts_test.go | 153 +++++++++++++++++
 pkg/cli/fix_codemods.go                       |   3 +-
 pkg/cli/fix_codemods_test.go                  |   8 +-
 pkg/cli/fix_command_test.go                   |  22 +--
 pkg/cli/mcp_inspect.go                        |  36 ++--
 ...es.go => mcp_inspect_mcp_scripts_files.go} |  26 +--
 ...r.go => mcp_inspect_mcp_scripts_server.go} |  56 +++---
 pkg/cli/mcp_tools_management.go               |   2 +-
 pkg/constants/constants.go                    |  14 +-
 pkg/constants/constants_test.go               |   8 +-
 pkg/parser/import_field_extractor.go          |  14 +-
 pkg/parser/import_processor.go                |   2 +-
 pkg/parser/include_processor.go               |   2 +-
 pkg/parser/mcp.go                             |  16 +-
 pkg/parser/schemas/main_workflow_schema.json  |   2 +-
 pkg/workflow/claude_engine.go                 |  16 +-
 pkg/workflow/claude_mcp.go                    |   4 +-
 pkg/workflow/codex_engine.go                  |  16 +-
 pkg/workflow/codex_engine_test.go             |  14 +-
 pkg/workflow/codex_mcp.go                     |  14 +-
 pkg/workflow/compiler.go                      |   6 +-
 pkg/workflow/compiler_orchestrator_test.go    |   2 +-
 .../compiler_orchestrator_workflow.go         |  16 +-
 .../compiler_orchestrator_workflow_test.go    |   4 +-
 pkg/workflow/compiler_types.go                |   2 +-
 pkg/workflow/compiler_yaml_ai_execution.go    |  10 +-
 pkg/workflow/compiler_yaml_main_job.go        |  12 +-
 pkg/workflow/copilot_engine.go                |  12 +-
 pkg/workflow/copilot_engine_execution.go      |  12 +-
 pkg/workflow/copilot_engine_tools.go          |  16 +-
 pkg/workflow/copilot_mcp.go                   |   4 +-
 pkg/workflow/engine_helpers_secrets_test.go   |   6 +-
 pkg/workflow/expression_safety_test.go        |   2 +-
 pkg/workflow/features_import_test.go          |   8 +-
 pkg/workflow/frontmatter_types.go             |   8 +-
 pkg/workflow/frontmatter_types_test.go        |  10 +-
 pkg/workflow/gemini_engine.go                 |  12 +-
 pkg/workflow/gemini_mcp.go                    |   4 +-
 pkg/workflow/js.go                            |   6 +-
 pkg/workflow/mcp_api_key_masking_test.go      |  18 +-
 pkg/workflow/mcp_config_builtin.go            |   4 +-
 pkg/workflow/mcp_config_utils.go              |   2 +-
 pkg/workflow/mcp_detection.go                 |   4 +-
 pkg/workflow/mcp_detection_test.go            |  14 +-
 pkg/workflow/mcp_environment.go               |  24 +--
 pkg/workflow/mcp_renderer.go                  |  34 ++--
 ...est.go => mcp_scripts_conditional_test.go} |  60 +++----
 ... mcp_scripts_experimental_warning_test.go} |  28 +--
 ...l_test.go => mcp_scripts_firewall_test.go} |  18 +-
 ..._generator.go => mcp_scripts_generator.go} | 124 +++++++-------
 ..._test.go => mcp_scripts_generator_test.go} | 118 ++++++-------
 ...test.go => mcp_scripts_http_codex_test.go} |  36 ++--
 ..._mode_test.go => mcp_scripts_mode_test.go} |  18 +-
 ...inputs_parser.go => mcp_scripts_parser.go} |  94 +++++-----
 ...ser_test.go => mcp_scripts_parser_test.go} |  44 ++---
 ...ts_renderer.go => mcp_scripts_renderer.go} |  36 ++--
 ...r_test.go => mcp_scripts_renderer_test.go} |  24 +--
 ...ut_test.go => mcp_scripts_timeout_test.go} |  50 +++---
 pkg/workflow/mcp_setup_generator.go           | 124 +++++++-------
 pkg/workflow/mcp_setup_generator_test.go      |  14 +-
 pkg/workflow/strict_mode_validation.go        |   4 +-
 pkg/workflow/strings_test.go                  |   6 +-
 .../smoke-copilot.golden                      |   6 +-
 .../wasm_golden/fixtures/shared/gh.md         |  26 +--
 ...-input.md => github-queries-mcp-script.md} |   6 +-
 .../wasm_golden/fixtures/shared/go-make.md    |  56 +++---
 .../wasm_golden/fixtures/smoke-copilot.md     |   6 +-
 148 files changed, 1988 insertions(+), 1784 deletions(-)
 rename .github/workflows/shared/{github-queries-safe-input.md => github-queries-mcp-script.md} (99%)
 rename .github/workflows/shared/{pr-data-safe-input.md => pr-data-mcp-script.md} (96%)
 rename actions/setup/js/{generate_safe_inputs_config.cjs => generate_mcp_scripts_config.cjs} (85%)
 rename actions/setup/js/{generate_safe_inputs_config.test.cjs => generate_mcp_scripts_config.test.cjs} (65%)
 rename actions/setup/js/{safe-inputs-runner.cjs => mcp-scripts-runner.cjs} (84%)
 rename actions/setup/js/{safe-inputs-runner.test.cjs => mcp-scripts-runner.test.cjs} (89%)
 rename actions/setup/js/{safe_inputs_bootstrap.cjs => mcp_scripts_bootstrap.cjs} (83%)
 rename actions/setup/js/{safe_inputs_bootstrap.test.cjs => mcp_scripts_bootstrap.test.cjs} (84%)
 rename actions/setup/js/{safe_inputs_config_loader.cjs => mcp_scripts_config_loader.cjs} (76%)
 rename actions/setup/js/{safe_inputs_config_loader.test.cjs => mcp_scripts_config_loader.test.cjs} (88%)
 rename actions/setup/js/{safe_inputs_mcp_server.cjs => mcp_scripts_mcp_server.cjs} (68%)
 rename actions/setup/js/{safe_inputs_mcp_server.test.cjs => mcp_scripts_mcp_server.test.cjs} (89%)
 rename actions/setup/js/{safe_inputs_mcp_server_http.cjs => mcp_scripts_mcp_server_http.cjs} (93%)
 rename actions/setup/js/{safe_inputs_mcp_server_http.test.cjs => mcp_scripts_mcp_server_http.test.cjs} (98%)
 rename actions/setup/js/{safe_inputs_tool_factory.cjs => mcp_scripts_tool_factory.cjs} (89%)
 rename actions/setup/js/{safe_inputs_tool_factory.test.cjs => mcp_scripts_tool_factory.test.cjs} (87%)
 rename actions/setup/js/{safe_inputs_validation.cjs => mcp_scripts_validation.cjs} (92%)
 rename actions/setup/js/{safe_inputs_validation.test.cjs => mcp_scripts_validation.test.cjs} (79%)
 rename actions/setup/js/{parse_safe_inputs_logs.cjs => parse_mcp_scripts_logs.cjs} (87%)
 rename actions/setup/js/{parse_safe_inputs_logs.test.cjs => parse_mcp_scripts_logs.test.cjs} (69%)
 rename actions/setup/sh/{start_safe_inputs_server.sh => start_mcp_scripts_server.sh} (64%)
 rename docs/public/schemas/{safe-inputs-config.schema.json => mcp-scripts-config.schema.json} (97%)
 rename docs/src/content/docs/reference/{safe-inputs-specification.md => mcp-scripts-specification.md} (98%)
 rename docs/src/content/docs/reference/{safe-inputs.md => mcp-scripts.md} (97%)
 create mode 100644 pkg/cli/codemod_mcp_scripts.go
 rename pkg/cli/{codemod_safe_inputs_test.go => codemod_mcp_scripts_test.go} (69%)
 delete mode 100644 pkg/cli/codemod_safe_inputs.go
 create mode 100644 pkg/cli/codemod_safe_inputs_to_mcp_scripts.go
 create mode 100644 pkg/cli/codemod_safe_inputs_to_mcp_scripts_test.go
 rename pkg/cli/{mcp_inspect_safe_inputs_files.go => mcp_inspect_mcp_scripts_files.go} (78%)
 rename pkg/cli/{mcp_inspect_safe_inputs_server.go => mcp_inspect_mcp_scripts_server.go} (76%)
 rename pkg/workflow/{mcp_safe_inputs_conditional_test.go => mcp_scripts_conditional_test.go} (66%)
 rename pkg/workflow/{safe_inputs_experimental_warning_test.go => mcp_scripts_experimental_warning_test.go} (80%)
 rename pkg/workflow/{safe_inputs_firewall_test.go => mcp_scripts_firewall_test.go} (84%)
 rename pkg/workflow/{safe_inputs_generator.go => mcp_scripts_generator.go} (73%)
 rename pkg/workflow/{safe_inputs_generator_test.go => mcp_scripts_generator_test.go} (83%)
 rename pkg/workflow/{safe_inputs_http_codex_test.go => mcp_scripts_http_codex_test.go} (84%)
 rename pkg/workflow/{safe_inputs_mode_test.go => mcp_scripts_mode_test.go} (90%)
 rename pkg/workflow/{safe_inputs_parser.go => mcp_scripts_parser.go} (76%)
 rename pkg/workflow/{safe_inputs_parser_test.go => mcp_scripts_parser_test.go} (69%)
 rename pkg/workflow/{safe_inputs_renderer.go => mcp_scripts_renderer.go} (71%)
 rename pkg/workflow/{safe_inputs_renderer_test.go => mcp_scripts_renderer_test.go} (70%)
 rename pkg/workflow/{safe_inputs_timeout_test.go => mcp_scripts_timeout_test.go} (80%)
 rename pkg/workflow/testdata/wasm_golden/fixtures/shared/{github-queries-safe-input.md => github-queries-mcp-script.md} (99%)

diff --git a/.changeset/patch-log-mcp-startup-and-smoke-claude-status.md b/.changeset/patch-log-mcp-startup-and-smoke-claude-status.md
index 6f5990e0081..1a291d67b1d 100644
--- a/.changeset/patch-log-mcp-startup-and-smoke-claude-status.md
+++ b/.changeset/patch-log-mcp-startup-and-smoke-claude-status.md
@@ -2,4 +2,4 @@
 "gh-aw": patch
 ---
 
-Broadcast MCP server startup logs (safe-inputs, safe-outputs, Serena) with `DEBUG="*"` and GitHub Actions notices so failures expose detailed diagnostics, and extend the smoke-claude workflow with the agentic-workflows `status` query while persisting its summary.
+Broadcast MCP server startup logs (mcp-scripts, safe-outputs, Serena) with `DEBUG="*"` and GitHub Actions notices so failures expose detailed diagnostics, and extend the smoke-claude workflow with the agentic-workflows `status` query while persisting its summary.
diff --git a/.changeset/patch-safe-inputs-runner.md b/.changeset/patch-safe-inputs-runner.md
index 5201991714e..ba79b8e304b 100644
--- a/.changeset/patch-safe-inputs-runner.md
+++ b/.changeset/patch-safe-inputs-runner.md
@@ -2,4 +2,4 @@
 "gh-aw": patch
 ---
 
-Ensure script-based safe-inputs delegate execution to the shared runner so subprocess stdout/stderr are returned.
+Ensure script-based mcp-scripts delegate execution to the shared runner so subprocess stdout/stderr are returned.
diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml
index d2f99b3d32c..2b3af5450d1 100644
--- a/.github/workflows/copilot-pr-merged-report.lock.yml
+++ b/.github/workflows/copilot-pr-merged-report.lock.yml
@@ -31,7 +31,7 @@
 #     - shared/reporting.md
 #     - shared/copilot-pr-analysis-base.md
 #
-# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"d2ca13ea191854985bb6baeeb127f65bc6983ef11c13a367ba002c289a97042a"}
+# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"476bd0bfa5dd66057d8a5211101da6d6bf861f660f6733e9a678f12075cb93b9"}
 
 name: "Daily Copilot PR Merged Report"
 "on":
@@ -628,16 +628,16 @@ jobs:
           
       - name: Setup Safe Inputs Config
         run: |
-          mkdir -p /opt/gh-aw/safe-inputs/logs
-          cat > /opt/gh-aw/safe-inputs/tools.json << 'GH_AW_SAFE_INPUTS_TOOLS_EOF'
+          mkdir -p /opt/gh-aw/mcp-scripts/logs
+          cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
           {
-            "serverName": "safeinputs",
+            "serverName": "mcpscripts",
             "version": "1.0.0",
-            "logDir": "/opt/gh-aw/safe-inputs/logs",
+            "logDir": "/opt/gh-aw/mcp-scripts/logs",
             "tools": [
               {
                 "name": "gh",
-                "description": "Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -659,30 +659,30 @@ jobs:
               }
             ]
           }
-          GH_AW_SAFE_INPUTS_TOOLS_EOF
-          cat > /opt/gh-aw/safe-inputs/mcp-server.cjs << 'GH_AW_SAFE_INPUTS_SERVER_EOF'
+          GH_AW_MCP_SCRIPTS_TOOLS_EOF
+          cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_EOF'
             const path = require("path");
-            const { startHttpServer } = require("./safe_inputs_mcp_server_http.cjs");
+            const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
             const configPath = path.join(__dirname, "tools.json");
-            const port = parseInt(process.env.GH_AW_SAFE_INPUTS_PORT || "3000", 10);
-            const apiKey = process.env.GH_AW_SAFE_INPUTS_API_KEY || "";
+            const port = parseInt(process.env.GH_AW_MCP_SCRIPTS_PORT || "3000", 10);
+            const apiKey = process.env.GH_AW_MCP_SCRIPTS_API_KEY || "";
             startHttpServer(configPath, {
               port: port,
               stateless: true,
-              logDir: "/opt/gh-aw/safe-inputs/logs"
+              logDir: "/opt/gh-aw/mcp-scripts/logs"
             }).catch(error => {
-              console.error("Failed to start safe-inputs HTTP server:", error);
+              console.error("Failed to start mcp-scripts HTTP server:", error);
               process.exit(1);
             });
-          GH_AW_SAFE_INPUTS_SERVER_EOF
-          chmod +x /opt/gh-aw/safe-inputs/mcp-server.cjs
+          GH_AW_MCP_SCRIPTS_SERVER_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
       - name: Setup Safe Inputs Tool Files
         run: |
-          cat > /opt/gh-aw/safe-inputs/gh.sh << 'GH_AW_SAFE_INPUTS_SH_GH_EOF'
+          cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: gh
-          # Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: gh
+          # Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
@@ -690,11 +690,11 @@ jobs:
           echo "  token: ${GH_AW_GH_TOKEN:0:6}..."
           GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
           
-          GH_AW_SAFE_INPUTS_SH_GH_EOF
-          chmod +x /opt/gh-aw/safe-inputs/gh.sh
+          GH_AW_MCP_SCRIPTS_SH_GH_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/gh.sh
           
-      - name: Generate Safe Inputs MCP Server Config
-        id: safe-inputs-config
+      - name: Generate MCP Scripts Server Config
+        id: mcp-scripts-config
         run: |
           # Generate a secure random API key (360 bits of entropy, 40+ chars)
           # Mask immediately to prevent timing vulnerabilities
@@ -705,34 +705,34 @@ jobs:
           
           # Set outputs for next steps
           {
-            echo "safe_inputs_api_key=${API_KEY}"
-            echo "safe_inputs_port=${PORT}"
+            echo "mcp_scripts_api_key=${API_KEY}"
+            echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
           echo "Safe Inputs MCP server will run on port ${PORT}"
           
-      - name: Start Safe Inputs MCP HTTP Server
-        id: safe-inputs-start
+      - name: Start MCP Scripts HTTP Server
+        id: mcp-scripts-start
         env:
           DEBUG: '*'
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-config.outputs.safe_inputs_port }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-config.outputs.safe_inputs_api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }}
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           GH_DEBUG: 1
         run: |
           # Environment variables are set above to prevent template injection
           export DEBUG
-          export GH_AW_SAFE_INPUTS_PORT
-          export GH_AW_SAFE_INPUTS_API_KEY
+          export GH_AW_MCP_SCRIPTS_PORT
+          export GH_AW_MCP_SCRIPTS_API_KEY
           
-          bash /opt/gh-aw/actions/start_safe_inputs_server.sh
+          bash /opt/gh-aw/actions/start_mcp_scripts_server.sh
           
       - name: Start MCP Gateway
         id: start-mcp-gateway
         env:
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-start.outputs.api_key }}
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-start.outputs.port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-start.outputs.api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-start.outputs.port }}
           GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
           GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
           GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
@@ -755,7 +755,7 @@ jobs:
           export DEBUG="*"
           
           export GH_AW_ENGINE="copilot"
-          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_INPUTS_PORT -e GH_AW_SAFE_INPUTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
+          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
           
           mkdir -p /home/runner/.copilot
           cat << GH_AW_MCP_CONFIG_EOF | bash /opt/gh-aw/actions/start_mcp_gateway.sh
@@ -771,11 +771,11 @@ jobs:
                   "GITHUB_TOOLSETS": "context,repos,issues,pull_requests"
                 }
               },
-              "safeinputs": {
+              "mcpscripts": {
                 "type": "http",
-                "url": "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT",
+                "url": "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT",
                 "headers": {
-                  "Authorization": "\${GH_AW_SAFE_INPUTS_API_KEY}"
+                  "Authorization": "\${GH_AW_MCP_SCRIPTS_API_KEY}"
                 }
               },
               "safeoutputs": {
@@ -948,7 +948,7 @@ jobs:
           script: |
             const { setupGlobals } = require('/opt/gh-aw/actions/setup_globals.cjs');
             setupGlobals(core, github, context, exec, io);
-            const { main } = require('/opt/gh-aw/actions/parse_safe_inputs_logs.cjs');
+            const { main } = require('/opt/gh-aw/actions/parse_mcp_scripts_logs.cjs');
             await main();
       - name: Parse MCP Gateway logs for step summary
         if: always()
@@ -989,7 +989,7 @@ jobs:
           path: |
             /tmp/gh-aw/aw-prompts/prompt.txt
             /tmp/gh-aw/mcp-logs/
-            /tmp/gh-aw/safe-inputs/logs/
+            /tmp/gh-aw/mcp-scripts/logs/
             /tmp/gh-aw/sandbox/firewall/logs/
             /tmp/gh-aw/agent-stdio.log
             /tmp/gh-aw/agent/
diff --git a/.github/workflows/copilot-pr-merged-report.md b/.github/workflows/copilot-pr-merged-report.md
index 2f7b07b356e..6f0406f86a3 100644
--- a/.github/workflows/copilot-pr-merged-report.md
+++ b/.github/workflows/copilot-pr-merged-report.md
@@ -75,7 +75,7 @@ echo "Looking for PRs merged since: $DATE_24H_AGO"
 
 **Step 1.2: Search for Merged Copilot PRs**
 
-Use the `safeinputs-gh` safe-input tool to search for merged PRs from Copilot:
+Use the `safeinputs-gh` mcp-script tool to search for merged PRs from Copilot:
 ```
 safeinputs-gh with args: "pr list --repo ${{ github.repository }} --search \"head:copilot/ is:merged merged:>=$DATE_24H_AGO\" --state merged --limit 100 --json number,title,mergedAt,additions,deletions,files,url"
 ```
@@ -263,7 +263,7 @@ A successful report:
 - ✅ Creates discussion in "audits" category
 - ✅ Completes within 10-minute timeout
 
-Begin your analysis now. Use the `gh` safe-input tool for all GitHub CLI operations.
+Begin your analysis now. Use the `gh` mcp-script tool for all GitHub CLI operations.
 
 **Important**: If no action is needed after completing your analysis, you **MUST** call the `noop` safe-output tool with a brief explanation. Failing to call any safe-output tool is the most common cause of safe-output workflow failures.
 
diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml
index 086eb138db1..9bd2e8de9fe 100644
--- a/.github/workflows/daily-cli-performance.lock.yml
+++ b/.github/workflows/daily-cli-performance.lock.yml
@@ -28,7 +28,7 @@
 #     - shared/go-make.md
 #     - shared/reporting.md
 #
-# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"a573baa1f4c6a22b57c781ccbf0dce23b1dd16f5ab2609d3a27782be2705a95a","strict":true}
+# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"51987ab5257e9b3550645f687dc7466a89ae9cadf175e1661c673806228f207b","strict":true}
 
 name: "Daily CLI Performance Agent"
 "on":
@@ -710,16 +710,16 @@ jobs:
           
       - name: Setup Safe Inputs Config
         run: |
-          mkdir -p /opt/gh-aw/safe-inputs/logs
-          cat > /opt/gh-aw/safe-inputs/tools.json << 'GH_AW_SAFE_INPUTS_TOOLS_EOF'
+          mkdir -p /opt/gh-aw/mcp-scripts/logs
+          cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
           {
-            "serverName": "safeinputs",
+            "serverName": "mcpscripts",
             "version": "1.0.0",
-            "logDir": "/opt/gh-aw/safe-inputs/logs",
+            "logDir": "/opt/gh-aw/mcp-scripts/logs",
             "tools": [
               {
                 "name": "go",
-                "description": "Execute any Go command. This tool is accessible as 'safeinputs-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -737,7 +737,7 @@ jobs:
               },
               {
                 "name": "make",
-                "description": "Execute any Make target. This tool is accessible as 'safeinputs-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -755,30 +755,30 @@ jobs:
               }
             ]
           }
-          GH_AW_SAFE_INPUTS_TOOLS_EOF
-          cat > /opt/gh-aw/safe-inputs/mcp-server.cjs << 'GH_AW_SAFE_INPUTS_SERVER_EOF'
+          GH_AW_MCP_SCRIPTS_TOOLS_EOF
+          cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_EOF'
             const path = require("path");
-            const { startHttpServer } = require("./safe_inputs_mcp_server_http.cjs");
+            const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
             const configPath = path.join(__dirname, "tools.json");
-            const port = parseInt(process.env.GH_AW_SAFE_INPUTS_PORT || "3000", 10);
-            const apiKey = process.env.GH_AW_SAFE_INPUTS_API_KEY || "";
+            const port = parseInt(process.env.GH_AW_MCP_SCRIPTS_PORT || "3000", 10);
+            const apiKey = process.env.GH_AW_MCP_SCRIPTS_API_KEY || "";
             startHttpServer(configPath, {
               port: port,
               stateless: true,
-              logDir: "/opt/gh-aw/safe-inputs/logs"
+              logDir: "/opt/gh-aw/mcp-scripts/logs"
             }).catch(error => {
-              console.error("Failed to start safe-inputs HTTP server:", error);
+              console.error("Failed to start mcp-scripts HTTP server:", error);
               process.exit(1);
             });
-          GH_AW_SAFE_INPUTS_SERVER_EOF
-          chmod +x /opt/gh-aw/safe-inputs/mcp-server.cjs
+          GH_AW_MCP_SCRIPTS_SERVER_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
       - name: Setup Safe Inputs Tool Files
         run: |
-          cat > /opt/gh-aw/safe-inputs/go.sh << 'GH_AW_SAFE_INPUTS_SH_GO_EOF'
+          cat > /opt/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: go
-          # Execute any Go command. This tool is accessible as 'safeinputs-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: go
+          # Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
@@ -786,23 +786,23 @@ jobs:
           go $INPUT_ARGS
           
           
-          GH_AW_SAFE_INPUTS_SH_GO_EOF
-          chmod +x /opt/gh-aw/safe-inputs/go.sh
-          cat > /opt/gh-aw/safe-inputs/make.sh << 'GH_AW_SAFE_INPUTS_SH_MAKE_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GO_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/go.sh
+          cat > /opt/gh-aw/mcp-scripts/make.sh << 'GH_AW_MCP_SCRIPTS_SH_MAKE_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: make
-          # Execute any Make target. This tool is accessible as 'safeinputs-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: make
+          # Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
           echo "make $INPUT_ARGS"
           make $INPUT_ARGS
           
-          GH_AW_SAFE_INPUTS_SH_MAKE_EOF
-          chmod +x /opt/gh-aw/safe-inputs/make.sh
+          GH_AW_MCP_SCRIPTS_SH_MAKE_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/make.sh
           
-      - name: Generate Safe Inputs MCP Server Config
-        id: safe-inputs-config
+      - name: Generate MCP Scripts Server Config
+        id: mcp-scripts-config
         run: |
           # Generate a secure random API key (360 bits of entropy, 40+ chars)
           # Mask immediately to prevent timing vulnerabilities
@@ -813,31 +813,31 @@ jobs:
           
           # Set outputs for next steps
           {
-            echo "safe_inputs_api_key=${API_KEY}"
-            echo "safe_inputs_port=${PORT}"
+            echo "mcp_scripts_api_key=${API_KEY}"
+            echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
           echo "Safe Inputs MCP server will run on port ${PORT}"
           
-      - name: Start Safe Inputs MCP HTTP Server
-        id: safe-inputs-start
+      - name: Start MCP Scripts HTTP Server
+        id: mcp-scripts-start
         env:
           DEBUG: '*'
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-config.outputs.safe_inputs_port }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-config.outputs.safe_inputs_api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }}
         run: |
           # Environment variables are set above to prevent template injection
           export DEBUG
-          export GH_AW_SAFE_INPUTS_PORT
-          export GH_AW_SAFE_INPUTS_API_KEY
+          export GH_AW_MCP_SCRIPTS_PORT
+          export GH_AW_MCP_SCRIPTS_API_KEY
           
-          bash /opt/gh-aw/actions/start_safe_inputs_server.sh
+          bash /opt/gh-aw/actions/start_mcp_scripts_server.sh
           
       - name: Start MCP Gateway
         id: start-mcp-gateway
         env:
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-start.outputs.api_key }}
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-start.outputs.port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-start.outputs.api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-start.outputs.port }}
           GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
           GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
           GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
@@ -859,7 +859,7 @@ jobs:
           export DEBUG="*"
           
           export GH_AW_ENGINE="copilot"
-          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_INPUTS_PORT -e GH_AW_SAFE_INPUTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
+          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
           
           mkdir -p /home/runner/.copilot
           cat << GH_AW_MCP_CONFIG_EOF | bash /opt/gh-aw/actions/start_mcp_gateway.sh
@@ -875,11 +875,11 @@ jobs:
                   "GITHUB_TOOLSETS": "context,repos,issues,pull_requests"
                 }
               },
-              "safeinputs": {
+              "mcpscripts": {
                 "type": "http",
-                "url": "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT",
+                "url": "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT",
                 "headers": {
-                  "Authorization": "\${GH_AW_SAFE_INPUTS_API_KEY}"
+                  "Authorization": "\${GH_AW_MCP_SCRIPTS_API_KEY}"
                 }
               },
               "safeoutputs": {
@@ -1050,7 +1050,7 @@ jobs:
           script: |
             const { setupGlobals } = require('/opt/gh-aw/actions/setup_globals.cjs');
             setupGlobals(core, github, context, exec, io);
-            const { main } = require('/opt/gh-aw/actions/parse_safe_inputs_logs.cjs');
+            const { main } = require('/opt/gh-aw/actions/parse_mcp_scripts_logs.cjs');
             await main();
       - name: Parse MCP Gateway logs for step summary
         if: always()
@@ -1094,7 +1094,7 @@ jobs:
           path: |
             /tmp/gh-aw/aw-prompts/prompt.txt
             /tmp/gh-aw/mcp-logs/
-            /tmp/gh-aw/safe-inputs/logs/
+            /tmp/gh-aw/mcp-scripts/logs/
             /tmp/gh-aw/sandbox/firewall/logs/
             /tmp/gh-aw/agent-stdio.log
             /tmp/gh-aw/agent/
diff --git a/.github/workflows/daily-cli-performance.md b/.github/workflows/daily-cli-performance.md
index 318417879f6..b0f0dbb8f7a 100644
--- a/.github/workflows/daily-cli-performance.md
+++ b/.github/workflows/daily-cli-performance.md
@@ -57,7 +57,7 @@ This workflow imports `shared/go-make.md` which provides:
 - **safeinputs-go** - Execute Go commands (e.g., args: "test ./...", "build ./cmd/gh-aw")
 - **safeinputs-make** - Execute Make targets (e.g., args: "build", "test-unit", "bench")
 
-**IMPORTANT**: Always use these safe-input tools for Go and Make commands instead of running them directly via bash.
+**IMPORTANT**: Always use these mcp-script tools for Go and Make commands instead of running them directly via bash.
 
 ## Phase 1: Run Performance Benchmarks
 
diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml
index bf229b33e57..4a5a657370b 100644
--- a/.github/workflows/daily-performance-summary.lock.yml
+++ b/.github/workflows/daily-performance-summary.lock.yml
@@ -21,15 +21,15 @@
 #
 # For more information: https://github.github.com/gh-aw/introduction/overview/
 #
-# Daily project performance summary (90-day window) with trend charts using safe-inputs
+# Daily project performance summary (90-day window) with trend charts using mcp-scripts
 #
 # Resolved workflow manifest:
 #   Imports:
-#     - shared/github-queries-safe-input.md
+#     - shared/github-queries-mcp-script.md
 #     - shared/reporting.md
 #     - shared/trending-charts-simple.md
 #
-# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"e122dc205e62037c58443024bb7827fc2c4474c74536e2043be657fe4d9c79a2","strict":true}
+# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"c18fdbf83211c18b0c1841b7350de90b0a4b88a7a5a0a0c2026345fc6054c691","strict":true}
 
 name: "Daily Project Performance Summary Generator (Using Safe Inputs)"
 "on":
@@ -175,7 +175,7 @@ jobs:
           </system>
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
-          {{#runtime-import .github/workflows/shared/github-queries-safe-input.md}}
+          {{#runtime-import .github/workflows/shared/github-queries-mcp-script.md}}
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
           {{#runtime-import .github/workflows/shared/trending-charts-simple.md}}
@@ -747,12 +747,12 @@ jobs:
           
       - name: Setup Safe Inputs Config
         run: |
-          mkdir -p /opt/gh-aw/safe-inputs/logs
-          cat > /opt/gh-aw/safe-inputs/tools.json << 'GH_AW_SAFE_INPUTS_TOOLS_EOF'
+          mkdir -p /opt/gh-aw/mcp-scripts/logs
+          cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
           {
-            "serverName": "safeinputs",
+            "serverName": "mcpscripts",
             "version": "1.0.0",
-            "logDir": "/opt/gh-aw/safe-inputs/logs",
+            "logDir": "/opt/gh-aw/mcp-scripts/logs",
             "tools": [
               {
                 "name": "github-discussion-query",
@@ -842,29 +842,29 @@ jobs:
               }
             ]
           }
-          GH_AW_SAFE_INPUTS_TOOLS_EOF
-          cat > /opt/gh-aw/safe-inputs/mcp-server.cjs << 'GH_AW_SAFE_INPUTS_SERVER_EOF'
+          GH_AW_MCP_SCRIPTS_TOOLS_EOF
+          cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_EOF'
             const path = require("path");
-            const { startHttpServer } = require("./safe_inputs_mcp_server_http.cjs");
+            const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
             const configPath = path.join(__dirname, "tools.json");
-            const port = parseInt(process.env.GH_AW_SAFE_INPUTS_PORT || "3000", 10);
-            const apiKey = process.env.GH_AW_SAFE_INPUTS_API_KEY || "";
+            const port = parseInt(process.env.GH_AW_MCP_SCRIPTS_PORT || "3000", 10);
+            const apiKey = process.env.GH_AW_MCP_SCRIPTS_API_KEY || "";
             startHttpServer(configPath, {
               port: port,
               stateless: true,
-              logDir: "/opt/gh-aw/safe-inputs/logs"
+              logDir: "/opt/gh-aw/mcp-scripts/logs"
             }).catch(error => {
-              console.error("Failed to start safe-inputs HTTP server:", error);
+              console.error("Failed to start mcp-scripts HTTP server:", error);
               process.exit(1);
             });
-          GH_AW_SAFE_INPUTS_SERVER_EOF
-          chmod +x /opt/gh-aw/safe-inputs/mcp-server.cjs
+          GH_AW_MCP_SCRIPTS_SERVER_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
       - name: Setup Safe Inputs Tool Files
         run: |
-          cat > /opt/gh-aw/safe-inputs/github-discussion-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
+          cat > /opt/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-discussion-query
+          # Auto-generated mcp-script tool: github-discussion-query
           # Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -997,11 +997,11 @@ jobs:
           EOF
           fi
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-DISCUSSION-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-discussion-query.sh
-          cat > /opt/gh-aw/safe-inputs/github-issue-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-ISSUE-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-discussion-query.sh
+          cat > /opt/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-issue-query
+          # Auto-generated mcp-script tool: github-issue-query
           # Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -1078,11 +1078,11 @@ jobs:
           fi
           
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-ISSUE-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-issue-query.sh
-          cat > /opt/gh-aw/safe-inputs/github-pr-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-PR-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-issue-query.sh
+          cat > /opt/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-pr-query
+          # Auto-generated mcp-script tool: github-pr-query
           # Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -1165,11 +1165,11 @@ jobs:
           fi
           
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-PR-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-pr-query.sh
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-pr-query.sh
           
-      - name: Generate Safe Inputs MCP Server Config
-        id: safe-inputs-config
+      - name: Generate MCP Scripts Server Config
+        id: mcp-scripts-config
         run: |
           # Generate a secure random API key (360 bits of entropy, 40+ chars)
           # Mask immediately to prevent timing vulnerabilities
@@ -1180,26 +1180,26 @@ jobs:
           
           # Set outputs for next steps
           {
-            echo "safe_inputs_api_key=${API_KEY}"
-            echo "safe_inputs_port=${PORT}"
+            echo "mcp_scripts_api_key=${API_KEY}"
+            echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
           echo "Safe Inputs MCP server will run on port ${PORT}"
           
-      - name: Start Safe Inputs MCP HTTP Server
-        id: safe-inputs-start
+      - name: Start MCP Scripts HTTP Server
+        id: mcp-scripts-start
         env:
           DEBUG: '*'
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-config.outputs.safe_inputs_port }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-config.outputs.safe_inputs_api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }}
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           # Environment variables are set above to prevent template injection
           export DEBUG
-          export GH_AW_SAFE_INPUTS_PORT
-          export GH_AW_SAFE_INPUTS_API_KEY
+          export GH_AW_MCP_SCRIPTS_PORT
+          export GH_AW_MCP_SCRIPTS_API_KEY
           
-          bash /opt/gh-aw/actions/start_safe_inputs_server.sh
+          bash /opt/gh-aw/actions/start_mcp_scripts_server.sh
           
       - name: Start MCP Gateway
         id: start-mcp-gateway
@@ -1207,8 +1207,8 @@ jobs:
           GH_AW_ASSETS_ALLOWED_EXTS: ${{ env.GH_AW_ASSETS_ALLOWED_EXTS }}
           GH_AW_ASSETS_BRANCH: ${{ env.GH_AW_ASSETS_BRANCH }}
           GH_AW_ASSETS_MAX_SIZE_KB: ${{ env.GH_AW_ASSETS_MAX_SIZE_KB }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-start.outputs.api_key }}
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-start.outputs.port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-start.outputs.api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-start.outputs.port }}
           GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
           GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
           GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
@@ -1231,7 +1231,7 @@ jobs:
           export DEBUG="*"
           
           export GH_AW_ENGINE="copilot"
-          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_INPUTS_PORT -e GH_AW_SAFE_INPUTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
+          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
           
           mkdir -p /home/runner/.copilot
           cat << GH_AW_MCP_CONFIG_EOF | bash /opt/gh-aw/actions/start_mcp_gateway.sh
@@ -1247,11 +1247,11 @@ jobs:
                   "GITHUB_TOOLSETS": "context,repos,issues,pull_requests,discussions"
                 }
               },
-              "safeinputs": {
+              "mcpscripts": {
                 "type": "http",
-                "url": "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT",
+                "url": "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT",
                 "headers": {
-                  "Authorization": "\${GH_AW_SAFE_INPUTS_API_KEY}"
+                  "Authorization": "\${GH_AW_MCP_SCRIPTS_API_KEY}"
                 }
               },
               "safeoutputs": {
@@ -1426,7 +1426,7 @@ jobs:
           script: |
             const { setupGlobals } = require('/opt/gh-aw/actions/setup_globals.cjs');
             setupGlobals(core, github, context, exec, io);
-            const { main } = require('/opt/gh-aw/actions/parse_safe_inputs_logs.cjs');
+            const { main } = require('/opt/gh-aw/actions/parse_mcp_scripts_logs.cjs');
             await main();
       - name: Parse MCP Gateway logs for step summary
         if: always()
@@ -1476,7 +1476,7 @@ jobs:
           path: |
             /tmp/gh-aw/aw-prompts/prompt.txt
             /tmp/gh-aw/mcp-logs/
-            /tmp/gh-aw/safe-inputs/logs/
+            /tmp/gh-aw/mcp-scripts/logs/
             /tmp/gh-aw/sandbox/firewall/logs/
             /tmp/gh-aw/agent-stdio.log
             /tmp/gh-aw/agent/
@@ -1518,7 +1518,7 @@ jobs:
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         env:
           WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using Safe Inputs)"
-          WORKFLOW_DESCRIPTION: "Daily project performance summary (90-day window) with trend charts using safe-inputs"
+          WORKFLOW_DESCRIPTION: "Daily project performance summary (90-day window) with trend charts using mcp-scripts"
           HAS_PATCH: ${{ steps.collect_output.outputs.has_patch }}
         with:
           script: |
diff --git a/.github/workflows/daily-performance-summary.md b/.github/workflows/daily-performance-summary.md
index f62133677ad..40edf560885 100644
--- a/.github/workflows/daily-performance-summary.md
+++ b/.github/workflows/daily-performance-summary.md
@@ -1,5 +1,5 @@
 ---
-description: Daily project performance summary (90-day window) with trend charts using safe-inputs
+description: Daily project performance summary (90-day window) with trend charts using mcp-scripts
 on:
   schedule: daily
   workflow_dispatch:
@@ -27,7 +27,7 @@ safe-outputs:
     max: 10
 timeout-minutes: 30
 imports:
-  - shared/github-queries-safe-input.md
+  - shared/github-queries-mcp-script.md
   - shared/trending-charts-simple.md
   - shared/reporting.md
 ---
@@ -36,14 +36,14 @@ imports:
 
 # Daily Project Performance Summary Generator (Using Safe Inputs)
 
-You are an expert analyst that generates comprehensive daily performance summaries using **safe-input tools** to query GitHub data (PRs, issues, discussions) and creates trend visualizations.
+You are an expert analyst that generates comprehensive daily performance summaries using **mcp-script tools** to query GitHub data (PRs, issues, discussions) and creates trend visualizations.
 
-**IMPORTANT**: This workflow uses safe-input tools imported from `shared/github-queries-safe-input.md`. All data gathering MUST be done through these tools.
+**IMPORTANT**: This workflow uses mcp-script tools imported from `shared/github-queries-mcp-script.md`. All data gathering MUST be done through these tools.
 
 ## Mission
 
 Generate a daily performance summary analyzing the last 90 days of project activity:
-1. **Use safe-input tools** to query PRs, issues, and discussions
+1. **Use mcp-script tools** to query PRs, issues, and discussions
 2. Calculate key performance metrics (velocity, resolution times, activity levels)
 3. Generate trend charts showing project activity and performance
 4. Create a discussion with the comprehensive performance report
@@ -57,7 +57,7 @@ Generate a daily performance summary analyzing the last 90 days of project activ
 
 ## Phase 1: Gather Data Using Safe-Input Tools
 
-**CRITICAL**: Use the safe-input tools to query GitHub data. These tools are imported from `shared/github-queries-safe-input.md` and provide the same functionality as the previous Skillz-based approach.
+**CRITICAL**: Use the mcp-script tools to query GitHub data. These tools are imported from `shared/github-queries-mcp-script.md` and provide the same functionality as the previous Skillz-based approach.
 
 ### Available Safe-Input Tools
 
@@ -68,7 +68,7 @@ The following tools are available for querying GitHub data:
 
 ### 1.1 Query Pull Requests
 
-**Use the `github-pr-query` safe-input tool** to get PR data:
+**Use the `github-pr-query` mcp-script tool** to get PR data:
 
 ```
 github-pr-query with state: "all", limit: 1000, jq: "."
@@ -82,7 +82,7 @@ The tool provides:
 
 ### 1.2 Query Issues
 
-**Use the `github-issue-query` safe-input tool** to get issue data:
+**Use the `github-issue-query` mcp-script tool** to get issue data:
 
 ```
 github-issue-query with state: "all", limit: 1000, jq: "."
@@ -96,7 +96,7 @@ The tool provides:
 
 ### 1.3 Query Discussions
 
-**Use the `github-discussion-query` safe-input tool** to get discussion data:
+**Use the `github-discussion-query` mcp-script tool** to get discussion data:
 
 ```
 github-discussion-query with limit: 1000, jq: "."
@@ -477,7 +477,7 @@ Create a new discussion with the comprehensive performance report.
 ## Success Criteria
 
 A successful run will:
-- ✅ **Query data using safe-input tools** (github-pr-query, github-issue-query, github-discussion-query)
+- ✅ **Query data using mcp-script tools** (github-pr-query, github-issue-query, github-discussion-query)
 - ✅ Calculate comprehensive performance metrics from tool output
 - ✅ Generate 3 high-quality trend charts
 - ✅ Upload charts as assets
@@ -486,13 +486,13 @@ A successful run will:
 
 ## Safe-Input Tools Usage Reminder
 
-This workflow uses safe-input tools imported from `shared/github-queries-safe-input.md`:
+This workflow uses mcp-script tools imported from `shared/github-queries-mcp-script.md`:
 1. Tools are defined in the shared workflow with shell script implementations
 2. Each tool supports jq-based filtering for efficient data querying
 3. Tools are authenticated with `GITHUB_TOKEN` for GitHub API access
 4. Call tools with parameters like: `github-pr-query with state: "all", limit: 1000, jq: "."`
 
-Begin your analysis now. **Use the safe-input tools** to gather data, run Python analysis, generate charts, and create the discussion report.
+Begin your analysis now. **Use the mcp-script tools** to gather data, run Python analysis, generate charts, and create the discussion report.
 
 **Important**: If no action is needed after completing your analysis, you **MUST** call the `noop` safe-output tool with a brief explanation. Failing to call any safe-output tool is the most common cause of safe-output workflow failures.
 
diff --git a/.github/workflows/daily-regulatory.lock.yml b/.github/workflows/daily-regulatory.lock.yml
index 6f865278a18..1d6cd8f8e0c 100644
--- a/.github/workflows/daily-regulatory.lock.yml
+++ b/.github/workflows/daily-regulatory.lock.yml
@@ -25,10 +25,10 @@
 #
 # Resolved workflow manifest:
 #   Imports:
-#     - shared/github-queries-safe-input.md
+#     - shared/github-queries-mcp-script.md
 #     - shared/reporting.md
 #
-# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"4981509a6079c94c5b8fd172d8812c9c5bab1f192cba2eae4352305af61e06c0","strict":true}
+# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"238c3282ef64bdb6800bd48877c082702a91b29214ffb81ce63903042421d706","strict":true}
 
 name: "Daily Regulatory Report Generator"
 "on":
@@ -171,7 +171,7 @@ jobs:
           </system>
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
-          {{#runtime-import .github/workflows/shared/github-queries-safe-input.md}}
+          {{#runtime-import .github/workflows/shared/github-queries-mcp-script.md}}
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
           {{#runtime-import .github/workflows/shared/reporting.md}}
@@ -667,12 +667,12 @@ jobs:
           
       - name: Setup Safe Inputs Config
         run: |
-          mkdir -p /opt/gh-aw/safe-inputs/logs
-          cat > /opt/gh-aw/safe-inputs/tools.json << 'GH_AW_SAFE_INPUTS_TOOLS_EOF'
+          mkdir -p /opt/gh-aw/mcp-scripts/logs
+          cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
           {
-            "serverName": "safeinputs",
+            "serverName": "mcpscripts",
             "version": "1.0.0",
-            "logDir": "/opt/gh-aw/safe-inputs/logs",
+            "logDir": "/opt/gh-aw/mcp-scripts/logs",
             "tools": [
               {
                 "name": "github-discussion-query",
@@ -762,29 +762,29 @@ jobs:
               }
             ]
           }
-          GH_AW_SAFE_INPUTS_TOOLS_EOF
-          cat > /opt/gh-aw/safe-inputs/mcp-server.cjs << 'GH_AW_SAFE_INPUTS_SERVER_EOF'
+          GH_AW_MCP_SCRIPTS_TOOLS_EOF
+          cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_EOF'
             const path = require("path");
-            const { startHttpServer } = require("./safe_inputs_mcp_server_http.cjs");
+            const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
             const configPath = path.join(__dirname, "tools.json");
-            const port = parseInt(process.env.GH_AW_SAFE_INPUTS_PORT || "3000", 10);
-            const apiKey = process.env.GH_AW_SAFE_INPUTS_API_KEY || "";
+            const port = parseInt(process.env.GH_AW_MCP_SCRIPTS_PORT || "3000", 10);
+            const apiKey = process.env.GH_AW_MCP_SCRIPTS_API_KEY || "";
             startHttpServer(configPath, {
               port: port,
               stateless: true,
-              logDir: "/opt/gh-aw/safe-inputs/logs"
+              logDir: "/opt/gh-aw/mcp-scripts/logs"
             }).catch(error => {
-              console.error("Failed to start safe-inputs HTTP server:", error);
+              console.error("Failed to start mcp-scripts HTTP server:", error);
               process.exit(1);
             });
-          GH_AW_SAFE_INPUTS_SERVER_EOF
-          chmod +x /opt/gh-aw/safe-inputs/mcp-server.cjs
+          GH_AW_MCP_SCRIPTS_SERVER_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
       - name: Setup Safe Inputs Tool Files
         run: |
-          cat > /opt/gh-aw/safe-inputs/github-discussion-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
+          cat > /opt/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-discussion-query
+          # Auto-generated mcp-script tool: github-discussion-query
           # Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -917,11 +917,11 @@ jobs:
           EOF
           fi
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-DISCUSSION-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-discussion-query.sh
-          cat > /opt/gh-aw/safe-inputs/github-issue-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-ISSUE-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-discussion-query.sh
+          cat > /opt/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-issue-query
+          # Auto-generated mcp-script tool: github-issue-query
           # Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -998,11 +998,11 @@ jobs:
           fi
           
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-ISSUE-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-issue-query.sh
-          cat > /opt/gh-aw/safe-inputs/github-pr-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-PR-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-issue-query.sh
+          cat > /opt/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-pr-query
+          # Auto-generated mcp-script tool: github-pr-query
           # Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -1085,11 +1085,11 @@ jobs:
           fi
           
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-PR-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-pr-query.sh
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-pr-query.sh
           
-      - name: Generate Safe Inputs MCP Server Config
-        id: safe-inputs-config
+      - name: Generate MCP Scripts Server Config
+        id: mcp-scripts-config
         run: |
           # Generate a secure random API key (360 bits of entropy, 40+ chars)
           # Mask immediately to prevent timing vulnerabilities
@@ -1100,32 +1100,32 @@ jobs:
           
           # Set outputs for next steps
           {
-            echo "safe_inputs_api_key=${API_KEY}"
-            echo "safe_inputs_port=${PORT}"
+            echo "mcp_scripts_api_key=${API_KEY}"
+            echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
           echo "Safe Inputs MCP server will run on port ${PORT}"
           
-      - name: Start Safe Inputs MCP HTTP Server
-        id: safe-inputs-start
+      - name: Start MCP Scripts HTTP Server
+        id: mcp-scripts-start
         env:
           DEBUG: '*'
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-config.outputs.safe_inputs_port }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-config.outputs.safe_inputs_api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }}
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           # Environment variables are set above to prevent template injection
           export DEBUG
-          export GH_AW_SAFE_INPUTS_PORT
-          export GH_AW_SAFE_INPUTS_API_KEY
+          export GH_AW_MCP_SCRIPTS_PORT
+          export GH_AW_MCP_SCRIPTS_API_KEY
           
-          bash /opt/gh-aw/actions/start_safe_inputs_server.sh
+          bash /opt/gh-aw/actions/start_mcp_scripts_server.sh
           
       - name: Start MCP Gateway
         id: start-mcp-gateway
         env:
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-start.outputs.api_key }}
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-start.outputs.port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-start.outputs.api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-start.outputs.port }}
           GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
           GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
           GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
@@ -1148,7 +1148,7 @@ jobs:
           export DEBUG="*"
           
           export GH_AW_ENGINE="copilot"
-          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_INPUTS_PORT -e GH_AW_SAFE_INPUTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
+          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
           
           mkdir -p /home/runner/.copilot
           cat << GH_AW_MCP_CONFIG_EOF | bash /opt/gh-aw/actions/start_mcp_gateway.sh
@@ -1164,11 +1164,11 @@ jobs:
                   "GITHUB_TOOLSETS": "context,repos,issues,pull_requests,discussions"
                 }
               },
-              "safeinputs": {
+              "mcpscripts": {
                 "type": "http",
-                "url": "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT",
+                "url": "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT",
                 "headers": {
-                  "Authorization": "\${GH_AW_SAFE_INPUTS_API_KEY}"
+                  "Authorization": "\${GH_AW_MCP_SCRIPTS_API_KEY}"
                 }
               },
               "safeoutputs": {
@@ -1340,7 +1340,7 @@ jobs:
           script: |
             const { setupGlobals } = require('/opt/gh-aw/actions/setup_globals.cjs');
             setupGlobals(core, github, context, exec, io);
-            const { main } = require('/opt/gh-aw/actions/parse_safe_inputs_logs.cjs');
+            const { main } = require('/opt/gh-aw/actions/parse_mcp_scripts_logs.cjs');
             await main();
       - name: Parse MCP Gateway logs for step summary
         if: always()
@@ -1375,7 +1375,7 @@ jobs:
           path: |
             /tmp/gh-aw/aw-prompts/prompt.txt
             /tmp/gh-aw/mcp-logs/
-            /tmp/gh-aw/safe-inputs/logs/
+            /tmp/gh-aw/mcp-scripts/logs/
             /tmp/gh-aw/sandbox/firewall/logs/
             /tmp/gh-aw/agent-stdio.log
             /tmp/gh-aw/agent/
diff --git a/.github/workflows/daily-regulatory.md b/.github/workflows/daily-regulatory.md
index c76a0c9a721..f1f3055de35 100644
--- a/.github/workflows/daily-regulatory.md
+++ b/.github/workflows/daily-regulatory.md
@@ -28,7 +28,7 @@ safe-outputs:
     max: 10
 timeout-minutes: 30
 imports:
-  - shared/github-queries-safe-input.md
+  - shared/github-queries-mcp-script.md
   - shared/reporting.md
 ---
 
@@ -60,7 +60,7 @@ Review all daily report discussions from the last 24 hours and:
 
 ### Step 0.1: Verify GitHub Discussions Access
 
-1. Test the `github-discussion-query` safe-input tool by running a simple query:
+1. Test the `github-discussion-query` mcp-script tool by running a simple query:
    ```
    github-discussion-query with limit: 1, jq: "."
    ```
@@ -102,7 +102,7 @@ Review all daily report discussions from the last 24 hours and:
 
 ### Step 1.1: Query Recent Discussions
 
-Use the `github-discussion-query` safe-input tool to find all daily report discussions created in the last 24-48 hours. Call the tool with appropriate parameters:
+Use the `github-discussion-query` mcp-script tool to find all daily report discussions created in the last 24-48 hours. Call the tool with appropriate parameters:
 
 ```
 github-discussion-query with limit: 100, jq: "."
diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml
index 14a5cba2879..87536e2c75d 100644
--- a/.github/workflows/go-logger.lock.yml
+++ b/.github/workflows/go-logger.lock.yml
@@ -27,7 +27,7 @@
 #   Imports:
 #     - shared/go-make.md
 #
-# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"f25ce343847e9c88cf0b683033fae1614998f81e330da7bf355bcf7a2e50e199","strict":true}
+# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"9fc05dd97be30e5cf9eb349f0b5b33b6d3369786898cfab02a90664683961943","strict":true}
 
 name: "Go Logger Enhancement"
 "on":
@@ -655,16 +655,16 @@ jobs:
           
       - name: Setup Safe Inputs Config
         run: |
-          mkdir -p /opt/gh-aw/safe-inputs/logs
-          cat > /opt/gh-aw/safe-inputs/tools.json << 'GH_AW_SAFE_INPUTS_TOOLS_EOF'
+          mkdir -p /opt/gh-aw/mcp-scripts/logs
+          cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
           {
-            "serverName": "safeinputs",
+            "serverName": "mcpscripts",
             "version": "1.0.0",
-            "logDir": "/opt/gh-aw/safe-inputs/logs",
+            "logDir": "/opt/gh-aw/mcp-scripts/logs",
             "tools": [
               {
                 "name": "go",
-                "description": "Execute any Go command. This tool is accessible as 'safeinputs-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -682,7 +682,7 @@ jobs:
               },
               {
                 "name": "make",
-                "description": "Execute any Make target. This tool is accessible as 'safeinputs-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -700,30 +700,30 @@ jobs:
               }
             ]
           }
-          GH_AW_SAFE_INPUTS_TOOLS_EOF
-          cat > /opt/gh-aw/safe-inputs/mcp-server.cjs << 'GH_AW_SAFE_INPUTS_SERVER_EOF'
+          GH_AW_MCP_SCRIPTS_TOOLS_EOF
+          cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_EOF'
             const path = require("path");
-            const { startHttpServer } = require("./safe_inputs_mcp_server_http.cjs");
+            const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
             const configPath = path.join(__dirname, "tools.json");
-            const port = parseInt(process.env.GH_AW_SAFE_INPUTS_PORT || "3000", 10);
-            const apiKey = process.env.GH_AW_SAFE_INPUTS_API_KEY || "";
+            const port = parseInt(process.env.GH_AW_MCP_SCRIPTS_PORT || "3000", 10);
+            const apiKey = process.env.GH_AW_MCP_SCRIPTS_API_KEY || "";
             startHttpServer(configPath, {
               port: port,
               stateless: true,
-              logDir: "/opt/gh-aw/safe-inputs/logs"
+              logDir: "/opt/gh-aw/mcp-scripts/logs"
             }).catch(error => {
-              console.error("Failed to start safe-inputs HTTP server:", error);
+              console.error("Failed to start mcp-scripts HTTP server:", error);
               process.exit(1);
             });
-          GH_AW_SAFE_INPUTS_SERVER_EOF
-          chmod +x /opt/gh-aw/safe-inputs/mcp-server.cjs
+          GH_AW_MCP_SCRIPTS_SERVER_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
       - name: Setup Safe Inputs Tool Files
         run: |
-          cat > /opt/gh-aw/safe-inputs/go.sh << 'GH_AW_SAFE_INPUTS_SH_GO_EOF'
+          cat > /opt/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: go
-          # Execute any Go command. This tool is accessible as 'safeinputs-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: go
+          # Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
@@ -731,23 +731,23 @@ jobs:
           go $INPUT_ARGS
           
           
-          GH_AW_SAFE_INPUTS_SH_GO_EOF
-          chmod +x /opt/gh-aw/safe-inputs/go.sh
-          cat > /opt/gh-aw/safe-inputs/make.sh << 'GH_AW_SAFE_INPUTS_SH_MAKE_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GO_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/go.sh
+          cat > /opt/gh-aw/mcp-scripts/make.sh << 'GH_AW_MCP_SCRIPTS_SH_MAKE_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: make
-          # Execute any Make target. This tool is accessible as 'safeinputs-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: make
+          # Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
           echo "make $INPUT_ARGS"
           make $INPUT_ARGS
           
-          GH_AW_SAFE_INPUTS_SH_MAKE_EOF
-          chmod +x /opt/gh-aw/safe-inputs/make.sh
+          GH_AW_MCP_SCRIPTS_SH_MAKE_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/make.sh
           
-      - name: Generate Safe Inputs MCP Server Config
-        id: safe-inputs-config
+      - name: Generate MCP Scripts Server Config
+        id: mcp-scripts-config
         run: |
           # Generate a secure random API key (360 bits of entropy, 40+ chars)
           # Mask immediately to prevent timing vulnerabilities
@@ -758,31 +758,31 @@ jobs:
           
           # Set outputs for next steps
           {
-            echo "safe_inputs_api_key=${API_KEY}"
-            echo "safe_inputs_port=${PORT}"
+            echo "mcp_scripts_api_key=${API_KEY}"
+            echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
           echo "Safe Inputs MCP server will run on port ${PORT}"
           
-      - name: Start Safe Inputs MCP HTTP Server
-        id: safe-inputs-start
+      - name: Start MCP Scripts HTTP Server
+        id: mcp-scripts-start
         env:
           DEBUG: '*'
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-config.outputs.safe_inputs_port }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-config.outputs.safe_inputs_api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }}
         run: |
           # Environment variables are set above to prevent template injection
           export DEBUG
-          export GH_AW_SAFE_INPUTS_PORT
-          export GH_AW_SAFE_INPUTS_API_KEY
+          export GH_AW_MCP_SCRIPTS_PORT
+          export GH_AW_MCP_SCRIPTS_API_KEY
           
-          bash /opt/gh-aw/actions/start_safe_inputs_server.sh
+          bash /opt/gh-aw/actions/start_mcp_scripts_server.sh
           
       - name: Start MCP Gateway
         id: start-mcp-gateway
         env:
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-start.outputs.api_key }}
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-start.outputs.port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-start.outputs.api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-start.outputs.port }}
           GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
           GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
           GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
@@ -804,7 +804,7 @@ jobs:
           export DEBUG="*"
           
           export GH_AW_ENGINE="claude"
-          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_INPUTS_PORT -e GH_AW_SAFE_INPUTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
+          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
           
           cat << GH_AW_MCP_CONFIG_EOF | bash /opt/gh-aw/actions/start_mcp_gateway.sh
           {
@@ -818,11 +818,11 @@ jobs:
                   "GITHUB_TOOLSETS": "context,repos,issues,pull_requests"
                 }
               },
-              "safeinputs": {
+              "mcpscripts": {
                 "type": "http",
-                "url": "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT",
+                "url": "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT",
                 "headers": {
-                  "Authorization": "$GH_AW_SAFE_INPUTS_API_KEY"
+                  "Authorization": "$GH_AW_MCP_SCRIPTS_API_KEY"
                 }
               },
               "safeoutputs": {
@@ -1062,7 +1062,7 @@ jobs:
           script: |
             const { setupGlobals } = require('/opt/gh-aw/actions/setup_globals.cjs');
             setupGlobals(core, github, context, exec, io);
-            const { main } = require('/opt/gh-aw/actions/parse_safe_inputs_logs.cjs');
+            const { main } = require('/opt/gh-aw/actions/parse_mcp_scripts_logs.cjs');
             await main();
       - name: Parse MCP Gateway logs for step summary
         if: always()
@@ -1103,7 +1103,7 @@ jobs:
           path: |
             /tmp/gh-aw/aw-prompts/prompt.txt
             /tmp/gh-aw/mcp-logs/
-            /tmp/gh-aw/safe-inputs/logs/
+            /tmp/gh-aw/mcp-scripts/logs/
             /tmp/gh-aw/sandbox/firewall/logs/
             /tmp/gh-aw/agent-stdio.log
             /tmp/gh-aw/agent/
diff --git a/.github/workflows/security-review.md b/.github/workflows/security-review.md
index e8e7261f264..85ebf8e128a 100644
--- a/.github/workflows/security-review.md
+++ b/.github/workflows/security-review.md
@@ -97,7 +97,7 @@ The AWF controls network access, sandboxing, and command execution. Look for:
 - Target repositories being expanded (`target-repo:`)
 - Label or permission restrictions being removed
 
-**Safe Inputs (`safe-inputs:` field)**
+**Safe Inputs (`mcp-scripts:` field)**
 - New scripts being added with secret access
 - Environment variables exposing sensitive data
 - External command execution in scripts
diff --git a/.github/workflows/shared/gh.md b/.github/workflows/shared/gh.md
index 72d81ebe624..126c0c39cdc 100644
--- a/.github/workflows/shared/gh.md
+++ b/.github/workflows/shared/gh.md
@@ -1,7 +1,7 @@
 ---
-safe-inputs:
+mcp-scripts:
   gh:
-    description: "Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
+    description: "Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
     inputs:
       args:
         type: string
@@ -16,25 +16,25 @@ safe-inputs:
       GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
 ---
 
-**IMPORTANT**: Always use the `safeinputs-gh` tool for GitHub CLI commands instead of running `gh` directly via bash. The `safeinputs-gh` tool has proper authentication configured with `GITHUB_TOKEN`, while bash commands do not have GitHub CLI authentication by default.
+**IMPORTANT**: Always use the `mcpscripts-gh` tool for GitHub CLI commands instead of running `gh` directly via bash. The `mcpscripts-gh` tool has proper authentication configured with `GITHUB_TOKEN`, while bash commands do not have GitHub CLI authentication by default.
 
 **Correct**:
 ```
-Use the safeinputs-gh tool with args: "pr list --limit 5"
-Use the safeinputs-gh tool with args: "issue view 123"
+Use the mcpscripts-gh tool with args: "pr list --limit 5"
+Use the mcpscripts-gh tool with args: "issue view 123"
 ```
 
 **Incorrect**:
 ```
-Use the gh safe-input tool with args: "pr list --limit 5"  ❌ (Wrong tool name - use safeinputs-gh)
+Use the gh mcp-script tool with args: "pr list --limit 5"  ❌ (Wrong tool name - use mcpscripts-gh)
 Run: gh pr list --limit 5  ❌ (No authentication in bash)
 Execute bash: gh issue view 123  ❌ (No authentication in bash)
 ```
 
 <!--
-## safeinputs-gh Tool
+## mcpscripts-gh Tool
 
-A safe-input tool that wraps the GitHub CLI (`gh`) with proper authentication.
+A mcp-script tool that wraps the GitHub CLI (`gh`) with proper authentication.
 
 ### Usage
 
@@ -45,13 +45,13 @@ imports:
 
 ### Invocation
 
-The tool is accessible as `safeinputs-gh` (or `safeinputs_gh` after normalization). Provide gh CLI arguments via the `args` parameter:
+The tool is accessible as `mcpscripts-gh` (or `mcpscripts_gh` after normalization). Provide gh CLI arguments via the `args` parameter:
 
 ```
-safeinputs-gh with args: "pr list --limit 5"
-safeinputs-gh with args: "issue view 123"
-safeinputs-gh with args: "api repos/{owner}/{repo}"
-safeinputs-gh with args: "pr view 456 --json title,body,author"
+mcpscripts-gh with args: "pr list --limit 5"
+mcpscripts-gh with args: "issue view 123"
+mcpscripts-gh with args: "api repos/{owner}/{repo}"
+mcpscripts-gh with args: "pr view 456 --json title,body,author"
 ```
 
 The tool executes: `gh <args>`
diff --git a/.github/workflows/shared/github-queries-safe-input.md b/.github/workflows/shared/github-queries-mcp-script.md
similarity index 99%
rename from .github/workflows/shared/github-queries-safe-input.md
rename to .github/workflows/shared/github-queries-mcp-script.md
index ad3a225b819..0214285909c 100644
--- a/.github/workflows/shared/github-queries-safe-input.md
+++ b/.github/workflows/shared/github-queries-mcp-script.md
@@ -1,5 +1,5 @@
 ---
-safe-inputs:
+mcp-scripts:
   github-issue-query:
     description: "Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter."
     inputs:
@@ -341,7 +341,7 @@ safe-inputs:
 <!--
 ## GitHub Queries Safe Input Tools
 
-This shared workflow provides safe-input tools for querying GitHub issues, pull requests, and discussions with built-in jq filtering support.
+This shared workflow provides mcp-script tools for querying GitHub issues, pull requests, and discussions with built-in jq filtering support.
 
 ### Available Tools
 
@@ -355,7 +355,7 @@ Import this shared workflow to get access to all query tools:
 
 ```yaml
 imports:
-  - shared/github-queries-safe-input.md
+  - shared/github-queries-mcp-script.md
 ```
 
 ### Tool Parameters
diff --git a/.github/workflows/shared/go-make.md b/.github/workflows/shared/go-make.md
index 31ae1297001..41ed65114a6 100644
--- a/.github/workflows/shared/go-make.md
+++ b/.github/workflows/shared/go-make.md
@@ -1,7 +1,7 @@
 ---
-safe-inputs:
+mcp-scripts:
   go:
-    description: "Execute any Go command. This tool is accessible as 'safeinputs-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
+    description: "Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
     inputs:
       args:
         type: string
@@ -12,7 +12,7 @@ safe-inputs:
       go $INPUT_ARGS
 
   make:
-    description: "Execute any Make target. This tool is accessible as 'safeinputs-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
+    description: "Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
     inputs:
       args:
         type: string
@@ -23,25 +23,25 @@ safe-inputs:
       make $INPUT_ARGS
 ---
 
-**IMPORTANT**: Always use the `safeinputs-go` and `safeinputs-make` tools for Go and Make commands instead of running them directly via bash. These safe-input tools provide consistent execution and proper logging.
+**IMPORTANT**: Always use the `mcpscripts-go` and `mcpscripts-make` tools for Go and Make commands instead of running them directly via bash. These mcp-script tools provide consistent execution and proper logging.
 
 **Correct**:
 ```
-Use the safeinputs-go tool with args: "test ./..."
-Use the safeinputs-make tool with args: "build"
-Use the safeinputs-make tool with args: "lint"
-Use the safeinputs-make tool with args: "test-unit"
+Use the mcpscripts-go tool with args: "test ./..."
+Use the mcpscripts-make tool with args: "build"
+Use the mcpscripts-make tool with args: "lint"
+Use the mcpscripts-make tool with args: "test-unit"
 ```
 
 **Incorrect**:
 ```
-Use the go safe-input tool with args: "test ./..."  ❌ (Wrong tool name - use safeinputs-go)
-Run: go test ./...  ❌ (Use safeinputs-go instead)
-Execute bash: make build  ❌ (Use safeinputs-make instead)
+Use the go mcp-script tool with args: "test ./..."  ❌ (Wrong tool name - use mcpscripts-go)
+Run: go test ./...  ❌ (Use mcpscripts-go instead)
+Execute bash: make build  ❌ (Use mcpscripts-make instead)
 ```
 
 <!--
-## safeinputs-go and safeinputs-make Tools
+## mcpscripts-go and mcpscripts-make Tools
 
 Safe-input tools that wrap Go and Make commands for consistent execution in agentic workflows.
 
@@ -54,32 +54,32 @@ imports:
 
 ### Invocation
 
-#### safeinputs-go
+#### mcpscripts-go
 
-The tool is accessible as `safeinputs-go` (or `safeinputs_go` after normalization). Provide go CLI arguments via the `args` parameter:
+The tool is accessible as `mcpscripts-go` (or `mcpscripts_go` after normalization). Provide go CLI arguments via the `args` parameter:
 
 ```
-safeinputs-go with args: "test ./..."
-safeinputs-go with args: "build ./cmd/gh-aw"
-safeinputs-go with args: "mod tidy"
-safeinputs-go with args: "fmt ./..."
-safeinputs-go with args: "vet ./..."
-safeinputs-go with args: "test -v -run TestCompile ./pkg/cli"
+mcpscripts-go with args: "test ./..."
+mcpscripts-go with args: "build ./cmd/gh-aw"
+mcpscripts-go with args: "mod tidy"
+mcpscripts-go with args: "fmt ./..."
+mcpscripts-go with args: "vet ./..."
+mcpscripts-go with args: "test -v -run TestCompile ./pkg/cli"
 ```
 
 The tool executes: `go <args>`
 
-#### safeinputs-make
+#### mcpscripts-make
 
-The tool is accessible as `safeinputs-make` (or `safeinputs_make` after normalization). Provide make target(s) via the `args` parameter:
+The tool is accessible as `mcpscripts-make` (or `mcpscripts_make` after normalization). Provide make target(s) via the `args` parameter:
 
 ```
-safeinputs-make with args: "build"
-safeinputs-make with args: "test-unit"
-safeinputs-make with args: "lint"
-safeinputs-make with args: "recompile"
-safeinputs-make with args: "fmt lint build"
-safeinputs-make with args: "agent-finish"
+mcpscripts-make with args: "build"
+mcpscripts-make with args: "test-unit"
+mcpscripts-make with args: "lint"
+mcpscripts-make with args: "recompile"
+mcpscripts-make with args: "fmt lint build"
+mcpscripts-make with args: "agent-finish"
 ```
 
 The tool executes: `make <args>`
diff --git a/.github/workflows/shared/pr-data-safe-input.md b/.github/workflows/shared/pr-data-mcp-script.md
similarity index 96%
rename from .github/workflows/shared/pr-data-safe-input.md
rename to .github/workflows/shared/pr-data-mcp-script.md
index 76952917f10..4f10069a77b 100644
--- a/.github/workflows/shared/pr-data-safe-input.md
+++ b/.github/workflows/shared/pr-data-mcp-script.md
@@ -1,5 +1,5 @@
 ---
-safe-inputs:
+mcp-scripts:
   fetch-pr-data:
     description: "Fetches pull request data from GitHub using gh CLI. Returns JSON array of PRs with fields: number, title, author, headRefName, createdAt, state, url, body, labels, updatedAt, closedAt, mergedAt"
     inputs:
@@ -52,7 +52,7 @@ safe-inputs:
 <!--
 ## PR Data Fetch Safe Input Tool
 
-This shared workflow provides a `fetch-pr-data` safe-input tool that fetches pull request data from GitHub.
+This shared workflow provides a `fetch-pr-data` mcp-script tool that fetches pull request data from GitHub.
 
 ### Usage
 
@@ -60,7 +60,7 @@ Import this shared workflow to get access to the `fetch-pr-data` tool:
 
 ```yaml
 imports:
-  - shared/pr-data-safe-input.md
+  - shared/pr-data-mcp-script.md
 ```
 
 The agent can then use the tool to fetch PR data:
diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml
index 36b0f42a62a..5e22f8eca7b 100644
--- a/.github/workflows/smoke-claude.lock.yml
+++ b/.github/workflows/smoke-claude.lock.yml
@@ -27,7 +27,7 @@
 #   Imports:
 #     - shared/gh.md
 #     - shared/github-mcp-app.md
-#     - shared/github-queries-safe-input.md
+#     - shared/github-queries-mcp-script.md
 #     - shared/go-make.md
 #     - shared/mcp-pagination.md
 #     - shared/mcp/tavily.md
@@ -35,7 +35,7 @@
 #
 # inlined-imports: true
 #
-# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"db18e693a8f2c6dae969b17dfe2e0c3a3f7ea10e8e1292e71b8674294e5dfc6b","strict":true}
+# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"9ccaafdfcb88733fa3c5383f6b03f4902c51380ce360f90b9131f75540f103a3","strict":true}
 
 name: "Smoke Claude"
 "on":
@@ -348,17 +348,17 @@ jobs:
           
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
-          **IMPORTANT**: Always use the `safeinputs-gh` tool for GitHub CLI commands instead of running `gh` directly via bash. The `safeinputs-gh` tool has proper authentication configured with `GITHUB_TOKEN`, while bash commands do not have GitHub CLI authentication by default.
+          **IMPORTANT**: Always use the `mcpscripts-gh` tool for GitHub CLI commands instead of running `gh` directly via bash. The `mcpscripts-gh` tool has proper authentication configured with `GITHUB_TOKEN`, while bash commands do not have GitHub CLI authentication by default.
           
           **Correct**:
           ```
-          Use the safeinputs-gh tool with args: "pr list --limit 5"
-          Use the safeinputs-gh tool with args: "issue view 123"
+          Use the mcpscripts-gh tool with args: "pr list --limit 5"
+          Use the mcpscripts-gh tool with args: "issue view 123"
           ```
           
           **Incorrect**:
           ```
-          Use the gh safe-input tool with args: "pr list --limit 5"  ❌ (Wrong tool name - use safeinputs-gh)
+          Use the gh mcp-script tool with args: "pr list --limit 5"  ❌ (Wrong tool name - use mcpscripts-gh)
           Run: gh pr list --limit 5  ❌ (No authentication in bash)
           Execute bash: gh issue view 123  ❌ (No authentication in bash)
           ```
@@ -443,21 +443,21 @@ jobs:
           
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
-          **IMPORTANT**: Always use the `safeinputs-go` and `safeinputs-make` tools for Go and Make commands instead of running them directly via bash. These safe-input tools provide consistent execution and proper logging.
+          **IMPORTANT**: Always use the `mcpscripts-go` and `mcpscripts-make` tools for Go and Make commands instead of running them directly via bash. These mcp-script tools provide consistent execution and proper logging.
           
           **Correct**:
           ```
-          Use the safeinputs-go tool with args: "test ./..."
-          Use the safeinputs-make tool with args: "build"
-          Use the safeinputs-make tool with args: "lint"
-          Use the safeinputs-make tool with args: "test-unit"
+          Use the mcpscripts-go tool with args: "test ./..."
+          Use the mcpscripts-make tool with args: "build"
+          Use the mcpscripts-make tool with args: "lint"
+          Use the mcpscripts-make tool with args: "test-unit"
           ```
           
           **Incorrect**:
           ```
-          Use the go safe-input tool with args: "test ./..."  ❌ (Wrong tool name - use safeinputs-go)
-          Run: go test ./...  ❌ (Use safeinputs-go instead)
-          Execute bash: make build  ❌ (Use safeinputs-make instead)
+          Use the go mcp-script tool with args: "test ./..."  ❌ (Wrong tool name - use mcpscripts-go)
+          Run: go test ./...  ❌ (Use mcpscripts-go instead)
+          Execute bash: make build  ❌ (Use mcpscripts-make instead)
           ```
           
           
@@ -483,7 +483,7 @@ jobs:
           7. **File Writing Testing**: Create a test file `/tmp/gh-aw/agent/smoke-test-claude-__GH_AW_GITHUB_RUN_ID__.txt` with content "Smoke test passed for Claude at $(date)" (create the directory if it doesn't exist)
           8. **Bash Tool Testing**: Execute bash commands to verify file creation was successful (use `cat` to read the file back)
           9. **Discussion Interaction Testing**: 
-             - Use the `github-discussion-query` safe-input tool with params: `limit=1, jq=".[0]"` to get the latest discussion from __GH_AW_GITHUB_REPOSITORY__
+             - Use the `github-discussion-query` mcp-script tool with params: `limit=1, jq=".[0]"` to get the latest discussion from __GH_AW_GITHUB_REPOSITORY__
              - Extract the discussion number from the result (e.g., if the result is `{"number": 123, "title": "...", ...}`, extract 123)
              - Use the `add_comment` tool with `discussion_number: <extracted_number>` to add a fun, comic-book style comment stating that the smoke test agent was here
           10. **Agentic Workflows MCP Testing**: 
@@ -1591,16 +1591,16 @@ jobs:
           
       - name: Setup Safe Inputs Config
         run: |
-          mkdir -p /opt/gh-aw/safe-inputs/logs
-          cat > /opt/gh-aw/safe-inputs/tools.json << 'GH_AW_SAFE_INPUTS_TOOLS_EOF'
+          mkdir -p /opt/gh-aw/mcp-scripts/logs
+          cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
           {
-            "serverName": "safeinputs",
+            "serverName": "mcpscripts",
             "version": "1.0.0",
-            "logDir": "/opt/gh-aw/safe-inputs/logs",
+            "logDir": "/opt/gh-aw/mcp-scripts/logs",
             "tools": [
               {
                 "name": "gh",
-                "description": "Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -1708,7 +1708,7 @@ jobs:
               },
               {
                 "name": "go",
-                "description": "Execute any Go command. This tool is accessible as 'safeinputs-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -1726,7 +1726,7 @@ jobs:
               },
               {
                 "name": "make",
-                "description": "Execute any Make target. This tool is accessible as 'safeinputs-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -1744,30 +1744,30 @@ jobs:
               }
             ]
           }
-          GH_AW_SAFE_INPUTS_TOOLS_EOF
-          cat > /opt/gh-aw/safe-inputs/mcp-server.cjs << 'GH_AW_SAFE_INPUTS_SERVER_EOF'
+          GH_AW_MCP_SCRIPTS_TOOLS_EOF
+          cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_EOF'
             const path = require("path");
-            const { startHttpServer } = require("./safe_inputs_mcp_server_http.cjs");
+            const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
             const configPath = path.join(__dirname, "tools.json");
-            const port = parseInt(process.env.GH_AW_SAFE_INPUTS_PORT || "3000", 10);
-            const apiKey = process.env.GH_AW_SAFE_INPUTS_API_KEY || "";
+            const port = parseInt(process.env.GH_AW_MCP_SCRIPTS_PORT || "3000", 10);
+            const apiKey = process.env.GH_AW_MCP_SCRIPTS_API_KEY || "";
             startHttpServer(configPath, {
               port: port,
               stateless: true,
-              logDir: "/opt/gh-aw/safe-inputs/logs"
+              logDir: "/opt/gh-aw/mcp-scripts/logs"
             }).catch(error => {
-              console.error("Failed to start safe-inputs HTTP server:", error);
+              console.error("Failed to start mcp-scripts HTTP server:", error);
               process.exit(1);
             });
-          GH_AW_SAFE_INPUTS_SERVER_EOF
-          chmod +x /opt/gh-aw/safe-inputs/mcp-server.cjs
+          GH_AW_MCP_SCRIPTS_SERVER_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
       - name: Setup Safe Inputs Tool Files
         run: |
-          cat > /opt/gh-aw/safe-inputs/gh.sh << 'GH_AW_SAFE_INPUTS_SH_GH_EOF'
+          cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: gh
-          # Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: gh
+          # Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
@@ -1775,11 +1775,11 @@ jobs:
           echo "  token: ${GH_AW_GH_TOKEN:0:6}..."
           GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
           
-          GH_AW_SAFE_INPUTS_SH_GH_EOF
-          chmod +x /opt/gh-aw/safe-inputs/gh.sh
-          cat > /opt/gh-aw/safe-inputs/github-discussion-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GH_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/gh.sh
+          cat > /opt/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-discussion-query
+          # Auto-generated mcp-script tool: github-discussion-query
           # Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -1912,11 +1912,11 @@ jobs:
           EOF
           fi
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-DISCUSSION-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-discussion-query.sh
-          cat > /opt/gh-aw/safe-inputs/github-issue-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-ISSUE-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-discussion-query.sh
+          cat > /opt/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-issue-query
+          # Auto-generated mcp-script tool: github-issue-query
           # Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -1993,11 +1993,11 @@ jobs:
           fi
           
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-ISSUE-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-issue-query.sh
-          cat > /opt/gh-aw/safe-inputs/github-pr-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-PR-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-issue-query.sh
+          cat > /opt/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-pr-query
+          # Auto-generated mcp-script tool: github-pr-query
           # Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -2080,12 +2080,12 @@ jobs:
           fi
           
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-PR-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-pr-query.sh
-          cat > /opt/gh-aw/safe-inputs/go.sh << 'GH_AW_SAFE_INPUTS_SH_GO_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-pr-query.sh
+          cat > /opt/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: go
-          # Execute any Go command. This tool is accessible as 'safeinputs-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: go
+          # Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
@@ -2093,23 +2093,23 @@ jobs:
           go $INPUT_ARGS
           
           
-          GH_AW_SAFE_INPUTS_SH_GO_EOF
-          chmod +x /opt/gh-aw/safe-inputs/go.sh
-          cat > /opt/gh-aw/safe-inputs/make.sh << 'GH_AW_SAFE_INPUTS_SH_MAKE_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GO_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/go.sh
+          cat > /opt/gh-aw/mcp-scripts/make.sh << 'GH_AW_MCP_SCRIPTS_SH_MAKE_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: make
-          # Execute any Make target. This tool is accessible as 'safeinputs-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: make
+          # Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
           echo "make $INPUT_ARGS"
           make $INPUT_ARGS
           
-          GH_AW_SAFE_INPUTS_SH_MAKE_EOF
-          chmod +x /opt/gh-aw/safe-inputs/make.sh
+          GH_AW_MCP_SCRIPTS_SH_MAKE_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/make.sh
           
-      - name: Generate Safe Inputs MCP Server Config
-        id: safe-inputs-config
+      - name: Generate MCP Scripts Server Config
+        id: mcp-scripts-config
         run: |
           # Generate a secure random API key (360 bits of entropy, 40+ chars)
           # Mask immediately to prevent timing vulnerabilities
@@ -2120,35 +2120,35 @@ jobs:
           
           # Set outputs for next steps
           {
-            echo "safe_inputs_api_key=${API_KEY}"
-            echo "safe_inputs_port=${PORT}"
+            echo "mcp_scripts_api_key=${API_KEY}"
+            echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
           echo "Safe Inputs MCP server will run on port ${PORT}"
           
-      - name: Start Safe Inputs MCP HTTP Server
-        id: safe-inputs-start
+      - name: Start MCP Scripts HTTP Server
+        id: mcp-scripts-start
         env:
           DEBUG: '*'
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-config.outputs.safe_inputs_port }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-config.outputs.safe_inputs_api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }}
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           GH_DEBUG: 1
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           # Environment variables are set above to prevent template injection
           export DEBUG
-          export GH_AW_SAFE_INPUTS_PORT
-          export GH_AW_SAFE_INPUTS_API_KEY
+          export GH_AW_MCP_SCRIPTS_PORT
+          export GH_AW_MCP_SCRIPTS_API_KEY
           
-          bash /opt/gh-aw/actions/start_safe_inputs_server.sh
+          bash /opt/gh-aw/actions/start_mcp_scripts_server.sh
           
       - name: Start MCP Gateway
         id: start-mcp-gateway
         env:
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-start.outputs.api_key }}
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-start.outputs.port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-start.outputs.api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-start.outputs.port }}
           GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
           GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
           GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
@@ -2175,7 +2175,7 @@ jobs:
           export DEBUG="*"
           
           export GH_AW_ENGINE="claude"
-          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_INPUTS_PORT -e GH_AW_SAFE_INPUTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -e TAVILY_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
+          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -e TAVILY_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
           
           cat << GH_AW_MCP_CONFIG_EOF | bash /opt/gh-aw/actions/start_mcp_gateway.sh
           {
@@ -2200,6 +2200,13 @@ jobs:
                   "GITHUB_TOOLSETS": "repos,pull_requests"
                 }
               },
+              "mcpscripts": {
+                "type": "http",
+                "url": "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT",
+                "headers": {
+                  "Authorization": "$GH_AW_MCP_SCRIPTS_API_KEY"
+                }
+              },
               "playwright": {
                 "container": "mcr.microsoft.com/playwright/mcp",
                 "args": [
@@ -2217,13 +2224,6 @@ jobs:
                 ],
                 "mounts": ["/tmp/gh-aw/mcp-logs:/tmp/gh-aw/mcp-logs:rw"]
               },
-              "safeinputs": {
-                "type": "http",
-                "url": "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT",
-                "headers": {
-                  "Authorization": "$GH_AW_SAFE_INPUTS_API_KEY"
-                }
-              },
               "safeoutputs": {
                 "type": "http",
                 "url": "http://host.docker.internal:$GH_AW_SAFE_OUTPUTS_PORT",
@@ -2487,7 +2487,7 @@ jobs:
           script: |
             const { setupGlobals } = require('/opt/gh-aw/actions/setup_globals.cjs');
             setupGlobals(core, github, context, exec, io);
-            const { main } = require('/opt/gh-aw/actions/parse_safe_inputs_logs.cjs');
+            const { main } = require('/opt/gh-aw/actions/parse_mcp_scripts_logs.cjs');
             await main();
       - name: Parse MCP Gateway logs for step summary
         if: always()
@@ -2528,7 +2528,7 @@ jobs:
           path: |
             /tmp/gh-aw/aw-prompts/prompt.txt
             /tmp/gh-aw/mcp-logs/
-            /tmp/gh-aw/safe-inputs/logs/
+            /tmp/gh-aw/mcp-scripts/logs/
             /tmp/gh-aw/sandbox/firewall/logs/
             /tmp/gh-aw/agent-stdio.log
             /tmp/gh-aw/agent/
diff --git a/.github/workflows/smoke-claude.md b/.github/workflows/smoke-claude.md
index 7a4e93d2783..36944891ee9 100644
--- a/.github/workflows/smoke-claude.md
+++ b/.github/workflows/smoke-claude.md
@@ -26,7 +26,7 @@ imports:
   - shared/gh.md
   - shared/mcp/tavily.md
   - shared/reporting.md
-  - shared/github-queries-safe-input.md
+  - shared/github-queries-mcp-script.md
   - shared/go-make.md
   - shared/github-mcp-app.md
 network:
@@ -112,7 +112,7 @@ timeout-minutes: 10
 7. **File Writing Testing**: Create a test file `/tmp/gh-aw/agent/smoke-test-claude-${{ github.run_id }}.txt` with content "Smoke test passed for Claude at $(date)" (create the directory if it doesn't exist)
 8. **Bash Tool Testing**: Execute bash commands to verify file creation was successful (use `cat` to read the file back)
 9. **Discussion Interaction Testing**: 
-   - Use the `github-discussion-query` safe-input tool with params: `limit=1, jq=".[0]"` to get the latest discussion from ${{ github.repository }}
+   - Use the `github-discussion-query` mcp-script tool with params: `limit=1, jq=".[0]"` to get the latest discussion from ${{ github.repository }}
    - Extract the discussion number from the result (e.g., if the result is `{"number": 123, "title": "...", ...}`, extract 123)
    - Use the `add_comment` tool with `discussion_number: <extracted_number>` to add a fun, comic-book style comment stating that the smoke test agent was here
 10. **Agentic Workflows MCP Testing**: 
diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml
index 4f8f7d989ba..71cafbf3243 100644
--- a/.github/workflows/smoke-codex.lock.yml
+++ b/.github/workflows/smoke-codex.lock.yml
@@ -28,7 +28,7 @@
 #     - shared/gh.md
 #     - shared/reporting.md
 #
-# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"b0d2bc9b08bd9968ab2dfacf004f1df93a0d83e2137a45bb5d634ba4ffefab44","strict":true}
+# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"a0d6484047236aedaa01eeb854f54ff456d39c02bb732dcf3ee8b0b14cc34e95","strict":true}
 
 name: "Smoke Codex"
 "on":
@@ -981,16 +981,16 @@ jobs:
           
       - name: Setup Safe Inputs Config
         run: |
-          mkdir -p /opt/gh-aw/safe-inputs/logs
-          cat > /opt/gh-aw/safe-inputs/tools.json << 'GH_AW_SAFE_INPUTS_TOOLS_EOF'
+          mkdir -p /opt/gh-aw/mcp-scripts/logs
+          cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
           {
-            "serverName": "safeinputs",
+            "serverName": "mcpscripts",
             "version": "1.0.0",
-            "logDir": "/opt/gh-aw/safe-inputs/logs",
+            "logDir": "/opt/gh-aw/mcp-scripts/logs",
             "tools": [
               {
                 "name": "gh",
-                "description": "Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -1012,30 +1012,30 @@ jobs:
               }
             ]
           }
-          GH_AW_SAFE_INPUTS_TOOLS_EOF
-          cat > /opt/gh-aw/safe-inputs/mcp-server.cjs << 'GH_AW_SAFE_INPUTS_SERVER_EOF'
+          GH_AW_MCP_SCRIPTS_TOOLS_EOF
+          cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_EOF'
             const path = require("path");
-            const { startHttpServer } = require("./safe_inputs_mcp_server_http.cjs");
+            const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
             const configPath = path.join(__dirname, "tools.json");
-            const port = parseInt(process.env.GH_AW_SAFE_INPUTS_PORT || "3000", 10);
-            const apiKey = process.env.GH_AW_SAFE_INPUTS_API_KEY || "";
+            const port = parseInt(process.env.GH_AW_MCP_SCRIPTS_PORT || "3000", 10);
+            const apiKey = process.env.GH_AW_MCP_SCRIPTS_API_KEY || "";
             startHttpServer(configPath, {
               port: port,
               stateless: true,
-              logDir: "/opt/gh-aw/safe-inputs/logs"
+              logDir: "/opt/gh-aw/mcp-scripts/logs"
             }).catch(error => {
-              console.error("Failed to start safe-inputs HTTP server:", error);
+              console.error("Failed to start mcp-scripts HTTP server:", error);
               process.exit(1);
             });
-          GH_AW_SAFE_INPUTS_SERVER_EOF
-          chmod +x /opt/gh-aw/safe-inputs/mcp-server.cjs
+          GH_AW_MCP_SCRIPTS_SERVER_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
       - name: Setup Safe Inputs Tool Files
         run: |
-          cat > /opt/gh-aw/safe-inputs/gh.sh << 'GH_AW_SAFE_INPUTS_SH_GH_EOF'
+          cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: gh
-          # Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: gh
+          # Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
@@ -1043,11 +1043,11 @@ jobs:
           echo "  token: ${GH_AW_GH_TOKEN:0:6}..."
           GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
           
-          GH_AW_SAFE_INPUTS_SH_GH_EOF
-          chmod +x /opt/gh-aw/safe-inputs/gh.sh
+          GH_AW_MCP_SCRIPTS_SH_GH_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/gh.sh
           
-      - name: Generate Safe Inputs MCP Server Config
-        id: safe-inputs-config
+      - name: Generate MCP Scripts Server Config
+        id: mcp-scripts-config
         run: |
           # Generate a secure random API key (360 bits of entropy, 40+ chars)
           # Mask immediately to prevent timing vulnerabilities
@@ -1058,34 +1058,34 @@ jobs:
           
           # Set outputs for next steps
           {
-            echo "safe_inputs_api_key=${API_KEY}"
-            echo "safe_inputs_port=${PORT}"
+            echo "mcp_scripts_api_key=${API_KEY}"
+            echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
           echo "Safe Inputs MCP server will run on port ${PORT}"
           
-      - name: Start Safe Inputs MCP HTTP Server
-        id: safe-inputs-start
+      - name: Start MCP Scripts HTTP Server
+        id: mcp-scripts-start
         env:
           DEBUG: '*'
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-config.outputs.safe_inputs_port }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-config.outputs.safe_inputs_api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }}
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           GH_DEBUG: 1
         run: |
           # Environment variables are set above to prevent template injection
           export DEBUG
-          export GH_AW_SAFE_INPUTS_PORT
-          export GH_AW_SAFE_INPUTS_API_KEY
+          export GH_AW_MCP_SCRIPTS_PORT
+          export GH_AW_MCP_SCRIPTS_API_KEY
           
-          bash /opt/gh-aw/actions/start_safe_inputs_server.sh
+          bash /opt/gh-aw/actions/start_mcp_scripts_server.sh
           
       - name: Start MCP Gateway
         id: start-mcp-gateway
         env:
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-start.outputs.api_key }}
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-start.outputs.port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-start.outputs.api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-start.outputs.port }}
           GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
           GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
           GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
@@ -1109,7 +1109,7 @@ jobs:
           export DEBUG="*"
           
           export GH_AW_ENGINE="codex"
-          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_INPUTS_PORT -e GH_AW_SAFE_INPUTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
+          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
           
           cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_EOF
           [history]
@@ -1127,6 +1127,11 @@ jobs:
           env = { "GITHUB_PERSONAL_ACCESS_TOKEN" = "$GH_AW_GITHUB_TOKEN", "GITHUB_READ_ONLY" = "1", "GITHUB_TOOLSETS" = "context,repos,issues,pull_requests" }
           env_vars = ["GITHUB_PERSONAL_ACCESS_TOKEN", "GITHUB_READ_ONLY", "GITHUB_TOOLSETS"]
           
+          [mcp_servers.mcpscripts]
+          type = "http"
+          url = "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT"
+          headers = { Authorization = "$GH_AW_MCP_SCRIPTS_API_KEY" }
+          
           [mcp_servers.playwright]
           container = "mcr.microsoft.com/playwright/mcp"
           args = [
@@ -1143,11 +1148,6 @@ jobs:
           ]
           mounts = ["/tmp/gh-aw/mcp-logs:/tmp/gh-aw/mcp-logs:rw"]
           
-          [mcp_servers.safeinputs]
-          type = "http"
-          url = "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT"
-          headers = { Authorization = "$GH_AW_SAFE_INPUTS_API_KEY" }
-          
           [mcp_servers.safeoutputs]
           type = "http"
           url = "http://host.docker.internal:$GH_AW_SAFE_OUTPUTS_PORT"
@@ -1188,6 +1188,13 @@ jobs:
                   "GITHUB_TOOLSETS": "context,repos,issues,pull_requests"
                 }
               },
+              "mcpscripts": {
+                "type": "http",
+                "url": "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT",
+                "headers": {
+                  "Authorization": "$GH_AW_MCP_SCRIPTS_API_KEY"
+                }
+              },
               "playwright": {
                 "container": "mcr.microsoft.com/playwright/mcp",
                 "args": [
@@ -1205,13 +1212,6 @@ jobs:
                 ],
                 "mounts": ["/tmp/gh-aw/mcp-logs:/tmp/gh-aw/mcp-logs:rw"]
               },
-              "safeinputs": {
-                "type": "http",
-                "url": "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT",
-                "headers": {
-                  "Authorization": "$GH_AW_SAFE_INPUTS_API_KEY"
-                }
-              },
               "safeoutputs": {
                 "type": "http",
                 "url": "http://host.docker.internal:$GH_AW_SAFE_OUTPUTS_PORT",
@@ -1372,7 +1372,7 @@ jobs:
           script: |
             const { setupGlobals } = require('/opt/gh-aw/actions/setup_globals.cjs');
             setupGlobals(core, github, context, exec, io);
-            const { main } = require('/opt/gh-aw/actions/parse_safe_inputs_logs.cjs');
+            const { main } = require('/opt/gh-aw/actions/parse_mcp_scripts_logs.cjs');
             await main();
       - name: Parse MCP Gateway logs for step summary
         if: always()
@@ -1413,7 +1413,7 @@ jobs:
           path: |
             /tmp/gh-aw/aw-prompts/prompt.txt
             /tmp/gh-aw/mcp-logs/
-            /tmp/gh-aw/safe-inputs/logs/
+            /tmp/gh-aw/mcp-scripts/logs/
             /tmp/gh-aw/sandbox/firewall/logs/
             /tmp/gh-aw/agent-stdio.log
             /tmp/gh-aw/agent/
diff --git a/.github/workflows/smoke-copilot-arm.lock.yml b/.github/workflows/smoke-copilot-arm.lock.yml
index 8668bac317c..3afa5043025 100644
--- a/.github/workflows/smoke-copilot-arm.lock.yml
+++ b/.github/workflows/smoke-copilot-arm.lock.yml
@@ -26,10 +26,10 @@
 # Resolved workflow manifest:
 #   Imports:
 #     - shared/gh.md
-#     - shared/github-queries-safe-input.md
+#     - shared/github-queries-mcp-script.md
 #     - shared/reporting.md
 #
-# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"cf1f5c608523795735700f940e81346adf7deda93a6d6f7ce67469c7230d52d1","strict":true}
+# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"7b99e9ec8d44a77dec3e217ec88e51127137b1388dda1d156e81c80e4c7f7243","strict":true}
 
 name: "Smoke Copilot ARM64"
 "on":
@@ -230,7 +230,7 @@ jobs:
           {{#runtime-import .github/workflows/shared/reporting.md}}
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
-          {{#runtime-import .github/workflows/shared/github-queries-safe-input.md}}
+          {{#runtime-import .github/workflows/shared/github-queries-mcp-script.md}}
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
           {{#runtime-import .github/workflows/smoke-copilot-arm.md}}
@@ -1150,16 +1150,16 @@ jobs:
           
       - name: Setup Safe Inputs Config
         run: |
-          mkdir -p /opt/gh-aw/safe-inputs/logs
-          cat > /opt/gh-aw/safe-inputs/tools.json << 'GH_AW_SAFE_INPUTS_TOOLS_EOF'
+          mkdir -p /opt/gh-aw/mcp-scripts/logs
+          cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
           {
-            "serverName": "safeinputs",
+            "serverName": "mcpscripts",
             "version": "1.0.0",
-            "logDir": "/opt/gh-aw/safe-inputs/logs",
+            "logDir": "/opt/gh-aw/mcp-scripts/logs",
             "tools": [
               {
                 "name": "gh",
-                "description": "Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -1267,30 +1267,30 @@ jobs:
               }
             ]
           }
-          GH_AW_SAFE_INPUTS_TOOLS_EOF
-          cat > /opt/gh-aw/safe-inputs/mcp-server.cjs << 'GH_AW_SAFE_INPUTS_SERVER_EOF'
+          GH_AW_MCP_SCRIPTS_TOOLS_EOF
+          cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_EOF'
             const path = require("path");
-            const { startHttpServer } = require("./safe_inputs_mcp_server_http.cjs");
+            const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
             const configPath = path.join(__dirname, "tools.json");
-            const port = parseInt(process.env.GH_AW_SAFE_INPUTS_PORT || "3000", 10);
-            const apiKey = process.env.GH_AW_SAFE_INPUTS_API_KEY || "";
+            const port = parseInt(process.env.GH_AW_MCP_SCRIPTS_PORT || "3000", 10);
+            const apiKey = process.env.GH_AW_MCP_SCRIPTS_API_KEY || "";
             startHttpServer(configPath, {
               port: port,
               stateless: true,
-              logDir: "/opt/gh-aw/safe-inputs/logs"
+              logDir: "/opt/gh-aw/mcp-scripts/logs"
             }).catch(error => {
-              console.error("Failed to start safe-inputs HTTP server:", error);
+              console.error("Failed to start mcp-scripts HTTP server:", error);
               process.exit(1);
             });
-          GH_AW_SAFE_INPUTS_SERVER_EOF
-          chmod +x /opt/gh-aw/safe-inputs/mcp-server.cjs
+          GH_AW_MCP_SCRIPTS_SERVER_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
       - name: Setup Safe Inputs Tool Files
         run: |
-          cat > /opt/gh-aw/safe-inputs/gh.sh << 'GH_AW_SAFE_INPUTS_SH_GH_EOF'
+          cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: gh
-          # Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: gh
+          # Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
@@ -1298,11 +1298,11 @@ jobs:
           echo "  token: ${GH_AW_GH_TOKEN:0:6}..."
           GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
           
-          GH_AW_SAFE_INPUTS_SH_GH_EOF
-          chmod +x /opt/gh-aw/safe-inputs/gh.sh
-          cat > /opt/gh-aw/safe-inputs/github-discussion-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GH_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/gh.sh
+          cat > /opt/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-discussion-query
+          # Auto-generated mcp-script tool: github-discussion-query
           # Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -1435,11 +1435,11 @@ jobs:
           EOF
           fi
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-DISCUSSION-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-discussion-query.sh
-          cat > /opt/gh-aw/safe-inputs/github-issue-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-ISSUE-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-discussion-query.sh
+          cat > /opt/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-issue-query
+          # Auto-generated mcp-script tool: github-issue-query
           # Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -1516,11 +1516,11 @@ jobs:
           fi
           
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-ISSUE-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-issue-query.sh
-          cat > /opt/gh-aw/safe-inputs/github-pr-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-PR-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-issue-query.sh
+          cat > /opt/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-pr-query
+          # Auto-generated mcp-script tool: github-pr-query
           # Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -1603,11 +1603,11 @@ jobs:
           fi
           
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-PR-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-pr-query.sh
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-pr-query.sh
           
-      - name: Generate Safe Inputs MCP Server Config
-        id: safe-inputs-config
+      - name: Generate MCP Scripts Server Config
+        id: mcp-scripts-config
         run: |
           # Generate a secure random API key (360 bits of entropy, 40+ chars)
           # Mask immediately to prevent timing vulnerabilities
@@ -1618,35 +1618,35 @@ jobs:
           
           # Set outputs for next steps
           {
-            echo "safe_inputs_api_key=${API_KEY}"
-            echo "safe_inputs_port=${PORT}"
+            echo "mcp_scripts_api_key=${API_KEY}"
+            echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
           echo "Safe Inputs MCP server will run on port ${PORT}"
           
-      - name: Start Safe Inputs MCP HTTP Server
-        id: safe-inputs-start
+      - name: Start MCP Scripts HTTP Server
+        id: mcp-scripts-start
         env:
           DEBUG: '*'
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-config.outputs.safe_inputs_port }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-config.outputs.safe_inputs_api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }}
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           GH_DEBUG: 1
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           # Environment variables are set above to prevent template injection
           export DEBUG
-          export GH_AW_SAFE_INPUTS_PORT
-          export GH_AW_SAFE_INPUTS_API_KEY
+          export GH_AW_MCP_SCRIPTS_PORT
+          export GH_AW_MCP_SCRIPTS_API_KEY
           
-          bash /opt/gh-aw/actions/start_safe_inputs_server.sh
+          bash /opt/gh-aw/actions/start_mcp_scripts_server.sh
           
       - name: Start MCP Gateway
         id: start-mcp-gateway
         env:
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-start.outputs.api_key }}
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-start.outputs.port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-start.outputs.api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-start.outputs.port }}
           GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
           GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
           GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
@@ -1672,7 +1672,7 @@ jobs:
           export DEBUG="*"
           
           export GH_AW_ENGINE="copilot"
-          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_INPUTS_PORT -e GH_AW_SAFE_INPUTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
+          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
           
           mkdir -p /home/runner/.copilot
           cat << GH_AW_MCP_CONFIG_EOF | bash /opt/gh-aw/actions/start_mcp_gateway.sh
@@ -1700,6 +1700,13 @@ jobs:
                   "GITHUB_TOOLSETS": "context,repos,issues,pull_requests"
                 }
               },
+              "mcpscripts": {
+                "type": "http",
+                "url": "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT",
+                "headers": {
+                  "Authorization": "\${GH_AW_MCP_SCRIPTS_API_KEY}"
+                }
+              },
               "playwright": {
                 "type": "stdio",
                 "container": "mcr.microsoft.com/playwright/mcp",
@@ -1707,13 +1714,6 @@ jobs:
                 "entrypointArgs": ["--output-dir", "/tmp/gh-aw/mcp-logs/playwright", "--no-sandbox"],
                 "mounts": ["/tmp/gh-aw/mcp-logs:/tmp/gh-aw/mcp-logs:rw"]
               },
-              "safeinputs": {
-                "type": "http",
-                "url": "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT",
-                "headers": {
-                  "Authorization": "\${GH_AW_SAFE_INPUTS_API_KEY}"
-                }
-              },
               "safeoutputs": {
                 "type": "http",
                 "url": "http://host.docker.internal:$GH_AW_SAFE_OUTPUTS_PORT",
@@ -1893,7 +1893,7 @@ jobs:
           script: |
             const { setupGlobals } = require('/opt/gh-aw/actions/setup_globals.cjs');
             setupGlobals(core, github, context, exec, io);
-            const { main } = require('/opt/gh-aw/actions/parse_safe_inputs_logs.cjs');
+            const { main } = require('/opt/gh-aw/actions/parse_mcp_scripts_logs.cjs');
             await main();
       - name: Parse MCP Gateway logs for step summary
         if: always()
@@ -1934,7 +1934,7 @@ jobs:
           path: |
             /tmp/gh-aw/aw-prompts/prompt.txt
             /tmp/gh-aw/mcp-logs/
-            /tmp/gh-aw/safe-inputs/logs/
+            /tmp/gh-aw/mcp-scripts/logs/
             /tmp/gh-aw/sandbox/firewall/logs/
             /tmp/gh-aw/agent-stdio.log
             /tmp/gh-aw/agent/
diff --git a/.github/workflows/smoke-copilot-arm.md b/.github/workflows/smoke-copilot-arm.md
index 05a8c7e686a..3cc58ac75d2 100644
--- a/.github/workflows/smoke-copilot-arm.md
+++ b/.github/workflows/smoke-copilot-arm.md
@@ -19,7 +19,7 @@ runs-on: ubuntu-24.04-arm
 imports:
   - shared/gh.md
   - shared/reporting.md
-  - shared/github-queries-safe-input.md
+  - shared/github-queries-mcp-script.md
 network:
   allowed:
     - defaults
@@ -128,7 +128,7 @@ strict: true
 6. **File Writing Testing**: Create a test file `/tmp/gh-aw/agent/smoke-test-copilot-arm-${{ github.run_id }}.txt` with content "Smoke test passed for Copilot ARM64 at $(date)" (create the directory if it doesn't exist)
 7. **Bash Tool Testing**: Execute bash commands to verify file creation was successful (use `cat` to read the file back)
 8. **Discussion Interaction Testing**:
-   - Use the `github-discussion-query` safe-input tool with params: `limit=1, jq=".[0]"` to get the latest discussion from ${{ github.repository }}
+   - Use the `github-discussion-query` mcp-script tool with params: `limit=1, jq=".[0]"` to get the latest discussion from ${{ github.repository }}
    - Extract the discussion number from the result (e.g., if the result is `{"number": 123, "title": "...", ...}`, extract 123)
    - Use the `add_comment` tool with `discussion_number: <extracted_number>` to add a fun, playful comment stating that the ARM64 smoke test agent was here
 9. **Build gh-aw**: Run `GOCACHE=/tmp/go-cache GOMODCACHE=/tmp/go-mod make build` to verify the agent can successfully build the gh-aw project on ARM64 (both caches must be set to /tmp because the default cache locations are not writable). If the command fails, mark this test as ❌ and report the failure.
diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml
index 99e7f35a8f6..d54937748cb 100644
--- a/.github/workflows/smoke-copilot.lock.yml
+++ b/.github/workflows/smoke-copilot.lock.yml
@@ -26,10 +26,10 @@
 # Resolved workflow manifest:
 #   Imports:
 #     - shared/gh.md
-#     - shared/github-queries-safe-input.md
+#     - shared/github-queries-mcp-script.md
 #     - shared/reporting.md
 #
-# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"73a535e5d847637934c1146674b9529b8472bda1f5f403896b1d1c8f78944ec7","strict":true}
+# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"830a89c87a78c7b4f28a627af94770218a191c056806d08478c3cf6d6be96a6c","strict":true}
 
 name: "Smoke Copilot"
 "on":
@@ -233,7 +233,7 @@ jobs:
           {{#runtime-import .github/workflows/shared/reporting.md}}
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
-          {{#runtime-import .github/workflows/shared/github-queries-safe-input.md}}
+          {{#runtime-import .github/workflows/shared/github-queries-mcp-script.md}}
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
           {{#runtime-import .github/workflows/smoke-copilot.md}}
@@ -1203,16 +1203,16 @@ jobs:
           
       - name: Setup Safe Inputs Config
         run: |
-          mkdir -p /opt/gh-aw/safe-inputs/logs
-          cat > /opt/gh-aw/safe-inputs/tools.json << 'GH_AW_SAFE_INPUTS_TOOLS_EOF'
+          mkdir -p /opt/gh-aw/mcp-scripts/logs
+          cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
           {
-            "serverName": "safeinputs",
+            "serverName": "mcpscripts",
             "version": "1.0.0",
-            "logDir": "/opt/gh-aw/safe-inputs/logs",
+            "logDir": "/opt/gh-aw/mcp-scripts/logs",
             "tools": [
               {
                 "name": "gh",
-                "description": "Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -1320,30 +1320,30 @@ jobs:
               }
             ]
           }
-          GH_AW_SAFE_INPUTS_TOOLS_EOF
-          cat > /opt/gh-aw/safe-inputs/mcp-server.cjs << 'GH_AW_SAFE_INPUTS_SERVER_EOF'
+          GH_AW_MCP_SCRIPTS_TOOLS_EOF
+          cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_EOF'
             const path = require("path");
-            const { startHttpServer } = require("./safe_inputs_mcp_server_http.cjs");
+            const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
             const configPath = path.join(__dirname, "tools.json");
-            const port = parseInt(process.env.GH_AW_SAFE_INPUTS_PORT || "3000", 10);
-            const apiKey = process.env.GH_AW_SAFE_INPUTS_API_KEY || "";
+            const port = parseInt(process.env.GH_AW_MCP_SCRIPTS_PORT || "3000", 10);
+            const apiKey = process.env.GH_AW_MCP_SCRIPTS_API_KEY || "";
             startHttpServer(configPath, {
               port: port,
               stateless: true,
-              logDir: "/opt/gh-aw/safe-inputs/logs"
+              logDir: "/opt/gh-aw/mcp-scripts/logs"
             }).catch(error => {
-              console.error("Failed to start safe-inputs HTTP server:", error);
+              console.error("Failed to start mcp-scripts HTTP server:", error);
               process.exit(1);
             });
-          GH_AW_SAFE_INPUTS_SERVER_EOF
-          chmod +x /opt/gh-aw/safe-inputs/mcp-server.cjs
+          GH_AW_MCP_SCRIPTS_SERVER_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
       - name: Setup Safe Inputs Tool Files
         run: |
-          cat > /opt/gh-aw/safe-inputs/gh.sh << 'GH_AW_SAFE_INPUTS_SH_GH_EOF'
+          cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: gh
-          # Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: gh
+          # Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
@@ -1351,11 +1351,11 @@ jobs:
           echo "  token: ${GH_AW_GH_TOKEN:0:6}..."
           GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
           
-          GH_AW_SAFE_INPUTS_SH_GH_EOF
-          chmod +x /opt/gh-aw/safe-inputs/gh.sh
-          cat > /opt/gh-aw/safe-inputs/github-discussion-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GH_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/gh.sh
+          cat > /opt/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-discussion-query
+          # Auto-generated mcp-script tool: github-discussion-query
           # Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -1488,11 +1488,11 @@ jobs:
           EOF
           fi
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-DISCUSSION-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-discussion-query.sh
-          cat > /opt/gh-aw/safe-inputs/github-issue-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-ISSUE-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-discussion-query.sh
+          cat > /opt/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-issue-query
+          # Auto-generated mcp-script tool: github-issue-query
           # Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -1569,11 +1569,11 @@ jobs:
           fi
           
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-ISSUE-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-issue-query.sh
-          cat > /opt/gh-aw/safe-inputs/github-pr-query.sh << 'GH_AW_SAFE_INPUTS_SH_GITHUB-PR-QUERY_EOF'
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-issue-query.sh
+          cat > /opt/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: github-pr-query
+          # Auto-generated mcp-script tool: github-pr-query
           # Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
           
           set -euo pipefail
@@ -1656,11 +1656,11 @@ jobs:
           fi
           
           
-          GH_AW_SAFE_INPUTS_SH_GITHUB-PR-QUERY_EOF
-          chmod +x /opt/gh-aw/safe-inputs/github-pr-query.sh
+          GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/github-pr-query.sh
           
-      - name: Generate Safe Inputs MCP Server Config
-        id: safe-inputs-config
+      - name: Generate MCP Scripts Server Config
+        id: mcp-scripts-config
         run: |
           # Generate a secure random API key (360 bits of entropy, 40+ chars)
           # Mask immediately to prevent timing vulnerabilities
@@ -1671,35 +1671,35 @@ jobs:
           
           # Set outputs for next steps
           {
-            echo "safe_inputs_api_key=${API_KEY}"
-            echo "safe_inputs_port=${PORT}"
+            echo "mcp_scripts_api_key=${API_KEY}"
+            echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
           echo "Safe Inputs MCP server will run on port ${PORT}"
           
-      - name: Start Safe Inputs MCP HTTP Server
-        id: safe-inputs-start
+      - name: Start MCP Scripts HTTP Server
+        id: mcp-scripts-start
         env:
           DEBUG: '*'
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-config.outputs.safe_inputs_port }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-config.outputs.safe_inputs_api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }}
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           GH_DEBUG: 1
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           # Environment variables are set above to prevent template injection
           export DEBUG
-          export GH_AW_SAFE_INPUTS_PORT
-          export GH_AW_SAFE_INPUTS_API_KEY
+          export GH_AW_MCP_SCRIPTS_PORT
+          export GH_AW_MCP_SCRIPTS_API_KEY
           
-          bash /opt/gh-aw/actions/start_safe_inputs_server.sh
+          bash /opt/gh-aw/actions/start_mcp_scripts_server.sh
           
       - name: Start MCP Gateway
         id: start-mcp-gateway
         env:
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-start.outputs.api_key }}
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-start.outputs.port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-start.outputs.api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-start.outputs.port }}
           GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
           GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
           GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
@@ -1725,7 +1725,7 @@ jobs:
           export DEBUG="*"
           
           export GH_AW_ENGINE="copilot"
-          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_INPUTS_PORT -e GH_AW_SAFE_INPUTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
+          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
           
           mkdir -p /home/runner/.copilot
           cat << GH_AW_MCP_CONFIG_EOF | bash /opt/gh-aw/actions/start_mcp_gateway.sh
@@ -1753,6 +1753,13 @@ jobs:
                   "GITHUB_TOOLSETS": "context,repos,issues,pull_requests"
                 }
               },
+              "mcpscripts": {
+                "type": "http",
+                "url": "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT",
+                "headers": {
+                  "Authorization": "\${GH_AW_MCP_SCRIPTS_API_KEY}"
+                }
+              },
               "playwright": {
                 "type": "stdio",
                 "container": "mcr.microsoft.com/playwright/mcp",
@@ -1760,13 +1767,6 @@ jobs:
                 "entrypointArgs": ["--output-dir", "/tmp/gh-aw/mcp-logs/playwright", "--no-sandbox"],
                 "mounts": ["/tmp/gh-aw/mcp-logs:/tmp/gh-aw/mcp-logs:rw"]
               },
-              "safeinputs": {
-                "type": "http",
-                "url": "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT",
-                "headers": {
-                  "Authorization": "\${GH_AW_SAFE_INPUTS_API_KEY}"
-                }
-              },
               "safeoutputs": {
                 "type": "http",
                 "url": "http://host.docker.internal:$GH_AW_SAFE_OUTPUTS_PORT",
@@ -1946,7 +1946,7 @@ jobs:
           script: |
             const { setupGlobals } = require('/opt/gh-aw/actions/setup_globals.cjs');
             setupGlobals(core, github, context, exec, io);
-            const { main } = require('/opt/gh-aw/actions/parse_safe_inputs_logs.cjs');
+            const { main } = require('/opt/gh-aw/actions/parse_mcp_scripts_logs.cjs');
             await main();
       - name: Parse MCP Gateway logs for step summary
         if: always()
@@ -1987,7 +1987,7 @@ jobs:
           path: |
             /tmp/gh-aw/aw-prompts/prompt.txt
             /tmp/gh-aw/mcp-logs/
-            /tmp/gh-aw/safe-inputs/logs/
+            /tmp/gh-aw/mcp-scripts/logs/
             /tmp/gh-aw/sandbox/firewall/logs/
             /tmp/gh-aw/agent-stdio.log
             /tmp/gh-aw/agent/
diff --git a/.github/workflows/smoke-copilot.md b/.github/workflows/smoke-copilot.md
index 78900e7ad8c..9573e5a6e92 100644
--- a/.github/workflows/smoke-copilot.md
+++ b/.github/workflows/smoke-copilot.md
@@ -22,7 +22,7 @@ engine:
 imports:
   - shared/gh.md
   - shared/reporting.md
-  - shared/github-queries-safe-input.md
+  - shared/github-queries-mcp-script.md
 network:
   allowed:
     - defaults
@@ -130,7 +130,7 @@ strict: true
 6. **File Writing Testing**: Create a test file `/tmp/gh-aw/agent/smoke-test-copilot-${{ github.run_id }}.txt` with content "Smoke test passed for Copilot at $(date)" (create the directory if it doesn't exist)
 7. **Bash Tool Testing**: Execute bash commands to verify file creation was successful (use `cat` to read the file back)
 8. **Discussion Interaction Testing**: 
-   - Use the `github-discussion-query` safe-input tool with params: `limit=1, jq=".[0]"` to get the latest discussion from ${{ github.repository }}
+   - Use the `github-discussion-query` mcp-script tool with params: `limit=1, jq=".[0]"` to get the latest discussion from ${{ github.repository }}
    - Extract the discussion number from the result (e.g., if the result is `{"number": 123, "title": "...", ...}`, extract 123)
    - Use the `add_comment` tool with `discussion_number: <extracted_number>` to add a fun, playful comment stating that the smoke test agent was here
 9. **Build gh-aw**: Run `GOCACHE=/tmp/go-cache GOMODCACHE=/tmp/go-mod make build` to verify the agent can successfully build the gh-aw project (both caches must be set to /tmp because the default cache locations are not writable). If the command fails, mark this test as ❌ and report the failure.
diff --git a/.github/workflows/smoke-gemini.lock.yml b/.github/workflows/smoke-gemini.lock.yml
index b4008c3c5bf..f095409fb87 100644
--- a/.github/workflows/smoke-gemini.lock.yml
+++ b/.github/workflows/smoke-gemini.lock.yml
@@ -28,7 +28,7 @@
 #     - shared/gh.md
 #     - shared/reporting.md
 #
-# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"0daf3e3fd70f487864a1ae11dafd92fb015aed0e0bd633ce78a72118bac22825","strict":true}
+# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"611a6e1d7631adc68d0939e22a23f0130e9a2b2b2b81bf52861ea0063499f4a8","strict":true}
 
 name: "Smoke Gemini"
 "on":
@@ -793,16 +793,16 @@ jobs:
           
       - name: Setup Safe Inputs Config
         run: |
-          mkdir -p /opt/gh-aw/safe-inputs/logs
-          cat > /opt/gh-aw/safe-inputs/tools.json << 'GH_AW_SAFE_INPUTS_TOOLS_EOF'
+          mkdir -p /opt/gh-aw/mcp-scripts/logs
+          cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
           {
-            "serverName": "safeinputs",
+            "serverName": "mcpscripts",
             "version": "1.0.0",
-            "logDir": "/opt/gh-aw/safe-inputs/logs",
+            "logDir": "/opt/gh-aw/mcp-scripts/logs",
             "tools": [
               {
                 "name": "gh",
-                "description": "Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
+                "description": "Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.",
                 "inputSchema": {
                   "properties": {
                     "args": {
@@ -824,30 +824,30 @@ jobs:
               }
             ]
           }
-          GH_AW_SAFE_INPUTS_TOOLS_EOF
-          cat > /opt/gh-aw/safe-inputs/mcp-server.cjs << 'GH_AW_SAFE_INPUTS_SERVER_EOF'
+          GH_AW_MCP_SCRIPTS_TOOLS_EOF
+          cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_EOF'
             const path = require("path");
-            const { startHttpServer } = require("./safe_inputs_mcp_server_http.cjs");
+            const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
             const configPath = path.join(__dirname, "tools.json");
-            const port = parseInt(process.env.GH_AW_SAFE_INPUTS_PORT || "3000", 10);
-            const apiKey = process.env.GH_AW_SAFE_INPUTS_API_KEY || "";
+            const port = parseInt(process.env.GH_AW_MCP_SCRIPTS_PORT || "3000", 10);
+            const apiKey = process.env.GH_AW_MCP_SCRIPTS_API_KEY || "";
             startHttpServer(configPath, {
               port: port,
               stateless: true,
-              logDir: "/opt/gh-aw/safe-inputs/logs"
+              logDir: "/opt/gh-aw/mcp-scripts/logs"
             }).catch(error => {
-              console.error("Failed to start safe-inputs HTTP server:", error);
+              console.error("Failed to start mcp-scripts HTTP server:", error);
               process.exit(1);
             });
-          GH_AW_SAFE_INPUTS_SERVER_EOF
-          chmod +x /opt/gh-aw/safe-inputs/mcp-server.cjs
+          GH_AW_MCP_SCRIPTS_SERVER_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
       - name: Setup Safe Inputs Tool Files
         run: |
-          cat > /opt/gh-aw/safe-inputs/gh.sh << 'GH_AW_SAFE_INPUTS_SH_GH_EOF'
+          cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
-          # Auto-generated safe-input tool: gh
-          # Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
+          # Auto-generated mcp-script tool: gh
+          # Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues.
           
           set -euo pipefail
           
@@ -855,11 +855,11 @@ jobs:
           echo "  token: ${GH_AW_GH_TOKEN:0:6}..."
           GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
           
-          GH_AW_SAFE_INPUTS_SH_GH_EOF
-          chmod +x /opt/gh-aw/safe-inputs/gh.sh
+          GH_AW_MCP_SCRIPTS_SH_GH_EOF
+          chmod +x /opt/gh-aw/mcp-scripts/gh.sh
           
-      - name: Generate Safe Inputs MCP Server Config
-        id: safe-inputs-config
+      - name: Generate MCP Scripts Server Config
+        id: mcp-scripts-config
         run: |
           # Generate a secure random API key (360 bits of entropy, 40+ chars)
           # Mask immediately to prevent timing vulnerabilities
@@ -870,34 +870,34 @@ jobs:
           
           # Set outputs for next steps
           {
-            echo "safe_inputs_api_key=${API_KEY}"
-            echo "safe_inputs_port=${PORT}"
+            echo "mcp_scripts_api_key=${API_KEY}"
+            echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
           echo "Safe Inputs MCP server will run on port ${PORT}"
           
-      - name: Start Safe Inputs MCP HTTP Server
-        id: safe-inputs-start
+      - name: Start MCP Scripts HTTP Server
+        id: mcp-scripts-start
         env:
           DEBUG: '*'
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-config.outputs.safe_inputs_port }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-config.outputs.safe_inputs_api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }}
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           GH_DEBUG: 1
         run: |
           # Environment variables are set above to prevent template injection
           export DEBUG
-          export GH_AW_SAFE_INPUTS_PORT
-          export GH_AW_SAFE_INPUTS_API_KEY
+          export GH_AW_MCP_SCRIPTS_PORT
+          export GH_AW_MCP_SCRIPTS_API_KEY
           
-          bash /opt/gh-aw/actions/start_safe_inputs_server.sh
+          bash /opt/gh-aw/actions/start_mcp_scripts_server.sh
           
       - name: Start MCP Gateway
         id: start-mcp-gateway
         env:
           GH_AW_GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-start.outputs.api_key }}
-          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-start.outputs.port }}
+          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-start.outputs.api_key }}
+          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-start.outputs.port }}
           GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
           GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
           GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
@@ -920,7 +920,7 @@ jobs:
           export DEBUG="*"
           
           export GH_AW_ENGINE="gemini"
-          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_INPUTS_PORT -e GH_AW_SAFE_INPUTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
+          export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_LOCKDOWN -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.1.8'
           
           cat << GH_AW_MCP_CONFIG_EOF | bash /opt/gh-aw/actions/start_mcp_gateway.sh
           {
@@ -934,11 +934,11 @@ jobs:
                   "GITHUB_TOOLSETS": "repos,pull_requests"
                 }
               },
-              "safeinputs": {
+              "mcpscripts": {
                 "type": "http",
-                "url": "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT",
+                "url": "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT",
                 "headers": {
-                  "Authorization": "$GH_AW_SAFE_INPUTS_API_KEY"
+                  "Authorization": "$GH_AW_MCP_SCRIPTS_API_KEY"
                 }
               },
               "safeoutputs": {
@@ -1096,7 +1096,7 @@ jobs:
           script: |
             const { setupGlobals } = require('/opt/gh-aw/actions/setup_globals.cjs');
             setupGlobals(core, github, context, exec, io);
-            const { main } = require('/opt/gh-aw/actions/parse_safe_inputs_logs.cjs');
+            const { main } = require('/opt/gh-aw/actions/parse_mcp_scripts_logs.cjs');
             await main();
       - name: Parse MCP Gateway logs for step summary
         if: always()
@@ -1122,7 +1122,7 @@ jobs:
           path: |
             /tmp/gh-aw/aw-prompts/prompt.txt
             /tmp/gh-aw/mcp-logs/
-            /tmp/gh-aw/safe-inputs/logs/
+            /tmp/gh-aw/mcp-scripts/logs/
             /tmp/gh-aw/agent-stdio.log
             /tmp/gh-aw/agent/
           if-no-files-found: ignore
diff --git a/actions/setup/js/generate_safe_inputs_config.cjs b/actions/setup/js/generate_mcp_scripts_config.cjs
similarity index 85%
rename from actions/setup/js/generate_safe_inputs_config.cjs
rename to actions/setup/js/generate_mcp_scripts_config.cjs
index 8e09bae0448..d8041b2b95a 100644
--- a/actions/setup/js/generate_safe_inputs_config.cjs
+++ b/actions/setup/js/generate_mcp_scripts_config.cjs
@@ -8,7 +8,7 @@
  * @param {typeof import("crypto")} params.crypto - Node.js crypto library
  * @returns {{apiKey: string, port: number}} Generated configuration
  */
-function generateSafeInputsConfig({ core, crypto }) {
+function generateMCPScriptsConfig({ core, crypto }) {
   // Generate a secure random API key for the MCP server
   // Using 45 bytes gives us 360 bits of entropy and ensures at least 40 characters
   // after base64 encoding and removing special characters (base64 of 45 bytes = 60 chars)
@@ -19,8 +19,8 @@ function generateSafeInputsConfig({ core, crypto }) {
   const port = 3000;
 
   // Set outputs with descriptive names to avoid conflicts
-  core.setOutput("safe_inputs_api_key", apiKey);
-  core.setOutput("safe_inputs_port", port.toString());
+  core.setOutput("mcp_scripts_api_key", apiKey);
+  core.setOutput("mcp_scripts_port", port.toString());
 
   core.info(`Safe Inputs MCP server will run on port ${port}`);
 
@@ -29,6 +29,6 @@ function generateSafeInputsConfig({ core, crypto }) {
 
 if (typeof module !== "undefined" && module.exports) {
   module.exports = {
-    generateSafeInputsConfig,
+    generateMCPScriptsConfig,
   };
 }
diff --git a/actions/setup/js/generate_safe_inputs_config.test.cjs b/actions/setup/js/generate_mcp_scripts_config.test.cjs
similarity index 65%
rename from actions/setup/js/generate_safe_inputs_config.test.cjs
rename to actions/setup/js/generate_mcp_scripts_config.test.cjs
index d591b86b34a..b9f4a1a3783 100644
--- a/actions/setup/js/generate_safe_inputs_config.test.cjs
+++ b/actions/setup/js/generate_mcp_scripts_config.test.cjs
@@ -1,9 +1,9 @@
 import { describe, it, expect, vi, beforeEach } from "vitest";
 import crypto from "crypto";
 
-describe("generateSafeInputsConfig", () => {
+describe("generateMCPScriptsConfig", () => {
   let mockCore;
-  let generateSafeInputsConfig;
+  let generateMCPScriptsConfig;
 
   beforeEach(async () => {
     // Reset module before each test
@@ -16,12 +16,12 @@ describe("generateSafeInputsConfig", () => {
     };
 
     // Import module
-    const module = await import("./generate_safe_inputs_config.cjs");
-    generateSafeInputsConfig = module.generateSafeInputsConfig;
+    const module = await import("./generate_mcp_scripts_config.cjs");
+    generateMCPScriptsConfig = module.generateMCPScriptsConfig;
   });
 
   it("should generate API key and port", () => {
-    const result = generateSafeInputsConfig({ core: mockCore, crypto });
+    const result = generateMCPScriptsConfig({ core: mockCore, crypto });
 
     // Verify API key was generated
     expect(result.apiKey).toBeDefined();
@@ -35,22 +35,22 @@ describe("generateSafeInputsConfig", () => {
     expect(result.port).toBe(3000);
 
     // Verify outputs were set
-    expect(mockCore.setOutput).toHaveBeenCalledWith("safe_inputs_api_key", result.apiKey);
-    expect(mockCore.setOutput).toHaveBeenCalledWith("safe_inputs_port", "3000");
+    expect(mockCore.setOutput).toHaveBeenCalledWith("mcp_scripts_api_key", result.apiKey);
+    expect(mockCore.setOutput).toHaveBeenCalledWith("mcp_scripts_port", "3000");
 
     // Verify info message was logged
     expect(mockCore.info).toHaveBeenCalledWith("Safe Inputs MCP server will run on port 3000");
   });
 
   it("should generate different API keys on each call", () => {
-    const result1 = generateSafeInputsConfig({ core: mockCore, crypto });
-    const result2 = generateSafeInputsConfig({ core: mockCore, crypto });
+    const result1 = generateMCPScriptsConfig({ core: mockCore, crypto });
+    const result2 = generateMCPScriptsConfig({ core: mockCore, crypto });
 
     expect(result1.apiKey).not.toBe(result2.apiKey);
   });
 
   it("should generate API keys with sufficient length", () => {
-    const result = generateSafeInputsConfig({ core: mockCore, crypto });
+    const result = generateMCPScriptsConfig({ core: mockCore, crypto });
 
     // 45 bytes of random data, base64 encoded without special chars
     // should give us at least 40 characters
@@ -58,19 +58,19 @@ describe("generateSafeInputsConfig", () => {
   });
 
   it("should return consistent port", () => {
-    const result1 = generateSafeInputsConfig({ core: mockCore, crypto });
-    const result2 = generateSafeInputsConfig({ core: mockCore, crypto });
+    const result1 = generateMCPScriptsConfig({ core: mockCore, crypto });
+    const result2 = generateMCPScriptsConfig({ core: mockCore, crypto });
 
     expect(result1.port).toBe(result2.port);
     expect(result1.port).toBe(3000);
   });
 
   it("should handle core.setOutput being called correctly", () => {
-    generateSafeInputsConfig({ core: mockCore, crypto });
+    generateMCPScriptsConfig({ core: mockCore, crypto });
 
     expect(mockCore.setOutput).toHaveBeenCalledTimes(2);
-    expect(mockCore.setOutput.mock.calls[0][0]).toBe("safe_inputs_api_key");
-    expect(mockCore.setOutput.mock.calls[1][0]).toBe("safe_inputs_port");
+    expect(mockCore.setOutput.mock.calls[0][0]).toBe("mcp_scripts_api_key");
+    expect(mockCore.setOutput.mock.calls[1][0]).toBe("mcp_scripts_port");
     expect(mockCore.setOutput.mock.calls[1][1]).toBe("3000");
   });
 });
diff --git a/actions/setup/js/log_parser_shared.cjs b/actions/setup/js/log_parser_shared.cjs
index ca80ebf1e50..56c6b5e1100 100644
--- a/actions/setup/js/log_parser_shared.cjs
+++ b/actions/setup/js/log_parser_shared.cjs
@@ -625,9 +625,9 @@ function formatInitializationSummary(initEntry, options = {}) {
         // Extract the tool name without the prefix for cleaner display
         const toolName = tool.replace(/^safeoutputs-|^safe_outputs-/, "");
         categories["Safe Outputs"].push(toolName);
-      } else if (tool.startsWith("safeinputs-") || tool.startsWith("safe_inputs-")) {
+      } else if (tool.startsWith("safeinputs-") || tool.startsWith("mcp_scripts-")) {
         // Extract the tool name without the prefix for cleaner display
-        const toolName = tool.replace(/^safeinputs-|^safe_inputs-/, "");
+        const toolName = tool.replace(/^safeinputs-|^mcp_scripts-/, "");
         categories["Safe Inputs"].push(toolName);
       } else if (tool.startsWith("mcp__github__")) {
         categories["Git/GitHub"].push(formatMcpName(tool));
diff --git a/actions/setup/js/log_parser_shared.test.cjs b/actions/setup/js/log_parser_shared.test.cjs
index 516f7b5fd20..eabaa5739d8 100644
--- a/actions/setup/js/log_parser_shared.test.cjs
+++ b/actions/setup/js/log_parser_shared.test.cjs
@@ -938,7 +938,7 @@ describe("log_parser_shared.cjs", () => {
       const { formatInitializationSummary } = await import("./log_parser_shared.cjs");
 
       const initEntry = {
-        tools: ["safeinputs-get_data", "safeinputs-query_database", "safe_inputs-fetch_config"],
+        tools: ["safeinputs-get_data", "safeinputs-query_database", "mcp_scripts-fetch_config"],
       };
 
       const result = formatInitializationSummary(initEntry);
@@ -949,7 +949,7 @@ describe("log_parser_shared.cjs", () => {
       expect(result.markdown).toContain("fetch_config");
       // Should NOT contain the prefix in output
       expect(result.markdown).not.toContain("safeinputs-");
-      expect(result.markdown).not.toContain("safe_inputs-");
+      expect(result.markdown).not.toContain("mcp_scripts-");
     });
   });
 
diff --git a/actions/setup/js/safe-inputs-runner.cjs b/actions/setup/js/mcp-scripts-runner.cjs
similarity index 84%
rename from actions/setup/js/safe-inputs-runner.cjs
rename to actions/setup/js/mcp-scripts-runner.cjs
index 30c6ee0d4ca..c044b7a4ead 100644
--- a/actions/setup/js/safe-inputs-runner.cjs
+++ b/actions/setup/js/mcp-scripts-runner.cjs
@@ -3,7 +3,7 @@
 /**
  * Safe Inputs Script Runner
  *
- * Provides the main execution harness for generated safe-input JavaScript tools.
+ * Provides the main execution harness for generated mcp-script JavaScript tools.
  * Generated .cjs files export an `execute(inputs)` function and delegate to this
  * runner when invoked as a subprocess by the MCP handler.
  *
@@ -12,18 +12,18 @@
  *
  * Usage (generated scripts call this automatically):
  *   if (require.main === module) {
- *     require('./safe-inputs-runner.cjs')(execute);
+ *     require('./mcp-scripts-runner.cjs')(execute);
  *   }
  */
 
 /**
- * Run a safe-input execute function as a subprocess entry point.
+ * Run a mcp-script execute function as a subprocess entry point.
  * Reads JSON inputs from stdin, calls execute(inputs), and writes the JSON
  * result to stdout.  On error, writes to stderr and exits with code 1.
  *
  * @param {function(Object): Promise<any>} execute - The tool execute function
  */
-function runSafeInput(execute) {
+function runMCPScript(execute) {
   let inputJson = "";
   process.stdin.setEncoding("utf8");
   process.stdin.on("data", chunk => {
@@ -48,4 +48,4 @@ function runSafeInput(execute) {
   });
 }
 
-module.exports = runSafeInput;
+module.exports = runMCPScript;
diff --git a/actions/setup/js/safe-inputs-runner.test.cjs b/actions/setup/js/mcp-scripts-runner.test.cjs
similarity index 89%
rename from actions/setup/js/safe-inputs-runner.test.cjs
rename to actions/setup/js/mcp-scripts-runner.test.cjs
index c7d2dff9a30..18cb5520376 100644
--- a/actions/setup/js/safe-inputs-runner.test.cjs
+++ b/actions/setup/js/mcp-scripts-runner.test.cjs
@@ -1,12 +1,12 @@
 import { describe, it, expect, vi, afterEach } from "vitest";
 
-describe("safe-inputs-runner.cjs", () => {
+describe("mcp-scripts-runner.cjs", () => {
   afterEach(() => {
     vi.restoreAllMocks();
   });
 
   it("should call execute with parsed JSON inputs from stdin", async () => {
-    const runSafeInput = (await import("./safe-inputs-runner.cjs")).default;
+    const runMCPScript = (await import("./mcp-scripts-runner.cjs")).default;
 
     const inputJson = JSON.stringify({ query: "hello" });
     const chunks = [inputJson];
@@ -22,7 +22,7 @@ describe("safe-inputs-runner.cjs", () => {
     const stdoutSpy = vi.spyOn(process.stdout, "write").mockImplementation(() => true);
 
     const execute = vi.fn().mockResolvedValue({ result: "ok" });
-    runSafeInput(execute);
+    runMCPScript(execute);
 
     // Simulate data then end
     stdinHandlers["data"](chunks[chunkIdx++]);
@@ -33,7 +33,7 @@ describe("safe-inputs-runner.cjs", () => {
   });
 
   it("should call execute with empty object when stdin is empty", async () => {
-    const runSafeInput = (await import("./safe-inputs-runner.cjs")).default;
+    const runMCPScript = (await import("./mcp-scripts-runner.cjs")).default;
 
     const stdinHandlers = {};
     vi.spyOn(process.stdin, "setEncoding").mockImplementation(() => process.stdin);
@@ -45,7 +45,7 @@ describe("safe-inputs-runner.cjs", () => {
     const stdoutSpy = vi.spyOn(process.stdout, "write").mockImplementation(() => true);
 
     const execute = vi.fn().mockResolvedValue({ result: "empty" });
-    runSafeInput(execute);
+    runMCPScript(execute);
 
     await stdinHandlers["end"]();
 
@@ -54,7 +54,7 @@ describe("safe-inputs-runner.cjs", () => {
   });
 
   it("should write warning to stderr and continue when JSON parsing fails", async () => {
-    const runSafeInput = (await import("./safe-inputs-runner.cjs")).default;
+    const runMCPScript = (await import("./mcp-scripts-runner.cjs")).default;
 
     const stdinHandlers = {};
     vi.spyOn(process.stdin, "setEncoding").mockImplementation(() => process.stdin);
@@ -67,7 +67,7 @@ describe("safe-inputs-runner.cjs", () => {
     const stdoutSpy = vi.spyOn(process.stdout, "write").mockImplementation(() => true);
 
     const execute = vi.fn().mockResolvedValue({ result: "fallback" });
-    runSafeInput(execute);
+    runMCPScript(execute);
 
     stdinHandlers["data"]("not-valid-json");
     await stdinHandlers["end"]();
@@ -78,7 +78,7 @@ describe("safe-inputs-runner.cjs", () => {
   });
 
   it("should write error to stderr and exit(1) when execute throws", async () => {
-    const runSafeInput = (await import("./safe-inputs-runner.cjs")).default;
+    const runMCPScript = (await import("./mcp-scripts-runner.cjs")).default;
 
     const stdinHandlers = {};
     vi.spyOn(process.stdin, "setEncoding").mockImplementation(() => process.stdin);
@@ -93,7 +93,7 @@ describe("safe-inputs-runner.cjs", () => {
     });
 
     const execute = vi.fn().mockRejectedValue(new Error("tool failed"));
-    runSafeInput(execute);
+    runMCPScript(execute);
 
     await expect(stdinHandlers["end"]()).rejects.toThrow("process.exit called");
 
diff --git a/actions/setup/js/mcp_handler_go.cjs b/actions/setup/js/mcp_handler_go.cjs
index bc6a31147ff..a6952e53c9c 100644
--- a/actions/setup/js/mcp_handler_go.cjs
+++ b/actions/setup/js/mcp_handler_go.cjs
@@ -3,7 +3,7 @@
 /**
  * Go Script Handler for Safe-Inputs
  *
- * This module provides a handler for executing Go scripts in safe-inputs tools.
+ * This module provides a handler for executing Go scripts in mcp-scripts tools.
  * It uses `go run` to execute Go source files with inputs via JSON on stdin.
  */
 
diff --git a/actions/setup/js/mcp_handler_javascript.cjs b/actions/setup/js/mcp_handler_javascript.cjs
index 3a1e01338fb..6b9939055f3 100644
--- a/actions/setup/js/mcp_handler_javascript.cjs
+++ b/actions/setup/js/mcp_handler_javascript.cjs
@@ -3,7 +3,7 @@
 /**
  * JavaScript Handler for Safe-Inputs
  *
- * This module provides a handler for executing JavaScript (.cjs) files in safe-inputs tools.
+ * This module provides a handler for executing JavaScript (.cjs) files in mcp-scripts tools.
  * It executes JavaScript handlers in a separate Node.js process for isolation.
  */
 
diff --git a/actions/setup/js/mcp_handler_python.cjs b/actions/setup/js/mcp_handler_python.cjs
index cff24f14d29..788a0dd436f 100644
--- a/actions/setup/js/mcp_handler_python.cjs
+++ b/actions/setup/js/mcp_handler_python.cjs
@@ -3,7 +3,7 @@
 /**
  * Python Script Handler for Safe-Inputs
  *
- * This module provides a handler for executing Python scripts in safe-inputs tools.
+ * This module provides a handler for executing Python scripts in mcp-scripts tools.
  * It uses a Pythonic approach for passing inputs via JSON on stdin.
  */
 
diff --git a/actions/setup/js/mcp_handler_shell.cjs b/actions/setup/js/mcp_handler_shell.cjs
index 300fb768372..26b45ad6668 100644
--- a/actions/setup/js/mcp_handler_shell.cjs
+++ b/actions/setup/js/mcp_handler_shell.cjs
@@ -3,7 +3,7 @@
 /**
  * Shell Script Handler for Safe-Inputs
  *
- * This module provides a handler for executing shell scripts in safe-inputs tools.
+ * This module provides a handler for executing shell scripts in mcp-scripts tools.
  * It follows GitHub Actions conventions for passing inputs and reading outputs.
  */
 
diff --git a/actions/setup/js/safe_inputs_bootstrap.cjs b/actions/setup/js/mcp_scripts_bootstrap.cjs
similarity index 83%
rename from actions/setup/js/safe_inputs_bootstrap.cjs
rename to actions/setup/js/mcp_scripts_bootstrap.cjs
index e049701e415..ae4f3428a1d 100644
--- a/actions/setup/js/safe_inputs_bootstrap.cjs
+++ b/actions/setup/js/mcp_scripts_bootstrap.cjs
@@ -3,18 +3,18 @@
 /**
  * Safe Inputs Bootstrap Module
  *
- * This module provides shared bootstrap logic for safe-inputs MCP servers.
+ * This module provides shared bootstrap logic for mcp-scripts MCP servers.
  * It handles configuration loading, tool handler loading, and cleanup that is
  * common between stdio and HTTP transport implementations.
  *
  * Usage:
- *   const { bootstrapSafeInputsServer } = require("./safe_inputs_bootstrap.cjs");
- *   const { config, basePath, tools } = bootstrapSafeInputsServer(configPath, logger);
+ *   const { bootstrapMCPScriptsServer } = require("./mcp_scripts_bootstrap.cjs");
+ *   const { config, basePath, tools } = bootstrapMCPScriptsServer(configPath, logger);
  */
 
 const path = require("path");
 const fs = require("fs");
-const { loadConfig } = require("./safe_inputs_config_loader.cjs");
+const { loadConfig } = require("./mcp_scripts_config_loader.cjs");
 const { loadToolHandlers } = require("./mcp_server_core.cjs");
 
 /**
@@ -31,7 +31,7 @@ const { loadToolHandlers } = require("./mcp_server_core.cjs");
  */
 
 /**
- * Bootstrap a safe-inputs server by loading configuration and tool handlers.
+ * Bootstrap a mcp-scripts server by loading configuration and tool handlers.
  * This function performs the common initialization steps shared by both stdio
  * and HTTP transport implementations.
  *
@@ -39,9 +39,9 @@ const { loadToolHandlers } = require("./mcp_server_core.cjs");
  * @param {Logger} logger - Logger instance for debug messages
  * @returns {BootstrapResult} Configuration, base path, and loaded tools
  */
-function bootstrapSafeInputsServer(configPath, logger) {
+function bootstrapMCPScriptsServer(configPath, logger) {
   // Load configuration
-  logger.debug(`Loading safe-inputs configuration from: ${configPath}`);
+  logger.debug(`Loading mcp-scripts configuration from: ${configPath}`);
   const config = loadConfig(configPath);
 
   // Determine base path for resolving relative handler paths
@@ -77,6 +77,6 @@ function cleanupConfigFile(configPath, logger) {
 }
 
 module.exports = {
-  bootstrapSafeInputsServer,
+  bootstrapMCPScriptsServer,
   cleanupConfigFile,
 };
diff --git a/actions/setup/js/safe_inputs_bootstrap.test.cjs b/actions/setup/js/mcp_scripts_bootstrap.test.cjs
similarity index 84%
rename from actions/setup/js/safe_inputs_bootstrap.test.cjs
rename to actions/setup/js/mcp_scripts_bootstrap.test.cjs
index ea691c8f85d..40c2c982906 100644
--- a/actions/setup/js/safe_inputs_bootstrap.test.cjs
+++ b/actions/setup/js/mcp_scripts_bootstrap.test.cjs
@@ -3,13 +3,13 @@ import fs from "fs";
 import path from "path";
 import os from "os";
 
-describe("safe_inputs_bootstrap.cjs", () => {
+describe("mcp_scripts_bootstrap.cjs", () => {
   let tempDir;
 
   beforeEach(() => {
     vi.resetModules();
     // Create a temporary directory for test files
-    tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "safe-inputs-bootstrap-test-"));
+    tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "mcp-scripts-bootstrap-test-"));
   });
 
   afterEach(() => {
@@ -19,9 +19,9 @@ describe("safe_inputs_bootstrap.cjs", () => {
     }
   });
 
-  describe("bootstrapSafeInputsServer", () => {
+  describe("bootstrapMCPScriptsServer", () => {
     it("should load configuration and return bootstrap result", async () => {
-      const { bootstrapSafeInputsServer } = await import("./safe_inputs_bootstrap.cjs");
+      const { bootstrapMCPScriptsServer } = await import("./mcp_scripts_bootstrap.cjs");
 
       // Create a test configuration file
       const configPath = path.join(tempDir, "config.json");
@@ -44,7 +44,7 @@ describe("safe_inputs_bootstrap.cjs", () => {
         debugError: vi.fn(),
       };
 
-      const result = bootstrapSafeInputsServer(configPath, logger);
+      const result = bootstrapMCPScriptsServer(configPath, logger);
 
       expect(result.config.serverName).toBe("test-server");
       expect(result.config.version).toBe("1.0.0");
@@ -55,7 +55,7 @@ describe("safe_inputs_bootstrap.cjs", () => {
     });
 
     it("should load tools with handlers", async () => {
-      const { bootstrapSafeInputsServer } = await import("./safe_inputs_bootstrap.cjs");
+      const { bootstrapMCPScriptsServer } = await import("./mcp_scripts_bootstrap.cjs");
 
       // Create a test handler file
       const handlerPath = path.join(tempDir, "test_handler.cjs");
@@ -83,7 +83,7 @@ describe("safe_inputs_bootstrap.cjs", () => {
         debugError: vi.fn(),
       };
 
-      const result = bootstrapSafeInputsServer(configPath, logger);
+      const result = bootstrapMCPScriptsServer(configPath, logger);
 
       expect(result.tools).toHaveLength(1);
       expect(result.tools[0].name).toBe("test_tool");
@@ -91,20 +91,20 @@ describe("safe_inputs_bootstrap.cjs", () => {
     });
 
     it("should throw error for non-existent config file", async () => {
-      const { bootstrapSafeInputsServer } = await import("./safe_inputs_bootstrap.cjs");
+      const { bootstrapMCPScriptsServer } = await import("./mcp_scripts_bootstrap.cjs");
 
       const logger = {
         debug: vi.fn(),
         debugError: vi.fn(),
       };
 
-      expect(() => bootstrapSafeInputsServer("/non/existent/config.json", logger)).toThrow("Configuration file not found");
+      expect(() => bootstrapMCPScriptsServer("/non/existent/config.json", logger)).toThrow("Configuration file not found");
     });
   });
 
   describe("cleanupConfigFile", () => {
     it("should delete configuration file", async () => {
-      const { cleanupConfigFile } = await import("./safe_inputs_bootstrap.cjs");
+      const { cleanupConfigFile } = await import("./mcp_scripts_bootstrap.cjs");
 
       // Create a test configuration file
       const configPath = path.join(tempDir, "config.json");
@@ -125,7 +125,7 @@ describe("safe_inputs_bootstrap.cjs", () => {
     });
 
     it("should handle non-existent file gracefully", async () => {
-      const { cleanupConfigFile } = await import("./safe_inputs_bootstrap.cjs");
+      const { cleanupConfigFile } = await import("./mcp_scripts_bootstrap.cjs");
 
       const logger = {
         debug: vi.fn(),
@@ -139,7 +139,7 @@ describe("safe_inputs_bootstrap.cjs", () => {
     });
 
     it("should handle deletion errors gracefully", async () => {
-      const { cleanupConfigFile } = await import("./safe_inputs_bootstrap.cjs");
+      const { cleanupConfigFile } = await import("./mcp_scripts_bootstrap.cjs");
 
       // Create a test configuration file
       const configPath = path.join(tempDir, "config.json");
diff --git a/actions/setup/js/safe_inputs_config_loader.cjs b/actions/setup/js/mcp_scripts_config_loader.cjs
similarity index 76%
rename from actions/setup/js/safe_inputs_config_loader.cjs
rename to actions/setup/js/mcp_scripts_config_loader.cjs
index da494c49acd..2938a7ff89b 100644
--- a/actions/setup/js/safe_inputs_config_loader.cjs
+++ b/actions/setup/js/mcp_scripts_config_loader.cjs
@@ -3,7 +3,7 @@
 /**
  * Safe Inputs Configuration Loader
  *
- * This module provides utilities for loading and validating safe-inputs
+ * This module provides utilities for loading and validating mcp-scripts
  * configuration from JSON files.
  */
 
@@ -11,7 +11,7 @@ const fs = require("fs");
 const { ERR_SYSTEM, ERR_VALIDATION } = require("./error_codes.cjs");
 
 /**
- * @typedef {Object} SafeInputsToolConfig
+ * @typedef {Object} MCPScriptsToolConfig
  * @property {string} name - Tool name
  * @property {string} description - Tool description
  * @property {Object} inputSchema - JSON Schema for tool inputs
@@ -20,17 +20,17 @@ const { ERR_SYSTEM, ERR_VALIDATION } = require("./error_codes.cjs");
  */
 
 /**
- * @typedef {Object} SafeInputsConfig
- * @property {string} [serverName] - Server name (defaults to "safeinputs")
+ * @typedef {Object} MCPScriptsConfig
+ * @property {string} [serverName] - Server name (defaults to "mcpscripts")
  * @property {string} [version] - Server version (defaults to "1.0.0")
  * @property {string} [logDir] - Log directory path
- * @property {SafeInputsToolConfig[]} tools - Array of tool configurations
+ * @property {MCPScriptsToolConfig[]} tools - Array of tool configurations
  */
 
 /**
- * Load safe-inputs configuration from a JSON file
+ * Load mcp-scripts configuration from a JSON file
  * @param {string} configPath - Path to the configuration JSON file
- * @returns {SafeInputsConfig} The loaded configuration
+ * @returns {MCPScriptsConfig} The loaded configuration
  * @throws {Error} If the file doesn't exist or configuration is invalid
  */
 function loadConfig(configPath) {
diff --git a/actions/setup/js/safe_inputs_config_loader.test.cjs b/actions/setup/js/mcp_scripts_config_loader.test.cjs
similarity index 88%
rename from actions/setup/js/safe_inputs_config_loader.test.cjs
rename to actions/setup/js/mcp_scripts_config_loader.test.cjs
index 8741b949cce..191792b50d1 100644
--- a/actions/setup/js/safe_inputs_config_loader.test.cjs
+++ b/actions/setup/js/mcp_scripts_config_loader.test.cjs
@@ -3,7 +3,7 @@ import fs from "fs";
 import path from "path";
 import os from "os";
 
-describe("safe_inputs_config_loader.cjs", () => {
+describe("mcp_scripts_config_loader.cjs", () => {
   let tempDir;
 
   beforeEach(() => {
@@ -20,7 +20,7 @@ describe("safe_inputs_config_loader.cjs", () => {
 
   describe("loadConfig", () => {
     it("should load configuration from a valid JSON file", async () => {
-      const { loadConfig } = await import("./safe_inputs_config_loader.cjs");
+      const { loadConfig } = await import("./mcp_scripts_config_loader.cjs");
 
       // Create a test configuration file
       const configPath = path.join(tempDir, "config.json");
@@ -46,13 +46,13 @@ describe("safe_inputs_config_loader.cjs", () => {
     });
 
     it("should throw error for non-existent file", async () => {
-      const { loadConfig } = await import("./safe_inputs_config_loader.cjs");
+      const { loadConfig } = await import("./mcp_scripts_config_loader.cjs");
 
       expect(() => loadConfig("/non/existent/config.json")).toThrow("Configuration file not found");
     });
 
     it("should throw error for invalid JSON", async () => {
-      const { loadConfig } = await import("./safe_inputs_config_loader.cjs");
+      const { loadConfig } = await import("./mcp_scripts_config_loader.cjs");
 
       const configPath = path.join(tempDir, "invalid.json");
       fs.writeFileSync(configPath, "not valid json");
@@ -61,7 +61,7 @@ describe("safe_inputs_config_loader.cjs", () => {
     });
 
     it("should throw error for missing tools array", async () => {
-      const { loadConfig } = await import("./safe_inputs_config_loader.cjs");
+      const { loadConfig } = await import("./mcp_scripts_config_loader.cjs");
 
       const configPath = path.join(tempDir, "no-tools.json");
       fs.writeFileSync(configPath, JSON.stringify({ serverName: "test" }));
@@ -70,7 +70,7 @@ describe("safe_inputs_config_loader.cjs", () => {
     });
 
     it("should throw error for tools that is not an array", async () => {
-      const { loadConfig } = await import("./safe_inputs_config_loader.cjs");
+      const { loadConfig } = await import("./mcp_scripts_config_loader.cjs");
 
       const configPath = path.join(tempDir, "tools-not-array.json");
       fs.writeFileSync(configPath, JSON.stringify({ tools: "not an array" }));
@@ -79,7 +79,7 @@ describe("safe_inputs_config_loader.cjs", () => {
     });
 
     it("should load configuration with minimal required fields", async () => {
-      const { loadConfig } = await import("./safe_inputs_config_loader.cjs");
+      const { loadConfig } = await import("./mcp_scripts_config_loader.cjs");
 
       const configPath = path.join(tempDir, "minimal.json");
       const config = {
@@ -95,7 +95,7 @@ describe("safe_inputs_config_loader.cjs", () => {
     });
 
     it("should load configuration with multiple tools", async () => {
-      const { loadConfig } = await import("./safe_inputs_config_loader.cjs");
+      const { loadConfig } = await import("./mcp_scripts_config_loader.cjs");
 
       const configPath = path.join(tempDir, "multiple-tools.json");
       const config = {
diff --git a/actions/setup/js/safe_inputs_mcp_server.cjs b/actions/setup/js/mcp_scripts_mcp_server.cjs
similarity index 68%
rename from actions/setup/js/safe_inputs_mcp_server.cjs
rename to actions/setup/js/mcp_scripts_mcp_server.cjs
index a6c9f97801f..f40716d2d6d 100644
--- a/actions/setup/js/safe_inputs_mcp_server.cjs
+++ b/actions/setup/js/mcp_scripts_mcp_server.cjs
@@ -4,28 +4,28 @@
 /**
  * Safe Inputs MCP Server Module
  *
- * This module provides a reusable MCP server for safe-inputs configuration.
+ * This module provides a reusable MCP server for mcp-scripts configuration.
  * It uses the mcp_server_core module for JSON-RPC handling and tool registration.
  *
  * The server reads tool configuration from a JSON file and loads handlers from
  * JavaScript (.cjs), shell script (.sh), or Python script (.py) files.
  *
  * Usage:
- *   node safe_inputs_mcp_server.cjs /path/to/tools.json
+ *   node mcp_scripts_mcp_server.cjs /path/to/tools.json
  *
  * Or as a module:
- *   const { startSafeInputsServer } = require("./safe_inputs_mcp_server.cjs");
- *   startSafeInputsServer("/path/to/tools.json");
+ *   const { startMCPScriptsServer } = require("./mcp_scripts_mcp_server.cjs");
+ *   startMCPScriptsServer("/path/to/tools.json");
  */
 
 const { createServer, registerTool, start } = require("./mcp_server_core.cjs");
-const { loadConfig } = require("./safe_inputs_config_loader.cjs");
-const { createToolConfig } = require("./safe_inputs_tool_factory.cjs");
-const { bootstrapSafeInputsServer, cleanupConfigFile } = require("./safe_inputs_bootstrap.cjs");
+const { loadConfig } = require("./mcp_scripts_config_loader.cjs");
+const { createToolConfig } = require("./mcp_scripts_tool_factory.cjs");
+const { bootstrapMCPScriptsServer, cleanupConfigFile } = require("./mcp_scripts_bootstrap.cjs");
 const { getErrorMessage } = require("./error_helpers.cjs");
 
 /**
- * @typedef {Object} SafeInputsToolConfig
+ * @typedef {Object} MCPScriptsToolConfig
  * @property {string} name - Tool name
  * @property {string} description - Tool description
  * @property {Object} inputSchema - JSON Schema for tool inputs
@@ -33,30 +33,30 @@ const { getErrorMessage } = require("./error_helpers.cjs");
  */
 
 /**
- * @typedef {Object} SafeInputsConfig
- * @property {string} [serverName] - Server name (defaults to "safeinputs")
+ * @typedef {Object} MCPScriptsConfig
+ * @property {string} [serverName] - Server name (defaults to "mcpscripts")
  * @property {string} [version] - Server version (defaults to "1.0.0")
  * @property {string} [logDir] - Log directory path
- * @property {SafeInputsToolConfig[]} tools - Array of tool configurations
+ * @property {MCPScriptsToolConfig[]} tools - Array of tool configurations
  */
 
 /**
- * Start the safe-inputs MCP server with the given configuration
+ * Start the mcp-scripts MCP server with the given configuration
  * @param {string} configPath - Path to the configuration JSON file
  * @param {Object} [options] - Additional options
  * @param {string} [options.logDir] - Override log directory from config
  * @param {boolean} [options.skipCleanup] - Skip deletion of config file (useful for stdio mode with agent restarts)
  */
-function startSafeInputsServer(configPath, options = {}) {
+function startMCPScriptsServer(configPath, options = {}) {
   // Create server first to have logger available
   const logDir = options.logDir || undefined;
-  const server = createServer({ name: "safeinputs", version: "1.0.0" }, { logDir });
+  const server = createServer({ name: "mcpscripts", version: "1.0.0" }, { logDir });
 
   // Bootstrap: load configuration and tools using shared logic
-  const { config, tools } = bootstrapSafeInputsServer(configPath, server);
+  const { config, tools } = bootstrapMCPScriptsServer(configPath, server);
 
   // Update server info with actual config values
-  server.serverInfo.name = config.serverName || "safeinputs";
+  server.serverInfo.name = config.serverName || "mcpscripts";
   server.serverInfo.version = config.version || "1.0.0";
 
   // Use logDir from config if not overridden by options
@@ -83,7 +83,7 @@ if (require.main === module) {
   const args = process.argv.slice(2);
 
   if (args.length < 1) {
-    console.error("Usage: node safe_inputs_mcp_server.cjs <config.json> [--log-dir <path>]");
+    console.error("Usage: node mcp_scripts_mcp_server.cjs <config.json> [--log-dir <path>]");
     process.exit(1);
   }
 
@@ -99,15 +99,15 @@ if (require.main === module) {
   }
 
   try {
-    startSafeInputsServer(configPath, options);
+    startMCPScriptsServer(configPath, options);
   } catch (error) {
-    console.error(`Error starting safe-inputs server: ${getErrorMessage(error)}`);
+    console.error(`Error starting mcp-scripts server: ${getErrorMessage(error)}`);
     process.exit(1);
   }
 }
 
 module.exports = {
-  startSafeInputsServer,
+  startMCPScriptsServer,
   // Re-export helpers for convenience
   loadConfig,
   createToolConfig,
diff --git a/actions/setup/js/safe_inputs_mcp_server.test.cjs b/actions/setup/js/mcp_scripts_mcp_server.test.cjs
similarity index 89%
rename from actions/setup/js/safe_inputs_mcp_server.test.cjs
rename to actions/setup/js/mcp_scripts_mcp_server.test.cjs
index 953987b14b0..b9a6f178cd5 100644
--- a/actions/setup/js/safe_inputs_mcp_server.test.cjs
+++ b/actions/setup/js/mcp_scripts_mcp_server.test.cjs
@@ -3,7 +3,7 @@ import fs from "fs";
 import path from "path";
 import os from "os";
 
-describe("safe_inputs_mcp_server.cjs", () => {
+describe("mcp_scripts_mcp_server.cjs", () => {
   let tempDir;
 
   beforeEach(() => {
@@ -12,7 +12,7 @@ describe("safe_inputs_mcp_server.cjs", () => {
     vi.spyOn(process.stderr, "write").mockImplementation(() => true);
 
     // Create a temporary directory for test files
-    tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "safe-inputs-test-"));
+    tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "mcp-scripts-test-"));
   });
 
   afterEach(() => {
@@ -24,7 +24,7 @@ describe("safe_inputs_mcp_server.cjs", () => {
 
   describe("loadConfig", () => {
     it("should load configuration from a valid JSON file", async () => {
-      const { loadConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { loadConfig } = await import("./mcp_scripts_mcp_server.cjs");
 
       // Create a test configuration file
       const configPath = path.join(tempDir, "config.json");
@@ -50,13 +50,13 @@ describe("safe_inputs_mcp_server.cjs", () => {
     });
 
     it("should throw error for non-existent file", async () => {
-      const { loadConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { loadConfig } = await import("./mcp_scripts_mcp_server.cjs");
 
       expect(() => loadConfig("/non/existent/config.json")).toThrow("Configuration file not found");
     });
 
     it("should throw error for invalid JSON", async () => {
-      const { loadConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { loadConfig } = await import("./mcp_scripts_mcp_server.cjs");
 
       const configPath = path.join(tempDir, "invalid.json");
       fs.writeFileSync(configPath, "not valid json");
@@ -65,7 +65,7 @@ describe("safe_inputs_mcp_server.cjs", () => {
     });
 
     it("should throw error for missing tools array", async () => {
-      const { loadConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { loadConfig } = await import("./mcp_scripts_mcp_server.cjs");
 
       const configPath = path.join(tempDir, "no-tools.json");
       fs.writeFileSync(configPath, JSON.stringify({ serverName: "test" }));
@@ -74,7 +74,7 @@ describe("safe_inputs_mcp_server.cjs", () => {
     });
 
     it("should throw error for tools that is not an array", async () => {
-      const { loadConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { loadConfig } = await import("./mcp_scripts_mcp_server.cjs");
 
       const configPath = path.join(tempDir, "tools-not-array.json");
       fs.writeFileSync(configPath, JSON.stringify({ tools: "not an array" }));
@@ -85,7 +85,7 @@ describe("safe_inputs_mcp_server.cjs", () => {
 
   describe("createToolConfig", () => {
     it("should create a valid tool configuration", async () => {
-      const { createToolConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { createToolConfig } = await import("./mcp_scripts_mcp_server.cjs");
 
       const config = createToolConfig("my_tool", "My tool description", { type: "object", properties: { input: { type: "string" } } }, "my_tool.cjs");
 
@@ -96,7 +96,7 @@ describe("safe_inputs_mcp_server.cjs", () => {
     });
   });
 
-  describe("startSafeInputsServer integration", () => {
+  describe("startMCPScriptsServer integration", () => {
     it("should start server with JavaScript handler", async () => {
       // Create a handler file that reads from stdin and writes to stdout
       const handlerPath = path.join(tempDir, "test_handler.cjs");
@@ -114,7 +114,7 @@ process.stdin.on('end', () => {
       // Create config file
       const configPath = path.join(tempDir, "config.json");
       const config = {
-        serverName: "test-safe-inputs",
+        serverName: "test-mcp-scripts",
         version: "1.0.0",
         tools: [
           {
@@ -128,11 +128,11 @@ process.stdin.on('end', () => {
       fs.writeFileSync(configPath, JSON.stringify(config));
 
       // Import and load config
-      const { loadConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { loadConfig } = await import("./mcp_scripts_mcp_server.cjs");
       const { createServer, registerTool, loadToolHandlers, handleMessage } = await import("./mcp_server_core.cjs");
 
       const loadedConfig = loadConfig(configPath);
-      const server = createServer({ name: loadedConfig.serverName || "safeinputs", version: loadedConfig.version || "1.0.0" });
+      const server = createServer({ name: loadedConfig.serverName || "mcpscripts", version: loadedConfig.version || "1.0.0" });
 
       // Load handlers
       const tools = loadToolHandlers(server, loadedConfig.tools, tempDir);
@@ -186,11 +186,11 @@ echo "greeting=Hello from shell" >> "$GITHUB_OUTPUT"
       fs.writeFileSync(configPath, JSON.stringify(config));
 
       // Import and load config
-      const { loadConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { loadConfig } = await import("./mcp_scripts_mcp_server.cjs");
       const { createServer, registerTool, loadToolHandlers, handleMessage } = await import("./mcp_server_core.cjs");
 
       const loadedConfig = loadConfig(configPath);
-      const server = createServer({ name: "safeinputs", version: "1.0.0" });
+      const server = createServer({ name: "mcpscripts", version: "1.0.0" });
 
       // Load handlers
       const tools = loadToolHandlers(server, loadedConfig.tools, tempDir);
@@ -240,7 +240,7 @@ echo "greeting=Hello from shell" >> "$GITHUB_OUTPUT"
       };
       fs.writeFileSync(configPath, JSON.stringify(config));
 
-      const { loadConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { loadConfig } = await import("./mcp_scripts_mcp_server.cjs");
       const { createServer, registerTool, handleMessage } = await import("./mcp_server_core.cjs");
 
       const loadedConfig = loadConfig(configPath);
@@ -275,11 +275,11 @@ echo "greeting=Hello from shell" >> "$GITHUB_OUTPUT"
       const configPath = path.join(tempDir, "config.json");
       fs.writeFileSync(configPath, JSON.stringify({ tools: [{ name: "mock", description: "mock", inputSchema: {} }] }));
 
-      const { loadConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { loadConfig } = await import("./mcp_scripts_mcp_server.cjs");
       const { createServer, registerTool, handleMessage } = await import("./mcp_server_core.cjs");
 
       const loadedConfig = loadConfig(configPath);
-      const server = createServer({ name: "safeinputs", version: "1.0.0" });
+      const server = createServer({ name: "mcpscripts", version: "1.0.0" });
 
       for (const tool of loadedConfig.tools) {
         registerTool(server, tool);
@@ -298,7 +298,7 @@ echo "greeting=Hello from shell" >> "$GITHUB_OUTPUT"
       });
 
       expect(results).toHaveLength(1);
-      expect(results[0].result.serverInfo).toEqual({ name: "safeinputs", version: "1.0.0" });
+      expect(results[0].result.serverInfo).toEqual({ name: "mcpscripts", version: "1.0.0" });
       expect(results[0].result.protocolVersion).toBe("2024-11-05");
       expect(results[0].result.capabilities).toEqual({ tools: {} });
     });
@@ -312,11 +312,11 @@ echo "greeting=Hello from shell" >> "$GITHUB_OUTPUT"
         })
       );
 
-      const { loadConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { loadConfig } = await import("./mcp_scripts_mcp_server.cjs");
       const { createServer, registerTool, handleMessage } = await import("./mcp_server_core.cjs");
 
       const loadedConfig = loadConfig(configPath);
-      const serverName = loadedConfig.serverName || "safeinputs";
+      const serverName = loadedConfig.serverName || "mcpscripts";
       const version = loadedConfig.version || "1.0.0";
       const server = createServer({ name: serverName, version });
 
@@ -334,7 +334,7 @@ echo "greeting=Hello from shell" >> "$GITHUB_OUTPUT"
         params: {},
       });
 
-      expect(results[0].result.serverInfo.name).toBe("safeinputs");
+      expect(results[0].result.serverInfo.name).toBe("mcpscripts");
       expect(results[0].result.serverInfo.version).toBe("1.0.0");
     });
   });
@@ -344,11 +344,11 @@ echo "greeting=Hello from shell" >> "$GITHUB_OUTPUT"
       const configPath = path.join(tempDir, "config.json");
       fs.writeFileSync(configPath, JSON.stringify({ tools: [{ name: "known_tool", description: "test", inputSchema: {} }] }));
 
-      const { loadConfig } = await import("./safe_inputs_mcp_server.cjs");
+      const { loadConfig } = await import("./mcp_scripts_mcp_server.cjs");
       const { createServer, registerTool, handleMessage } = await import("./mcp_server_core.cjs");
 
       const loadedConfig = loadConfig(configPath);
-      const server = createServer({ name: "safeinputs", version: "1.0.0" });
+      const server = createServer({ name: "mcpscripts", version: "1.0.0" });
 
       for (const tool of loadedConfig.tools) {
         registerTool(server, tool);
@@ -375,7 +375,7 @@ echo "greeting=Hello from shell" >> "$GITHUB_OUTPUT"
     it("should write files, launch server, initialize, call echo tool and verify result", async () => {
       const { spawn } = await import("child_process");
 
-      // 1. Write the safe inputs files
+      // 1. Write the mcp-scripts files
 
       // Copy mcp_server_core.cjs
       const mcpServerCorePath = path.join(tempDir, "mcp_server_core.cjs");
@@ -387,24 +387,24 @@ echo "greeting=Hello from shell" >> "$GITHUB_OUTPUT"
       const readBufferContent = fs.readFileSync(path.join(__dirname, "read_buffer.cjs"), "utf-8");
       fs.writeFileSync(readBufferPath, readBufferContent);
 
-      // Copy safe_inputs_config_loader.cjs
-      const configLoaderPath = path.join(tempDir, "safe_inputs_config_loader.cjs");
-      const configLoaderContent = fs.readFileSync(path.join(__dirname, "safe_inputs_config_loader.cjs"), "utf-8");
+      // Copy mcp_scripts_config_loader.cjs
+      const configLoaderPath = path.join(tempDir, "mcp_scripts_config_loader.cjs");
+      const configLoaderContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_config_loader.cjs"), "utf-8");
       fs.writeFileSync(configLoaderPath, configLoaderContent);
 
-      // Copy safe_inputs_tool_factory.cjs
-      const toolFactoryPath = path.join(tempDir, "safe_inputs_tool_factory.cjs");
-      const toolFactoryContent = fs.readFileSync(path.join(__dirname, "safe_inputs_tool_factory.cjs"), "utf-8");
+      // Copy mcp_scripts_tool_factory.cjs
+      const toolFactoryPath = path.join(tempDir, "mcp_scripts_tool_factory.cjs");
+      const toolFactoryContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_tool_factory.cjs"), "utf-8");
       fs.writeFileSync(toolFactoryPath, toolFactoryContent);
 
-      // Copy safe_inputs_validation.cjs
-      const validationPath = path.join(tempDir, "safe_inputs_validation.cjs");
-      const validationContent = fs.readFileSync(path.join(__dirname, "safe_inputs_validation.cjs"), "utf-8");
+      // Copy mcp_scripts_validation.cjs
+      const validationPath = path.join(tempDir, "mcp_scripts_validation.cjs");
+      const validationContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_validation.cjs"), "utf-8");
       fs.writeFileSync(validationPath, validationContent);
 
-      // Copy safe_inputs_bootstrap.cjs
-      const bootstrapPath = path.join(tempDir, "safe_inputs_bootstrap.cjs");
-      const bootstrapContent = fs.readFileSync(path.join(__dirname, "safe_inputs_bootstrap.cjs"), "utf-8");
+      // Copy mcp_scripts_bootstrap.cjs
+      const bootstrapPath = path.join(tempDir, "mcp_scripts_bootstrap.cjs");
+      const bootstrapContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_bootstrap.cjs"), "utf-8");
       fs.writeFileSync(bootstrapPath, bootstrapContent);
 
       // Copy mcp_handler_python.cjs
@@ -417,9 +417,9 @@ echo "greeting=Hello from shell" >> "$GITHUB_OUTPUT"
       const shellHandlerContent = fs.readFileSync(path.join(__dirname, "mcp_handler_shell.cjs"), "utf-8");
       fs.writeFileSync(shellHandlerPath, shellHandlerContent);
 
-      // Copy safe_inputs_mcp_server.cjs
-      const safeinputsServerPath = path.join(tempDir, "safe_inputs_mcp_server.cjs");
-      const safeinputsServerContent = fs.readFileSync(path.join(__dirname, "safe_inputs_mcp_server.cjs"), "utf-8");
+      // Copy mcp_scripts_mcp_server.cjs
+      const safeinputsServerPath = path.join(tempDir, "mcp_scripts_mcp_server.cjs");
+      const safeinputsServerContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_mcp_server.cjs"), "utf-8");
       fs.writeFileSync(safeinputsServerPath, safeinputsServerContent);
 
       // Create an echo tool handler that reads from stdin and writes to stdout
@@ -580,20 +580,20 @@ process.stdin.on('end', () => {
       const readBufferContent = fs.readFileSync(path.join(__dirname, "read_buffer.cjs"), "utf-8");
       fs.writeFileSync(readBufferPath, readBufferContent);
 
-      const configLoaderPath = path.join(tempDir, "safe_inputs_config_loader.cjs");
-      const configLoaderContent = fs.readFileSync(path.join(__dirname, "safe_inputs_config_loader.cjs"), "utf-8");
+      const configLoaderPath = path.join(tempDir, "mcp_scripts_config_loader.cjs");
+      const configLoaderContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_config_loader.cjs"), "utf-8");
       fs.writeFileSync(configLoaderPath, configLoaderContent);
 
-      const toolFactoryPath = path.join(tempDir, "safe_inputs_tool_factory.cjs");
-      const toolFactoryContent = fs.readFileSync(path.join(__dirname, "safe_inputs_tool_factory.cjs"), "utf-8");
+      const toolFactoryPath = path.join(tempDir, "mcp_scripts_tool_factory.cjs");
+      const toolFactoryContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_tool_factory.cjs"), "utf-8");
       fs.writeFileSync(toolFactoryPath, toolFactoryContent);
 
-      const validationPath = path.join(tempDir, "safe_inputs_validation.cjs");
-      const validationContent = fs.readFileSync(path.join(__dirname, "safe_inputs_validation.cjs"), "utf-8");
+      const validationPath = path.join(tempDir, "mcp_scripts_validation.cjs");
+      const validationContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_validation.cjs"), "utf-8");
       fs.writeFileSync(validationPath, validationContent);
 
-      const bootstrapPath = path.join(tempDir, "safe_inputs_bootstrap.cjs");
-      const bootstrapContent = fs.readFileSync(path.join(__dirname, "safe_inputs_bootstrap.cjs"), "utf-8");
+      const bootstrapPath = path.join(tempDir, "mcp_scripts_bootstrap.cjs");
+      const bootstrapContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_bootstrap.cjs"), "utf-8");
       fs.writeFileSync(bootstrapPath, bootstrapContent);
 
       const pythonHandlerPath = path.join(tempDir, "mcp_handler_python.cjs");
@@ -604,8 +604,8 @@ process.stdin.on('end', () => {
       const shellHandlerContent = fs.readFileSync(path.join(__dirname, "mcp_handler_shell.cjs"), "utf-8");
       fs.writeFileSync(shellHandlerPath, shellHandlerContent);
 
-      const safeinputsServerPath = path.join(tempDir, "safe_inputs_mcp_server.cjs");
-      const safeinputsServerContent = fs.readFileSync(path.join(__dirname, "safe_inputs_mcp_server.cjs"), "utf-8");
+      const safeinputsServerPath = path.join(tempDir, "mcp_scripts_mcp_server.cjs");
+      const safeinputsServerContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_mcp_server.cjs"), "utf-8");
       fs.writeFileSync(safeinputsServerPath, safeinputsServerContent);
 
       // Create tools.json with multiple tools (no handlers needed for list)
@@ -714,20 +714,20 @@ process.stdin.on('end', () => {
       const readBufferContent = fs.readFileSync(path.join(__dirname, "read_buffer.cjs"), "utf-8");
       fs.writeFileSync(readBufferPath, readBufferContent);
 
-      const configLoaderPath = path.join(tempDir, "safe_inputs_config_loader.cjs");
-      const configLoaderContent = fs.readFileSync(path.join(__dirname, "safe_inputs_config_loader.cjs"), "utf-8");
+      const configLoaderPath = path.join(tempDir, "mcp_scripts_config_loader.cjs");
+      const configLoaderContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_config_loader.cjs"), "utf-8");
       fs.writeFileSync(configLoaderPath, configLoaderContent);
 
-      const toolFactoryPath = path.join(tempDir, "safe_inputs_tool_factory.cjs");
-      const toolFactoryContent = fs.readFileSync(path.join(__dirname, "safe_inputs_tool_factory.cjs"), "utf-8");
+      const toolFactoryPath = path.join(tempDir, "mcp_scripts_tool_factory.cjs");
+      const toolFactoryContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_tool_factory.cjs"), "utf-8");
       fs.writeFileSync(toolFactoryPath, toolFactoryContent);
 
-      const validationPath = path.join(tempDir, "safe_inputs_validation.cjs");
-      const validationContent = fs.readFileSync(path.join(__dirname, "safe_inputs_validation.cjs"), "utf-8");
+      const validationPath = path.join(tempDir, "mcp_scripts_validation.cjs");
+      const validationContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_validation.cjs"), "utf-8");
       fs.writeFileSync(validationPath, validationContent);
 
-      const bootstrapPath = path.join(tempDir, "safe_inputs_bootstrap.cjs");
-      const bootstrapContent = fs.readFileSync(path.join(__dirname, "safe_inputs_bootstrap.cjs"), "utf-8");
+      const bootstrapPath = path.join(tempDir, "mcp_scripts_bootstrap.cjs");
+      const bootstrapContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_bootstrap.cjs"), "utf-8");
       fs.writeFileSync(bootstrapPath, bootstrapContent);
 
       const pythonHandlerPath = path.join(tempDir, "mcp_handler_python.cjs");
@@ -738,8 +738,8 @@ process.stdin.on('end', () => {
       const shellHandlerContent = fs.readFileSync(path.join(__dirname, "mcp_handler_shell.cjs"), "utf-8");
       fs.writeFileSync(shellHandlerPath, shellHandlerContent);
 
-      const safeinputsServerPath = path.join(tempDir, "safe_inputs_mcp_server.cjs");
-      const safeinputsServerContent = fs.readFileSync(path.join(__dirname, "safe_inputs_mcp_server.cjs"), "utf-8");
+      const safeinputsServerPath = path.join(tempDir, "mcp_scripts_mcp_server.cjs");
+      const safeinputsServerContent = fs.readFileSync(path.join(__dirname, "mcp_scripts_mcp_server.cjs"), "utf-8");
       fs.writeFileSync(safeinputsServerPath, safeinputsServerContent);
 
       // Create a shell script echo handler
diff --git a/actions/setup/js/safe_inputs_mcp_server_http.cjs b/actions/setup/js/mcp_scripts_mcp_server_http.cjs
similarity index 93%
rename from actions/setup/js/safe_inputs_mcp_server_http.cjs
rename to actions/setup/js/mcp_scripts_mcp_server_http.cjs
index b703bdcd0d7..1389dccbb7d 100644
--- a/actions/setup/js/safe_inputs_mcp_server_http.cjs
+++ b/actions/setup/js/mcp_scripts_mcp_server_http.cjs
@@ -4,13 +4,13 @@
 /**
  * Safe Inputs MCP Server with HTTP Transport
  *
- * This module extends the safe-inputs MCP server to support HTTP transport
+ * This module extends the mcp-scripts MCP server to support HTTP transport
  * using the StreamableHTTPServerTransport from the MCP SDK.
  *
  * It provides both stateful and stateless HTTP modes, as well as SSE streaming.
  *
  * Usage:
- *   node safe_inputs_mcp_server_http.cjs /path/to/tools.json [--port 3000] [--stateless]
+ *   node mcp_scripts_mcp_server_http.cjs /path/to/tools.json [--port 3000] [--stateless]
  *
  * Options:
  *   --port <number>    Port to listen on (default: 3000)
@@ -25,10 +25,10 @@ require("./shim.cjs");
 const http = require("http");
 const { randomUUID } = require("crypto");
 const { MCPServer, MCPHTTPTransport } = require("./mcp_http_transport.cjs");
-const { validateRequiredFields } = require("./safe_inputs_validation.cjs");
+const { validateRequiredFields } = require("./mcp_scripts_validation.cjs");
 const { generateEnhancedErrorMessage } = require("./mcp_enhanced_errors.cjs");
 const { createLogger } = require("./mcp_logger.cjs");
-const { bootstrapSafeInputsServer, cleanupConfigFile } = require("./safe_inputs_bootstrap.cjs");
+const { bootstrapMCPScriptsServer, cleanupConfigFile } = require("./mcp_scripts_bootstrap.cjs");
 const { getErrorMessage } = require("./error_helpers.cjs");
 const { ERR_VALIDATION } = require("./error_codes.cjs");
 
@@ -41,16 +41,16 @@ const { ERR_VALIDATION } = require("./error_codes.cjs");
  */
 function createMCPServer(configPath, options = {}) {
   // Create logger early
-  const logger = createLogger("safeinputs");
+  const logger = createLogger("mcpscripts");
 
   logger.debug(`=== Creating MCP Server ===`);
   logger.debug(`Configuration file: ${configPath}`);
 
   // Bootstrap: load configuration and tools using shared logic
-  const { config, tools } = bootstrapSafeInputsServer(configPath, logger);
+  const { config, tools } = bootstrapMCPScriptsServer(configPath, logger);
 
   // Create server with configuration
-  const serverName = config.serverName || "safeinputs";
+  const serverName = config.serverName || "mcpscripts";
   const version = config.version || "1.0.0";
 
   logger.debug(`Server name: ${serverName}`);
@@ -127,7 +127,7 @@ async function startHttpServer(configPath, options = {}) {
   const port = options.port || 3000;
   const stateless = options.stateless || false;
 
-  const logger = createLogger("safe-inputs-startup");
+  const logger = createLogger("mcp-scripts-startup");
 
   logger.debug(`=== Starting Safe Inputs MCP HTTP Server ===`);
   logger.debug(`Configuration file: ${configPath}`);
@@ -143,7 +143,7 @@ async function startHttpServer(configPath, options = {}) {
     Object.assign(logger, mcpLogger);
 
     logger.debug(`MCP server created successfully`);
-    logger.debug(`Server name: ${config.serverName || "safeinputs"}`);
+    logger.debug(`Server name: ${config.serverName || "mcpscripts"}`);
     logger.debug(`Server version: ${config.version || "1.0.0"}`);
     logger.debug(`Tools configured: ${config.tools.length}`);
 
@@ -182,7 +182,7 @@ async function startHttpServer(configPath, options = {}) {
         res.end(
           JSON.stringify({
             status: "ok",
-            server: config.serverName || "safeinputs",
+            server: config.serverName || "mcpscripts",
             version: config.version || "1.0.0",
             tools: config.tools.length,
           })
@@ -252,7 +252,7 @@ async function startHttpServer(configPath, options = {}) {
       logger.debug(`=== Safe Inputs MCP HTTP Server Started Successfully ===`);
       logger.debug(`HTTP server listening on http://localhost:${port}`);
       logger.debug(`MCP endpoint: POST http://localhost:${port}/`);
-      logger.debug(`Server name: ${config.serverName || "safeinputs"}`);
+      logger.debug(`Server name: ${config.serverName || "mcpscripts"}`);
       logger.debug(`Server version: ${config.version || "1.0.0"}`);
       logger.debug(`Tools available: ${config.tools.length}`);
       logger.debug(`Server is ready to accept requests`);
@@ -292,7 +292,7 @@ async function startHttpServer(configPath, options = {}) {
     return httpServer;
   } catch (error) {
     // Log detailed error information for startup failures
-    const errorLogger = createLogger("safe-inputs-startup-error");
+    const errorLogger = createLogger("mcp-scripts-startup-error");
     errorLogger.debug(`=== FATAL ERROR: Failed to start Safe Inputs MCP HTTP Server ===`);
     if (error && typeof error === "object") {
       if ("constructor" in error && error.constructor) {
@@ -321,7 +321,7 @@ if (require.main === module) {
   const args = process.argv.slice(2);
 
   if (args.length < 1) {
-    console.error("Usage: node safe_inputs_mcp_server_http.cjs <config.json> [--port <number>] [--stateless] [--log-dir <path>]");
+    console.error("Usage: node mcp_scripts_mcp_server_http.cjs <config.json> [--port <number>] [--stateless] [--log-dir <path>]");
     process.exit(1);
   }
 
diff --git a/actions/setup/js/safe_inputs_mcp_server_http.test.cjs b/actions/setup/js/mcp_scripts_mcp_server_http.test.cjs
similarity index 98%
rename from actions/setup/js/safe_inputs_mcp_server_http.test.cjs
rename to actions/setup/js/mcp_scripts_mcp_server_http.test.cjs
index d78490b2478..c984c134cd0 100644
--- a/actions/setup/js/safe_inputs_mcp_server_http.test.cjs
+++ b/actions/setup/js/mcp_scripts_mcp_server_http.test.cjs
@@ -4,7 +4,7 @@ import { spawn } from "child_process";
 import fs from "fs";
 import path from "path";
 import os from "os";
-describe("safe_inputs_mcp_server_http.cjs integration", () => {
+describe("mcp_scripts_mcp_server_http.cjs integration", () => {
   const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "http-mcp-test-"));
   let serverProcess = null,
     sessionId = null;
@@ -45,7 +45,7 @@ describe("safe_inputs_mcp_server_http.cjs integration", () => {
       })
     ),
     it("should start HTTP MCP server successfully", { timeout: 15e3 }, async () => {
-      serverProcess = spawn("node", ["safe_inputs_mcp_server_http.cjs", configPath, "--port", (4100).toString()], { cwd: process.cwd(), stdio: ["pipe", "pipe", "pipe"] });
+      serverProcess = spawn("node", ["mcp_scripts_mcp_server_http.cjs", configPath, "--port", (4100).toString()], { cwd: process.cwd(), stdio: ["pipe", "pipe", "pipe"] });
       let serverOutput = "";
       (serverProcess.stderr.on("data", chunk => {
         serverOutput += chunk.toString();
diff --git a/actions/setup/js/safe_inputs_tool_factory.cjs b/actions/setup/js/mcp_scripts_tool_factory.cjs
similarity index 89%
rename from actions/setup/js/safe_inputs_tool_factory.cjs
rename to actions/setup/js/mcp_scripts_tool_factory.cjs
index 19cfb119265..28a0ce89c4b 100644
--- a/actions/setup/js/safe_inputs_tool_factory.cjs
+++ b/actions/setup/js/mcp_scripts_tool_factory.cjs
@@ -8,7 +8,7 @@
  */
 
 /**
- * @typedef {Object} SafeInputsToolConfig
+ * @typedef {Object} MCPScriptsToolConfig
  * @property {string} name - Tool name
  * @property {string} description - Tool description
  * @property {Object} inputSchema - JSON Schema for tool inputs
@@ -21,7 +21,7 @@
  * @param {string} description - Tool description
  * @param {Object} inputSchema - JSON Schema for tool inputs
  * @param {string} handlerPath - Path to the handler file (.cjs, .sh, or .py)
- * @returns {SafeInputsToolConfig} Tool configuration object
+ * @returns {MCPScriptsToolConfig} Tool configuration object
  */
 function createToolConfig(name, description, inputSchema, handlerPath) {
   return {
diff --git a/actions/setup/js/safe_inputs_tool_factory.test.cjs b/actions/setup/js/mcp_scripts_tool_factory.test.cjs
similarity index 87%
rename from actions/setup/js/safe_inputs_tool_factory.test.cjs
rename to actions/setup/js/mcp_scripts_tool_factory.test.cjs
index dcbcd60204a..844faf85836 100644
--- a/actions/setup/js/safe_inputs_tool_factory.test.cjs
+++ b/actions/setup/js/mcp_scripts_tool_factory.test.cjs
@@ -1,9 +1,9 @@
 import { describe, it, expect } from "vitest";
 
-describe("safe_inputs_tool_factory.cjs", () => {
+describe("mcp_scripts_tool_factory.cjs", () => {
   describe("createToolConfig", () => {
     it("should create a tool configuration with all parameters", async () => {
-      const { createToolConfig } = await import("./safe_inputs_tool_factory.cjs");
+      const { createToolConfig } = await import("./mcp_scripts_tool_factory.cjs");
 
       const config = createToolConfig("my_tool", "My tool description", { type: "object", properties: { input: { type: "string" } } }, "my_tool.cjs");
 
@@ -14,7 +14,7 @@ describe("safe_inputs_tool_factory.cjs", () => {
     });
 
     it("should create configuration with minimal parameters", async () => {
-      const { createToolConfig } = await import("./safe_inputs_tool_factory.cjs");
+      const { createToolConfig } = await import("./mcp_scripts_tool_factory.cjs");
 
       const config = createToolConfig("tool", "desc", {}, "handler.sh");
 
@@ -25,7 +25,7 @@ describe("safe_inputs_tool_factory.cjs", () => {
     });
 
     it("should handle complex input schemas", async () => {
-      const { createToolConfig } = await import("./safe_inputs_tool_factory.cjs");
+      const { createToolConfig } = await import("./mcp_scripts_tool_factory.cjs");
 
       const complexSchema = {
         type: "object",
@@ -48,7 +48,7 @@ describe("safe_inputs_tool_factory.cjs", () => {
     });
 
     it("should handle handler paths with different extensions", async () => {
-      const { createToolConfig } = await import("./safe_inputs_tool_factory.cjs");
+      const { createToolConfig } = await import("./mcp_scripts_tool_factory.cjs");
 
       const jsConfig = createToolConfig("t1", "JS Tool", {}, "tools/handler.cjs");
       const shellConfig = createToolConfig("t2", "Shell Tool", {}, "../scripts/handler.sh");
@@ -60,7 +60,7 @@ describe("safe_inputs_tool_factory.cjs", () => {
     });
 
     it("should create configurations with consistent structure", async () => {
-      const { createToolConfig } = await import("./safe_inputs_tool_factory.cjs");
+      const { createToolConfig } = await import("./mcp_scripts_tool_factory.cjs");
 
       const config = createToolConfig("test", "Test tool", {}, "test.cjs");
 
diff --git a/actions/setup/js/safe_inputs_validation.cjs b/actions/setup/js/mcp_scripts_validation.cjs
similarity index 92%
rename from actions/setup/js/safe_inputs_validation.cjs
rename to actions/setup/js/mcp_scripts_validation.cjs
index 4c64f6a4b12..724c727ecee 100644
--- a/actions/setup/js/safe_inputs_validation.cjs
+++ b/actions/setup/js/mcp_scripts_validation.cjs
@@ -3,7 +3,7 @@
 /**
  * Safe Inputs Validation Helpers
  *
- * This module provides validation utilities for safe-inputs MCP server.
+ * This module provides validation utilities for mcp-scripts MCP server.
  */
 
 /**
diff --git a/actions/setup/js/safe_inputs_validation.test.cjs b/actions/setup/js/mcp_scripts_validation.test.cjs
similarity index 79%
rename from actions/setup/js/safe_inputs_validation.test.cjs
rename to actions/setup/js/mcp_scripts_validation.test.cjs
index 21c2697ddbb..0b31df57911 100644
--- a/actions/setup/js/safe_inputs_validation.test.cjs
+++ b/actions/setup/js/mcp_scripts_validation.test.cjs
@@ -1,9 +1,9 @@
 import { describe, it, expect } from "vitest";
 
-describe("safe_inputs_validation.cjs", () => {
+describe("mcp_scripts_validation.cjs", () => {
   describe("validateRequiredFields", () => {
     it("should return empty array when no required fields", async () => {
-      const { validateRequiredFields } = await import("./safe_inputs_validation.cjs");
+      const { validateRequiredFields } = await import("./mcp_scripts_validation.cjs");
 
       const args = { foo: "bar" };
       const schema = { type: "object", properties: { foo: { type: "string" } } };
@@ -14,7 +14,7 @@ describe("safe_inputs_validation.cjs", () => {
     });
 
     it("should return empty array when all required fields are present", async () => {
-      const { validateRequiredFields } = await import("./safe_inputs_validation.cjs");
+      const { validateRequiredFields } = await import("./mcp_scripts_validation.cjs");
 
       const args = { name: "test", age: 25 };
       const schema = {
@@ -29,7 +29,7 @@ describe("safe_inputs_validation.cjs", () => {
     });
 
     it("should return missing field names when fields are undefined", async () => {
-      const { validateRequiredFields } = await import("./safe_inputs_validation.cjs");
+      const { validateRequiredFields } = await import("./mcp_scripts_validation.cjs");
 
       const args = { name: "test" };
       const schema = {
@@ -44,7 +44,7 @@ describe("safe_inputs_validation.cjs", () => {
     });
 
     it("should return missing field names when fields are null", async () => {
-      const { validateRequiredFields } = await import("./safe_inputs_validation.cjs");
+      const { validateRequiredFields } = await import("./mcp_scripts_validation.cjs");
 
       const args = { name: "test", age: null };
       const schema = {
@@ -59,7 +59,7 @@ describe("safe_inputs_validation.cjs", () => {
     });
 
     it("should return missing field names when string fields are empty", async () => {
-      const { validateRequiredFields } = await import("./safe_inputs_validation.cjs");
+      const { validateRequiredFields } = await import("./mcp_scripts_validation.cjs");
 
       const args = { name: "", age: 25 };
       const schema = {
@@ -74,7 +74,7 @@ describe("safe_inputs_validation.cjs", () => {
     });
 
     it("should return missing field names when string fields are whitespace only", async () => {
-      const { validateRequiredFields } = await import("./safe_inputs_validation.cjs");
+      const { validateRequiredFields } = await import("./mcp_scripts_validation.cjs");
 
       const args = { name: "   ", age: 25 };
       const schema = {
@@ -89,7 +89,7 @@ describe("safe_inputs_validation.cjs", () => {
     });
 
     it("should return multiple missing field names", async () => {
-      const { validateRequiredFields } = await import("./safe_inputs_validation.cjs");
+      const { validateRequiredFields } = await import("./mcp_scripts_validation.cjs");
 
       const args = {};
       const schema = {
@@ -104,7 +104,7 @@ describe("safe_inputs_validation.cjs", () => {
     });
 
     it("should handle schema without required array", async () => {
-      const { validateRequiredFields } = await import("./safe_inputs_validation.cjs");
+      const { validateRequiredFields } = await import("./mcp_scripts_validation.cjs");
 
       const args = { name: "test" };
       const schema = {
@@ -118,7 +118,7 @@ describe("safe_inputs_validation.cjs", () => {
     });
 
     it("should handle null schema", async () => {
-      const { validateRequiredFields } = await import("./safe_inputs_validation.cjs");
+      const { validateRequiredFields } = await import("./mcp_scripts_validation.cjs");
 
       const args = { name: "test" };
       const missing = validateRequiredFields(args, null);
@@ -127,7 +127,7 @@ describe("safe_inputs_validation.cjs", () => {
     });
 
     it("should handle undefined schema", async () => {
-      const { validateRequiredFields } = await import("./safe_inputs_validation.cjs");
+      const { validateRequiredFields } = await import("./mcp_scripts_validation.cjs");
 
       const args = { name: "test" };
       const missing = validateRequiredFields(args, undefined);
diff --git a/actions/setup/js/mcp_server_core.cjs b/actions/setup/js/mcp_server_core.cjs
index 912ccbf55be..5df8f625e17 100644
--- a/actions/setup/js/mcp_server_core.cjs
+++ b/actions/setup/js/mcp_server_core.cjs
@@ -31,7 +31,7 @@ const fs = require("fs");
 const path = require("path");
 
 const { ReadBuffer } = require("./read_buffer.cjs");
-const { validateRequiredFields } = require("./safe_inputs_validation.cjs");
+const { validateRequiredFields } = require("./mcp_scripts_validation.cjs");
 const { getErrorMessage } = require("./error_helpers.cjs");
 const { generateEnhancedErrorMessage } = require("./mcp_enhanced_errors.cjs");
 
diff --git a/actions/setup/js/parse_safe_inputs_logs.cjs b/actions/setup/js/parse_mcp_scripts_logs.cjs
similarity index 87%
rename from actions/setup/js/parse_safe_inputs_logs.cjs
rename to actions/setup/js/parse_mcp_scripts_logs.cjs
index 21387f80dae..e5b6929c3d5 100644
--- a/actions/setup/js/parse_safe_inputs_logs.cjs
+++ b/actions/setup/js/parse_mcp_scripts_logs.cjs
@@ -7,45 +7,45 @@ const { getErrorMessage } = require("./error_helpers.cjs");
 const { ERR_PARSE } = require("./error_codes.cjs");
 
 /**
- * Parses safe-inputs MCP server logs and creates a step summary
+ * Parses mcp-scripts MCP server logs and creates a step summary
  * Log format: [timestamp] [server-name] message
  */
 
 /**
- * Main function to parse and display safe-inputs logs
+ * Main function to parse and display mcp-scripts logs
  */
 async function main() {
   try {
-    // Get the safe-inputs logs directory path
-    const safeInputsLogsDir = `/tmp/gh-aw/safe-inputs/logs/`;
+    // Get the mcp-scripts logs directory path
+    const mcpScriptsLogsDir = `/tmp/gh-aw/mcp-scripts/logs/`;
 
-    if (!fs.existsSync(safeInputsLogsDir)) {
-      core.info(`No safe-inputs logs directory found at: ${safeInputsLogsDir}`);
+    if (!fs.existsSync(mcpScriptsLogsDir)) {
+      core.info(`No mcp-scripts logs directory found at: ${mcpScriptsLogsDir}`);
       return;
     }
 
     // Find all log files
-    const files = fs.readdirSync(safeInputsLogsDir).filter(file => file.endsWith(".log"));
+    const files = fs.readdirSync(mcpScriptsLogsDir).filter(file => file.endsWith(".log"));
 
     if (files.length === 0) {
-      core.info(`No safe-inputs log files found in: ${safeInputsLogsDir}`);
+      core.info(`No mcp-scripts log files found in: ${mcpScriptsLogsDir}`);
       return;
     }
 
-    core.info(`Found ${files.length} safe-inputs log file(s)`);
+    core.info(`Found ${files.length} mcp-scripts log file(s)`);
 
     // Parse all log files and aggregate results
     const allLogEntries = [];
 
     for (const file of files) {
-      const filePath = path.join(safeInputsLogsDir, file);
-      core.info(`Parsing safe-inputs log: ${file}`);
+      const filePath = path.join(mcpScriptsLogsDir, file);
+      core.info(`Parsing mcp-scripts log: ${file}`);
 
       const content = fs.readFileSync(filePath, "utf8");
       const lines = content.split("\n").filter(line => line.trim());
 
       for (const line of lines) {
-        const entry = parseSafeInputsLogLine(line);
+        const entry = parseMCPScriptsLogLine(line);
         if (entry) {
           allLogEntries.push(entry);
         }
@@ -53,7 +53,7 @@ async function main() {
     }
 
     if (allLogEntries.length === 0) {
-      core.info("No parseable log entries found in safe-inputs logs");
+      core.info("No parseable log entries found in mcp-scripts logs");
       return;
     }
 
@@ -62,7 +62,7 @@ async function main() {
     core.info(plainTextSummary);
 
     // Generate step summary
-    const summary = generateSafeInputsSummary(allLogEntries);
+    const summary = generateMCPScriptsSummary(allLogEntries);
     core.summary.addRaw(summary).write();
   } catch (error) {
     core.setFailed(`${ERR_PARSE}: ${getErrorMessage(error)}`);
@@ -70,12 +70,12 @@ async function main() {
 }
 
 /**
- * Parses a single safe-inputs log line
+ * Parses a single mcp-scripts log line
  * Expected format: [timestamp] [server-name] message
  * @param {string} line - Log line to parse
  * @returns {Object|null} Parsed log entry or null if invalid
  */
-function parseSafeInputsLogLine(line) {
+function parseMCPScriptsLogLine(line) {
   // Match format: [timestamp] [server-name] message
   const match = line.match(/^\[([^\]]+)\]\s+\[([^\]]+)\]\s+(.+)$/);
 
@@ -129,7 +129,7 @@ function generatePlainTextSummary(logEntries) {
     const msg = entry.message.toLowerCase();
 
     // Categorize log entries
-    if (msg.includes("starting safe inputs") || msg.includes("server started")) {
+    if (msg.includes("starting mcp-scripts") || msg.includes("server started")) {
       eventCounts.startup++;
     } else if (msg.includes("registering tool") || msg.includes("tool registration")) {
       eventCounts.toolRegistration++;
@@ -210,11 +210,11 @@ function generatePlainTextSummary(logEntries) {
 }
 
 /**
- * Generates a markdown summary of safe-inputs logs
+ * Generates a markdown summary of mcp-scripts logs
  * @param {Array<Object>} logEntries - Parsed log entries
  * @returns {string} Markdown summary
  */
-function generateSafeInputsSummary(logEntries) {
+function generateMCPScriptsSummary(logEntries) {
   const summary = [];
 
   // Count events by type
@@ -233,7 +233,7 @@ function generateSafeInputsSummary(logEntries) {
     const msg = entry.message.toLowerCase();
 
     // Categorize log entries
-    if (msg.includes("starting safe inputs") || msg.includes("server started")) {
+    if (msg.includes("starting mcp-scripts") || msg.includes("server started")) {
       eventCounts.startup++;
     } else if (msg.includes("registering tool") || msg.includes("tool registration")) {
       eventCounts.toolRegistration++;
@@ -305,7 +305,7 @@ function generateSafeInputsSummary(logEntries) {
   // Full log details (collapsed by default)
   summary.push("**Full Logs**\n");
   summary.push("<details>");
-  summary.push("<summary>View full safe-inputs logs</summary>\n");
+  summary.push("<summary>View full mcp-scripts logs</summary>\n");
   summary.push("```");
   for (const entry of logEntries) {
     if (entry.raw) {
@@ -330,8 +330,8 @@ function generateSafeInputsSummary(logEntries) {
 if (typeof module !== "undefined" && module.exports) {
   module.exports = {
     main,
-    parseSafeInputsLogLine,
-    generateSafeInputsSummary,
+    parseMCPScriptsLogLine,
+    generateMCPScriptsSummary,
     generatePlainTextSummary,
   };
 }
diff --git a/actions/setup/js/parse_safe_inputs_logs.test.cjs b/actions/setup/js/parse_mcp_scripts_logs.test.cjs
similarity index 69%
rename from actions/setup/js/parse_safe_inputs_logs.test.cjs
rename to actions/setup/js/parse_mcp_scripts_logs.test.cjs
index 8f1cc4c33e5..e3721706cca 100644
--- a/actions/setup/js/parse_safe_inputs_logs.test.cjs
+++ b/actions/setup/js/parse_mcp_scripts_logs.test.cjs
@@ -3,9 +3,9 @@ import fs from "fs";
 import path from "path";
 const { ERR_PARSE } = require("./error_codes.cjs");
 
-describe("parse_safe_inputs_logs.cjs", () => {
+describe("parse_mcp_scripts_logs.cjs", () => {
   let mockCore, originalConsole;
-  let main, parseSafeInputsLogLine, generateSafeInputsSummary, generatePlainTextSummary;
+  let main, parseMCPScriptsLogLine, generateMCPScriptsSummary, generatePlainTextSummary;
 
   beforeEach(async () => {
     originalConsole = global.console;
@@ -42,10 +42,10 @@ describe("parse_safe_inputs_logs.cjs", () => {
     global.core = mockCore;
 
     // Import the module to get the exported functions
-    const module = await import("./parse_safe_inputs_logs.cjs?" + Date.now());
+    const module = await import("./parse_mcp_scripts_logs.cjs?" + Date.now());
     main = module.main;
-    parseSafeInputsLogLine = module.parseSafeInputsLogLine;
-    generateSafeInputsSummary = module.generateSafeInputsSummary;
+    parseMCPScriptsLogLine = module.parseMCPScriptsLogLine;
+    generateMCPScriptsSummary = module.generateMCPScriptsSummary;
     generatePlainTextSummary = module.generatePlainTextSummary;
   });
 
@@ -54,32 +54,32 @@ describe("parse_safe_inputs_logs.cjs", () => {
     delete global.core;
   });
 
-  describe("parseSafeInputsLogLine", () => {
-    it("should parse valid safe-inputs log line with standard format", () => {
-      const line = "[2025-12-31T15:43:54.123Z] [safe-inputs-server] Starting Safe Inputs MCP Server";
-      const result = parseSafeInputsLogLine(line);
+  describe("parseMCPScriptsLogLine", () => {
+    it("should parse valid mcp-scripts log line with standard format", () => {
+      const line = "[2025-12-31T15:43:54.123Z] [mcp-scripts-server] Starting Safe Inputs MCP Server";
+      const result = parseMCPScriptsLogLine(line);
 
       expect(result).not.toBeNull();
       expect(result.timestamp).toBe("2025-12-31T15:43:54.123Z");
-      expect(result.serverName).toBe("safe-inputs-server");
+      expect(result.serverName).toBe("mcp-scripts-server");
       expect(result.message).toBe("Starting Safe Inputs MCP Server");
       expect(result.raw).toBe(false);
     });
 
     it("should parse log line with tool registration message", () => {
-      const line = "[2025-12-31T15:43:55.456Z] [safe-inputs] Registering tool: create_issue";
-      const result = parseSafeInputsLogLine(line);
+      const line = "[2025-12-31T15:43:55.456Z] [mcp-scripts] Registering tool: create_issue";
+      const result = parseMCPScriptsLogLine(line);
 
       expect(result).not.toBeNull();
       expect(result.timestamp).toBe("2025-12-31T15:43:55.456Z");
-      expect(result.serverName).toBe("safe-inputs");
+      expect(result.serverName).toBe("mcp-scripts");
       expect(result.message).toBe("Registering tool: create_issue");
       expect(result.raw).toBe(false);
     });
 
     it("should parse log line with tool execution message", () => {
       const line = "[2025-12-31T15:44:10.789Z] [mcp-server] Calling handler for tool: create_pull_request";
-      const result = parseSafeInputsLogLine(line);
+      const result = parseMCPScriptsLogLine(line);
 
       expect(result).not.toBeNull();
       expect(result.timestamp).toBe("2025-12-31T15:44:10.789Z");
@@ -89,30 +89,30 @@ describe("parse_safe_inputs_logs.cjs", () => {
     });
 
     it("should parse log line with error message", () => {
-      const line = "[2025-12-31T15:44:20.000Z] [safe-inputs] Error: Failed to process request";
-      const result = parseSafeInputsLogLine(line);
+      const line = "[2025-12-31T15:44:20.000Z] [mcp-scripts] Error: Failed to process request";
+      const result = parseMCPScriptsLogLine(line);
 
       expect(result).not.toBeNull();
       expect(result.timestamp).toBe("2025-12-31T15:44:20.000Z");
-      expect(result.serverName).toBe("safe-inputs");
+      expect(result.serverName).toBe("mcp-scripts");
       expect(result.message).toBe("Error: Failed to process request");
       expect(result.raw).toBe(false);
     });
 
     it("should handle log line with extra whitespace", () => {
-      const line = "[2025-12-31T15:43:54.123Z]   [safe-inputs-server]   Server started successfully  ";
-      const result = parseSafeInputsLogLine(line);
+      const line = "[2025-12-31T15:43:54.123Z]   [mcp-scripts-server]   Server started successfully  ";
+      const result = parseMCPScriptsLogLine(line);
 
       expect(result).not.toBeNull();
       expect(result.timestamp).toBe("2025-12-31T15:43:54.123Z");
-      expect(result.serverName).toBe("safe-inputs-server");
+      expect(result.serverName).toBe("mcp-scripts-server");
       expect(result.message).toBe("Server started successfully");
       expect(result.raw).toBe(false);
     });
 
     it("should return raw entry for unparseable log line", () => {
       const line = "This is an unparseable log line without the expected format";
-      const result = parseSafeInputsLogLine(line);
+      const result = parseMCPScriptsLogLine(line);
 
       expect(result).not.toBeNull();
       expect(result.timestamp).toBeNull();
@@ -123,7 +123,7 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
     it("should return raw entry for empty line", () => {
       const line = "";
-      const result = parseSafeInputsLogLine(line);
+      const result = parseMCPScriptsLogLine(line);
 
       expect(result).not.toBeNull();
       expect(result.timestamp).toBeNull();
@@ -133,12 +133,12 @@ describe("parse_safe_inputs_logs.cjs", () => {
     });
 
     it("should parse log line with brackets in message", () => {
-      const line = "[2025-12-31T15:43:54.123Z] [safe-inputs] Tool returned: {status: [200]}";
-      const result = parseSafeInputsLogLine(line);
+      const line = "[2025-12-31T15:43:54.123Z] [mcp-scripts] Tool returned: {status: [200]}";
+      const result = parseMCPScriptsLogLine(line);
 
       expect(result).not.toBeNull();
       expect(result.timestamp).toBe("2025-12-31T15:43:54.123Z");
-      expect(result.serverName).toBe("safe-inputs");
+      expect(result.serverName).toBe("mcp-scripts");
       expect(result.message).toBe("Tool returned: {status: [200]}");
       expect(result.raw).toBe(false);
     });
@@ -147,8 +147,8 @@ describe("parse_safe_inputs_logs.cjs", () => {
   describe("generatePlainTextSummary", () => {
     it("should generate summary with startup events", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:43:54.123Z", serverName: "safe-inputs", message: "Starting Safe Inputs MCP Server", raw: false },
-        { timestamp: "2025-12-31T15:43:54.456Z", serverName: "safe-inputs", message: "Server started successfully", raw: false },
+        { timestamp: "2025-12-31T15:43:54.123Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false },
+        { timestamp: "2025-12-31T15:43:54.456Z", serverName: "mcp-scripts", message: "Server started successfully", raw: false },
       ];
 
       const summary = generatePlainTextSummary(logEntries);
@@ -160,8 +160,8 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
     it("should generate summary with tool registration events", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:43:55.000Z", serverName: "safe-inputs", message: "Registering tool: create_issue", raw: false },
-        { timestamp: "2025-12-31T15:43:55.100Z", serverName: "safe-inputs", message: "Tool registration complete", raw: false },
+        { timestamp: "2025-12-31T15:43:55.000Z", serverName: "mcp-scripts", message: "Registering tool: create_issue", raw: false },
+        { timestamp: "2025-12-31T15:43:55.100Z", serverName: "mcp-scripts", message: "Tool registration complete", raw: false },
       ];
 
       const summary = generatePlainTextSummary(logEntries);
@@ -172,8 +172,8 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
     it("should generate summary with tool execution events", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:44:10.000Z", serverName: "safe-inputs", message: "Calling handler for tool: create_issue", raw: false },
-        { timestamp: "2025-12-31T15:44:10.500Z", serverName: "safe-inputs", message: "Handler returned successfully", raw: false },
+        { timestamp: "2025-12-31T15:44:10.000Z", serverName: "mcp-scripts", message: "Calling handler for tool: create_issue", raw: false },
+        { timestamp: "2025-12-31T15:44:10.500Z", serverName: "mcp-scripts", message: "Handler returned successfully", raw: false },
       ];
 
       const summary = generatePlainTextSummary(logEntries);
@@ -186,8 +186,8 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
     it("should generate summary with error events", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:44:20.000Z", serverName: "safe-inputs", message: "Error: Failed to process request", raw: false },
-        { timestamp: "2025-12-31T15:44:20.100Z", serverName: "safe-inputs", message: "Request failed with status 500", raw: false },
+        { timestamp: "2025-12-31T15:44:20.000Z", serverName: "mcp-scripts", message: "Error: Failed to process request", raw: false },
+        { timestamp: "2025-12-31T15:44:20.100Z", serverName: "mcp-scripts", message: "Request failed with status 500", raw: false },
       ];
 
       const summary = generatePlainTextSummary(logEntries);
@@ -201,11 +201,11 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
     it("should generate summary with mixed event types", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "safe-inputs", message: "Starting Safe Inputs MCP Server", raw: false },
-        { timestamp: "2025-12-31T15:43:55.000Z", serverName: "safe-inputs", message: "Registering tool: create_issue", raw: false },
-        { timestamp: "2025-12-31T15:44:10.000Z", serverName: "safe-inputs", message: "Calling handler for tool: create_issue", raw: false },
-        { timestamp: "2025-12-31T15:44:10.500Z", serverName: "safe-inputs", message: "Handler returned successfully", raw: false },
-        { timestamp: "2025-12-31T15:44:20.000Z", serverName: "safe-inputs", message: "Some other log message", raw: false },
+        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false },
+        { timestamp: "2025-12-31T15:43:55.000Z", serverName: "mcp-scripts", message: "Registering tool: create_issue", raw: false },
+        { timestamp: "2025-12-31T15:44:10.000Z", serverName: "mcp-scripts", message: "Calling handler for tool: create_issue", raw: false },
+        { timestamp: "2025-12-31T15:44:10.500Z", serverName: "mcp-scripts", message: "Handler returned successfully", raw: false },
+        { timestamp: "2025-12-31T15:44:20.000Z", serverName: "mcp-scripts", message: "Some other log message", raw: false },
       ];
 
       const summary = generatePlainTextSummary(logEntries);
@@ -228,16 +228,16 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
     it("should include full logs in plain text summary", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "safe-inputs", message: "Starting Safe Inputs MCP Server", raw: false },
-        { timestamp: "2025-12-31T15:43:55.000Z", serverName: "safe-inputs", message: "Server started successfully", raw: false },
+        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false },
+        { timestamp: "2025-12-31T15:43:55.000Z", serverName: "mcp-scripts", message: "Server started successfully", raw: false },
         { timestamp: null, serverName: null, message: "Unparsed log line", raw: true },
       ];
 
       const summary = generatePlainTextSummary(logEntries);
 
       expect(summary).toContain("Full Logs (first 5000 lines):");
-      expect(summary).toContain("[safe-inputs] Starting Safe Inputs MCP Server");
-      expect(summary).toContain("[safe-inputs] Server started successfully");
+      expect(summary).toContain("[mcp-scripts] Starting Safe Inputs MCP Server");
+      expect(summary).toContain("[mcp-scripts] Server started successfully");
       expect(summary).toContain("Unparsed log line");
     });
 
@@ -247,7 +247,7 @@ describe("parse_safe_inputs_logs.cjs", () => {
       for (let i = 0; i < 5500; i++) {
         logEntries.push({
           timestamp: "2025-12-31T15:43:54.000Z",
-          serverName: "safe-inputs",
+          serverName: "mcp-scripts",
           message: `Log entry ${i}`,
           raw: false,
         });
@@ -264,15 +264,15 @@ describe("parse_safe_inputs_logs.cjs", () => {
     });
   });
 
-  describe("generateSafeInputsSummary", () => {
+  describe("generateMCPScriptsSummary", () => {
     it("should generate markdown summary with details/summary structure", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "safe-inputs", message: "Starting Safe Inputs MCP Server", raw: false },
-        { timestamp: "2025-12-31T15:43:55.000Z", serverName: "safe-inputs", message: "Registering tool: create_issue", raw: false },
-        { timestamp: "2025-12-31T15:44:10.000Z", serverName: "safe-inputs", message: "Calling handler for tool: create_issue", raw: false },
+        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false },
+        { timestamp: "2025-12-31T15:43:55.000Z", serverName: "mcp-scripts", message: "Registering tool: create_issue", raw: false },
+        { timestamp: "2025-12-31T15:44:10.000Z", serverName: "mcp-scripts", message: "Calling handler for tool: create_issue", raw: false },
       ];
 
-      const summary = generateSafeInputsSummary(logEntries);
+      const summary = generateMCPScriptsSummary(logEntries);
 
       expect(summary).toContain("<details>");
       expect(summary).toContain("</details>");
@@ -287,11 +287,11 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
     it("should generate markdown summary with tool execution details", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:44:10.000Z", serverName: "safe-inputs", message: "Calling handler for tool: create_issue", raw: false },
-        { timestamp: "2025-12-31T15:44:15.000Z", serverName: "safe-inputs", message: "Calling handler for tool: create_pull_request", raw: false },
+        { timestamp: "2025-12-31T15:44:10.000Z", serverName: "mcp-scripts", message: "Calling handler for tool: create_issue", raw: false },
+        { timestamp: "2025-12-31T15:44:15.000Z", serverName: "mcp-scripts", message: "Calling handler for tool: create_pull_request", raw: false },
       ];
 
-      const summary = generateSafeInputsSummary(logEntries);
+      const summary = generateMCPScriptsSummary(logEntries);
 
       expect(summary).toContain("**Tool Executions**");
       expect(summary).toContain("<summary>View tool execution details</summary>");
@@ -302,11 +302,11 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
     it("should generate markdown summary with error details", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:44:20.000Z", serverName: "safe-inputs", message: "Error: Failed to process request", raw: false },
-        { timestamp: "2025-12-31T15:44:21.000Z", serverName: "safe-inputs", message: "Request failed with status 500", raw: false },
+        { timestamp: "2025-12-31T15:44:20.000Z", serverName: "mcp-scripts", message: "Error: Failed to process request", raw: false },
+        { timestamp: "2025-12-31T15:44:21.000Z", serverName: "mcp-scripts", message: "Request failed with status 500", raw: false },
       ];
 
-      const summary = generateSafeInputsSummary(logEntries);
+      const summary = generateMCPScriptsSummary(logEntries);
 
       expect(summary).toContain("**Errors**");
       expect(summary).toContain("<summary>View error details</summary>");
@@ -317,22 +317,22 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
     it("should generate markdown summary with full logs section", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "safe-inputs", message: "Starting Safe Inputs MCP Server", raw: false },
+        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false },
         { timestamp: null, serverName: null, message: "Unparsed log line", raw: true },
       ];
 
-      const summary = generateSafeInputsSummary(logEntries);
+      const summary = generateMCPScriptsSummary(logEntries);
 
       expect(summary).toContain("**Full Logs**");
-      expect(summary).toContain("<summary>View full safe-inputs logs</summary>");
+      expect(summary).toContain("<summary>View full mcp-scripts logs</summary>");
       expect(summary).toContain("```");
-      expect(summary).toContain("[2025-12-31T15:43:54.000Z] [safe-inputs] Starting Safe Inputs MCP Server");
+      expect(summary).toContain("[2025-12-31T15:43:54.000Z] [mcp-scripts] Starting Safe Inputs MCP Server");
       expect(summary).toContain("Unparsed log line");
     });
 
     it("should handle empty log entries", () => {
       const logEntries = [];
-      const summary = generateSafeInputsSummary(logEntries);
+      const summary = generateMCPScriptsSummary(logEntries);
 
       expect(summary).toContain("<details>");
       expect(summary).toContain("</details>");
@@ -344,17 +344,17 @@ describe("parse_safe_inputs_logs.cjs", () => {
     });
 
     it("should not show tool executions section when no tools called", () => {
-      const logEntries = [{ timestamp: "2025-12-31T15:43:54.000Z", serverName: "safe-inputs", message: "Starting Safe Inputs MCP Server", raw: false }];
+      const logEntries = [{ timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false }];
 
-      const summary = generateSafeInputsSummary(logEntries);
+      const summary = generateMCPScriptsSummary(logEntries);
 
       expect(summary).not.toContain("**Tool Executions**");
     });
 
     it("should not show errors section when no errors", () => {
-      const logEntries = [{ timestamp: "2025-12-31T15:43:54.000Z", serverName: "safe-inputs", message: "Starting Safe Inputs MCP Server", raw: false }];
+      const logEntries = [{ timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false }];
 
-      const summary = generateSafeInputsSummary(logEntries);
+      const summary = generateMCPScriptsSummary(logEntries);
 
       expect(summary).not.toContain("**Errors**");
     });
@@ -364,7 +364,7 @@ describe("parse_safe_inputs_logs.cjs", () => {
     let tempDir;
 
     beforeEach(() => {
-      tempDir = "/tmp/gh-aw/safe-inputs/logs/";
+      tempDir = "/tmp/gh-aw/mcp-scripts/logs/";
     });
 
     it("should handle missing logs directory", async () => {
@@ -373,7 +373,7 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
       await main();
 
-      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("No safe-inputs logs directory found"));
+      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("No mcp-scripts logs directory found"));
       expect(mockCore.setFailed).not.toHaveBeenCalled();
     });
 
@@ -384,12 +384,12 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
       await main();
 
-      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("No safe-inputs log files found"));
+      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("No mcp-scripts log files found"));
       expect(mockCore.setFailed).not.toHaveBeenCalled();
     });
 
     it("should process log files and generate summaries", async () => {
-      const logContent = "[2025-12-31T15:43:54.000Z] [safe-inputs] Starting Safe Inputs MCP Server\n[2025-12-31T15:43:55.000Z] [safe-inputs] Registering tool: create_issue\n";
+      const logContent = "[2025-12-31T15:43:54.000Z] [mcp-scripts] Starting Safe Inputs MCP Server\n[2025-12-31T15:43:55.000Z] [mcp-scripts] Registering tool: create_issue\n";
 
       // Mock fs functions
       vi.spyOn(fs, "existsSync").mockReturnValue(true);
@@ -398,8 +398,8 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
       await main();
 
-      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Found 1 safe-inputs log file"));
-      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Parsing safe-inputs log: server.log"));
+      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Found 1 mcp-scripts log file"));
+      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Parsing mcp-scripts log: server.log"));
       expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("=== Safe Inputs MCP Server Logs ==="));
       expect(mockCore.summary.addRaw).toHaveBeenCalled();
       expect(mockCore.summary.write).toHaveBeenCalled();
@@ -420,7 +420,7 @@ describe("parse_safe_inputs_logs.cjs", () => {
     });
 
     it("should process multiple log files", async () => {
-      const logContent = "[2025-12-31T15:43:54.000Z] [safe-inputs] Test message\n";
+      const logContent = "[2025-12-31T15:43:54.000Z] [mcp-scripts] Test message\n";
 
       // Mock fs functions
       vi.spyOn(fs, "existsSync").mockReturnValue(true);
@@ -429,9 +429,9 @@ describe("parse_safe_inputs_logs.cjs", () => {
 
       await main();
 
-      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Found 2 safe-inputs log file"));
-      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Parsing safe-inputs log: server1.log"));
-      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Parsing safe-inputs log: server2.log"));
+      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Found 2 mcp-scripts log file"));
+      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Parsing mcp-scripts log: server1.log"));
+      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Parsing mcp-scripts log: server2.log"));
       expect(mockCore.setFailed).not.toHaveBeenCalled();
     });
 
diff --git a/actions/setup/js/safe_outputs_mcp_error_messages.test.cjs b/actions/setup/js/safe_outputs_mcp_error_messages.test.cjs
index 965959d28c8..a895936d140 100644
--- a/actions/setup/js/safe_outputs_mcp_error_messages.test.cjs
+++ b/actions/setup/js/safe_outputs_mcp_error_messages.test.cjs
@@ -30,7 +30,7 @@ describe("Safe Outputs MCP Error Message Validation", () => {
     registerTool = mcpCore.registerTool;
     handleMessage = mcpCore.handleMessage;
 
-    const validation = await import("./safe_inputs_validation.cjs");
+    const validation = await import("./mcp_scripts_validation.cjs");
     validateRequiredFields = validation.validateRequiredFields;
 
     // Load tools schema
diff --git a/actions/setup/js/setup_sh_file_lists.test.cjs b/actions/setup/js/setup_sh_file_lists.test.cjs
index e2577a7426a..20271cc53f2 100644
--- a/actions/setup/js/setup_sh_file_lists.test.cjs
+++ b/actions/setup/js/setup_sh_file_lists.test.cjs
@@ -9,7 +9,7 @@ const setupShContent = readFileSync(SETUP_SH, "utf8");
 
 /**
  * Parse a bash array from setup.sh, e.g.:
- *   SAFE_INPUTS_FILES=(
+ *   MCP_SCRIPTS_FILES=(
  *     "file1.cjs"
  *     "file2.cjs"
  *   )
@@ -55,23 +55,23 @@ function collectTransitiveDeps(rootFiles) {
   return visited;
 }
 
-const safeInputsFiles = parseSetupShArray("SAFE_INPUTS_FILES");
+const mcpScriptsFiles = parseSetupShArray("MCP_SCRIPTS_FILES");
 const safeOutputsFiles = parseSetupShArray("SAFE_OUTPUTS_FILES");
 
 // safe-outputs-mcp-server.cjs is the entry point copied separately as mcp-server.cjs
 // Its deps must also be covered by SAFE_OUTPUTS_FILES
 const safeOutputsRoots = [...safeOutputsFiles, "safe-outputs-mcp-server.cjs"];
 
-describe("setup.sh SAFE_INPUTS_FILES", () => {
+describe("setup.sh MCP_SCRIPTS_FILES", () => {
   it("contains all transitive local dependencies", () => {
-    const listed = new Set(safeInputsFiles);
-    const allDeps = collectTransitiveDeps(safeInputsFiles);
+    const listed = new Set(mcpScriptsFiles);
+    const allDeps = collectTransitiveDeps(mcpScriptsFiles);
     const missing = [...allDeps].filter(f => !listed.has(f));
     expect(missing).toEqual([]);
   });
 
   it("all listed files exist in js/", () => {
-    const missing = safeInputsFiles.filter(f => !existsSync(resolve(__dirname, f)));
+    const missing = mcpScriptsFiles.filter(f => !existsSync(resolve(__dirname, f)));
     expect(missing).toEqual([]);
   });
 });
diff --git a/actions/setup/js/shim.cjs b/actions/setup/js/shim.cjs
index a236e27f710..937175cdf15 100644
--- a/actions/setup/js/shim.cjs
+++ b/actions/setup/js/shim.cjs
@@ -6,7 +6,7 @@
  * Provides minimal `global.core` and `global.context` shims so that modules
  * written for the GitHub Actions `github-script` context (which rely on the
  * built-in `core` and `context` globals) work correctly when executed as plain
- * Node.js processes, such as inside the safe-outputs and safe-inputs MCP servers.
+ * Node.js processes, such as inside the safe-outputs and mcp-scripts MCP servers.
  *
  * When `global.core` / `global.context` is already set (i.e. running inside
  * `github-script`) the respective block is a no-op.
diff --git a/actions/setup/setup.sh b/actions/setup/setup.sh
index f31c42bdba7..ca731aa4104 100755
--- a/actions/setup/setup.sh
+++ b/actions/setup/setup.sh
@@ -139,18 +139,18 @@ else
   echo "::warning::No markdown prompts directory found at ${MD_SOURCE_DIR}"
 fi
 
-# Copy safe-inputs files to their expected directory
-SAFE_INPUTS_DEST="/opt/gh-aw/safe-inputs"
-echo "Copying safe-inputs files to ${SAFE_INPUTS_DEST}"
-create_dir "${SAFE_INPUTS_DEST}"
-
-SAFE_INPUTS_FILES=(
-  "safe_inputs_bootstrap.cjs"
-  "safe_inputs_config_loader.cjs"
-  "safe_inputs_mcp_server.cjs"
-  "safe_inputs_mcp_server_http.cjs"
-  "safe_inputs_tool_factory.cjs"
-  "safe_inputs_validation.cjs"
+# Copy mcp-scripts files to their expected directory
+MCP_SCRIPTS_DEST="/opt/gh-aw/mcp-scripts"
+echo "Copying mcp-scripts files to ${MCP_SCRIPTS_DEST}"
+create_dir "${MCP_SCRIPTS_DEST}"
+
+MCP_SCRIPTS_FILES=(
+  "mcp_scripts_bootstrap.cjs"
+  "mcp_scripts_config_loader.cjs"
+  "mcp_scripts_mcp_server.cjs"
+  "mcp_scripts_mcp_server_http.cjs"
+  "mcp_scripts_tool_factory.cjs"
+  "mcp_scripts_validation.cjs"
   "mcp_server_core.cjs"
   "mcp_logger.cjs"
   "mcp_http_transport.cjs"
@@ -159,39 +159,39 @@ SAFE_INPUTS_FILES=(
   "mcp_handler_go.cjs"
   "mcp_handler_javascript.cjs"
   "read_buffer.cjs"
-  "generate_safe_inputs_config.cjs"
+  "generate_mcp_scripts_config.cjs"
   "setup_globals.cjs"
   "error_helpers.cjs"
   "error_codes.cjs"
   "mcp_enhanced_errors.cjs"
   "shim.cjs"
-  "safe-inputs-runner.cjs"
+  "mcp-scripts-runner.cjs"
 )
 
-SAFE_INPUTS_COUNT=0
-SAFE_INPUTS_MISSING=()
-for file in "${SAFE_INPUTS_FILES[@]}"; do
+MCP_SCRIPTS_COUNT=0
+MCP_SCRIPTS_MISSING=()
+for file in "${MCP_SCRIPTS_FILES[@]}"; do
   if [ -f "${JS_SOURCE_DIR}/${file}" ]; then
-    cp "${JS_SOURCE_DIR}/${file}" "${SAFE_INPUTS_DEST}/${file}"
-    echo "Copied safe-inputs: ${file}"
-    SAFE_INPUTS_COUNT=$((SAFE_INPUTS_COUNT + 1))
+    cp "${JS_SOURCE_DIR}/${file}" "${MCP_SCRIPTS_DEST}/${file}"
+    echo "Copied mcp-scripts: ${file}"
+    MCP_SCRIPTS_COUNT=$((MCP_SCRIPTS_COUNT + 1))
   else
     echo "::error::Safe-inputs file not found: ${file}"
-    SAFE_INPUTS_MISSING+=("${file}")
+    MCP_SCRIPTS_MISSING+=("${file}")
   fi
 done
 
-if [ ${#SAFE_INPUTS_MISSING[@]} -gt 0 ]; then
-  echo "::error::Failed to copy ${#SAFE_INPUTS_MISSING[@]} required safe-inputs files:"
-  for missing_file in "${SAFE_INPUTS_MISSING[@]}"; do
+if [ ${#MCP_SCRIPTS_MISSING[@]} -gt 0 ]; then
+  echo "::error::Failed to copy ${#MCP_SCRIPTS_MISSING[@]} required mcp-scripts files:"
+  for missing_file in "${MCP_SCRIPTS_MISSING[@]}"; do
     echo "::error::  - ${missing_file}"
   done
   echo "::error::Expected location: ${JS_SOURCE_DIR}"
-  echo "::error::These files must exist in the repository for safe-inputs to work"
+  echo "::error::These files must exist in the repository for mcp-scripts to work"
   exit 1
 fi
 
-echo "Successfully copied ${SAFE_INPUTS_COUNT} safe-inputs files to ${SAFE_INPUTS_DEST}"
+echo "Successfully copied ${MCP_SCRIPTS_COUNT} mcp-scripts files to ${MCP_SCRIPTS_DEST}"
 
 # Copy safe-outputs files to their expected directory
 SAFE_OUTPUTS_DEST="/opt/gh-aw/safeoutputs"
@@ -214,7 +214,7 @@ SAFE_OUTPUTS_FILES=(
   "mcp_handler_go.cjs"
   "mcp_handler_javascript.cjs"
   "read_buffer.cjs"
-  "safe_inputs_validation.cjs"
+  "mcp_scripts_validation.cjs"
   "messages.cjs"
   "messages_core.cjs"
   "messages_footer.cjs"
@@ -340,7 +340,7 @@ fi
 # Set output
 if [ -n "${GITHUB_OUTPUT}" ]; then
   echo "files_copied=${FILE_COUNT}" >> "${GITHUB_OUTPUT}"
-  echo "safe_inputs_files_copied=${SAFE_INPUTS_COUNT}" >> "${GITHUB_OUTPUT}"
+  echo "mcp_scripts_files_copied=${MCP_SCRIPTS_COUNT}" >> "${GITHUB_OUTPUT}"
   echo "safe_outputs_files_copied=${SAFE_OUTPUTS_COUNT}" >> "${GITHUB_OUTPUT}"
   echo "prompt_files_copied=${PROMPT_COUNT}" >> "${GITHUB_OUTPUT}"
 else
diff --git a/actions/setup/sh/check_mcp_servers_test.sh b/actions/setup/sh/check_mcp_servers_test.sh
index 561a88f7339..63ec915a5dd 100755
--- a/actions/setup/sh/check_mcp_servers_test.sh
+++ b/actions/setup/sh/check_mcp_servers_test.sh
@@ -226,7 +226,7 @@ test_server_without_url() {
     "safeinputs": {
       "type": "stdio",
       "command": "gh",
-      "args": ["aw", "mcp-server", "--mode", "safe-inputs"]
+      "args": ["aw", "mcp-server", "--mode", "mcp-scripts"]
     }
   },
   "gateway": {
@@ -263,7 +263,7 @@ test_mixed_servers() {
     "safeinputs": {
       "type": "stdio",
       "command": "gh",
-      "args": ["aw", "mcp-server", "--mode", "safe-inputs"]
+      "args": ["aw", "mcp-server", "--mode", "mcp-scripts"]
     },
     "github": {
       "type": "http",
diff --git a/actions/setup/sh/start_safe_inputs_server.sh b/actions/setup/sh/start_mcp_scripts_server.sh
similarity index 64%
rename from actions/setup/sh/start_safe_inputs_server.sh
rename to actions/setup/sh/start_mcp_scripts_server.sh
index 852a2a9b551..2d7874b52f3 100755
--- a/actions/setup/sh/start_safe_inputs_server.sh
+++ b/actions/setup/sh/start_mcp_scripts_server.sh
@@ -1,38 +1,38 @@
 #!/usr/bin/env bash
 # Start Safe Inputs MCP HTTP Server
-# This script starts the safe-inputs MCP server and waits for it to become ready
+# This script starts the mcp-scripts MCP server and waits for it to become ready
 
 set -e
 
-cd /opt/gh-aw/safe-inputs || exit 1
+cd /opt/gh-aw/mcp-scripts || exit 1
 
 # Verify required files exist
-echo "Verifying safe-inputs setup..."
+echo "Verifying mcp-scripts setup..."
 
 # Check core configuration files
 if [ ! -f mcp-server.cjs ]; then
-  echo "ERROR: mcp-server.cjs not found in /opt/gh-aw/safe-inputs"
-  ls -la /opt/gh-aw/safe-inputs/
+  echo "ERROR: mcp-server.cjs not found in /opt/gh-aw/mcp-scripts"
+  ls -la /opt/gh-aw/mcp-scripts/
   exit 1
 fi
 if [ ! -f tools.json ]; then
-  echo "ERROR: tools.json not found in /opt/gh-aw/safe-inputs"
-  ls -la /opt/gh-aw/safe-inputs/
+  echo "ERROR: tools.json not found in /opt/gh-aw/mcp-scripts"
+  ls -la /opt/gh-aw/mcp-scripts/
   exit 1
 fi
 
 # Check required dependency files for the MCP server
-# These files are required by safe_inputs_mcp_server_http.cjs and its dependencies
+# These files are required by mcp_scripts_mcp_server_http.cjs and its dependencies
 REQUIRED_DEPS=(
-  "safe_inputs_mcp_server_http.cjs"
+  "mcp_scripts_mcp_server_http.cjs"
   "mcp_http_transport.cjs"
-  "safe_inputs_validation.cjs"
+  "mcp_scripts_validation.cjs"
   "mcp_enhanced_errors.cjs"
   "mcp_logger.cjs"
-  "safe_inputs_bootstrap.cjs"
+  "mcp_scripts_bootstrap.cjs"
   "error_helpers.cjs"
   "mcp_server_core.cjs"
-  "safe_inputs_config_loader.cjs"
+  "mcp_scripts_config_loader.cjs"
   "read_buffer.cjs"
   "mcp_handler_shell.cjs"
   "mcp_handler_python.cjs"
@@ -48,13 +48,13 @@ for dep in "${REQUIRED_DEPS[@]}"; do
 done
 
 if [ ${#MISSING_FILES[@]} -gt 0 ]; then
-  echo "ERROR: Missing required dependency files in /opt/gh-aw/safe-inputs/"
+  echo "ERROR: Missing required dependency files in /opt/gh-aw/mcp-scripts/"
   for file in "${MISSING_FILES[@]}"; do
     echo "  - $file"
   done
   echo
   echo "Current directory contents:"
-  ls -la /opt/gh-aw/safe-inputs/
+  ls -la /opt/gh-aw/mcp-scripts/
   echo
   echo "These files should have been copied by the Setup Scripts action."
   echo "This usually indicates a problem with the actions/setup step."
@@ -66,12 +66,12 @@ echo "All ${#REQUIRED_DEPS[@]} required dependency files present"
 
 # Log environment configuration
 echo "Server configuration:"
-echo "  Port: $GH_AW_SAFE_INPUTS_PORT"
-echo "  API Key: ${GH_AW_SAFE_INPUTS_API_KEY:0:8}..."
+echo "  Port: $GH_AW_MCP_SCRIPTS_PORT"
+echo "  API Key: ${GH_AW_MCP_SCRIPTS_API_KEY:0:8}..."
 echo "  Working directory: $(pwd)"
 
 # Ensure logs directory exists
-mkdir -p /tmp/gh-aw/safe-inputs/logs
+mkdir -p /tmp/gh-aw/mcp-scripts/logs
 
 # Create initial server.log file for artifact upload
 {
@@ -79,13 +79,13 @@ mkdir -p /tmp/gh-aw/safe-inputs/logs
   echo "Start time: $(date)"
   echo "==========================================="
   echo ""
-} > /tmp/gh-aw/safe-inputs/logs/server.log
+} > /tmp/gh-aw/mcp-scripts/logs/server.log
 
 # Start the HTTP server in the background with DEBUG enabled
-echo "Starting safe-inputs MCP HTTP server..."
-DEBUG="*" node mcp-server.cjs >> /tmp/gh-aw/safe-inputs/logs/server.log 2>&1 &
+echo "Starting mcp-scripts MCP HTTP server..."
+DEBUG="*" node mcp-server.cjs >> /tmp/gh-aw/mcp-scripts/logs/server.log 2>&1 &
 SERVER_PID=$!
-echo "Started safe-inputs MCP server with PID $SERVER_PID"
+echo "Started mcp-scripts MCP server with PID $SERVER_PID"
 
 # Wait for server to be ready (max 10 seconds)
 echo "Waiting for server to become ready..."
@@ -94,18 +94,18 @@ for i in {1..10}; do
   if ! kill -0 $SERVER_PID 2>/dev/null; then
     echo "ERROR: Server process $SERVER_PID has died"
     echo "Server log contents:"
-    cat /tmp/gh-aw/safe-inputs/logs/server.log
+    cat /tmp/gh-aw/mcp-scripts/logs/server.log
     exit 1
   fi
   
   # Check if server is responding
-  if curl -s -f "http://localhost:$GH_AW_SAFE_INPUTS_PORT/health" > /dev/null 2>&1; then
+  if curl -s -f "http://localhost:$GH_AW_MCP_SCRIPTS_PORT/health" > /dev/null 2>&1; then
     echo "Safe Inputs MCP server is ready (attempt $i/10)"
     
     # Print the startup log for debugging
     echo "::notice::Safe Inputs MCP Server Startup Log"
     echo "::group::Server Log Contents"
-    cat /tmp/gh-aw/safe-inputs/logs/server.log
+    cat /tmp/gh-aw/mcp-scripts/logs/server.log
     echo "::endgroup::"
     
     break
@@ -115,9 +115,9 @@ for i in {1..10}; do
     echo "ERROR: Safe Inputs MCP server failed to start after 10 seconds"
     echo "Process status: $(pgrep -f 'mcp-server.cjs' || echo 'not running')"
     echo "Server log contents:"
-    cat /tmp/gh-aw/safe-inputs/logs/server.log
+    cat /tmp/gh-aw/mcp-scripts/logs/server.log
     echo "Checking port availability:"
-    netstat -tuln | grep "$GH_AW_SAFE_INPUTS_PORT" || echo "Port $GH_AW_SAFE_INPUTS_PORT not listening"
+    netstat -tuln | grep "$GH_AW_MCP_SCRIPTS_PORT" || echo "Port $GH_AW_MCP_SCRIPTS_PORT not listening"
     exit 1
   fi
   
@@ -127,6 +127,6 @@ done
 
 # Output the configuration for the MCP client
 {
-  echo "port=$GH_AW_SAFE_INPUTS_PORT"
-  echo "api_key=${GH_AW_SAFE_INPUTS_API_KEY@Q}"
+  echo "port=$GH_AW_MCP_SCRIPTS_PORT"
+  echo "api_key=${GH_AW_MCP_SCRIPTS_API_KEY@Q}"
 } >> "$GITHUB_OUTPUT"
diff --git a/actions/setup/sh/validate_gatewayed_server_test.sh b/actions/setup/sh/validate_gatewayed_server_test.sh
index 5afc55ddbb2..921203a53ea 100755
--- a/actions/setup/sh/validate_gatewayed_server_test.sh
+++ b/actions/setup/sh/validate_gatewayed_server_test.sh
@@ -289,7 +289,7 @@ test_mixed_servers() {
   "mcpServers": {
     "safeinputs": {
       "command": "gh",
-      "args": ["aw", "mcp-server", "--mode", "safe-inputs"]
+      "args": ["aw", "mcp-server", "--mode", "mcp-scripts"]
     },
     "safeoutputs": {
       "command": "gh",
diff --git a/docs/copilot-cli-checksum-verification.md b/docs/copilot-cli-checksum-verification.md
index 29694d17b65..e4f38b3a47d 100644
--- a/docs/copilot-cli-checksum-verification.md
+++ b/docs/copilot-cli-checksum-verification.md
@@ -145,7 +145,7 @@ The following 73 workflows now use checksum-verified Copilot CLI installation:
 54. security-compliance.md
 55. slide-deck-maintainer.md
 56. smoke-copilot-no-firewall.md
-57. smoke-copilot-safe-inputs.md
+57. smoke-copilot-mcp-scripts.md
 58. smoke-copilot.md
 59. smoke-srt.md
 60. stale-repo-identifier.md
@@ -153,7 +153,7 @@ The following 73 workflows now use checksum-verified Copilot CLI installation:
 62. technical-doc-writer.md
 63. test-discussion-expires.md
 64. test-hide-older-comments.md
-65. test-python-safe-input.md
+65. test-python-mcp-script.md
 66. tidy.md
 67. video-analyzer.md
 68. weekly-issue-summary.md
diff --git a/docs/public/editor/autocomplete-data.json b/docs/public/editor/autocomplete-data.json
index ecff8ca66ef..c8db93f3dbf 100644
--- a/docs/public/editor/autocomplete-data.json
+++ b/docs/public/editor/autocomplete-data.json
@@ -1496,7 +1496,7 @@
       "enum": [true, false],
       "leaf": true
     },
-    "safe-inputs": {
+    "mcp-scripts": {
       "type": "object",
       "desc": "Safe inputs configuration for defining custom lightweight MCP tools as JavaScript, shell scripts, or Python scripts."
     },
@@ -1544,7 +1544,7 @@
     "rate-limit",
     "strict",
     "private",
-    "safe-inputs",
+    "mcp-scripts",
     "runtimes",
     "jobs"
   ]
diff --git a/docs/public/schemas/mcp-gateway-config.schema.json b/docs/public/schemas/mcp-gateway-config.schema.json
index ced488d0dcb..ff560e474f5 100644
--- a/docs/public/schemas/mcp-gateway-config.schema.json
+++ b/docs/public/schemas/mcp-gateway-config.schema.json
@@ -303,7 +303,7 @@
     },
     {
       "mcpServers": {
-        "safe-inputs-server": {
+        "mcp-scripts-server": {
           "type": "safeinputs",
           "tools": {
             "greet-user": {
@@ -325,7 +325,7 @@
         "apiKey": "gateway-secret-token"
       },
       "customSchemas": {
-        "safeinputs": "https://docs.github.com/gh-aw/schemas/safe-inputs-config.schema.json"
+        "safeinputs": "https://docs.github.com/gh-aw/schemas/mcp-scripts-config.schema.json"
       }
     }
   ]
diff --git a/docs/public/schemas/safe-inputs-config.schema.json b/docs/public/schemas/mcp-scripts-config.schema.json
similarity index 97%
rename from docs/public/schemas/safe-inputs-config.schema.json
rename to docs/public/schemas/mcp-scripts-config.schema.json
index 9cf7b5c10eb..39d7f2d8935 100644
--- a/docs/public/schemas/safe-inputs-config.schema.json
+++ b/docs/public/schemas/mcp-scripts-config.schema.json
@@ -1,19 +1,19 @@
 {
   "$schema": "http://json-schema.org/draft-07/schema#",
-  "$id": "https://docs.github.com/gh-aw/schemas/safe-inputs-config.schema.json",
+  "$id": "https://docs.github.com/gh-aw/schemas/mcp-scripts-config.schema.json",
   "title": "Safe Inputs Configuration",
   "description": "Configuration schema for Safe Inputs custom MCP tools as defined in the Safe Inputs Specification v1.1.0. Safe Inputs enables inline definition of custom MCP tools directly in workflow frontmatter using JavaScript, shell scripts, Python, or Go.",
   "type": "object",
   "patternProperties": {
     "^[a-zA-Z][a-zA-Z0-9_-]*$": {
-      "$ref": "#/definitions/safeInputToolConfig"
+      "$ref": "#/definitions/mcpScriptToolConfig"
     }
   },
   "additionalProperties": false,
   "definitions": {
-    "safeInputToolConfig": {
+    "mcpScriptToolConfig": {
       "type": "object",
-      "description": "Configuration for a single safe-input tool. Each tool must have exactly one implementation method (script, run, py, or go).",
+      "description": "Configuration for a single mcp-script tool. Each tool must have exactly one implementation method (script, run, py, or go).",
       "properties": {
         "description": {
           "type": "string",
diff --git a/docs/src/content/docs/guides/editing-workflows.md b/docs/src/content/docs/guides/editing-workflows.md
index d6f609e240a..e62d9459e55 100644
--- a/docs/src/content/docs/guides/editing-workflows.md
+++ b/docs/src/content/docs/guides/editing-workflows.md
@@ -103,7 +103,7 @@ Any changes to the frontmatter configuration between `---` markers:
 - **Tools** (`tools:`): Tool configurations, MCP servers, allowed tools
 - **Network** (`network:`): Allowed domains, firewall rules
 - **Safe outputs** (`safe-outputs:`): Output types, threat detection
-- **Safe inputs** (`safe-inputs:`): Input validation rules
+- **Safe inputs** (`mcp-scripts:`): Input validation rules
 - **Runtimes** (`runtimes:`): Node, Python, Go version overrides
 - **Imports** (`imports:`): Shared configuration files
 - **Custom jobs** (`jobs:`): Additional workflow jobs
diff --git a/docs/src/content/docs/guides/mcps.md b/docs/src/content/docs/guides/mcps.md
index 2a7a0b9cab5..2cfe5b6f93b 100644
--- a/docs/src/content/docs/guides/mcps.md
+++ b/docs/src/content/docs/guides/mcps.md
@@ -182,7 +182,7 @@ For advanced debugging, import `shared/mcp-debug.md` to access diagnostic tools
 
 ## Related Documentation
 
-- [Safe Inputs](/gh-aw/reference/safe-inputs/) - Define custom inline tools without external MCP servers
+- [Safe Inputs](/gh-aw/reference/mcp-scripts/) - Define custom inline tools without external MCP servers
 - [Tools](/gh-aw/reference/tools/) - Complete tools reference
 - [CLI Commands](/gh-aw/setup/cli/) - CLI commands including `mcp inspect`
 - [Imports](/gh-aw/reference/imports/) - Modularizing workflows with includes
diff --git a/docs/src/content/docs/guides/upgrading.md b/docs/src/content/docs/guides/upgrading.md
index a472cf45045..bb9ea1110ec 100644
--- a/docs/src/content/docs/guides/upgrading.md
+++ b/docs/src/content/docs/guides/upgrading.md
@@ -83,7 +83,7 @@ The upgrade automatically applies codemods to fix deprecated fields in all workf
 |---------|---------------|---------|
 | **sandbox-false-to-agent-false** | Converts `sandbox: false` to `sandbox.agent: false` | `sandbox: false` → `sandbox: { agent: false }` |
 | **network-firewall-migration** | Removes deprecated `network.firewall` field | Deletes `firewall: mandatory` |
-| **safe-inputs-mode-removal** | Removes deprecated `safe-inputs.mode` field | Deletes `mode: auto` |
+| **mcp-scripts-mode-removal** | Removes deprecated `mcp-scripts.mode` field | Deletes `mode: auto` |
 | **schedule-at-to-around-migration** | Converts `daily at TIME` to `daily around TIME` | `daily at 10:00` → `daily around 10:00` |
 | **delete-schema-file** | Deletes deprecated schema file | Removes `.github/aw/schemas/agentic-workflow.json` |
 | **delete-old-agents** | Deletes old `.agent.md` files moved to `.github/aw/` | Removes outdated agent files |
@@ -102,7 +102,7 @@ Processing workflow: daily-team-status
   ✓ Applied schedule-at-to-around-migration
   ✓ Applied timeout-minutes-migration
 Processing workflow: issue-triage
-  ✓ Applied safe-inputs-mode-removal
+  ✓ Applied mcp-scripts-mode-removal
 All workflows processed.
 Compiling all workflows...
 ✓ Compiled 3 workflow(s)
@@ -142,7 +142,7 @@ Review changes with `git diff .github/workflows/` to verify that deprecated fiel
 
 ### Common Changes
 
-Typical migrations include `sandbox: false` → `sandbox.agent: false`, `daily at` → `daily around`, and removal of deprecated `network.firewall` and `safe-inputs.mode` fields. Use `git diff --word-diff` for detailed comparison.
+Typical migrations include `sandbox: false` → `sandbox.agent: false`, `daily at` → `daily around`, and removal of deprecated `network.firewall` and `mcp-scripts.mode` fields. Use `git diff --word-diff` for detailed comparison.
 
 ## Step 5: Verify Compilation
 
diff --git a/docs/src/content/docs/introduction/how-they-work.mdx b/docs/src/content/docs/introduction/how-they-work.mdx
index d438cf71858..5d5600582d1 100644
--- a/docs/src/content/docs/introduction/how-they-work.mdx
+++ b/docs/src/content/docs/introduction/how-they-work.mdx
@@ -52,7 +52,7 @@ Workflows run with minimal permissions (no write access by default), use tool al
 
 ## Safe Inputs and Safe Outputs
 
-- **[Safe inputs](/gh-aw/reference/safe-inputs/)** (validated user input tools) - Custom MCP tools defined inline to prevent injection attacks
+- **[Safe inputs](/gh-aw/reference/mcp-scripts/)** (validated user input tools) - Custom MCP tools defined inline to prevent injection attacks
 - **[Safe outputs](/gh-aw/reference/safe-outputs/)** (validated GitHub operations) - Pre-approved actions the AI can request without write permissions
 
 ## Regenerating the Lock File
diff --git a/docs/src/content/docs/reference/environment-variables.md b/docs/src/content/docs/reference/environment-variables.md
index 6cd1d3782e4..55964e37f23 100644
--- a/docs/src/content/docs/reference/environment-variables.md
+++ b/docs/src/content/docs/reference/environment-variables.md
@@ -22,7 +22,7 @@ GitHub Agentic Workflows supports environment variables in 13 distinct contexts:
 | **Sandbox Agent** | `sandbox.agent.env` | Sandbox runtime | Sandbox configuration |
 | **Sandbox MCP** | `sandbox.mcp.env` | Model Context Protocol (MCP) gateway | MCP debugging |
 | **MCP Tools** | `tools.<name>.env` | MCP server process | MCP server secrets |
-| **Safe Inputs** | `safe-inputs.<name>.env` | Safe-input execution | Tool-specific tokens |
+| **Safe Inputs** | `mcp-scripts.<name>.env` | Safe-input execution | Tool-specific tokens |
 | **Safe Outputs Global** | `safe-outputs.env` | All safe-output jobs | Shared safe-output config |
 | **Safe Outputs Job** | `safe-outputs.jobs.<name>.env` | Specific safe-output job | Job-specific config |
 | **GitHub Actions Step** | `githubActionsStep.env` | Pre-defined steps | Step configuration |
@@ -116,7 +116,7 @@ Environment variables follow a **most-specific-wins** model, consistent with Git
 
 ### Context-Specific Scopes
 
-These scopes are independent and operate in different contexts: `engine.env`, `container.env`, `services.<id>.env`, `sandbox.agent.env`, `sandbox.mcp.env`, `tools.<tool>.env`, `safe-inputs.<tool>.env`.
+These scopes are independent and operate in different contexts: `engine.env`, `container.env`, `services.<id>.env`, `sandbox.agent.env`, `sandbox.mcp.env`, `tools.<tool>.env`, `mcp-scripts.<tool>.env`.
 
 ### Override Example
 
@@ -145,5 +145,5 @@ jobs:
 - [Safe Outputs](/gh-aw/reference/safe-outputs/) - Safe output environment configuration
 - [Sandbox](/gh-aw/reference/sandbox/) - Sandbox environment variables
 - [Tools](/gh-aw/reference/tools/) - MCP tool configuration
-- [Safe Inputs](/gh-aw/reference/safe-inputs/) - Safe input tool configuration
+- [Safe Inputs](/gh-aw/reference/mcp-scripts/) - Safe input tool configuration
 - [GitHub Actions Environment Variables](https://docs.github.com/en/actions/learn-github-actions/variables) - GitHub Actions documentation
diff --git a/docs/src/content/docs/reference/faq.md b/docs/src/content/docs/reference/faq.md
index 9f0b21909be..61ed86ab5ad 100644
--- a/docs/src/content/docs/reference/faq.md
+++ b/docs/src/content/docs/reference/faq.md
@@ -38,7 +38,7 @@ Yes! Agentic workflows can analyze repositories, generate reports, triage issues
 
 ### Can agentic workflows mix regular GitHub Actions steps with AI agentic steps?
 
-Yes! Agentic workflows can include both AI agentic steps and traditional GitHub Actions steps. You can add custom steps before the agentic job using the [`steps:` configuration](/gh-aw/reference/frontmatter/#custom-steps-steps). Additionally, [custom safe output jobs](/gh-aw/reference/safe-outputs/#custom-safe-output-jobs-jobs) can be used as consumers of agentic outputs. [Safe inputs](/gh-aw/reference/safe-inputs/) allow you to pass data between traditional steps and the AI agent with added checking.
+Yes! Agentic workflows can include both AI agentic steps and traditional GitHub Actions steps. You can add custom steps before the agentic job using the [`steps:` configuration](/gh-aw/reference/frontmatter/#custom-steps-steps). Additionally, [custom safe output jobs](/gh-aw/reference/safe-outputs/#custom-safe-output-jobs-jobs) can be used as consumers of agentic outputs. [Safe inputs](/gh-aw/reference/mcp-scripts/) allow you to pass data between traditional steps and the AI agent with added checking.
 
 ### Can agentic workflows read other repositories?
 
diff --git a/docs/src/content/docs/reference/frontmatter-full.md b/docs/src/content/docs/reference/frontmatter-full.md
index f6c2ae4499d..42e22dffcda 100644
--- a/docs/src/content/docs/reference/frontmatter-full.md
+++ b/docs/src/content/docs/reference/frontmatter-full.md
@@ -4559,7 +4559,7 @@ private: true
 # and have access to secrets specified by the user. Only one of 'script'
 # (JavaScript), 'run' (shell), or 'py' (Python) must be specified per tool.
 # (optional)
-safe-inputs:
+mcp-scripts:
   {}
 
 # Runtime environment version overrides. Allows customizing runtime versions
diff --git a/docs/src/content/docs/reference/frontmatter-hash-specification.md b/docs/src/content/docs/reference/frontmatter-hash-specification.md
index 262c0a6dc8e..286f59303b4 100644
--- a/docs/src/content/docs/reference/frontmatter-hash-specification.md
+++ b/docs/src/content/docs/reference/frontmatter-hash-specification.md
@@ -40,7 +40,7 @@ Include the following frontmatter fields in the hash computation:
 - `mcp-servers` - MCP server configurations
 - `network` - Network access permissions
 - `safe-outputs` - Safe output configurations
-- `safe-inputs` - Safe input configurations
+- `mcp-scripts` - Safe input configurations
 
 **Runtime Configuration:**
 - `runtimes` - Runtime version specifications (Node.js, Python, etc.)
@@ -79,7 +79,7 @@ For each workflow in BFS order:
 2. Merge with accumulated frontmatter using these rules:
    - **Replace**: `engine`, `on`, `tracker-id`, `description`, `timeout-minutes`
    - **Deep merge**: `tools`, `mcp-servers`, `network`, `permissions`, `runtimes`, `cache`, `services`
-   - **Append**: `steps`, `post-steps`, `safe-outputs`, `safe-inputs`, `jobs`
+   - **Append**: `steps`, `post-steps`, `safe-outputs`, `mcp-scripts`, `jobs`
    - **Union**: `labels`, `bots` (deduplicated)
    - **Track**: `imports` (list of all imported paths)
 
@@ -115,7 +115,7 @@ The canonical JSON includes all frontmatter fields plus version information:
   "permissions": {"actions": "read", "contents": "read"},
   "post-steps": [],
   "runtimes": {"node": {"version": "20"}},
-  "safe-inputs": {},
+  "mcp-scripts": {},
   "safe-outputs": {"create-discussion": {"category": "audits"}},
   "services": {},
   "steps": [],
diff --git a/docs/src/content/docs/reference/frontmatter.md b/docs/src/content/docs/reference/frontmatter.md
index 9ab5edd8715..9cb1d976ac9 100644
--- a/docs/src/content/docs/reference/frontmatter.md
+++ b/docs/src/content/docs/reference/frontmatter.md
@@ -486,9 +486,9 @@ network:
     - "api.example.com"    # Custom domain
 ```
 
-### Safe Inputs (`safe-inputs:`)
+### Safe Inputs (`mcp-scripts:`)
 
-Enables defining custom MCP tools inline using JavaScript or shell scripts. See [Safe Inputs](/gh-aw/reference/safe-inputs/) for complete documentation on creating custom tools with controlled secret access.
+Enables defining custom MCP tools inline using JavaScript or shell scripts. See [Safe Inputs](/gh-aw/reference/mcp-scripts/) for complete documentation on creating custom tools with controlled secret access.
 
 ### Safe Outputs (`safe-outputs:`)
 
diff --git a/docs/src/content/docs/reference/gh-aw-as-mcp-server.md b/docs/src/content/docs/reference/gh-aw-as-mcp-server.md
index fd3ab6e94e2..672b08fdcd6 100644
--- a/docs/src/content/docs/reference/gh-aw-as-mcp-server.md
+++ b/docs/src/content/docs/reference/gh-aw-as-mcp-server.md
@@ -282,7 +282,7 @@ Apply automatic codemod-style fixes to workflow files.
 - `timeout-minutes-migration`: Replaces `timeout_minutes` with `timeout-minutes`
 - `network-firewall-migration`: Removes deprecated `network.firewall` field
 - `sandbox-agent-false-removal`: Removes `sandbox.agent: false` (firewall now mandatory)
-- `safe-inputs-mode-removal`: Removes deprecated `safe-inputs.mode` field
+- `mcp-scripts-mode-removal`: Removes deprecated `mcp-scripts.mode` field
 
 **Returns:** Formatted text output showing:
 
diff --git a/docs/src/content/docs/reference/glossary.md b/docs/src/content/docs/reference/glossary.md
index 739b3046977..582db3c2980 100644
--- a/docs/src/content/docs/reference/glossary.md
+++ b/docs/src/content/docs/reference/glossary.md
@@ -71,7 +71,7 @@ Capabilities that an AI agent can use during workflow execution. Tools are confi
 
 ### Safe Inputs
 
-Custom MCP tools defined inline in workflow frontmatter using JavaScript or shell scripts. Enables lightweight tool creation without external dependencies while maintaining controlled secret access. Tools are generated at runtime and mounted as an MCP server with typed input parameters, default values, and environment variables. Configured via `safe-inputs:` section.
+Custom MCP tools defined inline in workflow frontmatter using JavaScript or shell scripts. Enables lightweight tool creation without external dependencies while maintaining controlled secret access. Tools are generated at runtime and mounted as an MCP server with typed input parameters, default values, and environment variables. Configured via `mcp-scripts:` section.
 
 ### SARIF
 
@@ -399,7 +399,7 @@ For detailed documentation on specific topics, see:
 
 - [Frontmatter Reference](/gh-aw/reference/frontmatter/)
 - [Tools Reference](/gh-aw/reference/tools/)
-- [Safe Inputs Reference](/gh-aw/reference/safe-inputs/)
+- [Safe Inputs Reference](/gh-aw/reference/mcp-scripts/)
 - [Safe Outputs Reference](/gh-aw/reference/safe-outputs/)
 - [Using MCPs Guide](/gh-aw/guides/mcps/)
 - [Security Guide](/gh-aw/introduction/architecture/)
diff --git a/docs/src/content/docs/reference/imports.md b/docs/src/content/docs/reference/imports.md
index 169ce0fa3a0..5eb8d45b507 100644
--- a/docs/src/content/docs/reference/imports.md
+++ b/docs/src/content/docs/reference/imports.md
@@ -131,7 +131,7 @@ Shared workflow files (without `on:` field) can define:
 - `mcp-servers:` - Model Context Protocol server configurations
 - `services:` - Docker services for workflow execution
 - `safe-outputs:` - Safe output handlers and configuration
-- `safe-inputs:` - Safe input configurations
+- `mcp-scripts:` - Safe input configurations
 - `network:` - Network permission specifications
 - `permissions:` - GitHub Actions permissions (validated, not merged)
 - `runtimes:` - Runtime version overrides (node, python, go, etc.)
diff --git a/docs/src/content/docs/reference/mcp-gateway.md b/docs/src/content/docs/reference/mcp-gateway.md
index 78da6acef74..a4673b4522c 100644
--- a/docs/src/content/docs/reference/mcp-gateway.md
+++ b/docs/src/content/docs/reference/mcp-gateway.md
@@ -396,7 +396,7 @@ Custom server types MUST be registered in the `customSchemas` field at the top l
     "apiKey": "secret"
   },
   "customSchemas": {
-    "safeinputs": "https://docs.github.com/gh-aw/schemas/safe-inputs-config.schema.json"
+    "safeinputs": "https://docs.github.com/gh-aw/schemas/mcp-scripts-config.schema.json"
   }
 }
 ```
@@ -433,7 +433,7 @@ When a server configuration includes a `type` field with a value not in `["stdio
     "apiKey": "secret"
   },
   "customSchemas": {
-    "safeinputs": "https://docs.github.com/gh-aw/schemas/safe-inputs-config.schema.json"
+    "safeinputs": "https://docs.github.com/gh-aw/schemas/mcp-scripts-config.schema.json"
   }
 }
 ```
diff --git a/docs/src/content/docs/reference/safe-inputs-specification.md b/docs/src/content/docs/reference/mcp-scripts-specification.md
similarity index 98%
rename from docs/src/content/docs/reference/safe-inputs-specification.md
rename to docs/src/content/docs/reference/mcp-scripts-specification.md
index dce0732fbf9..980f09b83b1 100644
--- a/docs/src/content/docs/reference/safe-inputs-specification.md
+++ b/docs/src/content/docs/reference/mcp-scripts-specification.md
@@ -9,8 +9,8 @@ sidebar:
 
 **Version**: 1.1.0  
 **Status**: Draft Specification  
-**Latest Version**: [safe-inputs-specification](/gh-aw/reference/safe-inputs-specification/)  
-**JSON Schema**: [safe-inputs-config.schema.json](/gh-aw/schemas/safe-inputs-config.schema.json)  
+**Latest Version**: [mcp-scripts-specification](/gh-aw/reference/mcp-scripts-specification/)  
+**JSON Schema**: [mcp-scripts-config.schema.json](/gh-aw/schemas/mcp-scripts-config.schema.json)  
 **Editor**: GitHub Agentic Workflows Team
 
 ---
@@ -117,7 +117,7 @@ Implementations MUST support:
 ```
 ┌─────────────────────────────────────────────────────────┐
 │                 Workflow Frontmatter                    │
-│                  (safe-inputs:)                         │
+│                  (mcp-scripts:)                         │
 └──────────────────────┬──────────────────────────────────┘
                        │ Compilation
                        ▼
@@ -169,10 +169,10 @@ Stdio transport is NOT supported for Safe Inputs.
 
 ### 4.1 Frontmatter Structure
 
-Safe Inputs configuration MUST be defined in the `safe-inputs:` section of workflow frontmatter:
+Safe Inputs configuration MUST be defined in the `mcp-scripts:` section of workflow frontmatter:
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   tool-name:
     description: "Tool description"
     inputs:
@@ -188,7 +188,7 @@ safe-inputs:
     timeout: 60
 ```
 
-**JSON Schema**: [safe-inputs-config.schema.json](/gh-aw/schemas/safe-inputs-config.schema.json)
+**JSON Schema**: [mcp-scripts-config.schema.json](/gh-aw/schemas/mcp-scripts-config.schema.json)
 
 ### 4.2 Tool Configuration Fields
 
@@ -225,7 +225,7 @@ The `dependencies` field allows specification of runtime dependencies that MUST
 **Example**:
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   analyze-json:
     description: "Analyze JSON with jq"
     inputs:
@@ -242,7 +242,7 @@ safe-inputs:
 **Python Dependencies Example**:
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   fetch-url:
     description: "Fetch URL with requests library"
     inputs:
@@ -446,7 +446,7 @@ JavaScript tools have access to standard GitHub Actions JavaScript libraries wit
 **Example using global objects**:
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   create-issue:
     description: "Create a GitHub issue"
     inputs:
@@ -489,7 +489,7 @@ async function execute(inputs) {
 #### 6.1.4 Example
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   greet-user:
     description: "Greet a user by name"
     inputs:
@@ -520,7 +520,7 @@ Input parameters are mapped to environment variables:
 #### 6.2.3 Example
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   list-prs:
     description: "List pull requests"
     inputs:
@@ -558,7 +558,7 @@ Input parameters are available via `inputs` dictionary:
 #### 6.3.3 Example
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   analyze-data:
     description: "Analyze numeric data"
     inputs:
@@ -633,7 +633,7 @@ Additional imports MAY be added by the user in their code.
 #### 6.4.4 Example
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   calculate:
     description: "Perform calculations"
     inputs:
@@ -928,7 +928,7 @@ Implementations SHOULD provide:
 #### A.1 JavaScript Tool with Secrets
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   fetch-api-data:
     description: "Fetch data from external API"
     inputs:
@@ -965,7 +965,7 @@ safe-inputs:
 #### A.2 Shell Tool with GitHub CLI
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   list-issues:
     description: "List GitHub issues using gh CLI"
     inputs:
@@ -998,7 +998,7 @@ safe-inputs:
 #### A.3 Python Tool with Data Processing
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   process-metrics:
     description: "Process and aggregate metric data"
     inputs:
@@ -1044,7 +1044,7 @@ safe-inputs:
 #### A.4 Go Tool with HTTP Request
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   health-check:
     description: "Check health of multiple endpoints"
     inputs:
@@ -1106,7 +1106,7 @@ safe-inputs:
 #### A.5 Complete Tool with Dependencies and GitHub Integration
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   analyze-pr-complexity:
     description: "Analyze pull request complexity and provide metrics"
     inputs:
diff --git a/docs/src/content/docs/reference/safe-inputs.md b/docs/src/content/docs/reference/mcp-scripts.md
similarity index 97%
rename from docs/src/content/docs/reference/safe-inputs.md
rename to docs/src/content/docs/reference/mcp-scripts.md
index b12c874d3fd..5aa5e1bbb0f 100644
--- a/docs/src/content/docs/reference/safe-inputs.md
+++ b/docs/src/content/docs/reference/mcp-scripts.md
@@ -5,12 +5,12 @@ sidebar:
   order: 750
 ---
 
-The [`safe-inputs:`](/gh-aw/reference/glossary/#safe-inputs) (validated user input tools) element allows you to define custom [MCP](/gh-aw/reference/glossary/#mcp-model-context-protocol) (Model Context Protocol) tools directly in your workflow [frontmatter](/gh-aw/reference/glossary/#frontmatter) using JavaScript, shell scripts, or Python. These tools are generated at runtime and mounted as an MCP server, giving your agent access to custom functionality with controlled secret access.
+The [`mcp-scripts:`](/gh-aw/reference/glossary/#mcp-scripts) (validated user input tools) element allows you to define custom [MCP](/gh-aw/reference/glossary/#mcp-model-context-protocol) (Model Context Protocol) tools directly in your workflow [frontmatter](/gh-aw/reference/glossary/#frontmatter) using JavaScript, shell scripts, or Python. These tools are generated at runtime and mounted as an MCP server, giving your agent access to custom functionality with controlled secret access.
 
 ## Quick Start
 
 ```yaml wrap
-safe-inputs:
+mcp-scripts:
   greet-user:
     description: "Greet a user by name"
     inputs:
@@ -28,7 +28,7 @@ The agent can now call `greet-user` with a `name` parameter.
 Each safe-input tool requires a unique name and configuration:
 
 ```yaml wrap
-safe-inputs:
+mcp-scripts:
   tool-name:
     description: "What the tool does"  # Required
     inputs:                            # Optional parameters
@@ -70,7 +70,7 @@ You can only use one of `script:`, `run:`, `py:`, or `go:` per tool.
 JavaScript tools are automatically wrapped in an async function with destructured inputs:
 
 ```yaml wrap
-safe-inputs:
+mcp-scripts:
   calculate-sum:
     description: "Add two numbers"
     inputs:
@@ -88,7 +88,7 @@ safe-inputs:
 Your script is wrapped as `async function execute(inputs)` with inputs destructured. Access secrets via `process.env`:
 
 ```yaml wrap
-safe-inputs:
+mcp-scripts:
   fetch-data:
     description: "Fetch data from API"
     inputs:
@@ -110,7 +110,7 @@ safe-inputs:
 Shell scripts execute in bash with inputs as environment variables (e.g., `repo` → `INPUT_REPO`):
 
 ```yaml wrap
-safe-inputs:
+mcp-scripts:
   list-prs:
     description: "List pull requests"
     inputs:
@@ -133,7 +133,7 @@ safe-inputs:
 Python tools execute using `python3` with inputs available as a dictionary. Access inputs via `inputs.get('name')`, secrets via `os.environ`, and return results by printing JSON to stdout:
 
 ```yaml wrap
-safe-inputs:
+mcp-scripts:
   analyze-data:
     description: "Analyze data with Python"
     inputs:
@@ -163,7 +163,7 @@ Python 3.10+ is available with standard library modules. Install additional pack
 Go tools execute using `go run` with inputs provided as a `map[string]any` parsed from stdin. Standard library imports (`encoding/json`, `fmt`, `io`, `os`) are automatically included:
 
 ```yaml wrap
-safe-inputs:
+mcp-scripts:
   calculate:
     description: "Perform calculations with Go"
     inputs:
@@ -194,7 +194,7 @@ Your Go code receives `inputs map[string]any` from stdin and should output JSON
 Access environment variables (including secrets) using `os.Getenv()`:
 
 ```yaml wrap
-safe-inputs:
+mcp-scripts:
   api-call:
     description: "Call an API with Go"
     inputs:
@@ -220,7 +220,7 @@ safe-inputs:
 Define typed parameters with validation:
 
 ```yaml wrap
-safe-inputs:
+mcp-scripts:
   example-tool:
     description: "Example with all input options"
     inputs:
@@ -258,7 +258,7 @@ safe-inputs:
 Set execution timeout with `timeout:` field (default: 60 seconds):
 
 ```yaml wrap
-safe-inputs:
+mcp-scripts:
   slow-processing:
     description: "Process large dataset"
     timeout: 300  # 5 minutes (default: 60)
@@ -276,7 +276,7 @@ Enforced for shell (`run:`) and Python (`py:`) tools. JavaScript (`script:`) too
 Pass secrets and configuration via `env:` (available in JavaScript via `process.env`, shell via `$VAR_NAME`):
 
 ```yaml wrap
-safe-inputs:
+mcp-scripts:
   secure-tool:
     description: "Tool with multiple secrets"
     script: |
@@ -309,8 +309,8 @@ imports:
 on: workflow_dispatch
 engine: copilot
 imports:
-  - shared/pr-data-safe-input.md
-safe-inputs:
+  - shared/pr-data-mcp-script.md
+mcp-scripts:
   analyze-text:
     description: "Analyze text and return statistics"
     inputs:
@@ -354,7 +354,7 @@ Tools provide secret isolation (only specified env vars), process isolation (sep
 
 ## Related Documentation
 
-- [Safe Inputs Specification](/gh-aw/reference/safe-inputs-specification/) - Formal W3C-style specification
+- [Safe Inputs Specification](/gh-aw/reference/mcp-scripts-specification/) - Formal W3C-style specification
 - [Tools](/gh-aw/reference/tools/) - Other tool configuration options
 - [Imports](/gh-aw/reference/imports/) - Importing shared workflows
 - [Safe Outputs](/gh-aw/reference/safe-outputs/) - Automated post-workflow actions
diff --git a/docs/src/content/docs/reference/tools.md b/docs/src/content/docs/reference/tools.md
index fda4a25e01a..7a2ba6f133b 100644
--- a/docs/src/content/docs/reference/tools.md
+++ b/docs/src/content/docs/reference/tools.md
@@ -172,7 +172,7 @@ The `registry` field is informational and does not affect server execution. It c
 - [Playwright](/gh-aw/reference/playwright/) - Browser automation and testing configuration
 - [Cache Memory](/gh-aw/reference/cache-memory/) - Persistent memory across workflow runs
 - [Repo Memory](/gh-aw/reference/repo-memory/) - Repository-specific memory storage
-- [Safe Inputs](/gh-aw/reference/safe-inputs/) - Define custom inline tools with JavaScript or shell scripts
+- [Safe Inputs](/gh-aw/reference/mcp-scripts/) - Define custom inline tools with JavaScript or shell scripts
 - [Frontmatter](/gh-aw/reference/frontmatter/) - All frontmatter configuration options
 - [Network Permissions](/gh-aw/reference/network/) - Network access control for AI engines
 - [MCPs](/gh-aw/guides/mcps/) - Complete Model Context Protocol setup and usage
diff --git a/docs/src/content/docs/setup/cli.md b/docs/src/content/docs/setup/cli.md
index d1feb6b567e..b1bc7c2ae91 100644
--- a/docs/src/content/docs/setup/cli.md
+++ b/docs/src/content/docs/setup/cli.md
@@ -416,7 +416,7 @@ gh aw upgrade --audit --json               # Dependency audit in JSON format
 
 #### `mcp`
 
-Manage MCP (Model Context Protocol) servers in workflows. `mcp inspect` auto-detects safe-inputs.
+Manage MCP (Model Context Protocol) servers in workflows. `mcp inspect` auto-detects mcp-scripts.
 
 ```bash wrap
 gh aw mcp list workflow                    # List servers for workflow
diff --git a/pkg/cli/codemod_mcp_scripts.go b/pkg/cli/codemod_mcp_scripts.go
new file mode 100644
index 00000000000..a391c5ac8d6
--- /dev/null
+++ b/pkg/cli/codemod_mcp_scripts.go
@@ -0,0 +1,43 @@
+package cli
+
+import (
+	"github.com/github/gh-aw/pkg/logger"
+)
+
+var mcpScriptsModeCodemodLog = logger.New("cli:codemod_mcp_scripts")
+
+// getMCPScriptsModeCodemod creates a codemod for removing the deprecated mcp-scripts.mode field
+func getMCPScriptsModeCodemod() Codemod {
+	return Codemod{
+		ID:           "mcp-scripts-mode-removal",
+		Name:         "Remove deprecated mcp-scripts.mode field",
+		Description:  "Removes the deprecated 'mcp-scripts.mode' field (HTTP is now the only supported mode)",
+		IntroducedIn: "0.2.0",
+		Apply: func(content string, frontmatter map[string]any) (string, bool, error) {
+			// Check if mcp-scripts.mode exists
+			mcpScriptsValue, hasMCPScripts := frontmatter["mcp-scripts"]
+			if !hasMCPScripts {
+				return content, false, nil
+			}
+
+			mcpScriptsMap, ok := mcpScriptsValue.(map[string]any)
+			if !ok {
+				return content, false, nil
+			}
+
+			// Check if mode field exists in mcp-scripts
+			_, hasMode := mcpScriptsMap["mode"]
+			if !hasMode {
+				return content, false, nil
+			}
+
+			newContent, applied, err := applyFrontmatterLineTransform(content, func(lines []string) ([]string, bool) {
+				return removeFieldFromBlock(lines, "mode", "mcp-scripts")
+			})
+			if applied {
+				mcpScriptsModeCodemodLog.Print("Applied mcp-scripts.mode removal")
+			}
+			return newContent, applied, err
+		},
+	}
+}
diff --git a/pkg/cli/codemod_safe_inputs_test.go b/pkg/cli/codemod_mcp_scripts_test.go
similarity index 69%
rename from pkg/cli/codemod_safe_inputs_test.go
rename to pkg/cli/codemod_mcp_scripts_test.go
index 28d93766486..5474a886bb3 100644
--- a/pkg/cli/codemod_safe_inputs_test.go
+++ b/pkg/cli/codemod_mcp_scripts_test.go
@@ -9,22 +9,22 @@ import (
 	"github.com/stretchr/testify/require"
 )
 
-func TestGetSafeInputsModeCodemod(t *testing.T) {
-	codemod := getSafeInputsModeCodemod()
+func TestGetMCPScriptsModeCodemod(t *testing.T) {
+	codemod := getMCPScriptsModeCodemod()
 
-	assert.Equal(t, "safe-inputs-mode-removal", codemod.ID)
-	assert.Equal(t, "Remove deprecated safe-inputs.mode field", codemod.Name)
+	assert.Equal(t, "mcp-scripts-mode-removal", codemod.ID)
+	assert.Equal(t, "Remove deprecated mcp-scripts.mode field", codemod.Name)
 	assert.NotEmpty(t, codemod.Description)
 	assert.Equal(t, "0.2.0", codemod.IntroducedIn)
 	require.NotNil(t, codemod.Apply)
 }
 
-func TestSafeInputsModeCodemod_RemovesMode(t *testing.T) {
-	codemod := getSafeInputsModeCodemod()
+func TestMCPScriptsModeCodemod_RemovesMode(t *testing.T) {
+	codemod := getMCPScriptsModeCodemod()
 
 	content := `---
 on: workflow_dispatch
-safe-inputs:
+mcp-scripts:
   mode: http
   max-size: 100KB
 ---
@@ -33,7 +33,7 @@ safe-inputs:
 
 	frontmatter := map[string]any{
 		"on": "workflow_dispatch",
-		"safe-inputs": map[string]any{
+		"mcp-scripts": map[string]any{
 			"mode":     "http",
 			"max-size": "100KB",
 		},
@@ -47,8 +47,8 @@ safe-inputs:
 	assert.Contains(t, result, "max-size: 100KB")
 }
 
-func TestSafeInputsModeCodemod_NoSafeInputsField(t *testing.T) {
-	codemod := getSafeInputsModeCodemod()
+func TestMCPScriptsModeCodemod_NoMCPScriptsField(t *testing.T) {
+	codemod := getMCPScriptsModeCodemod()
 
 	content := `---
 on: workflow_dispatch
@@ -72,12 +72,12 @@ permissions:
 	assert.Equal(t, content, result)
 }
 
-func TestSafeInputsModeCodemod_NoModeField(t *testing.T) {
-	codemod := getSafeInputsModeCodemod()
+func TestMCPScriptsModeCodemod_NoModeField(t *testing.T) {
+	codemod := getMCPScriptsModeCodemod()
 
 	content := `---
 on: workflow_dispatch
-safe-inputs:
+mcp-scripts:
   max-size: 100KB
 ---
 
@@ -85,7 +85,7 @@ safe-inputs:
 
 	frontmatter := map[string]any{
 		"on": "workflow_dispatch",
-		"safe-inputs": map[string]any{
+		"mcp-scripts": map[string]any{
 			"max-size": "100KB",
 		},
 	}
@@ -97,12 +97,12 @@ safe-inputs:
 	assert.Equal(t, content, result)
 }
 
-func TestSafeInputsModeCodemod_PreservesIndentation(t *testing.T) {
-	codemod := getSafeInputsModeCodemod()
+func TestMCPScriptsModeCodemod_PreservesIndentation(t *testing.T) {
+	codemod := getMCPScriptsModeCodemod()
 
 	content := `---
 on: workflow_dispatch
-safe-inputs:
+mcp-scripts:
   mode: http
   max-size: 100KB
   timeout: 30s
@@ -112,7 +112,7 @@ safe-inputs:
 
 	frontmatter := map[string]any{
 		"on": "workflow_dispatch",
-		"safe-inputs": map[string]any{
+		"mcp-scripts": map[string]any{
 			"mode":     "http",
 			"max-size": "100KB",
 			"timeout":  "30s",
@@ -128,12 +128,12 @@ safe-inputs:
 	assert.Contains(t, result, "  timeout: 30s")
 }
 
-func TestSafeInputsModeCodemod_PreservesComments(t *testing.T) {
-	codemod := getSafeInputsModeCodemod()
+func TestMCPScriptsModeCodemod_PreservesComments(t *testing.T) {
+	codemod := getMCPScriptsModeCodemod()
 
 	content := `---
 on: workflow_dispatch
-safe-inputs:
+mcp-scripts:
   mode: http  # HTTP mode is now the default
   max-size: 100KB  # Maximum size for inputs
 ---
@@ -142,7 +142,7 @@ safe-inputs:
 
 	frontmatter := map[string]any{
 		"on": "workflow_dispatch",
-		"safe-inputs": map[string]any{
+		"mcp-scripts": map[string]any{
 			"mode":     "http",
 			"max-size": "100KB",
 		},
@@ -156,22 +156,22 @@ safe-inputs:
 	assert.Contains(t, result, "max-size: 100KB  # Maximum size for inputs")
 }
 
-func TestSafeInputsModeCodemod_PreservesMarkdown(t *testing.T) {
-	codemod := getSafeInputsModeCodemod()
+func TestMCPScriptsModeCodemod_PreservesMarkdown(t *testing.T) {
+	codemod := getMCPScriptsModeCodemod()
 
 	content := `---
 on: workflow_dispatch
-safe-inputs:
+mcp-scripts:
   mode: http
 ---
 
 # Test Workflow
 
-This workflow uses safe inputs.`
+This workflow uses mcp-scripts.`
 
 	frontmatter := map[string]any{
 		"on": "workflow_dispatch",
-		"safe-inputs": map[string]any{
+		"mcp-scripts": map[string]any{
 			"mode": "http",
 		},
 	}
@@ -181,5 +181,5 @@ This workflow uses safe inputs.`
 	require.NoError(t, err)
 	assert.True(t, applied)
 	assert.Contains(t, result, "# Test Workflow")
-	assert.Contains(t, result, "This workflow uses safe inputs.")
+	assert.Contains(t, result, "This workflow uses mcp-scripts.")
 }
diff --git a/pkg/cli/codemod_safe_inputs.go b/pkg/cli/codemod_safe_inputs.go
deleted file mode 100644
index 8bb6a2dc05a..00000000000
--- a/pkg/cli/codemod_safe_inputs.go
+++ /dev/null
@@ -1,43 +0,0 @@
-package cli
-
-import (
-	"github.com/github/gh-aw/pkg/logger"
-)
-
-var safeInputsModeCodemodLog = logger.New("cli:codemod_safe_inputs")
-
-// getSafeInputsModeCodemod creates a codemod for removing the deprecated safe-inputs.mode field
-func getSafeInputsModeCodemod() Codemod {
-	return Codemod{
-		ID:           "safe-inputs-mode-removal",
-		Name:         "Remove deprecated safe-inputs.mode field",
-		Description:  "Removes the deprecated 'safe-inputs.mode' field (HTTP is now the only supported mode)",
-		IntroducedIn: "0.2.0",
-		Apply: func(content string, frontmatter map[string]any) (string, bool, error) {
-			// Check if safe-inputs.mode exists
-			safeInputsValue, hasSafeInputs := frontmatter["safe-inputs"]
-			if !hasSafeInputs {
-				return content, false, nil
-			}
-
-			safeInputsMap, ok := safeInputsValue.(map[string]any)
-			if !ok {
-				return content, false, nil
-			}
-
-			// Check if mode field exists in safe-inputs
-			_, hasMode := safeInputsMap["mode"]
-			if !hasMode {
-				return content, false, nil
-			}
-
-			newContent, applied, err := applyFrontmatterLineTransform(content, func(lines []string) ([]string, bool) {
-				return removeFieldFromBlock(lines, "mode", "safe-inputs")
-			})
-			if applied {
-				safeInputsModeCodemodLog.Print("Applied safe-inputs.mode removal")
-			}
-			return newContent, applied, err
-		},
-	}
-}
diff --git a/pkg/cli/codemod_safe_inputs_to_mcp_scripts.go b/pkg/cli/codemod_safe_inputs_to_mcp_scripts.go
new file mode 100644
index 00000000000..dafaf34255d
--- /dev/null
+++ b/pkg/cli/codemod_safe_inputs_to_mcp_scripts.go
@@ -0,0 +1,48 @@
+package cli
+
+import (
+	"github.com/github/gh-aw/pkg/logger"
+)
+
+var safeInputsToMCPScriptsCodemodLog = logger.New("cli:codemod_safe_inputs_to_mcp_scripts")
+
+// getSafeInputsToMCPScriptsCodemod creates a codemod for renaming the safe-inputs key to mcp-scripts
+func getSafeInputsToMCPScriptsCodemod() Codemod {
+	return Codemod{
+		ID:           "safe-inputs-to-mcp-scripts",
+		Name:         "Rename safe-inputs to mcp-scripts",
+		Description:  "Renames the top-level 'safe-inputs' key to 'mcp-scripts' in workflow frontmatter",
+		IntroducedIn: "0.3.0",
+		Apply: func(content string, frontmatter map[string]any) (string, bool, error) {
+			// Check if safe-inputs key exists in frontmatter
+			_, hasSafeInputs := frontmatter["safe-inputs"]
+			if !hasSafeInputs {
+				return content, false, nil
+			}
+
+			newContent, applied, err := applyFrontmatterLineTransform(content, func(lines []string) ([]string, bool) {
+				return renameTopLevelKey(lines, "safe-inputs", "mcp-scripts")
+			})
+			if applied {
+				safeInputsToMCPScriptsCodemodLog.Print("Applied safe-inputs to mcp-scripts rename")
+			}
+			return newContent, applied, err
+		},
+	}
+}
+
+// renameTopLevelKey renames a top-level YAML key from oldKey to newKey, preserving formatting.
+func renameTopLevelKey(lines []string, oldKey, newKey string) ([]string, bool) {
+	var result []string
+	applied := false
+
+	for _, line := range lines {
+		newLine, changed := findAndReplaceInLine(line, oldKey, newKey)
+		result = append(result, newLine)
+		if changed {
+			applied = true
+		}
+	}
+
+	return result, applied
+}
diff --git a/pkg/cli/codemod_safe_inputs_to_mcp_scripts_test.go b/pkg/cli/codemod_safe_inputs_to_mcp_scripts_test.go
new file mode 100644
index 00000000000..4a062e324b9
--- /dev/null
+++ b/pkg/cli/codemod_safe_inputs_to_mcp_scripts_test.go
@@ -0,0 +1,153 @@
+//go:build !integration
+
+package cli
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestGetSafeInputsToMCPScriptsCodemod(t *testing.T) {
+	codemod := getSafeInputsToMCPScriptsCodemod()
+
+	assert.Equal(t, "safe-inputs-to-mcp-scripts", codemod.ID)
+	assert.Equal(t, "Rename safe-inputs to mcp-scripts", codemod.Name)
+	assert.NotEmpty(t, codemod.Description)
+	assert.Equal(t, "0.3.0", codemod.IntroducedIn)
+	require.NotNil(t, codemod.Apply)
+}
+
+func TestSafeInputsToMCPScriptsCodemod_RenamesKey(t *testing.T) {
+	codemod := getSafeInputsToMCPScriptsCodemod()
+
+	content := `---
+on: workflow_dispatch
+safe-inputs:
+  tools:
+    my-tool:
+      description: A test tool
+      script: |
+        return "hello";
+---
+
+# Test workflow`
+
+	frontmatter := map[string]any{
+		"on": "workflow_dispatch",
+		"safe-inputs": map[string]any{
+			"tools": map[string]any{
+				"my-tool": map[string]any{
+					"description": "A test tool",
+					"script":      "return \"hello\";",
+				},
+			},
+		},
+	}
+
+	result, applied, err := codemod.Apply(content, frontmatter)
+
+	require.NoError(t, err)
+	assert.True(t, applied, "Codemod should have been applied")
+	assert.NotContains(t, result, "safe-inputs:", "safe-inputs key should be removed")
+	assert.Contains(t, result, "mcp-scripts:", "mcp-scripts key should be present")
+	assert.Contains(t, result, "my-tool:", "Tool definition should be preserved")
+	assert.Contains(t, result, "A test tool", "Tool description should be preserved")
+}
+
+func TestSafeInputsToMCPScriptsCodemod_NoSafeInputsField(t *testing.T) {
+	codemod := getSafeInputsToMCPScriptsCodemod()
+
+	content := `---
+on: workflow_dispatch
+engine: copilot
+---
+
+# No safe-inputs`
+
+	frontmatter := map[string]any{
+		"on":     "workflow_dispatch",
+		"engine": "copilot",
+	}
+
+	result, applied, err := codemod.Apply(content, frontmatter)
+
+	require.NoError(t, err)
+	assert.False(t, applied, "Codemod should not be applied when safe-inputs is absent")
+	assert.Equal(t, content, result, "Content should not be modified")
+}
+
+func TestSafeInputsToMCPScriptsCodemod_PreservesIndentedContent(t *testing.T) {
+	codemod := getSafeInputsToMCPScriptsCodemod()
+
+	content := `---
+on: workflow_dispatch
+safe-inputs:
+  tools:
+    gh:
+      description: Run gh CLI
+      run: gh $ARGS
+      env:
+        ARGS: ${{ inputs.args }}
+    query:
+      description: Query GitHub API
+      script: return await octokit.request(inputs.path);
+      inputs:
+        path:
+          type: string
+          description: API path
+          required: true
+---`
+
+	frontmatter := map[string]any{
+		"on": "workflow_dispatch",
+		"safe-inputs": map[string]any{
+			"tools": map[string]any{},
+		},
+	}
+
+	result, applied, err := codemod.Apply(content, frontmatter)
+
+	require.NoError(t, err)
+	assert.True(t, applied, "Codemod should have been applied")
+	assert.NotContains(t, result, "safe-inputs:", "safe-inputs key should be removed")
+	assert.Contains(t, result, "mcp-scripts:", "mcp-scripts key should be present")
+	// Check nested content is preserved
+	assert.Contains(t, result, "gh:")
+	assert.Contains(t, result, "query:")
+	assert.Contains(t, result, "ARGS:")
+	assert.Contains(t, result, "path:")
+}
+
+func TestSafeInputsToMCPScriptsCodemod_PreservesMarkdown(t *testing.T) {
+	codemod := getSafeInputsToMCPScriptsCodemod()
+
+	content := `---
+on: workflow_dispatch
+safe-inputs:
+  tools:
+    my-tool:
+      description: A tool
+      script: return 42;
+---
+
+# Workflow description
+
+This workflow does something with safe-inputs tools.`
+
+	frontmatter := map[string]any{
+		"on":          "workflow_dispatch",
+		"safe-inputs": map[string]any{},
+	}
+
+	result, applied, err := codemod.Apply(content, frontmatter)
+
+	require.NoError(t, err)
+	assert.True(t, applied, "Codemod should have been applied")
+	// Frontmatter key is renamed
+	assert.Contains(t, result, "mcp-scripts:")
+	// Markdown body is preserved (references to safe-inputs in markdown are not modified by this codemod)
+	assert.Contains(t, result, "# Workflow description")
+	assert.Contains(t, result, "This workflow does something with safe-inputs tools.")
+}
diff --git a/pkg/cli/fix_codemods.go b/pkg/cli/fix_codemods.go
index f84a687cd34..dd000ea39b0 100644
--- a/pkg/cli/fix_codemods.go
+++ b/pkg/cli/fix_codemods.go
@@ -25,7 +25,7 @@ func GetAllCodemods() []Codemod {
 		getTimeoutMinutesCodemod(),
 		getNetworkFirewallCodemod(),
 		getCommandToSlashCommandCodemod(),
-		getSafeInputsModeCodemod(),
+		getMCPScriptsModeCodemod(),
 		getUploadAssetsCodemod(),
 		getWritePermissionsCodemod(),
 		getPermissionsReadCodemod(), // Fix permissions: read -> permissions: read-all
@@ -48,6 +48,7 @@ func GetAllCodemods() []Codemod {
 		getExpiresIntegerToStringCodemod(),    // Convert expires integer (days) to string with 'd' suffix
 		getSerenaLocalModeCodemod(),           // Replace tools.serena mode: local with mode: docker
 		getGitHubAppCodemod(),                 // Rename deprecated 'app' to 'github-app'
+		getSafeInputsToMCPScriptsCodemod(),    // Rename safe-inputs to mcp-scripts
 	}
 	fixCodemodsLog.Printf("Loaded codemod registry: %d codemods available", len(codemods))
 	return codemods
diff --git a/pkg/cli/fix_codemods_test.go b/pkg/cli/fix_codemods_test.go
index 8e8ec9797db..a3c8d1f751b 100644
--- a/pkg/cli/fix_codemods_test.go
+++ b/pkg/cli/fix_codemods_test.go
@@ -43,7 +43,7 @@ func TestGetAllCodemods_ReturnsAllCodemods(t *testing.T) {
 	codemods := GetAllCodemods()
 
 	// Verify we have the expected number of codemods
-	expectedCount := 26
+	expectedCount := 27
 	assert.Len(t, codemods, expectedCount, "Should return all %d codemods", expectedCount)
 
 	// Verify all codemods have required fields
@@ -70,7 +70,7 @@ func TestGetAllCodemods_ContainsExpectedCodemods(t *testing.T) {
 		"timeout-minutes-migration",
 		"network-firewall-migration",
 		"command-to-slash-command-migration",
-		"safe-inputs-mode-removal",
+		"mcp-scripts-mode-removal",
 		"upload-assets-to-upload-asset-migration",
 		"write-permissions-to-read-migration",
 		"permissions-read-to-read-all",
@@ -80,6 +80,7 @@ func TestGetAllCodemods_ContainsExpectedCodemods(t *testing.T) {
 		"delete-schema-file",
 		"grep-tool-removal",
 		"mcp-network-to-top-level-migration",
+		"safe-inputs-to-mcp-scripts",
 	}
 
 	for _, expectedID := range expectedIDs {
@@ -107,7 +108,7 @@ func TestGetAllCodemods_InExpectedOrder(t *testing.T) {
 		"timeout-minutes-migration",
 		"network-firewall-migration",
 		"command-to-slash-command-migration",
-		"safe-inputs-mode-removal",
+		"mcp-scripts-mode-removal",
 		"upload-assets-to-upload-asset-migration",
 		"write-permissions-to-read-migration",
 		"permissions-read-to-read-all",
@@ -130,6 +131,7 @@ func TestGetAllCodemods_InExpectedOrder(t *testing.T) {
 		"expires-integer-to-string",
 		"serena-local-to-docker",
 		"app-to-github-app",
+		"safe-inputs-to-mcp-scripts",
 	}
 
 	require.Len(t, codemods, len(expectedOrder), "Should have expected number of codemods")
diff --git a/pkg/cli/fix_command_test.go b/pkg/cli/fix_command_test.go
index fbc40f0accb..8a70135203d 100644
--- a/pkg/cli/fix_command_test.go
+++ b/pkg/cli/fix_command_test.go
@@ -447,7 +447,7 @@ func TestGetAllCodemods(t *testing.T) {
 		"timeout-minutes-migration",
 		"network-firewall-migration",
 		"command-to-slash-command-migration",
-		"safe-inputs-mode-removal",
+		"mcp-scripts-mode-removal",
 	}
 
 	foundIDs := make(map[string]bool)
@@ -545,16 +545,16 @@ This is a test workflow with slash command.
 	}
 }
 
-func TestFixCommand_SafeInputsModeRemoval(t *testing.T) {
+func TestFixCommand_MCPScriptsModeRemoval(t *testing.T) {
 	// Create a temporary directory for test files
 	tmpDir := t.TempDir()
 	workflowFile := filepath.Join(tmpDir, "test-workflow.md")
 
-	// Create a workflow with deprecated safe-inputs.mode field
+	// Create a workflow with deprecated mcp-scripts.mode field
 	content := `---
 on: workflow_dispatch
 engine: copilot
-safe-inputs:
+mcp-scripts:
   mode: http
   test-tool:
     description: Test tool
@@ -564,17 +564,17 @@ safe-inputs:
 
 # Test Workflow
 
-This is a test workflow with safe-inputs mode field.
+This is a test workflow with mcp-scripts mode field.
 `
 
 	if err := os.WriteFile(workflowFile, []byte(content), 0644); err != nil {
 		t.Fatalf("Failed to create test file: %v", err)
 	}
 
-	// Get the safe-inputs mode removal codemod
-	modeCodemod := getCodemodByID("safe-inputs-mode-removal")
+	// Get the mcp-scripts mode removal codemod
+	modeCodemod := getCodemodByID("mcp-scripts-mode-removal")
 	if modeCodemod == nil {
-		t.Fatal("safe-inputs-mode-removal codemod not found")
+		t.Fatal("mcp-scripts-mode-removal codemod not found")
 	}
 
 	// Process the file
@@ -602,9 +602,9 @@ This is a test workflow with safe-inputs mode field.
 		t.Errorf("Expected mode field to be removed, but it still exists:\n%s", updatedStr)
 	}
 
-	// Verify safe-inputs block and test-tool are preserved
-	if !strings.Contains(updatedStr, "safe-inputs:") {
-		t.Error("Expected safe-inputs block to be preserved")
+	// Verify mcp-scripts block and test-tool are preserved
+	if !strings.Contains(updatedStr, "mcp-scripts:") {
+		t.Error("Expected mcp-scripts block to be preserved")
 	}
 
 	if !strings.Contains(updatedStr, "test-tool:") {
diff --git a/pkg/cli/mcp_inspect.go b/pkg/cli/mcp_inspect.go
index a468121319d..86af41f246b 100644
--- a/pkg/cli/mcp_inspect.go
+++ b/pkg/cli/mcp_inspect.go
@@ -85,40 +85,40 @@ func InspectWorkflowMCP(workflowFile string, serverFilter string, toolFilter str
 	// Filter out safe-outputs MCP servers for inspection
 	mcpConfigs = filterOutSafeOutputs(mcpConfigs)
 
-	// Start safe-inputs server if present
-	var safeInputsServerCmd *exec.Cmd
-	var safeInputsTmpDir string
-	if workflowData != nil && workflowData.SafeInputs != nil && len(workflowData.SafeInputs.Tools) > 0 {
-		// Start safe-inputs server and add it to the list of MCP configs
-		config, serverCmd, tmpDir, err := startSafeInputsServer(workflowData.SafeInputs, verbose)
+	// Start mcp-scripts server if present
+	var mcpScriptsServerCmd *exec.Cmd
+	var mcpScriptsTmpDir string
+	if workflowData != nil && workflowData.MCPScripts != nil && len(workflowData.MCPScripts.Tools) > 0 {
+		// Start mcp-scripts server and add it to the list of MCP configs
+		config, serverCmd, tmpDir, err := startMCPScriptsServer(workflowData.MCPScripts, verbose)
 		if err != nil {
 			if verbose {
-				fmt.Fprintln(os.Stderr, console.FormatWarningMessage(fmt.Sprintf("Failed to start safe-inputs server: %v", err)))
+				fmt.Fprintln(os.Stderr, console.FormatWarningMessage(fmt.Sprintf("Failed to start mcp-scripts server: %v", err)))
 			}
 		} else {
-			safeInputsServerCmd = serverCmd
-			safeInputsTmpDir = tmpDir
-			// Add safe-inputs config to the list of MCP servers to inspect
+			mcpScriptsServerCmd = serverCmd
+			mcpScriptsTmpDir = tmpDir
+			// Add mcp-scripts config to the list of MCP servers to inspect
 			mcpConfigs = append(mcpConfigs, *config)
 		}
 	}
 
-	// Cleanup safe-inputs server when done
-	if safeInputsServerCmd != nil {
+	// Cleanup mcp-scripts server when done
+	if mcpScriptsServerCmd != nil {
 		defer func() {
-			if safeInputsServerCmd.Process != nil {
+			if mcpScriptsServerCmd.Process != nil {
 				// Try graceful shutdown first
-				if err := safeInputsServerCmd.Process.Signal(os.Interrupt); err != nil && verbose {
+				if err := mcpScriptsServerCmd.Process.Signal(os.Interrupt); err != nil && verbose {
 					fmt.Fprintln(os.Stderr, console.FormatWarningMessage(fmt.Sprintf("Failed to send interrupt signal: %v", err)))
 				}
 				// Wait a moment for graceful shutdown
 				time.Sleep(500 * time.Millisecond)
 				// Attempt force kill (may fail if process already exited gracefully, which is fine)
-				_ = safeInputsServerCmd.Process.Kill()
+				_ = mcpScriptsServerCmd.Process.Kill()
 			}
 			// Cleanup temporary directory
-			if safeInputsTmpDir != "" {
-				if err := os.RemoveAll(safeInputsTmpDir); err != nil && verbose {
+			if mcpScriptsTmpDir != "" {
+				if err := os.RemoveAll(mcpScriptsTmpDir); err != nil && verbose {
 					fmt.Fprintln(os.Stderr, console.FormatWarningMessage(fmt.Sprintf("Failed to cleanup temporary directory: %v", err)))
 				}
 			}
@@ -191,7 +191,7 @@ Examples:
 The command will:
 - Parse the workflow file to extract MCP server configurations
 - Start each MCP server (stdio, docker, http)
-- Automatically start and inspect safe-inputs server if present
+- Automatically start and inspect mcp-scripts server if present
 - Query available tools, resources, and roots
 - Validate required secrets are available  
 - Display results in formatted tables with error details`,
diff --git a/pkg/cli/mcp_inspect_safe_inputs_files.go b/pkg/cli/mcp_inspect_mcp_scripts_files.go
similarity index 78%
rename from pkg/cli/mcp_inspect_safe_inputs_files.go
rename to pkg/cli/mcp_inspect_mcp_scripts_files.go
index edbe6455a94..3d4dd38446b 100644
--- a/pkg/cli/mcp_inspect_safe_inputs_files.go
+++ b/pkg/cli/mcp_inspect_mcp_scripts_files.go
@@ -9,9 +9,9 @@ import (
 	"github.com/github/gh-aw/pkg/workflow"
 )
 
-// writeSafeInputsFiles writes all safe-inputs MCP server files to the specified directory
-func writeSafeInputsFiles(dir string, safeInputsConfig *workflow.SafeInputsConfig, verbose bool) error {
-	mcpInspectLog.Printf("Writing safe-inputs files to: %s", dir)
+// writeMCPScriptsFiles writes all mcp-scripts MCP server files to the specified directory
+func writeMCPScriptsFiles(dir string, mcpScriptsConfig *workflow.MCPScriptsConfig, verbose bool) error {
+	mcpInspectLog.Printf("Writing mcp-scripts files to: %s", dir)
 
 	// Create logs directory
 	logsDir := filepath.Join(dir, "logs")
@@ -28,13 +28,13 @@ func writeSafeInputsFiles(dir string, safeInputsConfig *workflow.SafeInputsConfi
 	}{
 		{"read_buffer.cjs", workflow.GetReadBufferScript()},
 		{"mcp_http_transport.cjs", workflow.GetMCPHTTPTransportScript()},
-		{"safe_inputs_config_loader.cjs", workflow.GetSafeInputsConfigLoaderScript()},
+		{"mcp_scripts_config_loader.cjs", workflow.GetMCPScriptsConfigLoaderScript()},
 		{"mcp_server_core.cjs", workflow.GetMCPServerCoreScript()},
-		{"safe_inputs_validation.cjs", workflow.GetSafeInputsValidationScript()},
+		{"mcp_scripts_validation.cjs", workflow.GetMCPScriptsValidationScript()},
 		{"mcp_logger.cjs", workflow.GetMCPLoggerScript()},
 		{"mcp_handler_shell.cjs", workflow.GetMCPHandlerShellScript()},
 		{"mcp_handler_python.cjs", workflow.GetMCPHandlerPythonScript()},
-		{"safe_inputs_mcp_server_http.cjs", workflow.GetSafeInputsMCPServerHTTPScript()},
+		{"mcp_scripts_mcp_server_http.cjs", workflow.GetMCPScriptsMCPServerHTTPScript()},
 	}
 
 	for _, jsFile := range jsFiles {
@@ -50,7 +50,7 @@ func writeSafeInputsFiles(dir string, safeInputsConfig *workflow.SafeInputsConfi
 	}
 
 	// Generate and write tools.json
-	toolsJSON := workflow.GenerateSafeInputsToolsConfigForInspector(safeInputsConfig)
+	toolsJSON := workflow.GenerateMCPScriptsToolsConfigForInspector(mcpScriptsConfig)
 	toolsPath := filepath.Join(dir, "tools.json")
 	if err := os.WriteFile(toolsPath, []byte(toolsJSON), 0644); err != nil {
 		errMsg := fmt.Sprintf("failed to write tools.json: %v", err)
@@ -62,7 +62,7 @@ func writeSafeInputsFiles(dir string, safeInputsConfig *workflow.SafeInputsConfi
 	}
 
 	// Generate and write mcp-server.cjs entry point
-	mcpServerScript := workflow.GenerateSafeInputsMCPServerScriptForInspector(safeInputsConfig)
+	mcpServerScript := workflow.GenerateMCPScriptsMCPServerScriptForInspector(mcpScriptsConfig)
 	mcpServerPath := filepath.Join(dir, "mcp-server.cjs")
 	if err := os.WriteFile(mcpServerPath, []byte(mcpServerScript), 0755); err != nil {
 		errMsg := fmt.Sprintf("failed to write mcp-server.cjs: %v", err)
@@ -74,18 +74,18 @@ func writeSafeInputsFiles(dir string, safeInputsConfig *workflow.SafeInputsConfi
 	}
 
 	// Generate and write tool handler files
-	for toolName, toolConfig := range safeInputsConfig.Tools {
+	for toolName, toolConfig := range mcpScriptsConfig.Tools {
 		var content string
 		var extension string
 
 		if toolConfig.Script != "" {
-			content = workflow.GenerateSafeInputJavaScriptToolScriptForInspector(toolConfig)
+			content = workflow.GenerateMCPScriptJavaScriptToolScriptForInspector(toolConfig)
 			extension = ".cjs"
 		} else if toolConfig.Run != "" {
-			content = workflow.GenerateSafeInputShellToolScriptForInspector(toolConfig)
+			content = workflow.GenerateMCPScriptShellToolScriptForInspector(toolConfig)
 			extension = ".sh"
 		} else if toolConfig.Py != "" {
-			content = workflow.GenerateSafeInputPythonToolScriptForInspector(toolConfig)
+			content = workflow.GenerateMCPScriptPythonToolScriptForInspector(toolConfig)
 			extension = ".py"
 		} else {
 			continue
@@ -106,6 +106,6 @@ func writeSafeInputsFiles(dir string, safeInputsConfig *workflow.SafeInputsConfi
 		}
 	}
 
-	mcpInspectLog.Printf("Successfully wrote all safe-inputs files")
+	mcpInspectLog.Printf("Successfully wrote all mcp-scripts files")
 	return nil
 }
diff --git a/pkg/cli/mcp_inspect_safe_inputs_server.go b/pkg/cli/mcp_inspect_mcp_scripts_server.go
similarity index 76%
rename from pkg/cli/mcp_inspect_safe_inputs_server.go
rename to pkg/cli/mcp_inspect_mcp_scripts_server.go
index 11ad0b7d88b..9c407e712f5 100644
--- a/pkg/cli/mcp_inspect_safe_inputs_server.go
+++ b/pkg/cli/mcp_inspect_mcp_scripts_server.go
@@ -17,14 +17,14 @@ import (
 )
 
 const (
-	// Port range for safe-inputs HTTP server
-	safeInputsStartPort = 3000
-	safeInputsPortRange = 10
+	// Port range for mcp-scripts HTTP server
+	mcpScriptsStartPort = 3000
+	mcpScriptsPortRange = 10
 )
 
 // findAvailablePort finds an available port starting from the given port
 func findAvailablePort(startPort int, verbose bool) int {
-	for port := startPort; port < startPort+safeInputsPortRange; port++ {
+	for port := startPort; port < startPort+mcpScriptsPortRange; port++ {
 		listener, err := net.Listen("tcp", fmt.Sprintf("localhost:%d", port))
 		if err == nil {
 			// Close listener and check for errors
@@ -66,16 +66,16 @@ func waitForServerReady(port int, timeout time.Duration, verbose bool) bool {
 	return false
 }
 
-// startSafeInputsHTTPServer starts the safe-inputs HTTP MCP server
-func startSafeInputsHTTPServer(dir string, port int, verbose bool) (*exec.Cmd, error) {
-	mcpInspectLog.Printf("Starting safe-inputs HTTP server on port %d", port)
+// startMCPScriptsHTTPServer starts the mcp-scripts HTTP MCP server
+func startMCPScriptsHTTPServer(dir string, port int, verbose bool) (*exec.Cmd, error) {
+	mcpInspectLog.Printf("Starting mcp-scripts HTTP server on port %d", port)
 
 	mcpServerPath := filepath.Join(dir, "mcp-server.cjs")
 
 	cmd := exec.Command("node", mcpServerPath)
 	cmd.Dir = dir
 	cmd.Env = append(os.Environ(),
-		fmt.Sprintf("GH_AW_SAFE_INPUTS_PORT=%d", port),
+		fmt.Sprintf("GH_AW_MCP_SCRIPTS_PORT=%d", port),
 	)
 
 	// Capture output for debugging
@@ -91,29 +91,29 @@ func startSafeInputsHTTPServer(dir string, port int, verbose bool) (*exec.Cmd, e
 	}
 
 	if verbose {
-		fmt.Fprintln(os.Stderr, console.FormatInfoMessage(fmt.Sprintf("Started safe-inputs server (PID: %d)", cmd.Process.Pid)))
+		fmt.Fprintln(os.Stderr, console.FormatInfoMessage(fmt.Sprintf("Started mcp-scripts server (PID: %d)", cmd.Process.Pid)))
 	}
 
 	return cmd, nil
 }
 
-// startSafeInputsServer starts the safe-inputs HTTP server and returns the MCP config
-func startSafeInputsServer(safeInputsConfig *workflow.SafeInputsConfig, verbose bool) (*parser.MCPServerConfig, *exec.Cmd, string, error) {
-	mcpInspectLog.Printf("Starting safe-inputs server with %d tools", len(safeInputsConfig.Tools))
+// startMCPScriptsServer starts the mcp-scripts HTTP server and returns the MCP config
+func startMCPScriptsServer(mcpScriptsConfig *workflow.MCPScriptsConfig, verbose bool) (*parser.MCPServerConfig, *exec.Cmd, string, error) {
+	mcpInspectLog.Printf("Starting mcp-scripts server with %d tools", len(mcpScriptsConfig.Tools))
 
 	// Check if node is available
 	if _, err := exec.LookPath("node"); err != nil {
-		errMsg := "node not found. Please install Node.js to run the safe-inputs MCP server"
+		errMsg := "node not found. Please install Node.js to run the mcp-scripts MCP server"
 		fmt.Fprintln(os.Stderr, console.FormatErrorMessage(errMsg))
-		return nil, nil, "", fmt.Errorf("node not found. Please install Node.js to run the safe-inputs MCP server: %w", err)
+		return nil, nil, "", fmt.Errorf("node not found. Please install Node.js to run the mcp-scripts MCP server: %w", err)
 	}
 
 	if verbose {
-		fmt.Fprintln(os.Stderr, console.FormatInfoMessage(fmt.Sprintf("Found %d safe-input tool(s) to configure", len(safeInputsConfig.Tools))))
+		fmt.Fprintln(os.Stderr, console.FormatInfoMessage(fmt.Sprintf("Found %d mcp-script tool(s) to configure", len(mcpScriptsConfig.Tools))))
 	}
 
-	// Create temporary directory for safe-inputs files
-	tmpDir, err := os.MkdirTemp("", "gh-aw-safe-inputs-*")
+	// Create temporary directory for mcp-scripts files
+	tmpDir, err := os.MkdirTemp("", "gh-aw-mcp-scripts-*")
 	if err != nil {
 		errMsg := fmt.Sprintf("failed to create temporary directory: %v", err)
 		fmt.Fprintln(os.Stderr, console.FormatErrorMessage(errMsg))
@@ -126,19 +126,19 @@ func startSafeInputsServer(safeInputsConfig *workflow.SafeInputsConfig, verbose
 		}
 	}
 
-	// Write safe-inputs files to temporary directory
-	if err := writeSafeInputsFiles(tmpDir, safeInputsConfig, verbose); err != nil {
+	// Write mcp-scripts files to temporary directory
+	if err := writeMCPScriptsFiles(tmpDir, mcpScriptsConfig, verbose); err != nil {
 		// Clean up temporary directory on error
 		if err := os.RemoveAll(tmpDir); err != nil && verbose {
 			mcpInspectLog.Printf("Warning: failed to clean up temporary directory %s: %v", tmpDir, err)
 		}
-		errMsg := fmt.Sprintf("failed to write safe-inputs files: %v", err)
+		errMsg := fmt.Sprintf("failed to write mcp-scripts files: %v", err)
 		fmt.Fprintln(os.Stderr, console.FormatErrorMessage(errMsg))
-		return nil, nil, "", fmt.Errorf("failed to write safe-inputs files: %w", err)
+		return nil, nil, "", fmt.Errorf("failed to write mcp-scripts files: %w", err)
 	}
 
 	// Find an available port for the HTTP server
-	port := findAvailablePort(safeInputsStartPort, verbose)
+	port := findAvailablePort(mcpScriptsStartPort, verbose)
 	if port == 0 {
 		if err := os.RemoveAll(tmpDir); err != nil && verbose {
 			mcpInspectLog.Printf("Warning: failed to clean up temporary directory %s: %v", tmpDir, err)
@@ -149,17 +149,17 @@ func startSafeInputsServer(safeInputsConfig *workflow.SafeInputsConfig, verbose
 	}
 
 	if verbose {
-		fmt.Fprintln(os.Stderr, console.FormatInfoMessage(fmt.Sprintf("Using port %d for safe-inputs HTTP server", port)))
+		fmt.Fprintln(os.Stderr, console.FormatInfoMessage(fmt.Sprintf("Using port %d for mcp-scripts HTTP server", port)))
 	}
 
 	// Start the HTTP server
-	serverCmd, err := startSafeInputsHTTPServer(tmpDir, port, verbose)
+	serverCmd, err := startMCPScriptsHTTPServer(tmpDir, port, verbose)
 	if err != nil {
 		// Clean up temporary directory on error
 		if rmErr := os.RemoveAll(tmpDir); rmErr != nil && verbose {
 			mcpInspectLog.Printf("Warning: failed to clean up temporary directory %s: %v", tmpDir, rmErr)
 		}
-		return nil, nil, "", fmt.Errorf("failed to start safe-inputs HTTP server: %w", err)
+		return nil, nil, "", fmt.Errorf("failed to start mcp-scripts HTTP server: %w", err)
 	}
 
 	// Wait for the server to start up
@@ -173,7 +173,7 @@ func startSafeInputsServer(safeInputsConfig *workflow.SafeInputsConfig, verbose
 		if err := os.RemoveAll(tmpDir); err != nil && verbose {
 			mcpInspectLog.Printf("Warning: failed to clean up temporary directory %s: %v", tmpDir, err)
 		}
-		return nil, nil, "", errors.New("safe-inputs HTTP server failed to start within timeout")
+		return nil, nil, "", errors.New("mcp-scripts HTTP server failed to start within timeout")
 	}
 
 	if verbose {
@@ -181,14 +181,14 @@ func startSafeInputsServer(safeInputsConfig *workflow.SafeInputsConfig, verbose
 		fmt.Fprintln(os.Stderr, console.FormatInfoMessage(fmt.Sprintf("Server running on: http://localhost:%d", port)))
 	}
 
-	// Create MCP server config for the safe-inputs server
+	// Create MCP server config for the mcp-scripts server
 	config := &parser.MCPServerConfig{
 		BaseMCPServerConfig: types.BaseMCPServerConfig{
 			Type: "http",
 			URL:  fmt.Sprintf("http://localhost:%d", port),
 			Env:  make(map[string]string),
 		},
-		Name: "safeinputs",
+		Name: "mcpscripts",
 	}
 
 	return config, serverCmd, tmpDir, nil
diff --git a/pkg/cli/mcp_tools_management.go b/pkg/cli/mcp_tools_management.go
index acd4c08b956..39bf7061ed8 100644
--- a/pkg/cli/mcp_tools_management.go
+++ b/pkg/cli/mcp_tools_management.go
@@ -169,7 +169,7 @@ Available codemods:
 • timeout-minutes-migration: Replaces 'timeout_minutes' with 'timeout-minutes'
 • network-firewall-migration: Removes deprecated 'network.firewall' field
 • sandbox-agent-false-removal: Removes 'sandbox.agent: false' (firewall now mandatory)
-• safe-inputs-mode-removal: Removes deprecated 'safe-inputs.mode' field
+• mcp-scripts-mode-removal: Removes deprecated 'mcp-scripts.mode' field
 
 If no workflows are specified, all Markdown files in .github/workflows will be processed.
 
diff --git a/pkg/constants/constants.go b/pkg/constants/constants.go
index ead14d26910..00fb81f4018 100644
--- a/pkg/constants/constants.go
+++ b/pkg/constants/constants.go
@@ -230,7 +230,7 @@ const (
 	// DefaultMCPGatewayPort is the default port for the MCP gateway HTTP service
 	DefaultMCPGatewayPort = 80
 
-	// DefaultMCPServerPort is the default port for MCP servers (safe-inputs server)
+	// DefaultMCPServerPort is the default port for MCP servers (mcp-scripts server)
 	DefaultMCPServerPort = 3000
 
 	// DefaultMCPInspectorPort is the default port for the MCP inspector (safe-outputs server)
@@ -615,19 +615,19 @@ func (m MCPServerID) String() string {
 // SafeOutputsMCPServerID is the identifier for the safe-outputs MCP server
 const SafeOutputsMCPServerID MCPServerID = "safeoutputs"
 
-// SafeInputsMCPServerID is the identifier for the safe-inputs MCP server
-const SafeInputsMCPServerID MCPServerID = "safeinputs"
+// MCPScriptsMCPServerID is the identifier for the mcp-scripts MCP server
+const MCPScriptsMCPServerID MCPServerID = "mcpscripts"
 
-// SafeInputsMCPVersion is the version of the safe-inputs MCP server
-const SafeInputsMCPVersion = "1.0.0"
+// MCPScriptsMCPVersion is the version of the mcp-scripts MCP server
+const MCPScriptsMCPVersion = "1.0.0"
 
 // AgenticWorkflowsMCPServerID is the identifier for the agentic-workflows MCP server
 const AgenticWorkflowsMCPServerID MCPServerID = "agenticworkflows"
 
 // Feature flag identifiers
 const (
-	// SafeInputsFeatureFlag is the name of the feature flag for safe-inputs
-	SafeInputsFeatureFlag FeatureFlag = "safe-inputs"
+	// MCPScriptsFeatureFlag is the name of the feature flag for mcp-scripts
+	MCPScriptsFeatureFlag FeatureFlag = "mcp-scripts"
 	// MCPGatewayFeatureFlag is the feature flag name for enabling MCP gateway
 	MCPGatewayFeatureFlag FeatureFlag = "mcp-gateway"
 	// DisableXPIAPromptFeatureFlag is the feature flag name for disabling XPIA prompt
diff --git a/pkg/constants/constants_test.go b/pkg/constants/constants_test.go
index eca048659ee..b606aa55905 100644
--- a/pkg/constants/constants_test.go
+++ b/pkg/constants/constants_test.go
@@ -320,7 +320,7 @@ func TestFeatureFlagConstants(t *testing.T) {
 		value    FeatureFlag
 		expected string
 	}{
-		{"SafeInputsFeatureFlag", SafeInputsFeatureFlag, "safe-inputs"},
+		{"MCPScriptsFeatureFlag", MCPScriptsFeatureFlag, "mcp-scripts"},
 		{"MCPGatewayFeatureFlag", MCPGatewayFeatureFlag, "mcp-gateway"},
 		{"DisableXPIAPromptFeatureFlag", DisableXPIAPromptFeatureFlag, "disable-xpia-prompt"},
 	}
@@ -342,9 +342,9 @@ func TestFeatureFlagType(t *testing.T) {
 	}
 
 	// Test that constants can be assigned to FeatureFlag variables
-	safeInputsFlag := SafeInputsFeatureFlag
-	if safeInputsFlag != "safe-inputs" {
-		t.Errorf("SafeInputsFeatureFlag assignment failed: got %q, want %q", safeInputsFlag, "safe-inputs")
+	mcpScriptsFlag := MCPScriptsFeatureFlag
+	if mcpScriptsFlag != "mcp-scripts" {
+		t.Errorf("MCPScriptsFeatureFlag assignment failed: got %q, want %q", mcpScriptsFlag, "mcp-scripts")
 	}
 }
 
diff --git a/pkg/parser/import_field_extractor.go b/pkg/parser/import_field_extractor.go
index 2a956550328..d2be74fa6b5 100644
--- a/pkg/parser/import_field_extractor.go
+++ b/pkg/parser/import_field_extractor.go
@@ -30,7 +30,7 @@ type importAccumulator struct {
 	jobsBuilder              strings.Builder // Jobs from imported YAML workflows
 	engines                  []string
 	safeOutputs              []string
-	safeInputs               []string
+	mcpScripts               []string
 	bots                     []string
 	botsSet                  map[string]bool
 	plugins                  []string
@@ -65,7 +65,7 @@ func newImportAccumulator() *importAccumulator {
 
 // extractAllImportFields extracts all frontmatter fields from a single imported file
 // and accumulates the results. Handles tools, engines, mcp-servers, safe-outputs,
-// safe-inputs, steps, runtimes, services, network, permissions, secret-masking, bots,
+// mcp-scripts, steps, runtimes, services, network, permissions, secret-masking, bots,
 // skip-roles, skip-bots, plugins, post-steps, labels, cache, and features.
 func (acc *importAccumulator) extractAllImportFields(content []byte, item importQueueItem, visited map[string]bool) error {
 	log.Printf("Extracting all import fields: path=%s, section=%s, inputs=%d, content_size=%d bytes", item.fullPath, item.sectionName, len(item.inputs), len(content))
@@ -123,10 +123,10 @@ func (acc *importAccumulator) extractAllImportFields(content []byte, item import
 		acc.safeOutputs = append(acc.safeOutputs, safeOutputsContent)
 	}
 
-	// Extract safe-inputs from imported file
-	safeInputsContent, err := extractFrontmatterField(string(content), "safe-inputs", "{}")
-	if err == nil && safeInputsContent != "" && safeInputsContent != "{}" {
-		acc.safeInputs = append(acc.safeInputs, safeInputsContent)
+	// Extract mcp-scripts from imported file
+	mcpScriptsContent, err := extractFrontmatterField(string(content), "mcp-scripts", "{}")
+	if err == nil && mcpScriptsContent != "" && mcpScriptsContent != "{}" {
+		acc.mcpScripts = append(acc.mcpScripts, mcpScriptsContent)
 	}
 
 	// Extract steps from imported file
@@ -284,7 +284,7 @@ func (acc *importAccumulator) toImportsResult(topologicalOrder []string) *Import
 		MergedMCPServers:    acc.mcpServersBuilder.String(),
 		MergedEngines:       acc.engines,
 		MergedSafeOutputs:   acc.safeOutputs,
-		MergedSafeInputs:    acc.safeInputs,
+		MergedMCPScripts:    acc.mcpScripts,
 		MergedMarkdown:      acc.markdownBuilder.String(),
 		ImportPaths:         acc.importPaths,
 		MergedSteps:         acc.stepsBuilder.String(),
diff --git a/pkg/parser/import_processor.go b/pkg/parser/import_processor.go
index d51c82229b4..6742f59f6ab 100644
--- a/pkg/parser/import_processor.go
+++ b/pkg/parser/import_processor.go
@@ -18,7 +18,7 @@ type ImportsResult struct {
 	MergedMCPServers    string           // Merged mcp-servers configuration from all imports
 	MergedEngines       []string         // Merged engine configurations from all imports
 	MergedSafeOutputs   []string         // Merged safe-outputs configurations from all imports
-	MergedSafeInputs    []string         // Merged safe-inputs configurations from all imports
+	MergedMCPScripts    []string         // Merged mcp-scripts configurations from all imports
 	MergedMarkdown      string           // Only contains imports WITH inputs (for compile-time substitution)
 	ImportPaths         []string         // List of import file paths for runtime-import macro generation (replaces MergedMarkdown)
 	MergedSteps         string           // Merged steps configuration from all imports (excluding copilot-setup-steps)
diff --git a/pkg/parser/include_processor.go b/pkg/parser/include_processor.go
index ee72de5fb6c..06434017060 100644
--- a/pkg/parser/include_processor.go
+++ b/pkg/parser/include_processor.go
@@ -158,7 +158,7 @@ func processIncludedFileWithVisited(filePath, sectionName string, extractTools b
 					"description":              true,
 					"steps":                    true,
 					"safe-outputs":             true,
-					"safe-inputs":              true,
+					"mcp-scripts":              true,
 					"services":                 true,
 					"runtimes":                 true,
 					"permissions":              true,
diff --git a/pkg/parser/mcp.go b/pkg/parser/mcp.go
index df4beec1ce0..1c9b8f50fcd 100644
--- a/pkg/parser/mcp.go
+++ b/pkg/parser/mcp.go
@@ -142,23 +142,23 @@ func ExtractMCPConfigurations(frontmatter map[string]any, serverFilter string) (
 		}
 	}
 
-	// Check for safe-inputs configuration (built-in MCP)
-	if safeInputsSection, hasSafeInputs := frontmatter["safe-inputs"]; hasSafeInputs {
-		mcpLog.Print("Found safe-inputs configuration")
+	// Check for mcp-scripts configuration (built-in MCP)
+	if mcpScriptsSection, hasMCPScripts := frontmatter["mcp-scripts"]; hasMCPScripts {
+		mcpLog.Print("Found mcp-scripts configuration")
 		// Apply server filter if specified
-		if serverFilter == "" || strings.Contains(constants.SafeInputsMCPServerID.String(), strings.ToLower(serverFilter)) {
+		if serverFilter == "" || strings.Contains(constants.MCPScriptsMCPServerID.String(), strings.ToLower(serverFilter)) {
 			config := MCPServerConfig{
 				BaseMCPServerConfig: types.BaseMCPServerConfig{
 					Type:    "http",
 					Command: "",
 					Env:     make(map[string]string),
 				},
-				Name: constants.SafeInputsMCPServerID.String(),
+				Name: constants.MCPScriptsMCPServerID.String(),
 			}
 
-			// Parse safe-inputs configuration to determine enabled tools
-			if safeInputsMap, ok := safeInputsSection.(map[string]any); ok {
-				for toolName := range safeInputsMap {
+			// Parse mcp-scripts configuration to determine enabled tools
+			if mcpScriptsMap, ok := mcpScriptsSection.(map[string]any); ok {
+				for toolName := range mcpScriptsMap {
 					config.Allowed = append(config.Allowed, toolName)
 				}
 			}
diff --git a/pkg/parser/schemas/main_workflow_schema.json b/pkg/parser/schemas/main_workflow_schema.json
index b033d66e4b3..d5f44604e15 100644
--- a/pkg/parser/schemas/main_workflow_schema.json
+++ b/pkg/parser/schemas/main_workflow_schema.json
@@ -7305,7 +7305,7 @@
       "description": "Mark the workflow as private, preventing it from being added to other repositories via 'gh aw add'. A workflow with private: true is not meant to be shared outside its repository.",
       "examples": [true, false]
     },
-    "safe-inputs": {
+    "mcp-scripts": {
       "type": "object",
       "description": "Safe inputs configuration for defining custom lightweight MCP tools as JavaScript, shell scripts, or Python scripts. Tools are mounted in an MCP server and have access to secrets specified by the user. Only one of 'script' (JavaScript), 'run' (shell), or 'py' (Python) must be specified per tool.",
       "patternProperties": {
diff --git a/pkg/workflow/claude_engine.go b/pkg/workflow/claude_engine.go
index e7243814d52..1cb63972c23 100644
--- a/pkg/workflow/claude_engine.go
+++ b/pkg/workflow/claude_engine.go
@@ -50,10 +50,10 @@ func (e *ClaudeEngine) GetRequiredSecretNames(workflowData *WorkflowData) []stri
 		secrets = append(secrets, "MCP_GATEWAY_API_KEY")
 	}
 
-	// Add safe-inputs secret names
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-		safeInputsSecrets := collectSafeInputsSecrets(workflowData.SafeInputs)
-		for varName := range safeInputsSecrets {
+	// Add mcp-scripts secret names
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
+		mcpScriptsSecrets := collectMCPScriptsSecrets(workflowData.MCPScripts)
+		for varName := range mcpScriptsSecrets {
 			secrets = append(secrets, varName)
 		}
 	}
@@ -431,10 +431,10 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str
 		claudeLog.Printf("Added %d custom env vars from agent config", len(agentConfig.Env))
 	}
 
-	// Add safe-inputs secrets to env for passthrough to MCP servers
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-		safeInputsSecrets := collectSafeInputsSecrets(workflowData.SafeInputs)
-		for varName, secretExpr := range safeInputsSecrets {
+	// Add mcp-scripts secrets to env for passthrough to MCP servers
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
+		mcpScriptsSecrets := collectMCPScriptsSecrets(workflowData.MCPScripts)
+		for varName, secretExpr := range mcpScriptsSecrets {
 			// Only add if not already in env
 			if _, exists := env[varName]; !exists {
 				env[varName] = secretExpr
diff --git a/pkg/workflow/claude_mcp.go b/pkg/workflow/claude_mcp.go
index eadc161b1e8..9e52a1f2e0c 100644
--- a/pkg/workflow/claude_mcp.go
+++ b/pkg/workflow/claude_mcp.go
@@ -54,9 +54,9 @@ func (e *ClaudeEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]a
 				renderer := createRenderer(isLast)
 				renderer.RenderSafeOutputsMCP(yaml, workflowData)
 			},
-			RenderSafeInputs: func(yaml *strings.Builder, safeInputs *SafeInputsConfig, isLast bool) {
+			RenderMCPScripts: func(yaml *strings.Builder, mcpScripts *MCPScriptsConfig, isLast bool) {
 				renderer := createRenderer(isLast)
-				renderer.RenderSafeInputsMCP(yaml, safeInputs, workflowData)
+				renderer.RenderMCPScriptsMCP(yaml, mcpScripts, workflowData)
 			},
 			RenderWebFetch: func(yaml *strings.Builder, isLast bool) {
 				renderMCPFetchServerConfig(yaml, "json", "              ", isLast, false)
diff --git a/pkg/workflow/codex_engine.go b/pkg/workflow/codex_engine.go
index 1e04052c9d4..b2cb97a42a3 100644
--- a/pkg/workflow/codex_engine.go
+++ b/pkg/workflow/codex_engine.go
@@ -63,10 +63,10 @@ func (e *CodexEngine) GetRequiredSecretNames(workflowData *WorkflowData) []strin
 		secrets = append(secrets, "MCP_GATEWAY_API_KEY")
 	}
 
-	// Add safe-inputs secret names
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-		safeInputsSecrets := collectSafeInputsSecrets(workflowData.SafeInputs)
-		for varName := range safeInputsSecrets {
+	// Add mcp-scripts secret names
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
+		mcpScriptsSecrets := collectMCPScriptsSecrets(workflowData.MCPScripts)
+		for varName := range mcpScriptsSecrets {
 			secrets = append(secrets, varName)
 		}
 	}
@@ -329,10 +329,10 @@ mkdir -p "$CODEX_HOME/logs"
 		codexEngineLog.Printf("Added %d custom env vars from agent config", len(agentConfig.Env))
 	}
 
-	// Add safe-inputs secrets to env for passthrough to MCP servers
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-		safeInputsSecrets := collectSafeInputsSecrets(workflowData.SafeInputs)
-		for varName, secretExpr := range safeInputsSecrets {
+	// Add mcp-scripts secrets to env for passthrough to MCP servers
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
+		mcpScriptsSecrets := collectMCPScriptsSecrets(workflowData.MCPScripts)
+		for varName, secretExpr := range mcpScriptsSecrets {
 			// Only add if not already in env
 			if _, exists := env[varName]; !exists {
 				env[varName] = secretExpr
diff --git a/pkg/workflow/codex_engine_test.go b/pkg/workflow/codex_engine_test.go
index b01db5b9177..09afd567a92 100644
--- a/pkg/workflow/codex_engine_test.go
+++ b/pkg/workflow/codex_engine_test.go
@@ -618,18 +618,18 @@ func TestCodexEngineRenderMCPConfigUserAgentWithHyphen(t *testing.T) {
 	}
 }
 
-// TestCodexEngineSafeInputsSecrets verifies that safe-inputs secrets are passed to the execution step
-func TestCodexEngineSafeInputsSecrets(t *testing.T) {
+// TestCodexEngineMCPScriptsSecrets verifies that mcp-scripts secrets are passed to the execution step
+func TestCodexEngineMCPScriptsSecrets(t *testing.T) {
 	engine := NewCodexEngine()
 
-	// Create workflow data with safe-inputs that have env secrets
+	// Create workflow data with mcp-scripts that have env secrets
 	workflowData := &WorkflowData{
-		Name: "test-workflow-with-safe-inputs",
+		Name: "test-workflow-with-mcp-scripts",
 		Features: map[string]any{
-			"safe-inputs": true, // Feature flag is optional now
+			"mcp-scripts": true, // Feature flag is optional now
 		},
-		SafeInputs: &SafeInputsConfig{
-			Tools: map[string]*SafeInputToolConfig{
+		MCPScripts: &MCPScriptsConfig{
+			Tools: map[string]*MCPScriptToolConfig{
 				"gh": {
 					Name:        "gh",
 					Description: "Execute gh CLI command",
diff --git a/pkg/workflow/codex_mcp.go b/pkg/workflow/codex_mcp.go
index 0399a549488..965a7b73b59 100644
--- a/pkg/workflow/codex_mcp.go
+++ b/pkg/workflow/codex_mcp.go
@@ -62,11 +62,11 @@ func (e *CodexEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]an
 			if hasSafeOutputs {
 				renderer.RenderSafeOutputsMCP(yaml, workflowData)
 			}
-		case "safe-inputs":
-			// Add safe-inputs MCP server if safe-inputs are configured and feature flag is enabled
-			hasSafeInputs := workflowData != nil && IsSafeInputsEnabled(workflowData.SafeInputs, workflowData)
-			if hasSafeInputs {
-				renderer.RenderSafeInputsMCP(yaml, workflowData.SafeInputs, workflowData)
+		case "mcp-scripts":
+			// Add mcp-scripts MCP server if mcp-scripts are configured and feature flag is enabled
+			hasMCPScripts := workflowData != nil && IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData)
+			if hasMCPScripts {
+				renderer.RenderMCPScriptsMCP(yaml, workflowData.MCPScripts, workflowData)
 			}
 		case "web-fetch":
 			renderMCPFetchServerConfig(yaml, "toml", "          ", false, false)
@@ -147,9 +147,9 @@ func (e *CodexEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]an
 				renderer := createJSONRenderer(isLast)
 				renderer.RenderSafeOutputsMCP(yaml, workflowData)
 			},
-			RenderSafeInputs: func(yaml *strings.Builder, safeInputs *SafeInputsConfig, isLast bool) {
+			RenderMCPScripts: func(yaml *strings.Builder, mcpScripts *MCPScriptsConfig, isLast bool) {
 				renderer := createJSONRenderer(isLast)
-				renderer.RenderSafeInputsMCP(yaml, safeInputs, workflowData)
+				renderer.RenderMCPScriptsMCP(yaml, mcpScripts, workflowData)
 			},
 			RenderWebFetch: func(yaml *strings.Builder, isLast bool) {
 				renderMCPFetchServerConfig(yaml, "json", "              ", isLast, false)
diff --git a/pkg/workflow/compiler.go b/pkg/workflow/compiler.go
index 693f210868c..2b21976cdcd 100644
--- a/pkg/workflow/compiler.go
+++ b/pkg/workflow/compiler.go
@@ -233,9 +233,9 @@ func (c *Compiler) validateWorkflowData(workflowData *WorkflowData, markdownPath
 		c.IncrementWarningCount()
 	}
 
-	// Emit experimental warning for safe-inputs feature
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-		fmt.Fprintln(os.Stderr, console.FormatWarningMessage("Using experimental feature: safe-inputs"))
+	// Emit experimental warning for mcp-scripts feature
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
+		fmt.Fprintln(os.Stderr, console.FormatWarningMessage("Using experimental feature: mcp-scripts"))
 		c.IncrementWarningCount()
 	}
 
diff --git a/pkg/workflow/compiler_orchestrator_test.go b/pkg/workflow/compiler_orchestrator_test.go
index 1db090d87b7..ed4e432fde9 100644
--- a/pkg/workflow/compiler_orchestrator_test.go
+++ b/pkg/workflow/compiler_orchestrator_test.go
@@ -522,7 +522,7 @@ run-name: Test Run
 env:
   NODE_ENV: production
 features:
-  safe-inputs: true
+  mcp-scripts: true
 if: github.event_name == 'push'
 runs-on: ubuntu-latest
 environment: staging
diff --git a/pkg/workflow/compiler_orchestrator_workflow.go b/pkg/workflow/compiler_orchestrator_workflow.go
index 618972bd15d..3612b9e8890 100644
--- a/pkg/workflow/compiler_orchestrator_workflow.go
+++ b/pkg/workflow/compiler_orchestrator_workflow.go
@@ -110,7 +110,7 @@ func (c *Compiler) ParseWorkflowFile(markdownPath string) (*WorkflowData, error)
 	// Process and merge services
 	c.processAndMergeServices(result.Frontmatter, workflowData, engineSetup.importsResult)
 
-	// Extract additional configurations (cache, safe-inputs, safe-outputs, etc.)
+	// Extract additional configurations (cache, mcp-scripts, safe-outputs, etc.)
 	if err := c.extractAdditionalConfigurations(
 		result.Frontmatter,
 		toolsResult.tools,
@@ -482,7 +482,7 @@ func (c *Compiler) mergeJobsFromYAMLImports(mainJobs map[string]any, mergedJobsJ
 	return result
 }
 
-// extractAdditionalConfigurations extracts cache-memory, repo-memory, safe-inputs, and safe-outputs configurations
+// extractAdditionalConfigurations extracts cache-memory, repo-memory, mcp-scripts, and safe-outputs configurations
 func (c *Compiler) extractAdditionalConfigurations(
 	frontmatter map[string]any,
 	tools map[string]any,
@@ -512,7 +512,7 @@ func (c *Compiler) extractAdditionalConfigurations(
 	}
 	workflowData.RepoMemoryConfig = repoMemoryConfig
 
-	// Extract and process safe-inputs and safe-outputs
+	// Extract and process mcp-scripts and safe-outputs
 	workflowData.Command, workflowData.CommandEvents = c.extractCommandConfig(frontmatter)
 	workflowData.Jobs = c.extractJobsFromFrontmatter(frontmatter)
 
@@ -532,12 +532,12 @@ func (c *Compiler) extractAdditionalConfigurations(
 	// Use the already extracted output configuration
 	workflowData.SafeOutputs = safeOutputs
 
-	// Extract safe-inputs configuration
-	workflowData.SafeInputs = c.extractSafeInputsConfig(frontmatter)
+	// Extract mcp-scripts configuration
+	workflowData.MCPScripts = c.extractMCPScriptsConfig(frontmatter)
 
-	// Merge safe-inputs from imports
-	if len(importsResult.MergedSafeInputs) > 0 {
-		workflowData.SafeInputs = c.mergeSafeInputs(workflowData.SafeInputs, importsResult.MergedSafeInputs)
+	// Merge mcp-scripts from imports
+	if len(importsResult.MergedMCPScripts) > 0 {
+		workflowData.MCPScripts = c.mergeMCPScripts(workflowData.MCPScripts, importsResult.MergedMCPScripts)
 	}
 
 	// Extract safe-jobs from safe-outputs.jobs location
diff --git a/pkg/workflow/compiler_orchestrator_workflow_test.go b/pkg/workflow/compiler_orchestrator_workflow_test.go
index 0b2229108e7..98bb688389b 100644
--- a/pkg/workflow/compiler_orchestrator_workflow_test.go
+++ b/pkg/workflow/compiler_orchestrator_workflow_test.go
@@ -142,7 +142,7 @@ func TestExtractYAMLSections_AllSections(t *testing.T) {
 		},
 		"run-name":        "Test Run ${{ github.run_id }}",
 		"env":             map[string]any{"NODE_ENV": "production"},
-		"features":        map[string]any{"safe-inputs": true},
+		"features":        map[string]any{"mcp-scripts": true},
 		"if":              "github.event_name == 'push'",
 		"timeout-minutes": 30,
 		"runs-on":         "ubuntu-latest",
@@ -172,7 +172,7 @@ func TestExtractYAMLSections_AllSections(t *testing.T) {
 	assert.NotEmpty(t, workflowData.Env)
 	assert.Contains(t, workflowData.Env, "NODE_ENV")
 	assert.NotEmpty(t, workflowData.Features)
-	assert.Contains(t, workflowData.Features, "safe-inputs")
+	assert.Contains(t, workflowData.Features, "mcp-scripts")
 	assert.NotEmpty(t, workflowData.If)
 	assert.Contains(t, workflowData.If, "github.event_name")
 	assert.NotEmpty(t, workflowData.TimeoutMinutes)
diff --git a/pkg/workflow/compiler_types.go b/pkg/workflow/compiler_types.go
index 7f83b58bae8..44c353d7e9b 100644
--- a/pkg/workflow/compiler_types.go
+++ b/pkg/workflow/compiler_types.go
@@ -408,7 +408,7 @@ type WorkflowData struct {
 	NetworkPermissions    *NetworkPermissions  // parsed network permissions
 	SandboxConfig         *SandboxConfig       // parsed sandbox configuration (AWF or SRT)
 	SafeOutputs           *SafeOutputsConfig   // output configuration for automatic output routes
-	SafeInputs            *SafeInputsConfig    // safe-inputs configuration for custom MCP tools
+	MCPScripts            *MCPScriptsConfig    // mcp-scripts configuration for custom MCP tools
 	Roles                 []string             // permission levels required to trigger workflow
 	Bots                  []string             // allow list of bot identifiers that can trigger workflow
 	RateLimit             *RateLimitConfig     // rate limiting configuration for workflow triggers
diff --git a/pkg/workflow/compiler_yaml_ai_execution.go b/pkg/workflow/compiler_yaml_ai_execution.go
index e000c270549..5c7806f2782 100644
--- a/pkg/workflow/compiler_yaml_ai_execution.go
+++ b/pkg/workflow/compiler_yaml_ai_execution.go
@@ -54,9 +54,9 @@ func (c *Compiler) generateLogParsing(yaml *strings.Builder, engine CodingAgentE
 	yaml.WriteString("            await main();\n")
 }
 
-// generateSafeInputsLogParsing generates a step that parses safe-inputs logs and adds them to the step summary
-func (c *Compiler) generateSafeInputsLogParsing(yaml *strings.Builder) {
-	compilerYamlLog.Print("Generating safe-inputs log parsing step")
+// generateMCPScriptsLogParsing generates a step that parses mcp-scripts logs and adds them to the step summary
+func (c *Compiler) generateMCPScriptsLogParsing(yaml *strings.Builder) {
+	compilerYamlLog.Print("Generating mcp-scripts log parsing step")
 
 	yaml.WriteString("      - name: Parse Safe Inputs logs for step summary\n")
 	yaml.WriteString("        if: always()\n")
@@ -67,8 +67,8 @@ func (c *Compiler) generateSafeInputsLogParsing(yaml *strings.Builder) {
 	// Use the setup_globals helper to store GitHub Actions objects in global scope
 	yaml.WriteString("            const { setupGlobals } = require('" + SetupActionDestination + "/setup_globals.cjs');\n")
 	yaml.WriteString("            setupGlobals(core, github, context, exec, io);\n")
-	// Load safe-inputs log parser script from external file using require()
-	yaml.WriteString("            const { main } = require('/opt/gh-aw/actions/parse_safe_inputs_logs.cjs');\n")
+	// Load mcp-scripts log parser script from external file using require()
+	yaml.WriteString("            const { main } = require('/opt/gh-aw/actions/parse_mcp_scripts_logs.cjs');\n")
 	yaml.WriteString("            await main();\n")
 }
 
diff --git a/pkg/workflow/compiler_yaml_main_job.go b/pkg/workflow/compiler_yaml_main_job.go
index 5bc621e5bcf..269662c4952 100644
--- a/pkg/workflow/compiler_yaml_main_job.go
+++ b/pkg/workflow/compiler_yaml_main_job.go
@@ -339,17 +339,17 @@ func (c *Compiler) generateMainJobSteps(yaml *strings.Builder, data *WorkflowDat
 	// Collect MCP logs path if any MCP tools were used
 	artifactPaths = append(artifactPaths, "/tmp/gh-aw/mcp-logs/")
 
-	// Collect SafeInputs logs path if safe-inputs is enabled
-	if IsSafeInputsEnabled(data.SafeInputs, data) {
-		artifactPaths = append(artifactPaths, "/tmp/gh-aw/safe-inputs/logs/")
+	// Collect MCPScripts logs path if mcp-scripts is enabled
+	if IsMCPScriptsEnabled(data.MCPScripts, data) {
+		artifactPaths = append(artifactPaths, "/tmp/gh-aw/mcp-scripts/logs/")
 	}
 
 	// parse agent logs for GITHUB_STEP_SUMMARY
 	c.generateLogParsing(yaml, engine)
 
-	// parse safe-inputs logs for GITHUB_STEP_SUMMARY (if safe-inputs is enabled)
-	if IsSafeInputsEnabled(data.SafeInputs, data) {
-		c.generateSafeInputsLogParsing(yaml)
+	// parse mcp-scripts logs for GITHUB_STEP_SUMMARY (if mcp-scripts is enabled)
+	if IsMCPScriptsEnabled(data.MCPScripts, data) {
+		c.generateMCPScriptsLogParsing(yaml)
 	}
 
 	// parse MCP gateway logs for GITHUB_STEP_SUMMARY
diff --git a/pkg/workflow/copilot_engine.go b/pkg/workflow/copilot_engine.go
index 5d80ae709fd..cc09bfacaf5 100644
--- a/pkg/workflow/copilot_engine.go
+++ b/pkg/workflow/copilot_engine.go
@@ -88,14 +88,14 @@ func (e *CopilotEngine) GetRequiredSecretNames(workflowData *WorkflowData) []str
 		copilotLog.Printf("Added %d HTTP MCP header secrets", len(headerSecrets))
 	}
 
-	// Add safe-inputs secret names
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-		safeInputsSecrets := collectSafeInputsSecrets(workflowData.SafeInputs)
-		for varName := range safeInputsSecrets {
+	// Add mcp-scripts secret names
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
+		mcpScriptsSecrets := collectMCPScriptsSecrets(workflowData.MCPScripts)
+		for varName := range mcpScriptsSecrets {
 			secrets = append(secrets, varName)
 		}
-		if len(safeInputsSecrets) > 0 {
-			copilotLog.Printf("Added %d safe-inputs secrets", len(safeInputsSecrets))
+		if len(mcpScriptsSecrets) > 0 {
+			copilotLog.Printf("Added %d mcp-scripts secrets", len(mcpScriptsSecrets))
 		}
 	}
 
diff --git a/pkg/workflow/copilot_engine_execution.go b/pkg/workflow/copilot_engine_execution.go
index 5b9d9c53e32..73219e35c38 100644
--- a/pkg/workflow/copilot_engine_execution.go
+++ b/pkg/workflow/copilot_engine_execution.go
@@ -96,7 +96,7 @@ func (e *CopilotEngine) GetExecutionSteps(workflowData *WorkflowData, logFile st
 	}
 
 	// Add tool permission arguments based on configuration
-	toolArgs := e.computeCopilotToolArguments(workflowData.Tools, workflowData.SafeOutputs, workflowData.SafeInputs, workflowData)
+	toolArgs := e.computeCopilotToolArguments(workflowData.Tools, workflowData.SafeOutputs, workflowData.MCPScripts, workflowData)
 	if len(toolArgs) > 0 {
 		copilotExecLog.Printf("Adding %d tool permission arguments", len(toolArgs))
 	}
@@ -330,10 +330,10 @@ COPILOT_CLI_INSTRUCTION="$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"
 		}
 	}
 
-	// Add safe-inputs secrets to env for passthrough to MCP servers
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-		safeInputsSecrets := collectSafeInputsSecrets(workflowData.SafeInputs)
-		for varName, secretExpr := range safeInputsSecrets {
+	// Add mcp-scripts secrets to env for passthrough to MCP servers
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
+		mcpScriptsSecrets := collectMCPScriptsSecrets(workflowData.MCPScripts)
+		for varName, secretExpr := range mcpScriptsSecrets {
 			// Only add if not already in env
 			if _, exists := env[varName]; !exists {
 				env[varName] = secretExpr
@@ -349,7 +349,7 @@ COPILOT_CLI_INSTRUCTION="$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"
 	stepLines = append(stepLines, "        id: agentic_execution")
 
 	// Add tool arguments comment before the run section
-	toolArgsComment := e.generateCopilotToolArgumentsComment(workflowData.Tools, workflowData.SafeOutputs, workflowData.SafeInputs, workflowData, "        ")
+	toolArgsComment := e.generateCopilotToolArgumentsComment(workflowData.Tools, workflowData.SafeOutputs, workflowData.MCPScripts, workflowData, "        ")
 	if toolArgsComment != "" {
 		// Split the comment into lines and add each line
 		commentLines := strings.Split(strings.TrimSuffix(toolArgsComment, "\n"), "\n")
diff --git a/pkg/workflow/copilot_engine_tools.go b/pkg/workflow/copilot_engine_tools.go
index 0a2d336a27e..55ed97edf8e 100644
--- a/pkg/workflow/copilot_engine_tools.go
+++ b/pkg/workflow/copilot_engine_tools.go
@@ -4,7 +4,7 @@
 //
 //  1. Tool Permission Arguments (computeCopilotToolArguments):
 //     Converts workflow tool configurations into --allow-tool flags for Copilot CLI.
-//     Handles bash/shell tools, edit tools, safe outputs, safe inputs, and MCP servers.
+//     Handles bash/shell tools, edit tools, safe outputs, mcp-scripts, and MCP servers.
 //     Supports granular permissions (e.g., "github(get_file)") and server-level wildcards.
 //
 //  2. Tool Argument Comments (generateCopilotToolArgumentsComment):
@@ -33,9 +33,9 @@ import (
 var copilotEngineToolsLog = logger.New("workflow:copilot_engine_tools")
 
 // computeCopilotToolArguments computes the --allow-tool arguments for Copilot CLI based on tool configurations.
-// It handles bash/shell tools, edit tools, safe outputs, safe inputs, and MCP server tools.
+// It handles bash/shell tools, edit tools, safe outputs, mcp-scripts, and MCP server tools.
 // Returns a sorted list of arguments ready to be passed to the Copilot CLI.
-func (e *CopilotEngine) computeCopilotToolArguments(tools map[string]any, safeOutputs *SafeOutputsConfig, safeInputs *SafeInputsConfig, workflowData *WorkflowData) []string {
+func (e *CopilotEngine) computeCopilotToolArguments(tools map[string]any, safeOutputs *SafeOutputsConfig, mcpScripts *MCPScriptsConfig, workflowData *WorkflowData) []string {
 	copilotEngineToolsLog.Printf("Computing tool arguments: tools=%d", len(tools))
 	if tools == nil {
 		tools = make(map[string]any)
@@ -95,9 +95,9 @@ func (e *CopilotEngine) computeCopilotToolArguments(tools map[string]any, safeOu
 		args = append(args, "--allow-tool", constants.SafeOutputsMCPServerID.String())
 	}
 
-	// Handle safe_inputs MCP server - allow the server if safe inputs are configured and feature flag is enabled
-	if IsSafeInputsEnabled(safeInputs, workflowData) {
-		args = append(args, "--allow-tool", constants.SafeInputsMCPServerID.String())
+	// Handle mcp_scripts MCP server - allow the server if mcp-scripts are configured and feature flag is enabled
+	if IsMCPScriptsEnabled(mcpScripts, workflowData) {
+		args = append(args, "--allow-tool", constants.MCPScriptsMCPServerID.String())
 	}
 
 	// Handle web-fetch builtin tool (Copilot CLI uses web_fetch with underscore)
@@ -208,8 +208,8 @@ func (e *CopilotEngine) computeCopilotToolArguments(tools map[string]any, safeOu
 
 // generateCopilotToolArgumentsComment generates a multi-line comment showing each tool argument.
 // This is used to document which tool permissions are being granted in the compiled workflow.
-func (e *CopilotEngine) generateCopilotToolArgumentsComment(tools map[string]any, safeOutputs *SafeOutputsConfig, safeInputs *SafeInputsConfig, workflowData *WorkflowData, indent string) string {
-	toolArgs := e.computeCopilotToolArguments(tools, safeOutputs, safeInputs, workflowData)
+func (e *CopilotEngine) generateCopilotToolArgumentsComment(tools map[string]any, safeOutputs *SafeOutputsConfig, mcpScripts *MCPScriptsConfig, workflowData *WorkflowData, indent string) string {
+	toolArgs := e.computeCopilotToolArguments(tools, safeOutputs, mcpScripts, workflowData)
 	if len(toolArgs) == 0 {
 		return ""
 	}
diff --git a/pkg/workflow/copilot_mcp.go b/pkg/workflow/copilot_mcp.go
index f75cb53a3bc..1efae1f2df8 100644
--- a/pkg/workflow/copilot_mcp.go
+++ b/pkg/workflow/copilot_mcp.go
@@ -59,9 +59,9 @@ func (e *CopilotEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]
 				renderer := createRenderer(isLast)
 				renderer.RenderSafeOutputsMCP(yaml, workflowData)
 			},
-			RenderSafeInputs: func(yaml *strings.Builder, safeInputs *SafeInputsConfig, isLast bool) {
+			RenderMCPScripts: func(yaml *strings.Builder, mcpScripts *MCPScriptsConfig, isLast bool) {
 				renderer := createRenderer(isLast)
-				renderer.RenderSafeInputsMCP(yaml, safeInputs, workflowData)
+				renderer.RenderMCPScriptsMCP(yaml, mcpScripts, workflowData)
 			},
 			RenderWebFetch: func(yaml *strings.Builder, isLast bool) {
 				renderMCPFetchServerConfig(yaml, "json", "              ", isLast, true)
diff --git a/pkg/workflow/engine_helpers_secrets_test.go b/pkg/workflow/engine_helpers_secrets_test.go
index 671dd0172cc..eed60c621fc 100644
--- a/pkg/workflow/engine_helpers_secrets_test.go
+++ b/pkg/workflow/engine_helpers_secrets_test.go
@@ -159,13 +159,13 @@ func TestGetRequiredSecretNames_Copilot(t *testing.T) {
 		assert.Contains(t, secrets, "GITHUB_MCP_SERVER_TOKEN")
 	})
 
-	t.Run("includes safe-inputs secrets", func(t *testing.T) {
+	t.Run("includes mcp-scripts secrets", func(t *testing.T) {
 		workflowData := &WorkflowData{
 			Tools:       map[string]any{},
 			ParsedTools: &ToolsConfig{},
-			SafeInputs: &SafeInputsConfig{
+			MCPScripts: &MCPScriptsConfig{
 				Mode: "http",
-				Tools: map[string]*SafeInputToolConfig{
+				Tools: map[string]*MCPScriptToolConfig{
 					"api": {
 						Env: map[string]string{
 							"API_TOKEN": "${{ secrets.API_TOKEN }}",
diff --git a/pkg/workflow/expression_safety_test.go b/pkg/workflow/expression_safety_test.go
index 2ea9fab15ec..cc4410ce324 100644
--- a/pkg/workflow/expression_safety_test.go
+++ b/pkg/workflow/expression_safety_test.go
@@ -730,7 +730,7 @@ func TestValidateExpressionForDangerousProps(t *testing.T) {
 			expectError: false,
 		},
 		{
-			name:        "allow_safe_inputs",
+			name:        "allow_mcp_scripts",
 			expression:  "inputs.repository",
 			expectError: false,
 		},
diff --git a/pkg/workflow/features_import_test.go b/pkg/workflow/features_import_test.go
index 77caf2680d7..d92922865f6 100644
--- a/pkg/workflow/features_import_test.go
+++ b/pkg/workflow/features_import_test.go
@@ -22,7 +22,7 @@ func TestFeaturesMergeWithImports(t *testing.T) {
 	sharedFeaturesPath := filepath.Join(tempDir, "shared-features.md")
 	sharedFeaturesContent := `---
 features:
-  safe-inputs: true
+  mcp-scripts: true
   experimental-feature: true
 ---
 
@@ -74,10 +74,10 @@ This workflow should have merged features.
 	// The compiled workflow should contain evidence that all features are available
 	// Features affect workflow behavior, so we verify they were processed
 
-	// Verify safe-inputs feature from import is recognized (comment mentioning safe-inputs if enabled)
-	if !strings.Contains(workflowData, "safe-inputs") && !strings.Contains(workflowData, "safe_inputs") {
+	// Verify mcp-scripts feature from import is recognized (comment mentioning mcp-scripts if enabled)
+	if !strings.Contains(workflowData, "mcp-scripts") && !strings.Contains(workflowData, "mcp_scripts") {
 		// Safe-inputs feature may be mentioned in comments or configuration
-		t.Logf("Note: safe-inputs feature may not generate visible output in lock file")
+		t.Logf("Note: mcp-scripts feature may not generate visible output in lock file")
 	}
 
 	// The workflow should compile without error (which validates features were processed)
diff --git a/pkg/workflow/frontmatter_types.go b/pkg/workflow/frontmatter_types.go
index 5c4d26d3c53..3cd69b3a20b 100644
--- a/pkg/workflow/frontmatter_types.go
+++ b/pkg/workflow/frontmatter_types.go
@@ -124,7 +124,7 @@ type FrontmatterConfig struct {
 	Runtimes         map[string]any     `json:"runtimes,omitempty"`    // Deprecated: use RuntimesTyped
 	Jobs             map[string]any     `json:"jobs,omitempty"`        // Custom workflow jobs (too dynamic to type)
 	SafeOutputs      *SafeOutputsConfig `json:"safe-outputs,omitempty"`
-	SafeInputs       *SafeInputsConfig  `json:"safe-inputs,omitempty"`
+	MCPScripts       *MCPScriptsConfig  `json:"mcp-scripts,omitempty"`
 	PermissionsTyped *PermissionsConfig `json:"-"` // New typed field (not in JSON to avoid conflict)
 
 	// Event and trigger configuration
@@ -535,9 +535,9 @@ func (fc *FrontmatterConfig) ToMap() map[string]any {
 		// Convert SafeOutputsConfig to map - would need a ToMap method
 		result["safe-outputs"] = fc.SafeOutputs
 	}
-	if fc.SafeInputs != nil {
-		// Convert SafeInputsConfig to map - would need a ToMap method
-		result["safe-inputs"] = fc.SafeInputs
+	if fc.MCPScripts != nil {
+		// Convert MCPScriptsConfig to map - would need a ToMap method
+		result["mcp-scripts"] = fc.MCPScripts
 	}
 
 	// Event and trigger configuration
diff --git a/pkg/workflow/frontmatter_types_test.go b/pkg/workflow/frontmatter_types_test.go
index ce50f891cee..74ee4ae4ef0 100644
--- a/pkg/workflow/frontmatter_types_test.go
+++ b/pkg/workflow/frontmatter_types_test.go
@@ -479,7 +479,7 @@ func TestFrontmatterConfigBackwardCompatibility(t *testing.T) {
 					"max": 5,
 				},
 			},
-			"safe-inputs": map[string]any{
+			"mcp-scripts": map[string]any{
 				"mode": "http",
 			},
 		}
@@ -499,8 +499,8 @@ func TestFrontmatterConfigBackwardCompatibility(t *testing.T) {
 		if config.SafeOutputs == nil {
 			t.Error("SafeOutputs should be strongly typed")
 		}
-		if config.SafeInputs == nil {
-			t.Error("SafeInputs should be strongly typed")
+		if config.MCPScripts == nil {
+			t.Error("MCPScripts should be strongly typed")
 		}
 
 		// Convert back and verify they're preserved
@@ -514,8 +514,8 @@ func TestFrontmatterConfigBackwardCompatibility(t *testing.T) {
 		if reconstructed["safe-outputs"] == nil {
 			t.Error("safe-outputs should be preserved in ToMap")
 		}
-		if reconstructed["safe-inputs"] == nil {
-			t.Error("safe-inputs should be preserved in ToMap")
+		if reconstructed["mcp-scripts"] == nil {
+			t.Error("mcp-scripts should be preserved in ToMap")
 		}
 	})
 }
diff --git a/pkg/workflow/gemini_engine.go b/pkg/workflow/gemini_engine.go
index 2ec5f9ee617..d927961f1d5 100644
--- a/pkg/workflow/gemini_engine.go
+++ b/pkg/workflow/gemini_engine.go
@@ -65,14 +65,14 @@ func (e *GeminiEngine) GetRequiredSecretNames(workflowData *WorkflowData) []stri
 		geminiLog.Printf("Added %d HTTP MCP header secrets", len(headerSecrets))
 	}
 
-	// Add safe-inputs secret names
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-		safeInputsSecrets := collectSafeInputsSecrets(workflowData.SafeInputs)
-		for varName := range safeInputsSecrets {
+	// Add mcp-scripts secret names
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
+		mcpScriptsSecrets := collectMCPScriptsSecrets(workflowData.MCPScripts)
+		for varName := range mcpScriptsSecrets {
 			secrets = append(secrets, varName)
 		}
-		if len(safeInputsSecrets) > 0 {
-			geminiLog.Printf("Added %d safe-inputs secrets", len(safeInputsSecrets))
+		if len(mcpScriptsSecrets) > 0 {
+			geminiLog.Printf("Added %d mcp-scripts secrets", len(mcpScriptsSecrets))
 		}
 	}
 
diff --git a/pkg/workflow/gemini_mcp.go b/pkg/workflow/gemini_mcp.go
index 95b289c6403..b33a7204c94 100644
--- a/pkg/workflow/gemini_mcp.go
+++ b/pkg/workflow/gemini_mcp.go
@@ -49,9 +49,9 @@ func (e *GeminiEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]a
 				renderer := createRenderer(isLast)
 				renderer.RenderSafeOutputsMCP(yaml, workflowData)
 			},
-			RenderSafeInputs: func(yaml *strings.Builder, safeInputs *SafeInputsConfig, isLast bool) {
+			RenderMCPScripts: func(yaml *strings.Builder, mcpScripts *MCPScriptsConfig, isLast bool) {
 				renderer := createRenderer(isLast)
-				renderer.RenderSafeInputsMCP(yaml, safeInputs, workflowData)
+				renderer.RenderMCPScriptsMCP(yaml, mcpScripts, workflowData)
 			},
 			RenderWebFetch: func(yaml *strings.Builder, isLast bool) {
 				renderMCPFetchServerConfig(yaml, "json", "              ", isLast, false)
diff --git a/pkg/workflow/js.go b/pkg/workflow/js.go
index 3a748175c01..6d5e5aa4347 100644
--- a/pkg/workflow/js.go
+++ b/pkg/workflow/js.go
@@ -108,15 +108,15 @@ func GetMCPLoggerScript() string {
 	return ""
 }
 
-func GetSafeInputsMCPServerHTTPScript() string {
+func GetMCPScriptsMCPServerHTTPScript() string {
 	return ""
 }
 
-func GetSafeInputsConfigLoaderScript() string {
+func GetMCPScriptsConfigLoaderScript() string {
 	return ""
 }
 
-func GetSafeInputsValidationScript() string {
+func GetMCPScriptsValidationScript() string {
 	return ""
 }
 
diff --git a/pkg/workflow/mcp_api_key_masking_test.go b/pkg/workflow/mcp_api_key_masking_test.go
index 48b264e3568..09c348f3202 100644
--- a/pkg/workflow/mcp_api_key_masking_test.go
+++ b/pkg/workflow/mcp_api_key_masking_test.go
@@ -70,12 +70,12 @@ func TestSafeOutputsAPIKeyImmediateMasking(t *testing.T) {
 	}
 }
 
-// TestSafeInputsAPIKeyImmediateMasking verifies that the Safe Inputs API key
+// TestMCPScriptsAPIKeyImmediateMasking verifies that the Safe Inputs API key
 // is masked immediately after generation, before any other operations.
-func TestSafeInputsAPIKeyImmediateMasking(t *testing.T) {
+func TestMCPScriptsAPIKeyImmediateMasking(t *testing.T) {
 	workflowData := &WorkflowData{
-		SafeInputs: &SafeInputsConfig{
-			Tools: map[string]*SafeInputToolConfig{
+		MCPScripts: &MCPScriptsConfig{
+			Tools: map[string]*MCPScriptToolConfig{
 				"test-tool": {
 					Name:        "test-tool",
 					Description: "Test tool",
@@ -85,7 +85,7 @@ func TestSafeInputsAPIKeyImmediateMasking(t *testing.T) {
 		},
 		Tools: map[string]any{},
 		Features: map[string]any{
-			"safe-inputs": true,
+			"mcp-scripts": true,
 		},
 	}
 
@@ -97,7 +97,7 @@ func TestSafeInputsAPIKeyImmediateMasking(t *testing.T) {
 	output := yaml.String()
 
 	// Find the Safe Inputs config generation section
-	configStart := strings.Index(output, "Generate Safe Inputs MCP Server Config")
+	configStart := strings.Index(output, "Generate MCP Scripts Server Config")
 	require.Greater(t, configStart, -1, "Should find Safe Inputs config generation step")
 
 	// Extract just the run script for this step
@@ -186,8 +186,8 @@ func TestAPIKeyMaskingNoEmptyDeclaration(t *testing.T) {
 		SafeOutputs: &SafeOutputsConfig{
 			CreateIssues: &CreateIssuesConfig{},
 		},
-		SafeInputs: &SafeInputsConfig{
-			Tools: map[string]*SafeInputToolConfig{
+		MCPScripts: &MCPScriptsConfig{
+			Tools: map[string]*MCPScriptToolConfig{
 				"test": {Name: "test", Run: "echo test"},
 			},
 		},
@@ -198,7 +198,7 @@ func TestAPIKeyMaskingNoEmptyDeclaration(t *testing.T) {
 			},
 		},
 		Features: map[string]any{
-			"safe-inputs": true,
+			"mcp-scripts": true,
 		},
 	}
 
diff --git a/pkg/workflow/mcp_config_builtin.go b/pkg/workflow/mcp_config_builtin.go
index 3770f9c96bc..6669893fba9 100644
--- a/pkg/workflow/mcp_config_builtin.go
+++ b/pkg/workflow/mcp_config_builtin.go
@@ -69,7 +69,7 @@
 //   - mcp_renderer.go: Main renderer that calls these functions
 //   - mcp_setup_generator.go: Generates setup steps for these servers
 //   - safe_outputs.go: Safe-outputs configuration and validation
-//   - safe_inputs.go: Safe-inputs configuration (similar pattern)
+//   - mcp_scripts.go: Safe-inputs configuration (similar pattern)
 //
 // Example safe-outputs config:
 //
@@ -109,7 +109,7 @@ import (
 var mcpBuiltinLog = logger.New("workflow:mcp-config-builtin")
 
 // renderSafeOutputsMCPConfigWithOptions generates the Safe Outputs MCP server configuration with engine-specific options
-// Now uses HTTP transport instead of stdio, similar to safe-inputs
+// Now uses HTTP transport instead of stdio, similar to mcp-scripts
 // The server is started in a separate step before the agent job
 func renderSafeOutputsMCPConfigWithOptions(yaml *strings.Builder, isLast bool, includeCopilotFields bool, workflowData *WorkflowData) {
 	mcpBuiltinLog.Printf("Rendering Safe Outputs MCP config with options: isLast=%v, includeCopilotFields=%v", isLast, includeCopilotFields)
diff --git a/pkg/workflow/mcp_config_utils.go b/pkg/workflow/mcp_config_utils.go
index 19b049df7c2..76c04d1e1e1 100644
--- a/pkg/workflow/mcp_config_utils.go
+++ b/pkg/workflow/mcp_config_utils.go
@@ -33,7 +33,7 @@
 // Related files:
 //   - mcp_renderer.go: Uses URL rewriting for HTTP MCP servers
 //   - safe_outputs.go: Safe outputs HTTP server configuration
-//   - safe_inputs.go: Safe inputs HTTP server configuration
+//   - mcp_scripts.go: Safe inputs HTTP server configuration
 //
 // Example:
 //
diff --git a/pkg/workflow/mcp_detection.go b/pkg/workflow/mcp_detection.go
index de0bc2d326a..7008656ee37 100644
--- a/pkg/workflow/mcp_detection.go
+++ b/pkg/workflow/mcp_detection.go
@@ -35,8 +35,8 @@ func HasMCPServers(workflowData *WorkflowData) bool {
 		return true
 	}
 
-	// Check if safe-inputs is configured and feature flag is enabled (adds safe-inputs MCP server)
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
+	// Check if mcp-scripts is configured and feature flag is enabled (adds mcp-scripts MCP server)
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
 		return true
 	}
 
diff --git a/pkg/workflow/mcp_detection_test.go b/pkg/workflow/mcp_detection_test.go
index eb0dfbb8183..ec1d5767c96 100644
--- a/pkg/workflow/mcp_detection_test.go
+++ b/pkg/workflow/mcp_detection_test.go
@@ -89,11 +89,11 @@ func TestHasMCPServers(t *testing.T) {
 			expected: true,
 		},
 		{
-			name: "workflow with safe-inputs enabled",
+			name: "workflow with mcp-scripts enabled",
 			workflowData: &WorkflowData{
 				Tools: map[string]any{},
-				SafeInputs: &SafeInputsConfig{
-					Tools: map[string]*SafeInputToolConfig{
+				MCPScripts: &MCPScriptsConfig{
+					Tools: map[string]*MCPScriptToolConfig{
 						"test-tool": {
 							Name: "test-tool",
 							Run:  "echo test",
@@ -101,7 +101,7 @@ func TestHasMCPServers(t *testing.T) {
 					},
 				},
 				Features: map[string]any{
-					"safe-inputs": true,
+					"mcp-scripts": true,
 				},
 			},
 			expected: true,
@@ -172,11 +172,11 @@ func TestHasMCPServers_EdgeCases(t *testing.T) {
 		assert.False(t, result, "Safe-outputs with no fields should return false")
 	})
 
-	t.Run("safe-inputs without feature flag", func(t *testing.T) {
+	t.Run("mcp-scripts without feature flag", func(t *testing.T) {
 		workflowData := &WorkflowData{
 			Tools: map[string]any{},
-			SafeInputs: &SafeInputsConfig{
-				Tools: map[string]*SafeInputToolConfig{
+			MCPScripts: &MCPScriptsConfig{
+				Tools: map[string]*MCPScriptToolConfig{
 					"test-tool": {
 						Name: "test-tool",
 						Run:  "echo test",
diff --git a/pkg/workflow/mcp_environment.go b/pkg/workflow/mcp_environment.go
index c86fd21c03c..cc1487e354d 100644
--- a/pkg/workflow/mcp_environment.go
+++ b/pkg/workflow/mcp_environment.go
@@ -10,7 +10,7 @@
 // Key responsibilities:
 //   - Collecting MCP-related environment variables from workflow configuration
 //   - Managing GitHub MCP server tokens (custom, default, and GitHub App tokens)
-//   - Handling safe-outputs and safe-inputs environment variables
+//   - Handling safe-outputs and mcp-scripts environment variables
 //   - Processing Playwright domain secrets
 //   - Extracting secrets from HTTP MCP server headers
 //   - Managing agentic-workflows GITHUB_TOKEN
@@ -18,7 +18,7 @@
 // Environment variable categories:
 //   - GitHub MCP: GITHUB_MCP_SERVER_TOKEN, GITHUB_MCP_LOCKDOWN
 //   - Safe Outputs: GH_AW_SAFE_OUTPUTS_*, GH_AW_ASSETS_*
-//   - Safe Inputs: GH_AW_SAFE_INPUTS_PORT, GH_AW_SAFE_INPUTS_API_KEY
+//   - Safe Inputs: GH_AW_MCP_SCRIPTS_PORT, GH_AW_MCP_SCRIPTS_API_KEY
 //   - Serena: GH_AW_SERENA_PORT (local mode only)
 //   - Playwright: Secrets from custom args expressions
 //   - HTTP MCP: Custom secrets from headers and env sections
@@ -37,7 +37,7 @@
 //   - mcp_setup_generator.go: Uses collected env vars in gateway setup
 //   - mcp_github_config.go: GitHub-specific token and configuration
 //   - safe_outputs.go: Safe outputs configuration
-//   - safe_inputs.go: Safe inputs configuration
+//   - mcp_scripts.go: Safe inputs configuration
 //
 // Example usage:
 //
@@ -101,17 +101,17 @@ func collectMCPEnvironmentVariables(tools map[string]any, mcpTools []string, wor
 		}
 	}
 
-	// Check for safe-inputs env vars
-	// Only add env vars if safe-inputs is actually enabled (has tools configured)
-	// This prevents referencing step outputs that don't exist when safe-inputs isn't used
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
+	// Check for mcp-scripts env vars
+	// Only add env vars if mcp-scripts is actually enabled (has tools configured)
+	// This prevents referencing step outputs that don't exist when mcp-scripts isn't used
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
 		// Add server configuration env vars from step outputs
-		envVars["GH_AW_SAFE_INPUTS_PORT"] = "${{ steps.safe-inputs-start.outputs.port }}"
-		envVars["GH_AW_SAFE_INPUTS_API_KEY"] = "${{ steps.safe-inputs-start.outputs.api_key }}"
+		envVars["GH_AW_MCP_SCRIPTS_PORT"] = "${{ steps.mcp-scripts-start.outputs.port }}"
+		envVars["GH_AW_MCP_SCRIPTS_API_KEY"] = "${{ steps.mcp-scripts-start.outputs.api_key }}"
 
 		// Add tool-specific env vars (secrets passthrough)
-		safeInputsSecrets := collectSafeInputsSecrets(workflowData.SafeInputs)
-		maps.Copy(envVars, safeInputsSecrets)
+		mcpScriptsSecrets := collectMCPScriptsSecrets(workflowData.MCPScripts)
+		maps.Copy(envVars, mcpScriptsSecrets)
 	}
 
 	// Check for safe-outputs env vars
@@ -146,7 +146,7 @@ func collectMCPEnvironmentVariables(tools map[string]any, mcpTools []string, wor
 		// Skip standard tools that are handled above
 		if toolName == "github" || toolName == "playwright" || toolName == "serena" ||
 			toolName == "cache-memory" || toolName == "agentic-workflows" ||
-			toolName == "safe-outputs" || toolName == "safe-inputs" {
+			toolName == "safe-outputs" || toolName == "mcp-scripts" {
 			continue
 		}
 
diff --git a/pkg/workflow/mcp_renderer.go b/pkg/workflow/mcp_renderer.go
index a95d7eb4af3..255ce4bd5cb 100644
--- a/pkg/workflow/mcp_renderer.go
+++ b/pkg/workflow/mcp_renderer.go
@@ -12,7 +12,7 @@
 //   - Engine-specific format handling (JSON-like vs TOML-like)
 //   - GitHub MCP server configuration (local Docker and remote hosted)
 //   - Playwright MCP server configuration
-//   - Safe-outputs and safe-inputs MCP server configuration
+//   - Safe-outputs and mcp-scripts MCP server configuration
 //   - Agentic-workflows MCP server configuration
 //   - Cache-memory MCP server configuration
 //   - Serena MCP server configuration
@@ -330,7 +330,7 @@ func (r *MCPConfigRendererUnified) RenderSafeOutputsMCP(yaml *strings.Builder, w
 }
 
 // renderSafeOutputsTOML generates Safe Outputs MCP configuration in TOML format
-// Now uses HTTP transport instead of stdio, similar to safe-inputs
+// Now uses HTTP transport instead of stdio, similar to mcp-scripts
 func (r *MCPConfigRendererUnified) renderSafeOutputsTOML(yaml *strings.Builder, workflowData *WorkflowData) {
 	// Determine host based on whether agent is disabled
 	host := "host.docker.internal"
@@ -348,24 +348,24 @@ func (r *MCPConfigRendererUnified) renderSafeOutputsTOML(yaml *strings.Builder,
 	yaml.WriteString("          Authorization = \"$GH_AW_SAFE_OUTPUTS_API_KEY\"\n")
 }
 
-// RenderSafeInputsMCP generates the Safe Inputs MCP server configuration
-func (r *MCPConfigRendererUnified) RenderSafeInputsMCP(yaml *strings.Builder, safeInputs *SafeInputsConfig, workflowData *WorkflowData) {
+// RenderMCPScriptsMCP generates the Safe Inputs MCP server configuration
+func (r *MCPConfigRendererUnified) RenderMCPScriptsMCP(yaml *strings.Builder, mcpScripts *MCPScriptsConfig, workflowData *WorkflowData) {
 	mcpRendererLog.Printf("Rendering Safe Inputs MCP: format=%s", r.options.Format)
 
 	if r.options.Format == "toml" {
-		r.renderSafeInputsTOML(yaml, safeInputs, workflowData)
+		r.renderMCPScriptsTOML(yaml, mcpScripts, workflowData)
 		return
 	}
 
 	// JSON format
-	renderSafeInputsMCPConfigWithOptions(yaml, safeInputs, r.options.IsLast, r.options.IncludeCopilotFields, workflowData)
+	renderMCPScriptsMCPConfigWithOptions(yaml, mcpScripts, r.options.IsLast, r.options.IncludeCopilotFields, workflowData)
 }
 
-// renderSafeInputsTOML generates Safe Inputs MCP configuration in TOML format
+// renderMCPScriptsTOML generates Safe Inputs MCP configuration in TOML format
 // Uses HTTP transport exclusively
-func (r *MCPConfigRendererUnified) renderSafeInputsTOML(yaml *strings.Builder, safeInputs *SafeInputsConfig, workflowData *WorkflowData) {
+func (r *MCPConfigRendererUnified) renderMCPScriptsTOML(yaml *strings.Builder, mcpScripts *MCPScriptsConfig, workflowData *WorkflowData) {
 	yaml.WriteString("          \n")
-	yaml.WriteString("          [mcp_servers." + constants.SafeInputsMCPServerID.String() + "]\n")
+	yaml.WriteString("          [mcp_servers." + constants.MCPScriptsMCPServerID.String() + "]\n")
 	yaml.WriteString("          type = \"http\"\n")
 
 	// Determine host based on whether agent is disabled
@@ -373,13 +373,13 @@ func (r *MCPConfigRendererUnified) renderSafeInputsTOML(yaml *strings.Builder, s
 	if workflowData != nil && workflowData.SandboxConfig != nil && workflowData.SandboxConfig.Agent != nil && workflowData.SandboxConfig.Agent.Disabled {
 		// When agent is disabled (no firewall), use localhost instead of host.docker.internal
 		host = "localhost"
-		mcpRendererLog.Print("Using localhost for safe-inputs (agent disabled)")
+		mcpRendererLog.Print("Using localhost for mcp-scripts (agent disabled)")
 	} else {
-		mcpRendererLog.Print("Using host.docker.internal for safe-inputs (agent enabled)")
+		mcpRendererLog.Print("Using host.docker.internal for mcp-scripts (agent enabled)")
 	}
 
-	yaml.WriteString("          url = \"http://" + host + ":$GH_AW_SAFE_INPUTS_PORT\"\n")
-	yaml.WriteString("          headers = { Authorization = \"$GH_AW_SAFE_INPUTS_API_KEY\" }\n")
+	yaml.WriteString("          url = \"http://" + host + ":$GH_AW_MCP_SCRIPTS_PORT\"\n")
+	yaml.WriteString("          headers = { Authorization = \"$GH_AW_MCP_SCRIPTS_API_KEY\" }\n")
 	// Note: env_vars is not supported for HTTP transport in MCP configuration
 	// Environment variables are passed via the workflow job's env: section instead
 }
@@ -622,7 +622,7 @@ type MCPToolRenderers struct {
 	RenderCacheMemory      func(yaml *strings.Builder, isLast bool, workflowData *WorkflowData)
 	RenderAgenticWorkflows func(yaml *strings.Builder, isLast bool)
 	RenderSafeOutputs      func(yaml *strings.Builder, isLast bool, workflowData *WorkflowData)
-	RenderSafeInputs       func(yaml *strings.Builder, safeInputs *SafeInputsConfig, isLast bool)
+	RenderMCPScripts       func(yaml *strings.Builder, mcpScripts *MCPScriptsConfig, isLast bool)
 	RenderWebFetch         func(yaml *strings.Builder, isLast bool)
 	RenderCustomMCPConfig  RenderCustomMCPToolConfigHandler
 }
@@ -957,9 +957,9 @@ func RenderJSONMCPConfig(
 			options.Renderers.RenderAgenticWorkflows(&configBuilder, isLast)
 		case "safe-outputs":
 			options.Renderers.RenderSafeOutputs(&configBuilder, isLast, workflowData)
-		case "safe-inputs":
-			if options.Renderers.RenderSafeInputs != nil {
-				options.Renderers.RenderSafeInputs(&configBuilder, workflowData.SafeInputs, isLast)
+		case "mcp-scripts":
+			if options.Renderers.RenderMCPScripts != nil {
+				options.Renderers.RenderMCPScripts(&configBuilder, workflowData.MCPScripts, isLast)
 			}
 		case "web-fetch":
 			options.Renderers.RenderWebFetch(&configBuilder, isLast)
diff --git a/pkg/workflow/mcp_safe_inputs_conditional_test.go b/pkg/workflow/mcp_scripts_conditional_test.go
similarity index 66%
rename from pkg/workflow/mcp_safe_inputs_conditional_test.go
rename to pkg/workflow/mcp_scripts_conditional_test.go
index 224dae5614d..e13b70ab91f 100644
--- a/pkg/workflow/mcp_safe_inputs_conditional_test.go
+++ b/pkg/workflow/mcp_scripts_conditional_test.go
@@ -11,13 +11,13 @@ import (
 	"github.com/github/gh-aw/pkg/stringutil"
 )
 
-// TestMCPGatewaySafeInputsEnvVarsConditional tests that Safe Inputs environment variables
+// TestMCPGatewayMCPScriptsEnvVarsConditional tests that Safe Inputs environment variables
 // are only included in the MCP gateway step when Safe Inputs is actually configured
-func TestMCPGatewaySafeInputsEnvVarsConditional(t *testing.T) {
+func TestMCPGatewayMCPScriptsEnvVarsConditional(t *testing.T) {
 	tests := []struct {
 		name                    string
 		workflowContent         string
-		expectSafeInputsEnvVars bool
+		expectMCPScriptsEnvVars bool
 		description             string
 	}{
 		{
@@ -30,10 +30,10 @@ tools:
     toolsets: [default]
 ---
 
-Test workflow without safe inputs
+Test workflow without mcp-scripts
 `,
-			expectSafeInputsEnvVars: false,
-			description:             "When safe-inputs is not configured, the MCP gateway should not reference Safe Inputs env vars",
+			expectMCPScriptsEnvVars: false,
+			description:             "When mcp-scripts is not configured, the MCP gateway should not reference Safe Inputs env vars",
 		},
 		{
 			name: "With Safe Inputs - Should Include Env Vars",
@@ -43,17 +43,17 @@ engine: copilot
 tools:
   github:
     toolsets: [default]
-safe-inputs:
+mcp-scripts:
   test-tool:
     description: Test tool
     script: |
       return { result: "test" };
 ---
 
-Test workflow with safe inputs
+Test workflow with mcp-scripts
 `,
-			expectSafeInputsEnvVars: true,
-			description:             "When safe-inputs is configured, the MCP gateway should reference Safe Inputs env vars",
+			expectMCPScriptsEnvVars: true,
+			description:             "When mcp-scripts is configured, the MCP gateway should reference Safe Inputs env vars",
 		},
 		{
 			name: "Claude Engine Without Safe Inputs",
@@ -65,27 +65,27 @@ tools:
     toolsets: [default]
 ---
 
-Test Claude workflow without safe inputs
+Test Claude workflow without mcp-scripts
 `,
-			expectSafeInputsEnvVars: false,
-			description:             "Claude engine without safe-inputs should not include Safe Inputs env vars",
+			expectMCPScriptsEnvVars: false,
+			description:             "Claude engine without mcp-scripts should not include Safe Inputs env vars",
 		},
 		{
 			name: "Codex Engine With Safe Inputs",
 			workflowContent: `---
 on: workflow_dispatch
 engine: codex
-safe-inputs:
+mcp-scripts:
   my-tool:
     description: My custom tool
     script: |
       return { status: "ok" };
 ---
 
-Test Codex workflow with safe inputs
+Test Codex workflow with mcp-scripts
 `,
-			expectSafeInputsEnvVars: true,
-			description:             "Codex engine with safe-inputs should include Safe Inputs env vars",
+			expectMCPScriptsEnvVars: true,
+			description:             "Codex engine with mcp-scripts should include Safe Inputs env vars",
 		},
 	}
 
@@ -134,36 +134,36 @@ Test Codex workflow with safe inputs
 			}
 
 			// Check for Safe Inputs env vars in the env section
-			hasEnvVarsInEnvSection := strings.Contains(mcpGatewaySection, "GH_AW_SAFE_INPUTS_PORT:") &&
-				strings.Contains(mcpGatewaySection, "GH_AW_SAFE_INPUTS_API_KEY:")
+			hasEnvVarsInEnvSection := strings.Contains(mcpGatewaySection, "GH_AW_MCP_SCRIPTS_PORT:") &&
+				strings.Contains(mcpGatewaySection, "GH_AW_MCP_SCRIPTS_API_KEY:")
 
 			// Check for Safe Inputs env vars in the Docker command
-			hasEnvVarsInDockerCmd := strings.Contains(mcpGatewaySection, "-e GH_AW_SAFE_INPUTS_PORT") &&
-				strings.Contains(mcpGatewaySection, "-e GH_AW_SAFE_INPUTS_API_KEY")
+			hasEnvVarsInDockerCmd := strings.Contains(mcpGatewaySection, "-e GH_AW_MCP_SCRIPTS_PORT") &&
+				strings.Contains(mcpGatewaySection, "-e GH_AW_MCP_SCRIPTS_API_KEY")
 
-			if tt.expectSafeInputsEnvVars {
+			if tt.expectMCPScriptsEnvVars {
 				if !hasEnvVarsInEnvSection {
-					t.Errorf("%s: Expected GH_AW_SAFE_INPUTS_PORT and GH_AW_SAFE_INPUTS_API_KEY in env section but not found", tt.description)
+					t.Errorf("%s: Expected GH_AW_MCP_SCRIPTS_PORT and GH_AW_MCP_SCRIPTS_API_KEY in env section but not found", tt.description)
 				}
 				if !hasEnvVarsInDockerCmd {
-					t.Errorf("%s: Expected GH_AW_SAFE_INPUTS_PORT and GH_AW_SAFE_INPUTS_API_KEY in Docker command but not found", tt.description)
+					t.Errorf("%s: Expected GH_AW_MCP_SCRIPTS_PORT and GH_AW_MCP_SCRIPTS_API_KEY in Docker command but not found", tt.description)
 				}
 			} else {
 				if hasEnvVarsInEnvSection {
-					t.Errorf("%s: Did not expect GH_AW_SAFE_INPUTS_PORT or GH_AW_SAFE_INPUTS_API_KEY in env section but found them", tt.description)
+					t.Errorf("%s: Did not expect GH_AW_MCP_SCRIPTS_PORT or GH_AW_MCP_SCRIPTS_API_KEY in env section but found them", tt.description)
 				}
 				if hasEnvVarsInDockerCmd {
-					t.Errorf("%s: Did not expect GH_AW_SAFE_INPUTS_PORT or GH_AW_SAFE_INPUTS_API_KEY in Docker command but found them", tt.description)
+					t.Errorf("%s: Did not expect GH_AW_MCP_SCRIPTS_PORT or GH_AW_MCP_SCRIPTS_API_KEY in Docker command but found them", tt.description)
 				}
 			}
 		})
 	}
 }
 
-// TestMCPGatewaySafeInputsValidation tests that the workflow fails validation
-// if Safe Inputs env vars are referenced but the safe-inputs-start step doesn't exist
-func TestMCPGatewaySafeInputsValidation(t *testing.T) {
+// TestMCPGatewayMCPScriptsValidation tests that the workflow fails validation
+// if Safe Inputs env vars are referenced but the mcp-scripts-start step doesn't exist
+func TestMCPGatewayMCPScriptsValidation(t *testing.T) {
 	t.Skip("This test is for future validation logic - not implemented yet")
 	// This would test that if someone manually adds Safe Inputs to MCP tools list
-	// without actually configuring safe-inputs, validation catches the error
+	// without actually configuring mcp-scripts, validation catches the error
 }
diff --git a/pkg/workflow/safe_inputs_experimental_warning_test.go b/pkg/workflow/mcp_scripts_experimental_warning_test.go
similarity index 80%
rename from pkg/workflow/safe_inputs_experimental_warning_test.go
rename to pkg/workflow/mcp_scripts_experimental_warning_test.go
index 1dff24b082e..2fe9663ccbb 100644
--- a/pkg/workflow/safe_inputs_experimental_warning_test.go
+++ b/pkg/workflow/mcp_scripts_experimental_warning_test.go
@@ -13,20 +13,20 @@ import (
 	"github.com/github/gh-aw/pkg/testutil"
 )
 
-// TestSafeInputsExperimentalWarning tests that the safe-inputs feature
+// TestMCPScriptsExperimentalWarning tests that the mcp-scripts feature
 // emits an experimental warning when enabled.
-func TestSafeInputsExperimentalWarning(t *testing.T) {
+func TestMCPScriptsExperimentalWarning(t *testing.T) {
 	tests := []struct {
 		name          string
 		content       string
 		expectWarning bool
 	}{
 		{
-			name: "safe-inputs enabled produces experimental warning",
+			name: "mcp-scripts enabled produces experimental warning",
 			content: `---
 on: workflow_dispatch
 engine: copilot
-safe-inputs:
+mcp-scripts:
   greet-user:
     description: "Greet a user by name"
     inputs:
@@ -44,7 +44,7 @@ permissions:
 			expectWarning: true,
 		},
 		{
-			name: "no safe-inputs does not produce experimental warning",
+			name: "no mcp-scripts does not produce experimental warning",
 			content: `---
 on: workflow_dispatch
 engine: copilot
@@ -57,11 +57,11 @@ permissions:
 			expectWarning: false,
 		},
 		{
-			name: "empty safe-inputs does not produce experimental warning",
+			name: "empty mcp-scripts does not produce experimental warning",
 			content: `---
 on: workflow_dispatch
 engine: copilot
-safe-inputs: {}
+mcp-scripts: {}
 permissions:
   contents: read
 ---
@@ -71,11 +71,11 @@ permissions:
 			expectWarning: false,
 		},
 		{
-			name: "safe-inputs with shell tool produces experimental warning",
+			name: "mcp-scripts with shell tool produces experimental warning",
 			content: `---
 on: workflow_dispatch
 engine: copilot
-safe-inputs:
+mcp-scripts:
   list-files:
     description: "List files in current directory"
     run: |
@@ -89,11 +89,11 @@ permissions:
 			expectWarning: true,
 		},
 		{
-			name: "safe-inputs with python tool produces experimental warning",
+			name: "mcp-scripts with python tool produces experimental warning",
 			content: `---
 on: workflow_dispatch
 engine: copilot
-safe-inputs:
+mcp-scripts:
   analyze-data:
     description: "Analyze data with Python"
     inputs:
@@ -116,7 +116,7 @@ permissions:
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			tmpDir := testutil.TempDir(t, "safe-inputs-experimental-warning-test")
+			tmpDir := testutil.TempDir(t, "mcp-scripts-experimental-warning-test")
 
 			testFile := filepath.Join(tmpDir, "test-workflow.md")
 			if err := os.WriteFile(testFile, []byte(tt.content), 0644); err != nil {
@@ -144,7 +144,7 @@ permissions:
 				return
 			}
 
-			expectedMessage := "Using experimental feature: safe-inputs"
+			expectedMessage := "Using experimental feature: mcp-scripts"
 
 			if tt.expectWarning {
 				if !strings.Contains(stderrOutput, expectedMessage) {
@@ -156,7 +156,7 @@ permissions:
 				}
 			}
 
-			// Verify warning count includes safe-inputs warning
+			// Verify warning count includes mcp-scripts warning
 			if tt.expectWarning {
 				warningCount := compiler.GetWarningCount()
 				if warningCount == 0 {
diff --git a/pkg/workflow/safe_inputs_firewall_test.go b/pkg/workflow/mcp_scripts_firewall_test.go
similarity index 84%
rename from pkg/workflow/safe_inputs_firewall_test.go
rename to pkg/workflow/mcp_scripts_firewall_test.go
index 87a5b454251..845f64209d4 100644
--- a/pkg/workflow/safe_inputs_firewall_test.go
+++ b/pkg/workflow/mcp_scripts_firewall_test.go
@@ -9,9 +9,9 @@ import (
 	"github.com/github/gh-aw/pkg/constants"
 )
 
-// TestSafeInputsWithFirewallIncludesHostDockerInternal tests that host.docker.internal
-// is added to allowed domains when safe-inputs is enabled with firewall
-func TestSafeInputsWithFirewallIncludesHostDockerInternal(t *testing.T) {
+// TestMCPScriptsWithFirewallIncludesHostDockerInternal tests that host.docker.internal
+// is added to allowed domains when mcp-scripts is enabled with firewall
+func TestMCPScriptsWithFirewallIncludesHostDockerInternal(t *testing.T) {
 	workflowData := &WorkflowData{
 		Name: "test-workflow",
 		EngineConfig: &EngineConfig{
@@ -23,8 +23,8 @@ func TestSafeInputsWithFirewallIncludesHostDockerInternal(t *testing.T) {
 			},
 			Allowed: []string{"github.com"},
 		},
-		SafeInputs: &SafeInputsConfig{
-			Tools: map[string]*SafeInputToolConfig{
+		MCPScripts: &MCPScriptsConfig{
+			Tools: map[string]*MCPScriptToolConfig{
 				"test-tool": {
 					Name:        "test-tool",
 					Description: "A test tool",
@@ -45,7 +45,7 @@ func TestSafeInputsWithFirewallIncludesHostDockerInternal(t *testing.T) {
 
 	// Verify that host.docker.internal is in the allowed domains
 	if !strings.Contains(stepContent, "host.docker.internal") {
-		t.Error("Expected firewall command to include 'host.docker.internal' when safe-inputs is enabled")
+		t.Error("Expected firewall command to include 'host.docker.internal' when mcp-scripts is enabled")
 	}
 
 	// Verify the firewall command structure
@@ -54,8 +54,8 @@ func TestSafeInputsWithFirewallIncludesHostDockerInternal(t *testing.T) {
 	}
 }
 
-// TestGetCopilotAllowedDomainsWithSafeInputs tests the domain calculation function
-func TestGetCopilotAllowedDomainsWithSafeInputs(t *testing.T) {
+// TestGetCopilotAllowedDomainsWithMCPScripts tests the domain calculation function
+func TestGetCopilotAllowedDomainsWithMCPScripts(t *testing.T) {
 	t.Run("always includes host.docker.internal in default domains", func(t *testing.T) {
 		network := &NetworkPermissions{
 			Allowed: []string{"github.com"},
@@ -72,7 +72,7 @@ func TestGetCopilotAllowedDomainsWithSafeInputs(t *testing.T) {
 		}
 	})
 
-	t.Run("includes host.docker.internal even when safe-inputs disabled", func(t *testing.T) {
+	t.Run("includes host.docker.internal even when mcp-scripts disabled", func(t *testing.T) {
 		network := &NetworkPermissions{
 			Allowed: []string{"github.com"},
 		}
diff --git a/pkg/workflow/safe_inputs_generator.go b/pkg/workflow/mcp_scripts_generator.go
similarity index 73%
rename from pkg/workflow/safe_inputs_generator.go
rename to pkg/workflow/mcp_scripts_generator.go
index 1b4b0c3efaf..b109033d4ec 100644
--- a/pkg/workflow/safe_inputs_generator.go
+++ b/pkg/workflow/mcp_scripts_generator.go
@@ -11,10 +11,10 @@ import (
 	"github.com/github/gh-aw/pkg/stringutil"
 )
 
-var safeInputsGeneratorLog = logger.New("workflow:safe_inputs_generator")
+var mcpScriptsGeneratorLog = logger.New("workflow:mcp_scripts_generator")
 
-// SafeInputsToolJSON represents a tool configuration for the tools.json file
-type SafeInputsToolJSON struct {
+// MCPScriptsToolJSON represents a tool configuration for the tools.json file
+type MCPScriptsToolJSON struct {
 	Name        string            `json:"name"`
 	Description string            `json:"description"`
 	InputSchema map[string]any    `json:"inputSchema"`
@@ -23,34 +23,34 @@ type SafeInputsToolJSON struct {
 	Timeout     int               `json:"timeout,omitempty"`
 }
 
-// SafeInputsConfigJSON represents the tools.json configuration file structure
-type SafeInputsConfigJSON struct {
+// MCPScriptsConfigJSON represents the tools.json configuration file structure
+type MCPScriptsConfigJSON struct {
 	ServerName string               `json:"serverName"`
 	Version    string               `json:"version"`
 	LogDir     string               `json:"logDir,omitempty"`
-	Tools      []SafeInputsToolJSON `json:"tools"`
+	Tools      []MCPScriptsToolJSON `json:"tools"`
 }
 
-// generateSafeInputsToolsConfig generates the tools.json configuration for the safe-inputs MCP server
-func generateSafeInputsToolsConfig(safeInputs *SafeInputsConfig) string {
-	safeInputsGeneratorLog.Printf("Generating safe-inputs tools.json config: tool_count=%d", len(safeInputs.Tools))
+// generateMCPScriptsToolsConfig generates the tools.json configuration for the mcp-scripts MCP server
+func generateMCPScriptsToolsConfig(mcpScripts *MCPScriptsConfig) string {
+	mcpScriptsGeneratorLog.Printf("Generating mcp-scripts tools.json config: tool_count=%d", len(mcpScripts.Tools))
 
-	config := SafeInputsConfigJSON{
-		ServerName: "safeinputs",
-		Version:    constants.SafeInputsMCPVersion,
-		LogDir:     SafeInputsDirectory + "/logs",
-		Tools:      []SafeInputsToolJSON{},
+	config := MCPScriptsConfigJSON{
+		ServerName: "mcpscripts",
+		Version:    constants.MCPScriptsMCPVersion,
+		LogDir:     MCPScriptsDirectory + "/logs",
+		Tools:      []MCPScriptsToolJSON{},
 	}
 
 	// Sort tool names for stable output
-	toolNames := make([]string, 0, len(safeInputs.Tools))
-	for toolName := range safeInputs.Tools {
+	toolNames := make([]string, 0, len(mcpScripts.Tools))
+	for toolName := range mcpScripts.Tools {
 		toolNames = append(toolNames, toolName)
 	}
 	sort.Strings(toolNames)
 
 	for _, toolName := range toolNames {
-		toolConfig := safeInputs.Tools[toolName]
+		toolConfig := mcpScripts.Tools[toolName]
 
 		// Build input schema
 		inputSchema := map[string]any{
@@ -120,7 +120,7 @@ func generateSafeInputsToolsConfig(safeInputs *SafeInputsConfig) string {
 			}
 		}
 
-		config.Tools = append(config.Tools, SafeInputsToolJSON{
+		config.Tools = append(config.Tools, MCPScriptsToolJSON{
 			Name:        toolName,
 			Description: toolConfig.Description,
 			InputSchema: inputSchema,
@@ -132,41 +132,41 @@ func generateSafeInputsToolsConfig(safeInputs *SafeInputsConfig) string {
 
 	jsonBytes, err := json.MarshalIndent(config, "", "  ")
 	if err != nil {
-		safeInputsGeneratorLog.Printf("Error marshaling tools config: %v", err)
+		mcpScriptsGeneratorLog.Printf("Error marshaling tools config: %v", err)
 		return "{}"
 	}
-	safeInputsGeneratorLog.Printf("Generated tools.json config: size=%d bytes", len(jsonBytes))
+	mcpScriptsGeneratorLog.Printf("Generated tools.json config: size=%d bytes", len(jsonBytes))
 	return string(jsonBytes)
 }
 
-// generateSafeInputsMCPServerScript generates the entry point script for the safe-inputs MCP server
+// generateMCPScriptsMCPServerScript generates the entry point script for the mcp-scripts MCP server
 // This script uses HTTP transport exclusively
-func generateSafeInputsMCPServerScript(safeInputs *SafeInputsConfig) string {
-	safeInputsGeneratorLog.Print("Generating safe-inputs MCP server entry point script")
+func generateMCPScriptsMCPServerScript(mcpScripts *MCPScriptsConfig) string {
+	mcpScriptsGeneratorLog.Print("Generating mcp-scripts MCP server entry point script")
 	var sb strings.Builder
 
 	// HTTP transport - server started in separate step
 	sb.WriteString(`// @ts-check
-// Auto-generated safe-inputs MCP server entry point (HTTP transport)
-// This script uses the reusable safe_inputs_mcp_server_http module
+// Auto-generated mcp-scripts MCP server entry point (HTTP transport)
+// This script uses the reusable mcp_scripts_mcp_server_http module
 
 const path = require("path");
-const { startHttpServer } = require("./safe_inputs_mcp_server_http.cjs");
+const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
 
 // Configuration file path (generated alongside this script)
 const configPath = path.join(__dirname, "tools.json");
 
 // Get port and API key from environment variables
-const port = parseInt(process.env.GH_AW_SAFE_INPUTS_PORT || "3000", 10);
-const apiKey = process.env.GH_AW_SAFE_INPUTS_API_KEY || "";
+const port = parseInt(process.env.GH_AW_MCP_SCRIPTS_PORT || "3000", 10);
+const apiKey = process.env.GH_AW_MCP_SCRIPTS_API_KEY || "";
 
 // Start the HTTP server
 startHttpServer(configPath, {
   port: port,
   stateless: true,
-  logDir: "/opt/gh-aw/safe-inputs/logs"
+  logDir: "/opt/gh-aw/mcp-scripts/logs"
 }).catch(error => {
-  console.error("Failed to start safe-inputs HTTP server:", error);
+  console.error("Failed to start mcp-scripts HTTP server:", error);
   process.exit(1);
 });
 `)
@@ -180,16 +180,16 @@ func formatMultiLineComment(description, prefix string) string {
 	return prefix + strings.ReplaceAll(strings.TrimRight(description, "\n"), "\n", "\n"+prefix) + "\n"
 }
 
-// generateSafeInputJavaScriptToolScript generates the JavaScript tool file for a safe-input tool
+// generateMCPScriptJavaScriptToolScript generates the JavaScript tool file for a mcp-script tool
 // The user's script code is automatically wrapped in a function with module.exports,
 // so users can write simple code without worrying about exports.
 // Input parameters are destructured and available as local variables.
-func generateSafeInputJavaScriptToolScript(toolConfig *SafeInputToolConfig) string {
-	safeInputsLog.Printf("Generating JavaScript tool script: tool=%s, input_count=%d", toolConfig.Name, len(toolConfig.Inputs))
+func generateMCPScriptJavaScriptToolScript(toolConfig *MCPScriptToolConfig) string {
+	mcpScriptsLog.Printf("Generating JavaScript tool script: tool=%s, input_count=%d", toolConfig.Name, len(toolConfig.Inputs))
 	var sb strings.Builder
 
 	sb.WriteString("// @ts-check\n")
-	sb.WriteString("// Auto-generated safe-input tool: " + toolConfig.Name + "\n\n")
+	sb.WriteString("// Auto-generated mcp-script tool: " + toolConfig.Name + "\n\n")
 	sb.WriteString("/**\n")
 	sb.WriteString(" * " + toolConfig.Description + "\n")
 	sb.WriteString(" * @param {Object} inputs - Input parameters\n")
@@ -231,19 +231,19 @@ func generateSafeInputJavaScriptToolScript(toolConfig *SafeInputToolConfig) stri
 	// Delegate subprocess execution to the shared runner module
 	sb.WriteString("// Run when executed directly (as a subprocess by the MCP handler)\n")
 	sb.WriteString("if (require.main === module) {\n")
-	sb.WriteString("  require(\"./safe-inputs-runner.cjs\")(execute);\n")
+	sb.WriteString("  require(\"./mcp-scripts-runner.cjs\")(execute);\n")
 	sb.WriteString("}\n")
 
 	return sb.String()
 }
 
-// generateSafeInputShellToolScript generates the shell script for a safe-input tool
-func generateSafeInputShellToolScript(toolConfig *SafeInputToolConfig) string {
-	safeInputsLog.Printf("Generating shell tool script: tool=%s", toolConfig.Name)
+// generateMCPScriptShellToolScript generates the shell script for a mcp-script tool
+func generateMCPScriptShellToolScript(toolConfig *MCPScriptToolConfig) string {
+	mcpScriptsLog.Printf("Generating shell tool script: tool=%s", toolConfig.Name)
 	var sb strings.Builder
 
 	sb.WriteString("#!/bin/bash\n")
-	sb.WriteString("# Auto-generated safe-input tool: " + toolConfig.Name + "\n")
+	sb.WriteString("# Auto-generated mcp-script tool: " + toolConfig.Name + "\n")
 	sb.WriteString(formatMultiLineComment(toolConfig.Description, "# ") + "\n")
 	sb.WriteString("set -euo pipefail\n\n")
 	sb.WriteString(toolConfig.Run + "\n")
@@ -251,18 +251,18 @@ func generateSafeInputShellToolScript(toolConfig *SafeInputToolConfig) string {
 	return sb.String()
 }
 
-// generateSafeInputPythonToolScript generates the Python script for a safe-input tool
+// generateMCPScriptPythonToolScript generates the Python script for a mcp-script tool
 // Python scripts receive inputs as a dictionary (parsed from JSON stdin):
 // - Input parameters are available as a pre-parsed 'inputs' dictionary
 // - Individual parameters can be destructured: param = inputs.get('param', default)
 // - Outputs are printed to stdout as JSON
 // - Environment variables from env: field are available via os.environ
-func generateSafeInputPythonToolScript(toolConfig *SafeInputToolConfig) string {
-	safeInputsLog.Printf("Generating Python tool script: tool=%s, input_count=%d", toolConfig.Name, len(toolConfig.Inputs))
+func generateMCPScriptPythonToolScript(toolConfig *MCPScriptToolConfig) string {
+	mcpScriptsLog.Printf("Generating Python tool script: tool=%s, input_count=%d", toolConfig.Name, len(toolConfig.Inputs))
 	var sb strings.Builder
 
 	sb.WriteString("#!/usr/bin/env python3\n")
-	sb.WriteString("# Auto-generated safe-input tool: " + toolConfig.Name + "\n")
+	sb.WriteString("# Auto-generated mcp-script tool: " + toolConfig.Name + "\n")
 	sb.WriteString(formatMultiLineComment(toolConfig.Description, "# ") + "\n")
 	sb.WriteString("import json\n")
 	sb.WriteString("import os\n")
@@ -303,17 +303,17 @@ func generateSafeInputPythonToolScript(toolConfig *SafeInputToolConfig) string {
 	return sb.String()
 }
 
-// generateSafeInputGoToolScript generates the Go script for a safe-input tool
+// generateMCPScriptGoToolScript generates the Go script for a mcp-script tool
 // Go scripts receive inputs as JSON via stdin and output JSON to stdout:
 // - Input parameters are decoded from stdin into a map[string]any
 // - Outputs are printed to stdout as JSON
 // - Environment variables from env: field are available via os.Getenv()
-func generateSafeInputGoToolScript(toolConfig *SafeInputToolConfig) string {
-	safeInputsLog.Printf("Generating Go tool script: tool=%s, input_count=%d", toolConfig.Name, len(toolConfig.Inputs))
+func generateMCPScriptGoToolScript(toolConfig *MCPScriptToolConfig) string {
+	mcpScriptsLog.Printf("Generating Go tool script: tool=%s, input_count=%d", toolConfig.Name, len(toolConfig.Inputs))
 	var sb strings.Builder
 
 	sb.WriteString("package main\n\n")
-	sb.WriteString("// Auto-generated safe-input tool: " + toolConfig.Name + "\n")
+	sb.WriteString("// Auto-generated mcp-script tool: " + toolConfig.Name + "\n")
 	sb.WriteString(formatMultiLineComment(toolConfig.Description, "// ") + "\n")
 	sb.WriteString("import (\n")
 	sb.WriteString("\t\"encoding/json\"\n")
@@ -362,32 +362,32 @@ func generateSafeInputGoToolScript(toolConfig *SafeInputToolConfig) string {
 
 // Public wrapper functions for CLI use
 
-// GenerateSafeInputsToolsConfigForInspector generates the tools.json configuration for the safe-inputs MCP server
+// GenerateMCPScriptsToolsConfigForInspector generates the tools.json configuration for the mcp-scripts MCP server
 // This is a public wrapper for use by the CLI inspector command
-func GenerateSafeInputsToolsConfigForInspector(safeInputs *SafeInputsConfig) string {
-	return generateSafeInputsToolsConfig(safeInputs)
+func GenerateMCPScriptsToolsConfigForInspector(mcpScripts *MCPScriptsConfig) string {
+	return generateMCPScriptsToolsConfig(mcpScripts)
 }
 
-// GenerateSafeInputsMCPServerScriptForInspector generates the MCP server entry point script
+// GenerateMCPScriptsMCPServerScriptForInspector generates the MCP server entry point script
 // This is a public wrapper for use by the CLI inspector command
-func GenerateSafeInputsMCPServerScriptForInspector(safeInputs *SafeInputsConfig) string {
-	return generateSafeInputsMCPServerScript(safeInputs)
+func GenerateMCPScriptsMCPServerScriptForInspector(mcpScripts *MCPScriptsConfig) string {
+	return generateMCPScriptsMCPServerScript(mcpScripts)
 }
 
-// GenerateSafeInputJavaScriptToolScriptForInspector generates a JavaScript tool handler script
+// GenerateMCPScriptJavaScriptToolScriptForInspector generates a JavaScript tool handler script
 // This is a public wrapper for use by the CLI inspector command
-func GenerateSafeInputJavaScriptToolScriptForInspector(toolConfig *SafeInputToolConfig) string {
-	return generateSafeInputJavaScriptToolScript(toolConfig)
+func GenerateMCPScriptJavaScriptToolScriptForInspector(toolConfig *MCPScriptToolConfig) string {
+	return generateMCPScriptJavaScriptToolScript(toolConfig)
 }
 
-// GenerateSafeInputShellToolScriptForInspector generates a shell script tool handler
+// GenerateMCPScriptShellToolScriptForInspector generates a shell script tool handler
 // This is a public wrapper for use by the CLI inspector command
-func GenerateSafeInputShellToolScriptForInspector(toolConfig *SafeInputToolConfig) string {
-	return generateSafeInputShellToolScript(toolConfig)
+func GenerateMCPScriptShellToolScriptForInspector(toolConfig *MCPScriptToolConfig) string {
+	return generateMCPScriptShellToolScript(toolConfig)
 }
 
-// GenerateSafeInputPythonToolScriptForInspector generates a Python script tool handler
+// GenerateMCPScriptPythonToolScriptForInspector generates a Python script tool handler
 // This is a public wrapper for use by the CLI inspector command
-func GenerateSafeInputPythonToolScriptForInspector(toolConfig *SafeInputToolConfig) string {
-	return generateSafeInputPythonToolScript(toolConfig)
+func GenerateMCPScriptPythonToolScriptForInspector(toolConfig *MCPScriptToolConfig) string {
+	return generateMCPScriptPythonToolScript(toolConfig)
 }
diff --git a/pkg/workflow/safe_inputs_generator_test.go b/pkg/workflow/mcp_scripts_generator_test.go
similarity index 83%
rename from pkg/workflow/safe_inputs_generator_test.go
rename to pkg/workflow/mcp_scripts_generator_test.go
index 6c8846f7dcf..45de3579500 100644
--- a/pkg/workflow/safe_inputs_generator_test.go
+++ b/pkg/workflow/mcp_scripts_generator_test.go
@@ -7,14 +7,14 @@ import (
 	"testing"
 )
 
-func TestGenerateSafeInputsMCPServerScript(t *testing.T) {
-	config := &SafeInputsConfig{
-		Tools: map[string]*SafeInputToolConfig{
+func TestGenerateMCPScriptsMCPServerScript(t *testing.T) {
+	config := &MCPScriptsConfig{
+		Tools: map[string]*MCPScriptToolConfig{
 			"search-issues": {
 				Name:        "search-issues",
 				Description: "Search for issues in the repository",
 				Script:      "return 'hello';",
-				Inputs: map[string]*SafeInputParam{
+				Inputs: map[string]*MCPScriptParam{
 					"query": {
 						Type:        "string",
 						Description: "Search query",
@@ -26,7 +26,7 @@ func TestGenerateSafeInputsMCPServerScript(t *testing.T) {
 				Name:        "echo-message",
 				Description: "Echo a message",
 				Run:         "echo $INPUT_MESSAGE",
-				Inputs: map[string]*SafeInputParam{
+				Inputs: map[string]*MCPScriptParam{
 					"message": {
 						Type:        "string",
 						Description: "Message to echo",
@@ -38,7 +38,7 @@ func TestGenerateSafeInputsMCPServerScript(t *testing.T) {
 				Name:        "analyze-data",
 				Description: "Analyze data with Python",
 				Py:          "import json\nprint(json.dumps({'result': 'success'}))",
-				Inputs: map[string]*SafeInputParam{
+				Inputs: map[string]*MCPScriptParam{
 					"data": {
 						Type:        "string",
 						Description: "Data to analyze",
@@ -50,7 +50,7 @@ func TestGenerateSafeInputsMCPServerScript(t *testing.T) {
 				Name:        "process-data",
 				Description: "Process data with Go",
 				Go:          "result := map[string]any{\"count\": len(inputs)}\njson.NewEncoder(os.Stdout).Encode(result)",
-				Inputs: map[string]*SafeInputParam{
+				Inputs: map[string]*MCPScriptParam{
 					"data": {
 						Type:        "string",
 						Description: "Data to process",
@@ -62,10 +62,10 @@ func TestGenerateSafeInputsMCPServerScript(t *testing.T) {
 	}
 
 	// Test the entry point script
-	script := generateSafeInputsMCPServerScript(config)
+	script := generateMCPScriptsMCPServerScript(config)
 
 	// Check for HTTP server entry point structure
-	if !strings.Contains(script, "safe_inputs_mcp_server_http.cjs") {
+	if !strings.Contains(script, "mcp_scripts_mcp_server_http.cjs") {
 		t.Error("Script should reference the HTTP MCP server module")
 	}
 
@@ -77,22 +77,22 @@ func TestGenerateSafeInputsMCPServerScript(t *testing.T) {
 		t.Error("Script should reference tools.json configuration file")
 	}
 
-	if !strings.Contains(script, "/opt/gh-aw/safe-inputs/logs") {
+	if !strings.Contains(script, "/opt/gh-aw/mcp-scripts/logs") {
 		t.Error("Script should specify log directory")
 	}
 
-	if !strings.Contains(script, "GH_AW_SAFE_INPUTS_PORT") {
-		t.Error("Script should reference GH_AW_SAFE_INPUTS_PORT environment variable")
+	if !strings.Contains(script, "GH_AW_MCP_SCRIPTS_PORT") {
+		t.Error("Script should reference GH_AW_MCP_SCRIPTS_PORT environment variable")
 	}
 
-	if !strings.Contains(script, "GH_AW_SAFE_INPUTS_API_KEY") {
-		t.Error("Script should reference GH_AW_SAFE_INPUTS_API_KEY environment variable")
+	if !strings.Contains(script, "GH_AW_MCP_SCRIPTS_API_KEY") {
+		t.Error("Script should reference GH_AW_MCP_SCRIPTS_API_KEY environment variable")
 	}
 
 	// Test the tools configuration JSON
-	toolsJSON := generateSafeInputsToolsConfig(config)
+	toolsJSON := generateMCPScriptsToolsConfig(config)
 
-	if !strings.Contains(toolsJSON, `"serverName": "safeinputs"`) {
+	if !strings.Contains(toolsJSON, `"serverName": "mcpscripts"`) {
 		t.Error("Tools config should contain server name 'safeinputs'")
 	}
 
@@ -142,14 +142,14 @@ func TestGenerateSafeInputsMCPServerScript(t *testing.T) {
 	}
 }
 
-func TestGenerateSafeInputsToolsConfigWithEnv(t *testing.T) {
-	config := &SafeInputsConfig{
-		Tools: map[string]*SafeInputToolConfig{
+func TestGenerateMCPScriptsToolsConfigWithEnv(t *testing.T) {
+	config := &MCPScriptsConfig{
+		Tools: map[string]*MCPScriptToolConfig{
 			"github-query": {
 				Name:        "github-query",
 				Description: "Query GitHub with authentication",
 				Run:         "gh repo view $INPUT_REPO",
-				Inputs: map[string]*SafeInputParam{
+				Inputs: map[string]*MCPScriptParam{
 					"repo": {
 						Type:     "string",
 						Required: true,
@@ -163,7 +163,7 @@ func TestGenerateSafeInputsToolsConfigWithEnv(t *testing.T) {
 		},
 	}
 
-	toolsJSON := generateSafeInputsToolsConfig(config)
+	toolsJSON := generateMCPScriptsToolsConfig(config)
 
 	// Verify that env field is present in tools.json
 	if !strings.Contains(toolsJSON, `"env"`) {
@@ -195,12 +195,12 @@ func TestGenerateSafeInputsToolsConfigWithEnv(t *testing.T) {
 	}
 }
 
-func TestGenerateSafeInputJavaScriptToolScript(t *testing.T) {
-	config := &SafeInputToolConfig{
+func TestGenerateMCPScriptJavaScriptToolScript(t *testing.T) {
+	config := &MCPScriptToolConfig{
 		Name:        "test-tool",
 		Description: "A test tool",
 		Script:      "return inputs.value * 2;",
-		Inputs: map[string]*SafeInputParam{
+		Inputs: map[string]*MCPScriptParam{
 			"value": {
 				Type:        "number",
 				Description: "Value to double",
@@ -208,7 +208,7 @@ func TestGenerateSafeInputJavaScriptToolScript(t *testing.T) {
 		},
 	}
 
-	script := generateSafeInputJavaScriptToolScript(config)
+	script := generateMCPScriptJavaScriptToolScript(config)
 
 	if !strings.Contains(script, "test-tool") {
 		t.Error("Script should contain tool name")
@@ -230,19 +230,19 @@ func TestGenerateSafeInputJavaScriptToolScript(t *testing.T) {
 		t.Error("Script should have main execution block for subprocess execution")
 	}
 
-	if !strings.Contains(script, "require(\"./safe-inputs-runner.cjs\")(execute)") {
-		t.Error("Script should delegate to safe-inputs-runner.cjs for subprocess execution")
+	if !strings.Contains(script, "require(\"./mcp-scripts-runner.cjs\")(execute)") {
+		t.Error("Script should delegate to mcp-scripts-runner.cjs for subprocess execution")
 	}
 }
 
-func TestGenerateSafeInputShellToolScript(t *testing.T) {
-	config := &SafeInputToolConfig{
+func TestGenerateMCPScriptShellToolScript(t *testing.T) {
+	config := &MCPScriptToolConfig{
 		Name:        "test-shell",
 		Description: "A shell test tool",
 		Run:         "echo $INPUT_MESSAGE",
 	}
 
-	script := generateSafeInputShellToolScript(config)
+	script := generateMCPScriptShellToolScript(config)
 
 	if !strings.Contains(script, "#!/bin/bash") {
 		t.Error("Script should have bash shebang")
@@ -261,7 +261,7 @@ func TestGenerateSafeInputShellToolScript(t *testing.T) {
 	}
 }
 
-func TestGenerateSafeInputShellToolScriptMultiLineDescription(t *testing.T) {
+func TestGenerateMCPScriptShellToolScriptMultiLineDescription(t *testing.T) {
 	tests := []struct {
 		name        string
 		description string
@@ -278,13 +278,13 @@ func TestGenerateSafeInputShellToolScriptMultiLineDescription(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			config := &SafeInputToolConfig{
+			config := &MCPScriptToolConfig{
 				Name:        "test-shell-multiline",
 				Description: tt.description,
 				Run:         "echo hello",
 			}
 
-			script := generateSafeInputShellToolScript(config)
+			script := generateMCPScriptShellToolScript(config)
 
 			if !strings.Contains(script, "# First line of description.") {
 				t.Error("Script should have first description line prefixed with #")
@@ -299,12 +299,12 @@ func TestGenerateSafeInputShellToolScriptMultiLineDescription(t *testing.T) {
 	}
 }
 
-func TestGenerateSafeInputPythonToolScript(t *testing.T) {
-	config := &SafeInputToolConfig{
+func TestGenerateMCPScriptPythonToolScript(t *testing.T) {
+	config := &MCPScriptToolConfig{
 		Name:        "test-python",
 		Description: "A Python test tool",
 		Py:          "result = {'message': 'Hello from Python'}\nprint(json.dumps(result))",
-		Inputs: map[string]*SafeInputParam{
+		Inputs: map[string]*MCPScriptParam{
 			"message": {
 				Type:        "string",
 				Description: "Message to process",
@@ -316,7 +316,7 @@ func TestGenerateSafeInputPythonToolScript(t *testing.T) {
 		},
 	}
 
-	script := generateSafeInputPythonToolScript(config)
+	script := generateMCPScriptPythonToolScript(config)
 
 	if !strings.Contains(script, "#!/usr/bin/env python3") {
 		t.Error("Script should have python3 shebang")
@@ -352,7 +352,7 @@ func TestGenerateSafeInputPythonToolScript(t *testing.T) {
 	}
 }
 
-func TestGenerateSafeInputPythonToolScriptMultiLineDescription(t *testing.T) {
+func TestGenerateMCPScriptPythonToolScriptMultiLineDescription(t *testing.T) {
 	tests := []struct {
 		name        string
 		description string
@@ -369,13 +369,13 @@ func TestGenerateSafeInputPythonToolScriptMultiLineDescription(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			config := &SafeInputToolConfig{
+			config := &MCPScriptToolConfig{
 				Name:        "test-python-multiline",
 				Description: tt.description,
 				Py:          "print('hello')",
 			}
 
-			script := generateSafeInputPythonToolScript(config)
+			script := generateMCPScriptPythonToolScript(config)
 
 			if !strings.Contains(script, "# First line of description.") {
 				t.Error("Script should have first description line prefixed with #")
@@ -390,17 +390,17 @@ func TestGenerateSafeInputPythonToolScriptMultiLineDescription(t *testing.T) {
 	}
 }
 
-// TestSafeInputsStableCodeGeneration verifies that code generation produces stable, deterministic output
+// TestMCPScriptsStableCodeGeneration verifies that code generation produces stable, deterministic output
 // when called multiple times with the same input. This ensures tools and inputs are sorted properly.
-func TestSafeInputsStableCodeGeneration(t *testing.T) {
+func TestMCPScriptsStableCodeGeneration(t *testing.T) {
 	// Create a config with multiple tools and inputs to ensure sorting is tested
-	config := &SafeInputsConfig{
-		Tools: map[string]*SafeInputToolConfig{
+	config := &MCPScriptsConfig{
+		Tools: map[string]*MCPScriptToolConfig{
 			"zebra-tool": {
 				Name:        "zebra-tool",
 				Description: "A tool that starts with Z",
 				Run:         "echo zebra",
-				Inputs: map[string]*SafeInputParam{
+				Inputs: map[string]*MCPScriptParam{
 					"zebra-input": {Type: "string", Description: "Zebra input"},
 					"alpha-input": {Type: "number", Description: "Alpha input"},
 					"beta-input":  {Type: "boolean", Description: "Beta input"},
@@ -414,7 +414,7 @@ func TestSafeInputsStableCodeGeneration(t *testing.T) {
 				Name:        "alpha-tool",
 				Description: "A tool that starts with A",
 				Script:      "return 'alpha';",
-				Inputs: map[string]*SafeInputParam{
+				Inputs: map[string]*MCPScriptParam{
 					"charlie-param": {Type: "string", Description: "Charlie param"},
 					"alpha-param":   {Type: "string", Description: "Alpha param"},
 				},
@@ -432,13 +432,13 @@ func TestSafeInputsStableCodeGeneration(t *testing.T) {
 	entryScripts := make([]string, iterations)
 
 	for i := range iterations {
-		entryScripts[i] = generateSafeInputsMCPServerScript(config)
+		entryScripts[i] = generateMCPScriptsMCPServerScript(config)
 	}
 
 	// All entry point script iterations should produce identical output
 	for i := 1; i < iterations; i++ {
 		if entryScripts[i] != entryScripts[0] {
-			t.Errorf("generateSafeInputsMCPServerScript produced different output on iteration %d", i+1)
+			t.Errorf("generateMCPScriptsMCPServerScript produced different output on iteration %d", i+1)
 		}
 	}
 
@@ -446,13 +446,13 @@ func TestSafeInputsStableCodeGeneration(t *testing.T) {
 	toolsConfigs := make([]string, iterations)
 
 	for i := range iterations {
-		toolsConfigs[i] = generateSafeInputsToolsConfig(config)
+		toolsConfigs[i] = generateMCPScriptsToolsConfig(config)
 	}
 
 	// All tools config iterations should produce identical output
 	for i := 1; i < iterations; i++ {
 		if toolsConfigs[i] != toolsConfigs[0] {
-			t.Errorf("generateSafeInputsToolsConfig produced different output on iteration %d", i+1)
+			t.Errorf("generateMCPScriptsToolsConfig produced different output on iteration %d", i+1)
 			// Find first difference for debugging
 			for j := 0; j < len(toolsConfigs[0]) && j < len(toolsConfigs[i]); j++ {
 				if toolsConfigs[0][j] != toolsConfigs[i][j] {
@@ -483,12 +483,12 @@ func TestSafeInputsStableCodeGeneration(t *testing.T) {
 	// Test JavaScript tool script stability
 	jsScripts := make([]string, iterations)
 	for i := range iterations {
-		jsScripts[i] = generateSafeInputJavaScriptToolScript(config.Tools["alpha-tool"])
+		jsScripts[i] = generateMCPScriptJavaScriptToolScript(config.Tools["alpha-tool"])
 	}
 
 	for i := 1; i < iterations; i++ {
 		if jsScripts[i] != jsScripts[0] {
-			t.Errorf("generateSafeInputJavaScriptToolScript produced different output on iteration %d", i+1)
+			t.Errorf("generateMCPScriptJavaScriptToolScript produced different output on iteration %d", i+1)
 		}
 	}
 
@@ -505,12 +505,12 @@ func TestSafeInputsStableCodeGeneration(t *testing.T) {
 	}
 }
 
-func TestGenerateSafeInputGoToolScript(t *testing.T) {
-	config := &SafeInputToolConfig{
+func TestGenerateMCPScriptGoToolScript(t *testing.T) {
+	config := &MCPScriptToolConfig{
 		Name:        "test-go",
 		Description: "A Go test tool",
 		Go:          "result := map[string]any{\"message\": \"Hello from Go\"}\njson.NewEncoder(os.Stdout).Encode(result)",
-		Inputs: map[string]*SafeInputParam{
+		Inputs: map[string]*MCPScriptParam{
 			"message": {
 				Type:        "string",
 				Description: "Message to process",
@@ -522,7 +522,7 @@ func TestGenerateSafeInputGoToolScript(t *testing.T) {
 		},
 	}
 
-	script := generateSafeInputGoToolScript(config)
+	script := generateMCPScriptGoToolScript(config)
 
 	if !strings.Contains(script, "package main") {
 		t.Error("Script should have package main declaration")
@@ -566,7 +566,7 @@ func TestGenerateSafeInputGoToolScript(t *testing.T) {
 	}
 }
 
-func TestGenerateSafeInputGoToolScriptMultiLineDescription(t *testing.T) {
+func TestGenerateMCPScriptGoToolScriptMultiLineDescription(t *testing.T) {
 	tests := []struct {
 		name        string
 		description string
@@ -583,13 +583,13 @@ func TestGenerateSafeInputGoToolScriptMultiLineDescription(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			config := &SafeInputToolConfig{
+			config := &MCPScriptToolConfig{
 				Name:        "test-go-multiline",
 				Description: tt.description,
 				Go:          "fmt.Println(\"hello\")",
 			}
 
-			script := generateSafeInputGoToolScript(config)
+			script := generateMCPScriptGoToolScript(config)
 
 			if !strings.Contains(script, "// First line of description.") {
 				t.Error("Script should have first description line prefixed with //")
diff --git a/pkg/workflow/safe_inputs_http_codex_test.go b/pkg/workflow/mcp_scripts_http_codex_test.go
similarity index 84%
rename from pkg/workflow/safe_inputs_http_codex_test.go
rename to pkg/workflow/mcp_scripts_http_codex_test.go
index edf8f5a3db3..75f30993715 100644
--- a/pkg/workflow/safe_inputs_http_codex_test.go
+++ b/pkg/workflow/mcp_scripts_http_codex_test.go
@@ -11,9 +11,9 @@ import (
 	"github.com/github/gh-aw/pkg/stringutil"
 )
 
-// TestCodexSafeInputsHTTPTransport verifies that Codex engine uses HTTP transport for safe-inputs
+// TestCodexMCPScriptsHTTPTransport verifies that Codex engine uses HTTP transport for mcp-scripts
 // (not stdio transport) to be consistent with Copilot and Claude engines
-func TestCodexSafeInputsHTTPTransport(t *testing.T) {
+func TestCodexMCPScriptsHTTPTransport(t *testing.T) {
 	// Create a temporary workflow file
 	tempDir := t.TempDir()
 	workflowPath := filepath.Join(tempDir, "test-workflow.md")
@@ -21,14 +21,14 @@ func TestCodexSafeInputsHTTPTransport(t *testing.T) {
 	workflowContent := `---
 on: workflow_dispatch
 engine: codex
-safe-inputs:
+mcp-scripts:
   test-tool:
     description: Test tool
     script: |
       return { result: "test" };
 ---
 
-Test safe-inputs HTTP transport for Codex
+Test mcp-scripts HTTP transport for Codex
 `
 
 	err := os.WriteFile(workflowPath, []byte(workflowContent), 0644)
@@ -54,8 +54,8 @@ Test safe-inputs HTTP transport for Codex
 
 	// Verify that the HTTP server configuration steps are generated
 	expectedSteps := []string{
-		"Generate Safe Inputs MCP Server Config",
-		"Start Safe Inputs MCP HTTP Server",
+		"Generate MCP Scripts Server Config",
+		"Start MCP Scripts HTTP Server",
 		"Start MCP Gateway",
 	}
 
@@ -66,7 +66,7 @@ Test safe-inputs HTTP transport for Codex
 	}
 
 	// Verify HTTP transport in TOML config (not stdio)
-	if !strings.Contains(yamlStr, "[mcp_servers.safeinputs]") {
+	if !strings.Contains(yamlStr, "[mcp_servers.mcpscripts]") {
 		t.Error("Safe-inputs MCP server config section not found")
 	}
 
@@ -77,11 +77,11 @@ Test safe-inputs HTTP transport for Codex
 	}
 
 	// Should use HTTP transport (url + headers) with host.docker.internal
-	if !strings.Contains(yamlStr, `url = "http://host.docker.internal:$GH_AW_SAFE_INPUTS_PORT"`) {
+	if !strings.Contains(yamlStr, `url = "http://host.docker.internal:$GH_AW_MCP_SCRIPTS_PORT"`) {
 		t.Error("Expected HTTP URL config with host.docker.internal not found in TOML format")
 	}
 
-	if !strings.Contains(yamlStr, `headers = { Authorization = "$GH_AW_SAFE_INPUTS_API_KEY" }`) {
+	if !strings.Contains(yamlStr, `headers = { Authorization = "$GH_AW_MCP_SCRIPTS_API_KEY" }`) {
 		t.Error("Expected HTTP headers config not found in TOML format")
 	}
 
@@ -90,7 +90,7 @@ Test safe-inputs HTTP transport for Codex
 		t.Error("Codex config should not use stdio transport (command = 'node'), should use HTTP")
 	}
 
-	if strings.Contains(codexConfigSection, `args = [`) && strings.Contains(codexConfigSection, `/opt/gh-aw/safe-inputs/mcp-server.cjs`) {
+	if strings.Contains(codexConfigSection, `args = [`) && strings.Contains(codexConfigSection, `/opt/gh-aw/mcp-scripts/mcp-server.cjs`) {
 		t.Error("Codex config should not use stdio transport with mcp-server.cjs args, should use HTTP")
 	}
 
@@ -100,13 +100,13 @@ Test safe-inputs HTTP transport for Codex
 		t.Error("HTTP MCP servers should not have env_vars in config (not supported for HTTP transport)")
 	}
 
-	t.Logf("✓ Codex engine correctly uses HTTP transport for safe-inputs")
+	t.Logf("✓ Codex engine correctly uses HTTP transport for mcp-scripts")
 }
 
 // extractCodexConfigSection extracts the Codex MCP config section from the workflow YAML
 func extractCodexConfigSection(yamlContent string) string {
-	// Find the start of the safeinputs config
-	start := strings.Index(yamlContent, "[mcp_servers.safeinputs]")
+	// Find the start of the mcpscripts config
+	start := strings.Index(yamlContent, "[mcp_servers.mcpscripts]")
 	if start == -1 {
 		return ""
 	}
@@ -120,16 +120,16 @@ func extractCodexConfigSection(yamlContent string) string {
 	return yamlContent[start : start+end]
 }
 
-// TestCodexSafeInputsWithSecretsHTTPTransport verifies that environment variables
-// from safe-inputs tools are properly passed through with HTTP transport
-func TestCodexSafeInputsWithSecretsHTTPTransport(t *testing.T) {
+// TestCodexMCPScriptsWithSecretsHTTPTransport verifies that environment variables
+// from mcp-scripts tools are properly passed through with HTTP transport
+func TestCodexMCPScriptsWithSecretsHTTPTransport(t *testing.T) {
 	tempDir := t.TempDir()
 	workflowPath := filepath.Join(tempDir, "test-workflow.md")
 
 	workflowContent := `---
 on: workflow_dispatch
 engine: codex
-safe-inputs:
+mcp-scripts:
   api-call:
     description: Call an API
     env:
@@ -139,7 +139,7 @@ safe-inputs:
       return { result: "test" };
 ---
 
-Test safe-inputs with secrets
+Test mcp-scripts with secrets
 `
 
 	err := os.WriteFile(workflowPath, []byte(workflowContent), 0644)
diff --git a/pkg/workflow/safe_inputs_mode_test.go b/pkg/workflow/mcp_scripts_mode_test.go
similarity index 90%
rename from pkg/workflow/safe_inputs_mode_test.go
rename to pkg/workflow/mcp_scripts_mode_test.go
index 1fc236fcdae..49254ce6b39 100644
--- a/pkg/workflow/safe_inputs_mode_test.go
+++ b/pkg/workflow/mcp_scripts_mode_test.go
@@ -11,8 +11,8 @@ import (
 	"github.com/github/gh-aw/pkg/stringutil"
 )
 
-// TestSafeInputsHTTPMode verifies that HTTP mode generates correct configuration
-func TestSafeInputsHTTPMode(t *testing.T) {
+// TestMCPScriptsHTTPMode verifies that HTTP mode generates correct configuration
+func TestMCPScriptsHTTPMode(t *testing.T) {
 	testCases := []struct {
 		name string
 		mode string // empty string tests default behavior
@@ -37,14 +37,14 @@ func TestSafeInputsHTTPMode(t *testing.T) {
 			workflowContent := `---
 on: workflow_dispatch
 engine: copilot
-safe-inputs:
+mcp-scripts:
 ` + modeField + `  test-tool:
     description: Test tool
     script: |
       return { result: "test" };
 ---
 
-Test safe-inputs HTTP mode
+Test mcp-scripts HTTP mode
 `
 
 			err := os.WriteFile(workflowPath, []byte(workflowContent), 0644)
@@ -70,8 +70,8 @@ Test safe-inputs HTTP mode
 
 			// Verify that HTTP server startup steps ARE present
 			expectedSteps := []string{
-				"Generate Safe Inputs MCP Server Config",
-				"Start Safe Inputs MCP HTTP Server",
+				"Generate MCP Scripts Server Config",
+				"Start MCP Scripts HTTP Server",
 			}
 
 			for _, stepName := range expectedSteps {
@@ -81,7 +81,7 @@ Test safe-inputs HTTP mode
 			}
 
 			// Verify HTTP configuration in MCP setup
-			if !strings.Contains(yamlStr, `"safeinputs"`) {
+			if !strings.Contains(yamlStr, `"mcpscripts"`) {
 				t.Error("Safe-inputs MCP server config not found")
 			}
 
@@ -117,13 +117,13 @@ Test safe-inputs HTTP mode
 // extractMCPServerEntryPoint extracts the mcp-server.cjs entry point script from the YAML
 func extractMCPServerEntryPoint(yamlStr string) string {
 	// Find the mcp-server.cjs section
-	start := strings.Index(yamlStr, "cat > /opt/gh-aw/safe-inputs/mcp-server.cjs")
+	start := strings.Index(yamlStr, "cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs")
 	if start == -1 {
 		return ""
 	}
 
 	// Generate the expected heredoc delimiter (same as the generator uses)
-	delimiter := GenerateHeredocDelimiter("SAFE_INPUTS_SERVER")
+	delimiter := GenerateHeredocDelimiter("MCP_SCRIPTS_SERVER")
 	heredocMarker := "<< '" + delimiter + "'"
 
 	// Find the heredoc start marker
diff --git a/pkg/workflow/safe_inputs_parser.go b/pkg/workflow/mcp_scripts_parser.go
similarity index 76%
rename from pkg/workflow/safe_inputs_parser.go
rename to pkg/workflow/mcp_scripts_parser.go
index 037e32596e7..2e0edaa4175 100644
--- a/pkg/workflow/safe_inputs_parser.go
+++ b/pkg/workflow/mcp_scripts_parser.go
@@ -8,7 +8,7 @@ import (
 	"github.com/github/gh-aw/pkg/logger"
 )
 
-var safeInputsLog = logger.New("workflow:safe_inputs")
+var mcpScriptsLog = logger.New("workflow:mcp_scripts")
 
 // safeUint64ToIntForTimeout safely converts uint64 to int for timeout values
 // Returns 0 (which signals to use engine defaults) if overflow would occur
@@ -19,17 +19,17 @@ func safeUint64ToIntForTimeout(u uint64) int {
 	return int(u)
 }
 
-// SafeInputsConfig holds the configuration for safe-inputs custom tools
-type SafeInputsConfig struct {
+// MCPScriptsConfig holds the configuration for mcp-scripts custom tools
+type MCPScriptsConfig struct {
 	Mode  string // Transport mode: "http" (default) or "stdio"
-	Tools map[string]*SafeInputToolConfig
+	Tools map[string]*MCPScriptToolConfig
 }
 
-// SafeInputToolConfig holds the configuration for a single safe-input tool
-type SafeInputToolConfig struct {
+// MCPScriptToolConfig holds the configuration for a single mcp-script tool
+type MCPScriptToolConfig struct {
 	Name        string                     // Tool name (key from the config)
 	Description string                     // Required: tool description
-	Inputs      map[string]*SafeInputParam // Optional: input parameters
+	Inputs      map[string]*MCPScriptParam // Optional: input parameters
 	Script      string                     // JavaScript implementation (mutually exclusive with Run, Py, and Go)
 	Run         string                     // Shell script implementation (mutually exclusive with Script, Py, and Go)
 	Py          string                     // Python script implementation (mutually exclusive with Script, Run, and Go)
@@ -38,47 +38,47 @@ type SafeInputToolConfig struct {
 	Timeout     int                        // Timeout in seconds for tool execution (default: 60)
 }
 
-// SafeInputParam holds the configuration for a tool input parameter
-type SafeInputParam struct {
+// MCPScriptParam holds the configuration for a tool input parameter
+type MCPScriptParam struct {
 	Type        string // JSON schema type (string, number, boolean, array, object)
 	Description string // Description of the parameter
 	Required    bool   // Whether the parameter is required
 	Default     any    // Default value
 }
 
-// SafeInputsMode constants define the available transport modes
+// MCPScriptsMode constants define the available transport modes
 const (
-	SafeInputsModeHTTP = "http"
+	MCPScriptsModeHTTP = "http"
 )
 
-// SafeInputsDirectory is the directory where safe-inputs files are generated
-const SafeInputsDirectory = "/opt/gh-aw/safe-inputs"
+// MCPScriptsDirectory is the directory where mcp-scripts files are generated
+const MCPScriptsDirectory = "/opt/gh-aw/mcp-scripts"
 
-// HasSafeInputs checks if safe-inputs are configured
-func HasSafeInputs(safeInputs *SafeInputsConfig) bool {
-	return safeInputs != nil && len(safeInputs.Tools) > 0
+// HasMCPScripts checks if mcp-scripts are configured
+func HasMCPScripts(mcpScripts *MCPScriptsConfig) bool {
+	return mcpScripts != nil && len(mcpScripts.Tools) > 0
 }
 
-// IsSafeInputsEnabled checks if safe-inputs are configured.
+// IsMCPScriptsEnabled checks if mcp-scripts are configured.
 // Safe-inputs are enabled by default when configured in the workflow.
 // The workflowData parameter is kept for backward compatibility but is not used.
-func IsSafeInputsEnabled(safeInputs *SafeInputsConfig, workflowData *WorkflowData) bool {
-	return HasSafeInputs(safeInputs)
+func IsMCPScriptsEnabled(mcpScripts *MCPScriptsConfig, workflowData *WorkflowData) bool {
+	return HasMCPScripts(mcpScripts)
 }
 
-// parseSafeInputsMap parses safe-inputs configuration from a map.
-// This is the shared implementation used by both ParseSafeInputs and extractSafeInputsConfig.
+// parseMCPScriptsMap parses mcp-scripts configuration from a map.
+// This is the shared implementation used by both ParseMCPScripts and extractMCPScriptsConfig.
 // Returns the config and a boolean indicating whether any tools were found.
-func parseSafeInputsMap(safeInputsMap map[string]any) (*SafeInputsConfig, bool) {
-	config := &SafeInputsConfig{
+func parseMCPScriptsMap(mcpScriptsMap map[string]any) (*MCPScriptsConfig, bool) {
+	config := &MCPScriptsConfig{
 		Mode:  "http", // Only HTTP mode is supported
-		Tools: make(map[string]*SafeInputToolConfig),
+		Tools: make(map[string]*MCPScriptToolConfig),
 	}
 
 	// Mode field is ignored - only HTTP mode is supported
-	// All safe-inputs configurations use HTTP transport
+	// All mcp-scripts configurations use HTTP transport
 
-	for toolName, toolValue := range safeInputsMap {
+	for toolName, toolValue := range mcpScriptsMap {
 		// Skip the "mode" field as it's not a tool definition
 		if toolName == "mode" {
 			continue
@@ -89,9 +89,9 @@ func parseSafeInputsMap(safeInputsMap map[string]any) (*SafeInputsConfig, bool)
 			continue
 		}
 
-		toolConfig := &SafeInputToolConfig{
+		toolConfig := &MCPScriptToolConfig{
 			Name:    toolName,
-			Inputs:  make(map[string]*SafeInputParam),
+			Inputs:  make(map[string]*MCPScriptParam),
 			Env:     make(map[string]string),
 			Timeout: 60, // Default timeout: 60 seconds
 		}
@@ -108,7 +108,7 @@ func parseSafeInputsMap(safeInputsMap map[string]any) (*SafeInputsConfig, bool)
 			if inputsMap, ok := inputs.(map[string]any); ok {
 				for paramName, paramValue := range inputsMap {
 					if paramMap, ok := paramValue.(map[string]any); ok {
-						param := &SafeInputParam{
+						param := &MCPScriptParam{
 							Type: "string", // default type
 						}
 
@@ -200,35 +200,35 @@ func parseSafeInputsMap(safeInputsMap map[string]any) (*SafeInputsConfig, bool)
 	return config, len(config.Tools) > 0
 }
 
-// extractSafeInputsConfig extracts safe-inputs configuration from frontmatter
-func (c *Compiler) extractSafeInputsConfig(frontmatter map[string]any) *SafeInputsConfig {
-	safeInputsLog.Print("Extracting safe-inputs configuration from frontmatter")
+// extractMCPScriptsConfig extracts mcp-scripts configuration from frontmatter
+func (c *Compiler) extractMCPScriptsConfig(frontmatter map[string]any) *MCPScriptsConfig {
+	mcpScriptsLog.Print("Extracting mcp-scripts configuration from frontmatter")
 
-	safeInputs, exists := frontmatter["safe-inputs"]
+	mcpScripts, exists := frontmatter["mcp-scripts"]
 	if !exists {
 		return nil
 	}
 
-	safeInputsMap, ok := safeInputs.(map[string]any)
+	mcpScriptsMap, ok := mcpScripts.(map[string]any)
 	if !ok {
 		return nil
 	}
 
-	config, hasTools := parseSafeInputsMap(safeInputsMap)
+	config, hasTools := parseMCPScriptsMap(mcpScriptsMap)
 	if !hasTools {
 		return nil
 	}
 
-	safeInputsLog.Printf("Extracted %d safe-input tools", len(config.Tools))
+	mcpScriptsLog.Printf("Extracted %d mcp-script tools", len(config.Tools))
 	return config
 }
 
-// mergeSafeInputs merges safe-inputs configuration from imports into the main configuration
-func (c *Compiler) mergeSafeInputs(main *SafeInputsConfig, importedConfigs []string) *SafeInputsConfig {
+// mergeMCPScripts merges mcp-scripts configuration from imports into the main configuration
+func (c *Compiler) mergeMCPScripts(main *MCPScriptsConfig, importedConfigs []string) *MCPScriptsConfig {
 	if main == nil {
-		main = &SafeInputsConfig{
+		main = &MCPScriptsConfig{
 			Mode:  "http", // Default to HTTP mode
-			Tools: make(map[string]*SafeInputToolConfig),
+			Tools: make(map[string]*MCPScriptToolConfig),
 		}
 	}
 
@@ -240,12 +240,12 @@ func (c *Compiler) mergeSafeInputs(main *SafeInputsConfig, importedConfigs []str
 		// Merge the imported JSON config
 		var importedMap map[string]any
 		if err := json.Unmarshal([]byte(configJSON), &importedMap); err != nil {
-			safeInputsLog.Printf("Warning: failed to parse imported safe-inputs config: %v", err)
+			mcpScriptsLog.Printf("Warning: failed to parse imported mcp-scripts config: %v", err)
 			continue
 		}
 
 		// Mode field is ignored - only HTTP mode is supported
-		// All safe-inputs configurations use HTTP transport
+		// All mcp-scripts configurations use HTTP transport
 
 		// Merge each tool from the imported config
 		for toolName, toolValue := range importedMap {
@@ -256,7 +256,7 @@ func (c *Compiler) mergeSafeInputs(main *SafeInputsConfig, importedConfigs []str
 
 			// Skip if tool already exists in main config (main takes precedence)
 			if _, exists := main.Tools[toolName]; exists {
-				safeInputsLog.Printf("Skipping imported tool '%s' - already defined in main config", toolName)
+				mcpScriptsLog.Printf("Skipping imported tool '%s' - already defined in main config", toolName)
 				continue
 			}
 
@@ -265,9 +265,9 @@ func (c *Compiler) mergeSafeInputs(main *SafeInputsConfig, importedConfigs []str
 				continue
 			}
 
-			toolConfig := &SafeInputToolConfig{
+			toolConfig := &MCPScriptToolConfig{
 				Name:    toolName,
-				Inputs:  make(map[string]*SafeInputParam),
+				Inputs:  make(map[string]*MCPScriptParam),
 				Env:     make(map[string]string),
 				Timeout: 60, // Default timeout: 60 seconds
 			}
@@ -284,7 +284,7 @@ func (c *Compiler) mergeSafeInputs(main *SafeInputsConfig, importedConfigs []str
 				if inputsMap, ok := inputs.(map[string]any); ok {
 					for paramName, paramValue := range inputsMap {
 						if paramMap, ok := paramValue.(map[string]any); ok {
-							param := &SafeInputParam{
+							param := &MCPScriptParam{
 								Type: "string",
 							}
 							if t, exists := paramMap["type"]; exists {
@@ -366,7 +366,7 @@ func (c *Compiler) mergeSafeInputs(main *SafeInputsConfig, importedConfigs []str
 			}
 
 			main.Tools[toolName] = toolConfig
-			safeInputsLog.Printf("Merged imported safe-input tool: %s", toolName)
+			mcpScriptsLog.Printf("Merged imported mcp-script tool: %s", toolName)
 		}
 	}
 
diff --git a/pkg/workflow/safe_inputs_parser_test.go b/pkg/workflow/mcp_scripts_parser_test.go
similarity index 69%
rename from pkg/workflow/safe_inputs_parser_test.go
rename to pkg/workflow/mcp_scripts_parser_test.go
index eefafb3fadf..5d83f660dba 100644
--- a/pkg/workflow/safe_inputs_parser_test.go
+++ b/pkg/workflow/mcp_scripts_parser_test.go
@@ -6,10 +6,10 @@ import (
 	"testing"
 )
 
-func TestHasSafeInputs(t *testing.T) {
+func TestHasMCPScripts(t *testing.T) {
 	tests := []struct {
 		name     string
-		config   *SafeInputsConfig
+		config   *MCPScriptsConfig
 		expected bool
 	}{
 		{
@@ -19,13 +19,13 @@ func TestHasSafeInputs(t *testing.T) {
 		},
 		{
 			name:     "empty tools",
-			config:   &SafeInputsConfig{Tools: map[string]*SafeInputToolConfig{}},
+			config:   &MCPScriptsConfig{Tools: map[string]*MCPScriptToolConfig{}},
 			expected: false,
 		},
 		{
 			name: "with tools",
-			config: &SafeInputsConfig{
-				Tools: map[string]*SafeInputToolConfig{
+			config: &MCPScriptsConfig{
+				Tools: map[string]*MCPScriptToolConfig{
 					"test": {Name: "test", Description: "Test tool"},
 				},
 			},
@@ -35,7 +35,7 @@ func TestHasSafeInputs(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			result := HasSafeInputs(tt.config)
+			result := HasMCPScripts(tt.config)
 			if result != tt.expected {
 				t.Errorf("Expected %v, got %v", tt.expected, result)
 			}
@@ -43,17 +43,17 @@ func TestHasSafeInputs(t *testing.T) {
 	}
 }
 
-func TestIsSafeInputsEnabled(t *testing.T) {
+func TestIsMCPScriptsEnabled(t *testing.T) {
 	// Test config with tools
-	configWithTools := &SafeInputsConfig{
-		Tools: map[string]*SafeInputToolConfig{
+	configWithTools := &MCPScriptsConfig{
+		Tools: map[string]*MCPScriptToolConfig{
 			"test": {Name: "test", Description: "Test tool"},
 		},
 	}
 
 	tests := []struct {
 		name         string
-		config       *SafeInputsConfig
+		config       *MCPScriptsConfig
 		workflowData *WorkflowData
 		expected     bool
 	}{
@@ -65,7 +65,7 @@ func TestIsSafeInputsEnabled(t *testing.T) {
 		},
 		{
 			name:         "empty tools - not enabled",
-			config:       &SafeInputsConfig{Tools: map[string]*SafeInputToolConfig{}},
+			config:       &MCPScriptsConfig{Tools: map[string]*MCPScriptToolConfig{}},
 			workflowData: nil,
 			expected:     false,
 		},
@@ -79,7 +79,7 @@ func TestIsSafeInputsEnabled(t *testing.T) {
 			name:   "with tools and feature flag enabled - enabled (backward compat)",
 			config: configWithTools,
 			workflowData: &WorkflowData{
-				Features: map[string]any{"safe-inputs": true},
+				Features: map[string]any{"mcp-scripts": true},
 			},
 			expected: true,
 		},
@@ -87,7 +87,7 @@ func TestIsSafeInputsEnabled(t *testing.T) {
 			name:   "with tools and feature flag disabled - still enabled (feature flag ignored)",
 			config: configWithTools,
 			workflowData: &WorkflowData{
-				Features: map[string]any{"safe-inputs": false},
+				Features: map[string]any{"mcp-scripts": false},
 			},
 			expected: true,
 		},
@@ -103,7 +103,7 @@ func TestIsSafeInputsEnabled(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			result := IsSafeInputsEnabled(tt.config, tt.workflowData)
+			result := IsMCPScriptsEnabled(tt.config, tt.workflowData)
 			if result != tt.expected {
 				t.Errorf("Expected %v, got %v", tt.expected, result)
 			}
@@ -111,18 +111,18 @@ func TestIsSafeInputsEnabled(t *testing.T) {
 	}
 }
 
-func TestIsSafeInputsEnabledWithEnv(t *testing.T) {
+func TestIsMCPScriptsEnabledWithEnv(t *testing.T) {
 	// Test config with tools
-	configWithTools := &SafeInputsConfig{
-		Tools: map[string]*SafeInputToolConfig{
+	configWithTools := &MCPScriptsConfig{
+		Tools: map[string]*MCPScriptToolConfig{
 			"test": {Name: "test", Description: "Test tool"},
 		},
 	}
 
 	// Safe-inputs are enabled by default when configured, environment variable no longer needed
 	t.Run("with tools - enabled regardless of GH_AW_FEATURES", func(t *testing.T) {
-		t.Setenv("GH_AW_FEATURES", "safe-inputs")
-		result := IsSafeInputsEnabled(configWithTools, nil)
+		t.Setenv("GH_AW_FEATURES", "mcp-scripts")
+		result := IsMCPScriptsEnabled(configWithTools, nil)
 		if !result {
 			t.Errorf("Expected true, got false")
 		}
@@ -130,13 +130,13 @@ func TestIsSafeInputsEnabledWithEnv(t *testing.T) {
 
 	t.Run("with tools and GH_AW_FEATURES=other - still enabled", func(t *testing.T) {
 		t.Setenv("GH_AW_FEATURES", "other")
-		result := IsSafeInputsEnabled(configWithTools, nil)
+		result := IsMCPScriptsEnabled(configWithTools, nil)
 		if !result {
 			t.Errorf("Expected true, got false")
 		}
 	})
 }
 
-// TestParseSafeInputsAndExtractSafeInputsConfigConsistency verifies that ParseSafeInputs
-// and extractSafeInputsConfig produce identical results for the same input.
+// TestParseMCPScriptsAndExtractMCPScriptsConfigConsistency verifies that ParseMCPScripts
+// and extractMCPScriptsConfig produce identical results for the same input.
 // This ensures both functions use the shared helper correctly.
diff --git a/pkg/workflow/safe_inputs_renderer.go b/pkg/workflow/mcp_scripts_renderer.go
similarity index 71%
rename from pkg/workflow/safe_inputs_renderer.go
rename to pkg/workflow/mcp_scripts_renderer.go
index 5a4d2a97f8c..093de338b8a 100644
--- a/pkg/workflow/safe_inputs_renderer.go
+++ b/pkg/workflow/mcp_scripts_renderer.go
@@ -8,28 +8,28 @@ import (
 	"github.com/github/gh-aw/pkg/logger"
 )
 
-var safeInputsRendererLog = logger.New("workflow:safe_inputs_renderer")
+var mcpScriptsRendererLog = logger.New("workflow:mcp_scripts_renderer")
 
-// collectSafeInputsSecrets collects all secrets from safe-inputs configuration
-func collectSafeInputsSecrets(safeInputs *SafeInputsConfig) map[string]string {
+// collectMCPScriptsSecrets collects all secrets from mcp-scripts configuration
+func collectMCPScriptsSecrets(mcpScripts *MCPScriptsConfig) map[string]string {
 	secrets := make(map[string]string)
 
-	if safeInputs == nil {
-		safeInputsRendererLog.Print("No safe-inputs configuration provided for secret collection")
+	if mcpScripts == nil {
+		mcpScriptsRendererLog.Print("No mcp-scripts configuration provided for secret collection")
 		return secrets
 	}
 
-	safeInputsRendererLog.Printf("Collecting secrets from %d safe-inputs tools", len(safeInputs.Tools))
+	mcpScriptsRendererLog.Printf("Collecting secrets from %d mcp-scripts tools", len(mcpScripts.Tools))
 
 	// Sort tool names for consistent behavior when same env var appears in multiple tools
-	toolNames := make([]string, 0, len(safeInputs.Tools))
-	for toolName := range safeInputs.Tools {
+	toolNames := make([]string, 0, len(mcpScripts.Tools))
+	for toolName := range mcpScripts.Tools {
 		toolNames = append(toolNames, toolName)
 	}
 	sort.Strings(toolNames)
 
 	for _, toolName := range toolNames {
-		toolConfig := safeInputs.Tools[toolName]
+		toolConfig := mcpScripts.Tools[toolName]
 		// Sort env var names for consistent order within each tool
 		envNames := make([]string, 0, len(toolConfig.Env))
 		for envName := range toolConfig.Env {
@@ -42,17 +42,17 @@ func collectSafeInputsSecrets(safeInputs *SafeInputsConfig) map[string]string {
 		}
 	}
 
-	safeInputsRendererLog.Printf("Collected %d secrets from safe-inputs configuration", len(secrets))
+	mcpScriptsRendererLog.Printf("Collected %d secrets from mcp-scripts configuration", len(secrets))
 	return secrets
 }
 
-// renderSafeInputsMCPConfigWithOptions generates the Safe Inputs MCP server configuration with engine-specific options
+// renderMCPScriptsMCPConfigWithOptions generates the Safe Inputs MCP server configuration with engine-specific options
 // Always uses HTTP transport mode
-func renderSafeInputsMCPConfigWithOptions(yaml *strings.Builder, safeInputs *SafeInputsConfig, isLast bool, includeCopilotFields bool, workflowData *WorkflowData) {
-	safeInputsRendererLog.Printf("Rendering Safe Inputs MCP config: includeCopilotFields=%t, isLast=%t",
+func renderMCPScriptsMCPConfigWithOptions(yaml *strings.Builder, mcpScripts *MCPScriptsConfig, isLast bool, includeCopilotFields bool, workflowData *WorkflowData) {
+	mcpScriptsRendererLog.Printf("Rendering Safe Inputs MCP config: includeCopilotFields=%t, isLast=%t",
 		includeCopilotFields, isLast)
 
-	yaml.WriteString("              \"" + constants.SafeInputsMCPServerID.String() + "\": {\n")
+	yaml.WriteString("              \"" + constants.MCPScriptsMCPServerID.String() + "\": {\n")
 
 	// HTTP transport configuration - server started in separate step
 	// Add type field for HTTP (required by MCP specification for HTTP transport)
@@ -63,22 +63,22 @@ func renderSafeInputsMCPConfigWithOptions(yaml *strings.Builder, safeInputs *Saf
 	if workflowData != nil && workflowData.SandboxConfig != nil && workflowData.SandboxConfig.Agent != nil && workflowData.SandboxConfig.Agent.Disabled {
 		// When agent is disabled (no firewall), use localhost instead of host.docker.internal
 		host = "localhost"
-		safeInputsRendererLog.Print("Agent disabled, using localhost for Safe Inputs MCP server")
+		mcpScriptsRendererLog.Print("Agent disabled, using localhost for Safe Inputs MCP server")
 	}
 
 	// HTTP URL using environment variable - NOT escaped so shell expands it before awmg validation
 	// Use host.docker.internal to allow access from firewall container (or localhost if agent disabled)
 	// Note: awmg validates URL format before variable resolution, so we must expand the port variable
-	yaml.WriteString("                \"url\": \"http://" + host + ":$GH_AW_SAFE_INPUTS_PORT\",\n")
+	yaml.WriteString("                \"url\": \"http://" + host + ":$GH_AW_MCP_SCRIPTS_PORT\",\n")
 
 	// Add Authorization header with API key
 	yaml.WriteString("                \"headers\": {\n")
 	if includeCopilotFields {
 		// Copilot format: backslash-escaped shell variable reference
-		yaml.WriteString("                  \"Authorization\": \"\\${GH_AW_SAFE_INPUTS_API_KEY}\"\n")
+		yaml.WriteString("                  \"Authorization\": \"\\${GH_AW_MCP_SCRIPTS_API_KEY}\"\n")
 	} else {
 		// Claude/Custom format: direct shell variable reference
-		yaml.WriteString("                  \"Authorization\": \"$GH_AW_SAFE_INPUTS_API_KEY\"\n")
+		yaml.WriteString("                  \"Authorization\": \"$GH_AW_MCP_SCRIPTS_API_KEY\"\n")
 	}
 	// Close headers - no trailing comma since this is the last field
 	// Note: env block is NOT included for HTTP servers because the old MCP Gateway schema
diff --git a/pkg/workflow/safe_inputs_renderer_test.go b/pkg/workflow/mcp_scripts_renderer_test.go
similarity index 70%
rename from pkg/workflow/safe_inputs_renderer_test.go
rename to pkg/workflow/mcp_scripts_renderer_test.go
index 7f9d77186ea..6998956a61b 100644
--- a/pkg/workflow/safe_inputs_renderer_test.go
+++ b/pkg/workflow/mcp_scripts_renderer_test.go
@@ -6,10 +6,10 @@ import (
 	"testing"
 )
 
-func TestCollectSafeInputsSecrets(t *testing.T) {
+func TestCollectMCPScriptsSecrets(t *testing.T) {
 	tests := []struct {
 		name        string
-		config      *SafeInputsConfig
+		config      *MCPScriptsConfig
 		expectedLen int
 	}{
 		{
@@ -19,8 +19,8 @@ func TestCollectSafeInputsSecrets(t *testing.T) {
 		},
 		{
 			name: "tool with secrets",
-			config: &SafeInputsConfig{
-				Tools: map[string]*SafeInputToolConfig{
+			config: &MCPScriptsConfig{
+				Tools: map[string]*MCPScriptToolConfig{
 					"test": {
 						Name: "test",
 						Env: map[string]string{
@@ -35,7 +35,7 @@ func TestCollectSafeInputsSecrets(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			result := collectSafeInputsSecrets(tt.config)
+			result := collectMCPScriptsSecrets(tt.config)
 
 			if len(result) != tt.expectedLen {
 				t.Errorf("Expected %d secrets, got %d", tt.expectedLen, len(result))
@@ -44,9 +44,9 @@ func TestCollectSafeInputsSecrets(t *testing.T) {
 	}
 }
 
-func TestCollectSafeInputsSecretsStability(t *testing.T) {
-	config := &SafeInputsConfig{
-		Tools: map[string]*SafeInputToolConfig{
+func TestCollectMCPScriptsSecretsStability(t *testing.T) {
+	config := &MCPScriptsConfig{
+		Tools: map[string]*MCPScriptToolConfig{
 			"zebra-tool": {
 				Name: "zebra-tool",
 				Env: map[string]string{
@@ -63,21 +63,21 @@ func TestCollectSafeInputsSecretsStability(t *testing.T) {
 		},
 	}
 
-	// Test collectSafeInputsSecrets stability
+	// Test collectMCPScriptsSecrets stability
 	iterations := 10
 	secretResults := make([]map[string]string, iterations)
 	for i := range iterations {
-		secretResults[i] = collectSafeInputsSecrets(config)
+		secretResults[i] = collectMCPScriptsSecrets(config)
 	}
 
 	// All iterations should produce same key set
 	for i := 1; i < iterations; i++ {
 		if len(secretResults[i]) != len(secretResults[0]) {
-			t.Errorf("collectSafeInputsSecrets produced different number of secrets on iteration %d", i+1)
+			t.Errorf("collectMCPScriptsSecrets produced different number of secrets on iteration %d", i+1)
 		}
 		for key, val := range secretResults[0] {
 			if secretResults[i][key] != val {
-				t.Errorf("collectSafeInputsSecrets produced different value for key %s on iteration %d", key, i+1)
+				t.Errorf("collectMCPScriptsSecrets produced different value for key %s on iteration %d", key, i+1)
 			}
 		}
 	}
diff --git a/pkg/workflow/safe_inputs_timeout_test.go b/pkg/workflow/mcp_scripts_timeout_test.go
similarity index 80%
rename from pkg/workflow/safe_inputs_timeout_test.go
rename to pkg/workflow/mcp_scripts_timeout_test.go
index 98fe5905cdd..cc0f7180f7d 100644
--- a/pkg/workflow/safe_inputs_timeout_test.go
+++ b/pkg/workflow/mcp_scripts_timeout_test.go
@@ -7,8 +7,8 @@ import (
 	"testing"
 )
 
-// TestSafeInputsTimeoutParsing tests that timeout is correctly parsed from frontmatter
-func TestSafeInputsTimeoutParsing(t *testing.T) {
+// TestMCPScriptsTimeoutParsing tests that timeout is correctly parsed from frontmatter
+func TestMCPScriptsTimeoutParsing(t *testing.T) {
 	tests := []struct {
 		name            string
 		frontmatter     map[string]any
@@ -18,7 +18,7 @@ func TestSafeInputsTimeoutParsing(t *testing.T) {
 		{
 			name: "default timeout when not specified",
 			frontmatter: map[string]any{
-				"safe-inputs": map[string]any{
+				"mcp-scripts": map[string]any{
 					"test-tool": map[string]any{
 						"description": "Test tool",
 						"script":      "return 'hello';",
@@ -31,7 +31,7 @@ func TestSafeInputsTimeoutParsing(t *testing.T) {
 		{
 			name: "explicit timeout as integer",
 			frontmatter: map[string]any{
-				"safe-inputs": map[string]any{
+				"mcp-scripts": map[string]any{
 					"slow-tool": map[string]any{
 						"description": "Slow tool",
 						"script":      "return 'slow';",
@@ -45,7 +45,7 @@ func TestSafeInputsTimeoutParsing(t *testing.T) {
 		{
 			name: "explicit timeout as float",
 			frontmatter: map[string]any{
-				"safe-inputs": map[string]any{
+				"mcp-scripts": map[string]any{
 					"fast-tool": map[string]any{
 						"description": "Fast tool",
 						"run":         "echo 'fast'",
@@ -59,7 +59,7 @@ func TestSafeInputsTimeoutParsing(t *testing.T) {
 		{
 			name: "timeout for shell script",
 			frontmatter: map[string]any{
-				"safe-inputs": map[string]any{
+				"mcp-scripts": map[string]any{
 					"shell-tool": map[string]any{
 						"description": "Shell tool",
 						"run":         "sleep 5",
@@ -73,7 +73,7 @@ func TestSafeInputsTimeoutParsing(t *testing.T) {
 		{
 			name: "timeout for python script",
 			frontmatter: map[string]any{
-				"safe-inputs": map[string]any{
+				"mcp-scripts": map[string]any{
 					"python-tool": map[string]any{
 						"description": "Python tool",
 						"py":          "print('hello')",
@@ -87,7 +87,7 @@ func TestSafeInputsTimeoutParsing(t *testing.T) {
 		{
 			name: "timeout for go script",
 			frontmatter: map[string]any{
-				"safe-inputs": map[string]any{
+				"mcp-scripts": map[string]any{
 					"go-tool": map[string]any{
 						"description": "Go tool",
 						"go":          "fmt.Println(\"hello\")",
@@ -102,7 +102,7 @@ func TestSafeInputsTimeoutParsing(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			config := (&Compiler{}).extractSafeInputsConfig(tt.frontmatter)
+			config := (&Compiler{}).extractMCPScriptsConfig(tt.frontmatter)
 			if config == nil {
 				t.Fatalf("Expected config, got nil")
 			}
@@ -119,10 +119,10 @@ func TestSafeInputsTimeoutParsing(t *testing.T) {
 	}
 }
 
-// TestSafeInputsTimeoutInJSON tests that timeout is included in the generated tools.json
-func TestSafeInputsTimeoutInJSON(t *testing.T) {
-	config := &SafeInputsConfig{
-		Tools: map[string]*SafeInputToolConfig{
+// TestMCPScriptsTimeoutInJSON tests that timeout is included in the generated tools.json
+func TestMCPScriptsTimeoutInJSON(t *testing.T) {
+	config := &MCPScriptsConfig{
+		Tools: map[string]*MCPScriptToolConfig{
 			"fast-tool": {
 				Name:        "fast-tool",
 				Description: "Fast tool",
@@ -150,10 +150,10 @@ func TestSafeInputsTimeoutInJSON(t *testing.T) {
 		},
 	}
 
-	jsonStr := generateSafeInputsToolsConfig(config)
+	jsonStr := generateMCPScriptsToolsConfig(config)
 
 	// Parse the JSON to verify structure
-	var parsedConfig SafeInputsConfigJSON
+	var parsedConfig MCPScriptsConfigJSON
 	if err := json.Unmarshal([]byte(jsonStr), &parsedConfig); err != nil {
 		t.Fatalf("Failed to parse generated JSON: %v", err)
 	}
@@ -183,13 +183,13 @@ func TestSafeInputsTimeoutInJSON(t *testing.T) {
 	}
 }
 
-// TestSafeInputsMergePreservesTimeout tests that timeout is preserved when merging configs
-func TestSafeInputsMergePreservesTimeout(t *testing.T) {
+// TestMCPScriptsMergePreservesTimeout tests that timeout is preserved when merging configs
+func TestMCPScriptsMergePreservesTimeout(t *testing.T) {
 	compiler := &Compiler{}
 
 	// Main config with one tool
-	main := &SafeInputsConfig{
-		Tools: map[string]*SafeInputToolConfig{
+	main := &MCPScriptsConfig{
+		Tools: map[string]*MCPScriptToolConfig{
 			"main-tool": {
 				Name:        "main-tool",
 				Description: "Main tool",
@@ -208,7 +208,7 @@ func TestSafeInputsMergePreservesTimeout(t *testing.T) {
 		}
 	}`
 
-	merged := compiler.mergeSafeInputs(main, []string{importedJSON})
+	merged := compiler.mergeMCPScripts(main, []string{importedJSON})
 
 	// Verify main tool timeout is preserved
 	if merged.Tools["main-tool"].Timeout != 90 {
@@ -221,12 +221,12 @@ func TestSafeInputsMergePreservesTimeout(t *testing.T) {
 	}
 }
 
-// TestSafeInputsDefaultTimeoutWhenMerging tests that default timeout is used when not specified in imported config
-func TestSafeInputsDefaultTimeoutWhenMerging(t *testing.T) {
+// TestMCPScriptsDefaultTimeoutWhenMerging tests that default timeout is used when not specified in imported config
+func TestMCPScriptsDefaultTimeoutWhenMerging(t *testing.T) {
 	compiler := &Compiler{}
 
-	main := &SafeInputsConfig{
-		Tools: make(map[string]*SafeInputToolConfig),
+	main := &MCPScriptsConfig{
+		Tools: make(map[string]*MCPScriptToolConfig),
 	}
 
 	// Imported config without timeout specified
@@ -237,7 +237,7 @@ func TestSafeInputsDefaultTimeoutWhenMerging(t *testing.T) {
 		}
 	}`
 
-	merged := compiler.mergeSafeInputs(main, []string{importedJSON})
+	merged := compiler.mergeMCPScripts(main, []string{importedJSON})
 
 	// Verify default timeout is used
 	if merged.Tools["imported-tool"].Timeout != 60 {
diff --git a/pkg/workflow/mcp_setup_generator.go b/pkg/workflow/mcp_setup_generator.go
index cbc22d1c541..83ace3168ba 100644
--- a/pkg/workflow/mcp_setup_generator.go
+++ b/pkg/workflow/mcp_setup_generator.go
@@ -4,7 +4,7 @@
 //
 // This file generates the complete setup sequence for MCP servers in GitHub Actions
 // workflows. It orchestrates the initialization of all MCP tools including built-in
-// servers (GitHub, Playwright, safe-outputs, safe-inputs) and custom HTTP/stdio
+// servers (GitHub, Playwright, safe-outputs, mcp-scripts) and custom HTTP/stdio
 // MCP servers.
 //
 // Key responsibilities:
@@ -12,7 +12,7 @@
 //   - Generating Docker image download steps
 //   - Installing gh-aw extension for agentic-workflows tool
 //   - Setting up safe-outputs MCP server (config, API key, HTTP server)
-//   - Setting up safe-inputs MCP server (config, tool files, HTTP server)
+//   - Setting up mcp-scripts MCP server (config, tool files, HTTP server)
 //   - Starting Serena MCP server in local mode
 //   - Starting the MCP gateway with proper environment variables
 //   - Rendering MCP configuration for the selected AI engine
@@ -22,8 +22,8 @@
 //  2. Install gh-aw extension (if agentic-workflows enabled)
 //  3. Write safe-outputs config files (config.json, tools.json, validation.json)
 //  4. Generate and start safe-outputs HTTP server
-//  5. Setup safe-inputs config and tool files (JavaScript, Python, Shell, Go)
-//  6. Generate and start safe-inputs HTTP server
+//  5. Setup mcp-scripts config and tool files (JavaScript, Python, Shell, Go)
+//  6. Generate and start mcp-scripts HTTP server
 //  7. Start Serena local mode server
 //  8. Start MCP Gateway with all environment variables
 //  9. Render engine-specific MCP configuration
@@ -32,7 +32,7 @@
 //   - github: GitHub API access via MCP (local Docker or remote hosted)
 //   - playwright: Browser automation with Playwright
 //   - safe-outputs: Controlled output storage for AI agents
-//   - safe-inputs: Custom tool execution with secret passthrough
+//   - mcp-scripts: Custom tool execution with secret passthrough
 //   - cache-memory: Memory/knowledge base management
 //   - agentic-workflows: Workflow execution via gh-aw
 //   - serena: Local Serena search functionality
@@ -47,14 +47,14 @@
 //   - mcp_environment.go: Environment variable collection
 //   - mcp_renderer.go: MCP configuration YAML rendering
 //   - safe_outputs.go: Safe outputs server configuration
-//   - safe_inputs.go: Safe inputs server configuration
+//   - mcp_scripts.go: Safe inputs server configuration
 //
 // Example workflow setup:
 //   - Download Docker images
 //   - Write safe-outputs config to /opt/gh-aw/safeoutputs/
 //   - Start safe-outputs HTTP server on port 3001
-//   - Write safe-inputs config to /opt/gh-aw/safe-inputs/
-//   - Start safe-inputs HTTP server on port 3000
+//   - Write mcp-scripts config to /opt/gh-aw/mcp-scripts/
+//   - Start mcp-scripts HTTP server on port 3000
 //   - Start MCP Gateway on port 80
 //   - Render MCP config based on engine (copilot/claude/codex/custom)
 package workflow
@@ -108,9 +108,9 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 		mcpTools = append(mcpTools, "safe-outputs")
 	}
 
-	// Check if safe-inputs is configured and feature flag is enabled, add to MCP tools
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-		mcpTools = append(mcpTools, "safe-inputs")
+	// Check if mcp-scripts is configured and feature flag is enabled, add to MCP tools
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
+		mcpTools = append(mcpTools, "mcp-scripts")
 	}
 
 	// Populate dispatch-workflow file mappings before generating config
@@ -299,32 +299,32 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 		yaml.WriteString("          \n")
 	}
 
-	// Write safe-inputs MCP server if configured and feature flag is enabled
+	// Write mcp-scripts MCP server if configured and feature flag is enabled
 	// For stdio mode, we only write the files but don't start the HTTP server
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
 		// Step 1: Write config files (JavaScript files are now copied by actions/setup)
 		yaml.WriteString("      - name: Setup Safe Inputs Config\n")
 		yaml.WriteString("        run: |\n")
-		yaml.WriteString("          mkdir -p /opt/gh-aw/safe-inputs/logs\n")
+		yaml.WriteString("          mkdir -p /opt/gh-aw/mcp-scripts/logs\n")
 
 		// Generate the tools.json configuration file
-		toolsJSON := generateSafeInputsToolsConfig(workflowData.SafeInputs)
-		toolsDelimiter := GenerateHeredocDelimiter("SAFE_INPUTS_TOOLS")
-		yaml.WriteString("          cat > /opt/gh-aw/safe-inputs/tools.json << '" + toolsDelimiter + "'\n")
+		toolsJSON := generateMCPScriptsToolsConfig(workflowData.MCPScripts)
+		toolsDelimiter := GenerateHeredocDelimiter("MCP_SCRIPTS_TOOLS")
+		yaml.WriteString("          cat > /opt/gh-aw/mcp-scripts/tools.json << '" + toolsDelimiter + "'\n")
 		for line := range strings.SplitSeq(toolsJSON, "\n") {
 			yaml.WriteString("          " + line + "\n")
 		}
 		yaml.WriteString("          " + toolsDelimiter + "\n")
 
 		// Generate the MCP server entry point
-		safeInputsMCPServer := generateSafeInputsMCPServerScript(workflowData.SafeInputs)
-		serverDelimiter := GenerateHeredocDelimiter("SAFE_INPUTS_SERVER")
-		yaml.WriteString("          cat > /opt/gh-aw/safe-inputs/mcp-server.cjs << '" + serverDelimiter + "'\n")
-		for _, line := range FormatJavaScriptForYAML(safeInputsMCPServer) {
+		mcpScriptsMCPServer := generateMCPScriptsMCPServerScript(workflowData.MCPScripts)
+		serverDelimiter := GenerateHeredocDelimiter("MCP_SCRIPTS_SERVER")
+		yaml.WriteString("          cat > /opt/gh-aw/mcp-scripts/mcp-server.cjs << '" + serverDelimiter + "'\n")
+		for _, line := range FormatJavaScriptForYAML(mcpScriptsMCPServer) {
 			yaml.WriteString(line)
 		}
 		yaml.WriteString("          " + serverDelimiter + "\n")
-		yaml.WriteString("          chmod +x /opt/gh-aw/safe-inputs/mcp-server.cjs\n")
+		yaml.WriteString("          chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs\n")
 		yaml.WriteString("          \n")
 
 		// Step 2: Generate tool files (js/py/sh)
@@ -332,45 +332,45 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 		yaml.WriteString("        run: |\n")
 
 		// Generate individual tool files (sorted by name for stable code generation)
-		safeInputToolNames := sliceutil.MapToSlice(workflowData.SafeInputs.Tools)
-		sort.Strings(safeInputToolNames)
+		mcpScriptToolNames := sliceutil.MapToSlice(workflowData.MCPScripts.Tools)
+		sort.Strings(mcpScriptToolNames)
 
-		for _, toolName := range safeInputToolNames {
-			toolConfig := workflowData.SafeInputs.Tools[toolName]
+		for _, toolName := range mcpScriptToolNames {
+			toolConfig := workflowData.MCPScripts.Tools[toolName]
 			if toolConfig.Script != "" {
 				// JavaScript tool
-				toolScript := generateSafeInputJavaScriptToolScript(toolConfig)
-				jsDelimiter := GenerateHeredocDelimiter("SAFE_INPUTS_JS_" + strings.ToUpper(toolName))
-				fmt.Fprintf(yaml, "          cat > /opt/gh-aw/safe-inputs/%s.cjs << '%s'\n", toolName, jsDelimiter)
+				toolScript := generateMCPScriptJavaScriptToolScript(toolConfig)
+				jsDelimiter := GenerateHeredocDelimiter("MCP_SCRIPTS_JS_" + strings.ToUpper(toolName))
+				fmt.Fprintf(yaml, "          cat > /opt/gh-aw/mcp-scripts/%s.cjs << '%s'\n", toolName, jsDelimiter)
 				for _, line := range FormatJavaScriptForYAML(toolScript) {
 					yaml.WriteString(line)
 				}
 				fmt.Fprintf(yaml, "          %s\n", jsDelimiter)
 			} else if toolConfig.Run != "" {
 				// Shell script tool
-				toolScript := generateSafeInputShellToolScript(toolConfig)
-				shDelimiter := GenerateHeredocDelimiter("SAFE_INPUTS_SH_" + strings.ToUpper(toolName))
-				fmt.Fprintf(yaml, "          cat > /opt/gh-aw/safe-inputs/%s.sh << '%s'\n", toolName, shDelimiter)
+				toolScript := generateMCPScriptShellToolScript(toolConfig)
+				shDelimiter := GenerateHeredocDelimiter("MCP_SCRIPTS_SH_" + strings.ToUpper(toolName))
+				fmt.Fprintf(yaml, "          cat > /opt/gh-aw/mcp-scripts/%s.sh << '%s'\n", toolName, shDelimiter)
 				for line := range strings.SplitSeq(toolScript, "\n") {
 					yaml.WriteString("          " + line + "\n")
 				}
 				fmt.Fprintf(yaml, "          %s\n", shDelimiter)
-				fmt.Fprintf(yaml, "          chmod +x /opt/gh-aw/safe-inputs/%s.sh\n", toolName)
+				fmt.Fprintf(yaml, "          chmod +x /opt/gh-aw/mcp-scripts/%s.sh\n", toolName)
 			} else if toolConfig.Py != "" {
 				// Python script tool
-				toolScript := generateSafeInputPythonToolScript(toolConfig)
-				pyDelimiter := GenerateHeredocDelimiter("SAFE_INPUTS_PY_" + strings.ToUpper(toolName))
-				fmt.Fprintf(yaml, "          cat > /opt/gh-aw/safe-inputs/%s.py << '%s'\n", toolName, pyDelimiter)
+				toolScript := generateMCPScriptPythonToolScript(toolConfig)
+				pyDelimiter := GenerateHeredocDelimiter("MCP_SCRIPTS_PY_" + strings.ToUpper(toolName))
+				fmt.Fprintf(yaml, "          cat > /opt/gh-aw/mcp-scripts/%s.py << '%s'\n", toolName, pyDelimiter)
 				for line := range strings.SplitSeq(toolScript, "\n") {
 					yaml.WriteString("          " + line + "\n")
 				}
 				fmt.Fprintf(yaml, "          %s\n", pyDelimiter)
-				fmt.Fprintf(yaml, "          chmod +x /opt/gh-aw/safe-inputs/%s.py\n", toolName)
+				fmt.Fprintf(yaml, "          chmod +x /opt/gh-aw/mcp-scripts/%s.py\n", toolName)
 			} else if toolConfig.Go != "" {
 				// Go script tool
-				toolScript := generateSafeInputGoToolScript(toolConfig)
-				goDelimiter := GenerateHeredocDelimiter("SAFE_INPUTS_GO_" + strings.ToUpper(toolName))
-				fmt.Fprintf(yaml, "          cat > /opt/gh-aw/safe-inputs/%s.go << '%s'\n", toolName, goDelimiter)
+				toolScript := generateMCPScriptGoToolScript(toolConfig)
+				goDelimiter := GenerateHeredocDelimiter("MCP_SCRIPTS_GO_" + strings.ToUpper(toolName))
+				fmt.Fprintf(yaml, "          cat > /opt/gh-aw/mcp-scripts/%s.go << '%s'\n", toolName, goDelimiter)
 				for line := range strings.SplitSeq(toolScript, "\n") {
 					yaml.WriteString("          " + line + "\n")
 				}
@@ -380,8 +380,8 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 		yaml.WriteString("          \n")
 
 		// Step 3: Generate API key and choose port for HTTP server
-		yaml.WriteString("      - name: Generate Safe Inputs MCP Server Config\n")
-		yaml.WriteString("        id: safe-inputs-config\n")
+		yaml.WriteString("      - name: Generate MCP Scripts Server Config\n")
+		yaml.WriteString("        id: mcp-scripts-config\n")
 		yaml.WriteString("        run: |\n")
 		yaml.WriteString("          # Generate a secure random API key (360 bits of entropy, 40+ chars)\n")
 		yaml.WriteString("          # Mask immediately to prevent timing vulnerabilities\n")
@@ -392,32 +392,32 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 		yaml.WriteString("          \n")
 		yaml.WriteString("          # Set outputs for next steps\n")
 		yaml.WriteString("          {\n")
-		yaml.WriteString("            echo \"safe_inputs_api_key=${API_KEY}\"\n")
-		yaml.WriteString("            echo \"safe_inputs_port=${PORT}\"\n")
+		yaml.WriteString("            echo \"mcp_scripts_api_key=${API_KEY}\"\n")
+		yaml.WriteString("            echo \"mcp_scripts_port=${PORT}\"\n")
 		yaml.WriteString("          } >> \"$GITHUB_OUTPUT\"\n")
 		yaml.WriteString("          \n")
 		yaml.WriteString("          echo \"Safe Inputs MCP server will run on port ${PORT}\"\n")
 		yaml.WriteString("          \n")
 
 		// Step 4: Start the HTTP server in the background
-		yaml.WriteString("      - name: Start Safe Inputs MCP HTTP Server\n")
-		yaml.WriteString("        id: safe-inputs-start\n")
+		yaml.WriteString("      - name: Start MCP Scripts HTTP Server\n")
+		yaml.WriteString("        id: mcp-scripts-start\n")
 
 		// Add env block with step outputs and tool-specific secrets
 		// Security: Pass step outputs through environment variables to prevent template injection
 		yaml.WriteString("        env:\n")
 		yaml.WriteString("          DEBUG: '*'\n")
-		yaml.WriteString("          GH_AW_SAFE_INPUTS_PORT: ${{ steps.safe-inputs-config.outputs.safe_inputs_port }}\n")
-		yaml.WriteString("          GH_AW_SAFE_INPUTS_API_KEY: ${{ steps.safe-inputs-config.outputs.safe_inputs_api_key }}\n")
+		yaml.WriteString("          GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }}\n")
+		yaml.WriteString("          GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }}\n")
 
-		safeInputsSecrets := collectSafeInputsSecrets(workflowData.SafeInputs)
-		if len(safeInputsSecrets) > 0 {
+		mcpScriptsSecrets := collectMCPScriptsSecrets(workflowData.MCPScripts)
+		if len(mcpScriptsSecrets) > 0 {
 			// Sort env var names for consistent output - using functional helper
-			envVarNames := sliceutil.MapToSlice(safeInputsSecrets)
+			envVarNames := sliceutil.MapToSlice(mcpScriptsSecrets)
 			sort.Strings(envVarNames)
 
 			for _, envVarName := range envVarNames {
-				secretExpr := safeInputsSecrets[envVarName]
+				secretExpr := mcpScriptsSecrets[envVarName]
 				fmt.Fprintf(yaml, "          %s: %s\n", envVarName, secretExpr)
 			}
 		}
@@ -425,12 +425,12 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 		yaml.WriteString("        run: |\n")
 		yaml.WriteString("          # Environment variables are set above to prevent template injection\n")
 		yaml.WriteString("          export DEBUG\n")
-		yaml.WriteString("          export GH_AW_SAFE_INPUTS_PORT\n")
-		yaml.WriteString("          export GH_AW_SAFE_INPUTS_API_KEY\n")
+		yaml.WriteString("          export GH_AW_MCP_SCRIPTS_PORT\n")
+		yaml.WriteString("          export GH_AW_MCP_SCRIPTS_API_KEY\n")
 		yaml.WriteString("          \n")
 
 		// Call the bundled shell script to start the server
-		yaml.WriteString("          bash /opt/gh-aw/actions/start_safe_inputs_server.sh\n")
+		yaml.WriteString("          bash /opt/gh-aw/actions/start_mcp_scripts_server.sh\n")
 		yaml.WriteString("          \n")
 	}
 
@@ -624,10 +624,10 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 	containerCmd.WriteString(" -e GITHUB_HEAD_REF")
 	containerCmd.WriteString(" -e GITHUB_BASE_REF")
 	// Environment variables used by safeinputs MCP server
-	// Only add if safe-inputs is actually enabled (has tools configured)
-	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-		containerCmd.WriteString(" -e GH_AW_SAFE_INPUTS_PORT")
-		containerCmd.WriteString(" -e GH_AW_SAFE_INPUTS_API_KEY")
+	// Only add if mcp-scripts is actually enabled (has tools configured)
+	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
+		containerCmd.WriteString(" -e GH_AW_MCP_SCRIPTS_PORT")
+		containerCmd.WriteString(" -e GH_AW_MCP_SCRIPTS_API_KEY")
 	}
 	// Environment variables used by safeoutputs MCP server
 	// Only add if safe-outputs is actually enabled (has tools configured)
@@ -672,9 +672,9 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 		if hasGitHub && getGitHubType(githubTool) == "remote" && engine.GetID() == "copilot" {
 			addedEnvVars["GITHUB_PERSONAL_ACCESS_TOKEN"] = true
 		}
-		if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-			addedEnvVars["GH_AW_SAFE_INPUTS_PORT"] = true
-			addedEnvVars["GH_AW_SAFE_INPUTS_API_KEY"] = true
+		if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
+			addedEnvVars["GH_AW_MCP_SCRIPTS_PORT"] = true
+			addedEnvVars["GH_AW_MCP_SCRIPTS_API_KEY"] = true
 		}
 		if HasSafeOutputsEnabled(workflowData.SafeOutputs) {
 			addedEnvVars["GH_AW_SAFE_OUTPUTS_PORT"] = true
diff --git a/pkg/workflow/mcp_setup_generator_test.go b/pkg/workflow/mcp_setup_generator_test.go
index dfe4324e553..df3904f01f5 100644
--- a/pkg/workflow/mcp_setup_generator_test.go
+++ b/pkg/workflow/mcp_setup_generator_test.go
@@ -15,13 +15,13 @@ import (
 	"github.com/stretchr/testify/require"
 )
 
-// TestSafeInputsStepCodeGenerationStability verifies that the MCP setup step code generation
-// for safe-inputs produces stable, deterministic output when called multiple times.
+// TestMCPScriptsStepCodeGenerationStability verifies that the MCP setup step code generation
+// for mcp-scripts produces stable, deterministic output when called multiple times.
 // This test ensures that tools are sorted before generating cat commands.
-func TestSafeInputsStepCodeGenerationStability(t *testing.T) {
+func TestMCPScriptsStepCodeGenerationStability(t *testing.T) {
 	// Create a config with multiple tools to ensure sorting is tested
-	safeInputsConfig := &SafeInputsConfig{
-		Tools: map[string]*SafeInputToolConfig{
+	mcpScriptsConfig := &MCPScriptsConfig{
+		Tools: map[string]*MCPScriptToolConfig{
 			"zebra-shell": {
 				Name:        "zebra-shell",
 				Description: "A shell tool that starts with Z",
@@ -46,10 +46,10 @@ func TestSafeInputsStepCodeGenerationStability(t *testing.T) {
 	}
 
 	workflowData := &WorkflowData{
-		SafeInputs: safeInputsConfig,
+		MCPScripts: mcpScriptsConfig,
 		Tools:      make(map[string]any),
 		Features: map[string]any{
-			"safe-inputs": true, // Feature flag is optional now
+			"mcp-scripts": true, // Feature flag is optional now
 		},
 	}
 
diff --git a/pkg/workflow/strict_mode_validation.go b/pkg/workflow/strict_mode_validation.go
index cff339b5d41..db2f3edcd5b 100644
--- a/pkg/workflow/strict_mode_validation.go
+++ b/pkg/workflow/strict_mode_validation.go
@@ -279,8 +279,8 @@ func (c *Compiler) getEngineBaseEnvVarKeys(engineID string) map[string]bool {
 	}
 	// Use a minimal WorkflowData so we get only the engine's unconditional secrets.
 	// GetRequiredSecretNames only adds extra secrets when non-nil MCP tools (ParsedTools.GitHub,
-	// ParsedTools.Playwright, etc.) are set, or when SafeInputs is populated. By passing empty
-	// Tools/ParsedTools and no SafeInputs we get just the base engine secrets (e.g.
+	// ParsedTools.Playwright, etc.) are set, or when MCPScripts is populated. By passing empty
+	// Tools/ParsedTools and no MCPScripts we get just the base engine secrets (e.g.
 	// COPILOT_GITHUB_TOKEN, ANTHROPIC_API_KEY) without any optional/conditional ones.
 	minimalData := &WorkflowData{
 		Tools:       map[string]any{},
diff --git a/pkg/workflow/strings_test.go b/pkg/workflow/strings_test.go
index fd71f364d5d..4065045edf3 100644
--- a/pkg/workflow/strings_test.go
+++ b/pkg/workflow/strings_test.go
@@ -545,9 +545,9 @@ func TestGenerateHeredocDelimiter(t *testing.T) {
 			expected: "GH_AW_FILE_123ABC_EOF",
 		},
 		{
-			name:     "safe inputs",
-			input:    "SAFE_INPUTS",
-			expected: "GH_AW_SAFE_INPUTS_EOF",
+			name:     "mcp-scripts",
+			input:    "MCP_SCRIPTS",
+			expected: "GH_AW_MCP_SCRIPTS_EOF",
 		},
 		{
 			name:     "JS file suffix",
diff --git a/pkg/workflow/testdata/wasm_golden/TestWasmGolden_CompileFixtures/smoke-copilot.golden b/pkg/workflow/testdata/wasm_golden/TestWasmGolden_CompileFixtures/smoke-copilot.golden
index 62166e6a032..ef3c6e6278c 100644
--- a/pkg/workflow/testdata/wasm_golden/TestWasmGolden_CompileFixtures/smoke-copilot.golden
+++ b/pkg/workflow/testdata/wasm_golden/TestWasmGolden_CompileFixtures/smoke-copilot.golden
@@ -164,7 +164,7 @@ jobs:
           {{#runtime-import shared/reporting.md}}
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
-          {{#runtime-import shared/github-queries-safe-input.md}}
+          {{#runtime-import shared/github-queries-mcp-script.md}}
           GH_AW_PROMPT_EOF
           cat << 'GH_AW_PROMPT_EOF'
           # Smoke Test: Copilot Engine Validation
@@ -174,7 +174,7 @@ jobs:
           ## Test Requirements
           
           1. **GitHub MCP Testing**: Review the last 2 merged pull requests in __GH_AW_GITHUB_REPOSITORY__
-          2. **Safe Inputs GH CLI Testing**: Use the `safeinputs-gh` tool to query 2 pull requests from __GH_AW_GITHUB_REPOSITORY__ (use args: "pr list --repo __GH_AW_GITHUB_REPOSITORY__ --limit 2 --json number,title,author")
+          2. **Safe Inputs GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from __GH_AW_GITHUB_REPOSITORY__ (use args: "pr list --repo __GH_AW_GITHUB_REPOSITORY__ --limit 2 --json number,title,author")
           3. **Serena MCP Testing**: 
              - Use the Serena MCP server tool `activate_project` to initialize the workspace at `__GH_AW_GITHUB_WORKSPACE__` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools)
              - After initialization, use the `find_symbol` tool to search for symbols (find which tool to call) and verify that at least 3 symbols are found in the results
@@ -182,7 +182,7 @@ jobs:
           5. **File Writing Testing**: Create a test file `/tmp/gh-aw/agent/smoke-test-copilot-__GH_AW_GITHUB_RUN_ID__.txt` with content "Smoke test passed for Copilot at $(date)" (create the directory if it doesn't exist)
           6. **Bash Tool Testing**: Execute bash commands to verify file creation was successful (use `cat` to read the file back)
           7. **Discussion Interaction Testing**: 
-             - Use the `github-discussion-query` safe-input tool with params: `limit=1, jq=".[0]"` to get the latest discussion from __GH_AW_GITHUB_REPOSITORY__
+             - Use the `github-discussion-query` mcp-script tool with params: `limit=1, jq=".[0]"` to get the latest discussion from __GH_AW_GITHUB_REPOSITORY__
              - Extract the discussion number from the result (e.g., if the result is `{"number": 123, "title": "...", ...}`, extract 123)
              - Use the `add_comment` tool with `discussion_number: <extracted_number>` to add a fun, playful comment stating that the smoke test agent was here
           8. **Build gh-aw**: Run `GOCACHE=/tmp/go-cache GOMODCACHE=/tmp/go-mod make build` to verify the agent can successfully build the gh-aw project (both caches must be set to /tmp because the default cache locations are not writable). If the command fails, mark this test as ❌ and report the failure.
diff --git a/pkg/workflow/testdata/wasm_golden/fixtures/shared/gh.md b/pkg/workflow/testdata/wasm_golden/fixtures/shared/gh.md
index 72d81ebe624..126c0c39cdc 100644
--- a/pkg/workflow/testdata/wasm_golden/fixtures/shared/gh.md
+++ b/pkg/workflow/testdata/wasm_golden/fixtures/shared/gh.md
@@ -1,7 +1,7 @@
 ---
-safe-inputs:
+mcp-scripts:
   gh:
-    description: "Execute any gh CLI command. This tool is accessible as 'safeinputs-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
+    description: "Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
     inputs:
       args:
         type: string
@@ -16,25 +16,25 @@ safe-inputs:
       GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
 ---
 
-**IMPORTANT**: Always use the `safeinputs-gh` tool for GitHub CLI commands instead of running `gh` directly via bash. The `safeinputs-gh` tool has proper authentication configured with `GITHUB_TOKEN`, while bash commands do not have GitHub CLI authentication by default.
+**IMPORTANT**: Always use the `mcpscripts-gh` tool for GitHub CLI commands instead of running `gh` directly via bash. The `mcpscripts-gh` tool has proper authentication configured with `GITHUB_TOKEN`, while bash commands do not have GitHub CLI authentication by default.
 
 **Correct**:
 ```
-Use the safeinputs-gh tool with args: "pr list --limit 5"
-Use the safeinputs-gh tool with args: "issue view 123"
+Use the mcpscripts-gh tool with args: "pr list --limit 5"
+Use the mcpscripts-gh tool with args: "issue view 123"
 ```
 
 **Incorrect**:
 ```
-Use the gh safe-input tool with args: "pr list --limit 5"  ❌ (Wrong tool name - use safeinputs-gh)
+Use the gh mcp-script tool with args: "pr list --limit 5"  ❌ (Wrong tool name - use mcpscripts-gh)
 Run: gh pr list --limit 5  ❌ (No authentication in bash)
 Execute bash: gh issue view 123  ❌ (No authentication in bash)
 ```
 
 <!--
-## safeinputs-gh Tool
+## mcpscripts-gh Tool
 
-A safe-input tool that wraps the GitHub CLI (`gh`) with proper authentication.
+A mcp-script tool that wraps the GitHub CLI (`gh`) with proper authentication.
 
 ### Usage
 
@@ -45,13 +45,13 @@ imports:
 
 ### Invocation
 
-The tool is accessible as `safeinputs-gh` (or `safeinputs_gh` after normalization). Provide gh CLI arguments via the `args` parameter:
+The tool is accessible as `mcpscripts-gh` (or `mcpscripts_gh` after normalization). Provide gh CLI arguments via the `args` parameter:
 
 ```
-safeinputs-gh with args: "pr list --limit 5"
-safeinputs-gh with args: "issue view 123"
-safeinputs-gh with args: "api repos/{owner}/{repo}"
-safeinputs-gh with args: "pr view 456 --json title,body,author"
+mcpscripts-gh with args: "pr list --limit 5"
+mcpscripts-gh with args: "issue view 123"
+mcpscripts-gh with args: "api repos/{owner}/{repo}"
+mcpscripts-gh with args: "pr view 456 --json title,body,author"
 ```
 
 The tool executes: `gh <args>`
diff --git a/pkg/workflow/testdata/wasm_golden/fixtures/shared/github-queries-safe-input.md b/pkg/workflow/testdata/wasm_golden/fixtures/shared/github-queries-mcp-script.md
similarity index 99%
rename from pkg/workflow/testdata/wasm_golden/fixtures/shared/github-queries-safe-input.md
rename to pkg/workflow/testdata/wasm_golden/fixtures/shared/github-queries-mcp-script.md
index ad3a225b819..0214285909c 100644
--- a/pkg/workflow/testdata/wasm_golden/fixtures/shared/github-queries-safe-input.md
+++ b/pkg/workflow/testdata/wasm_golden/fixtures/shared/github-queries-mcp-script.md
@@ -1,5 +1,5 @@
 ---
-safe-inputs:
+mcp-scripts:
   github-issue-query:
     description: "Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter."
     inputs:
@@ -341,7 +341,7 @@ safe-inputs:
 <!--
 ## GitHub Queries Safe Input Tools
 
-This shared workflow provides safe-input tools for querying GitHub issues, pull requests, and discussions with built-in jq filtering support.
+This shared workflow provides mcp-script tools for querying GitHub issues, pull requests, and discussions with built-in jq filtering support.
 
 ### Available Tools
 
@@ -355,7 +355,7 @@ Import this shared workflow to get access to all query tools:
 
 ```yaml
 imports:
-  - shared/github-queries-safe-input.md
+  - shared/github-queries-mcp-script.md
 ```
 
 ### Tool Parameters
diff --git a/pkg/workflow/testdata/wasm_golden/fixtures/shared/go-make.md b/pkg/workflow/testdata/wasm_golden/fixtures/shared/go-make.md
index 31ae1297001..41ed65114a6 100644
--- a/pkg/workflow/testdata/wasm_golden/fixtures/shared/go-make.md
+++ b/pkg/workflow/testdata/wasm_golden/fixtures/shared/go-make.md
@@ -1,7 +1,7 @@
 ---
-safe-inputs:
+mcp-scripts:
   go:
-    description: "Execute any Go command. This tool is accessible as 'safeinputs-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
+    description: "Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
     inputs:
       args:
         type: string
@@ -12,7 +12,7 @@ safe-inputs:
       go $INPUT_ARGS
 
   make:
-    description: "Execute any Make target. This tool is accessible as 'safeinputs-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
+    description: "Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make <args>. Use single quotes ' for complex args to avoid shell interpretation issues."
     inputs:
       args:
         type: string
@@ -23,25 +23,25 @@ safe-inputs:
       make $INPUT_ARGS
 ---
 
-**IMPORTANT**: Always use the `safeinputs-go` and `safeinputs-make` tools for Go and Make commands instead of running them directly via bash. These safe-input tools provide consistent execution and proper logging.
+**IMPORTANT**: Always use the `mcpscripts-go` and `mcpscripts-make` tools for Go and Make commands instead of running them directly via bash. These mcp-script tools provide consistent execution and proper logging.
 
 **Correct**:
 ```
-Use the safeinputs-go tool with args: "test ./..."
-Use the safeinputs-make tool with args: "build"
-Use the safeinputs-make tool with args: "lint"
-Use the safeinputs-make tool with args: "test-unit"
+Use the mcpscripts-go tool with args: "test ./..."
+Use the mcpscripts-make tool with args: "build"
+Use the mcpscripts-make tool with args: "lint"
+Use the mcpscripts-make tool with args: "test-unit"
 ```
 
 **Incorrect**:
 ```
-Use the go safe-input tool with args: "test ./..."  ❌ (Wrong tool name - use safeinputs-go)
-Run: go test ./...  ❌ (Use safeinputs-go instead)
-Execute bash: make build  ❌ (Use safeinputs-make instead)
+Use the go mcp-script tool with args: "test ./..."  ❌ (Wrong tool name - use mcpscripts-go)
+Run: go test ./...  ❌ (Use mcpscripts-go instead)
+Execute bash: make build  ❌ (Use mcpscripts-make instead)
 ```
 
 <!--
-## safeinputs-go and safeinputs-make Tools
+## mcpscripts-go and mcpscripts-make Tools
 
 Safe-input tools that wrap Go and Make commands for consistent execution in agentic workflows.
 
@@ -54,32 +54,32 @@ imports:
 
 ### Invocation
 
-#### safeinputs-go
+#### mcpscripts-go
 
-The tool is accessible as `safeinputs-go` (or `safeinputs_go` after normalization). Provide go CLI arguments via the `args` parameter:
+The tool is accessible as `mcpscripts-go` (or `mcpscripts_go` after normalization). Provide go CLI arguments via the `args` parameter:
 
 ```
-safeinputs-go with args: "test ./..."
-safeinputs-go with args: "build ./cmd/gh-aw"
-safeinputs-go with args: "mod tidy"
-safeinputs-go with args: "fmt ./..."
-safeinputs-go with args: "vet ./..."
-safeinputs-go with args: "test -v -run TestCompile ./pkg/cli"
+mcpscripts-go with args: "test ./..."
+mcpscripts-go with args: "build ./cmd/gh-aw"
+mcpscripts-go with args: "mod tidy"
+mcpscripts-go with args: "fmt ./..."
+mcpscripts-go with args: "vet ./..."
+mcpscripts-go with args: "test -v -run TestCompile ./pkg/cli"
 ```
 
 The tool executes: `go <args>`
 
-#### safeinputs-make
+#### mcpscripts-make
 
-The tool is accessible as `safeinputs-make` (or `safeinputs_make` after normalization). Provide make target(s) via the `args` parameter:
+The tool is accessible as `mcpscripts-make` (or `mcpscripts_make` after normalization). Provide make target(s) via the `args` parameter:
 
 ```
-safeinputs-make with args: "build"
-safeinputs-make with args: "test-unit"
-safeinputs-make with args: "lint"
-safeinputs-make with args: "recompile"
-safeinputs-make with args: "fmt lint build"
-safeinputs-make with args: "agent-finish"
+mcpscripts-make with args: "build"
+mcpscripts-make with args: "test-unit"
+mcpscripts-make with args: "lint"
+mcpscripts-make with args: "recompile"
+mcpscripts-make with args: "fmt lint build"
+mcpscripts-make with args: "agent-finish"
 ```
 
 The tool executes: `make <args>`
diff --git a/pkg/workflow/testdata/wasm_golden/fixtures/smoke-copilot.md b/pkg/workflow/testdata/wasm_golden/fixtures/smoke-copilot.md
index 7f5c7f2445f..0b16a05c5b0 100644
--- a/pkg/workflow/testdata/wasm_golden/fixtures/smoke-copilot.md
+++ b/pkg/workflow/testdata/wasm_golden/fixtures/smoke-copilot.md
@@ -19,7 +19,7 @@ engine: copilot
 imports:
   - shared/gh.md
   - shared/reporting.md
-  - shared/github-queries-safe-input.md
+  - shared/github-queries-mcp-script.md
 network:
   allowed:
     - defaults
@@ -116,7 +116,7 @@ strict: true
 ## Test Requirements
 
 1. **GitHub MCP Testing**: Review the last 2 merged pull requests in ${{ github.repository }}
-2. **Safe Inputs GH CLI Testing**: Use the `safeinputs-gh` tool to query 2 pull requests from ${{ github.repository }} (use args: "pr list --repo ${{ github.repository }} --limit 2 --json number,title,author")
+2. **Safe Inputs GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from ${{ github.repository }} (use args: "pr list --repo ${{ github.repository }} --limit 2 --json number,title,author")
 3. **Serena MCP Testing**: 
    - Use the Serena MCP server tool `activate_project` to initialize the workspace at `${{ github.workspace }}` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools)
    - After initialization, use the `find_symbol` tool to search for symbols (find which tool to call) and verify that at least 3 symbols are found in the results
@@ -124,7 +124,7 @@ strict: true
 5. **File Writing Testing**: Create a test file `/tmp/gh-aw/agent/smoke-test-copilot-${{ github.run_id }}.txt` with content "Smoke test passed for Copilot at $(date)" (create the directory if it doesn't exist)
 6. **Bash Tool Testing**: Execute bash commands to verify file creation was successful (use `cat` to read the file back)
 7. **Discussion Interaction Testing**: 
-   - Use the `github-discussion-query` safe-input tool with params: `limit=1, jq=".[0]"` to get the latest discussion from ${{ github.repository }}
+   - Use the `github-discussion-query` mcp-script tool with params: `limit=1, jq=".[0]"` to get the latest discussion from ${{ github.repository }}
    - Extract the discussion number from the result (e.g., if the result is `{"number": 123, "title": "...", ...}`, extract 123)
    - Use the `add_comment` tool with `discussion_number: <extracted_number>` to add a fun, playful comment stating that the smoke test agent was here
 8. **Build gh-aw**: Run `GOCACHE=/tmp/go-cache GOMODCACHE=/tmp/go-mod make build` to verify the agent can successfully build the gh-aw project (both caches must be set to /tmp because the default cache locations are not writable). If the command fails, mark this test as ❌ and report the failure.

From 7792a1b9aad39178319220378ea86c2ee85a488a Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 20:20:49 +0000
Subject: [PATCH 03/10] =?UTF-8?q?Fix=20'Safe-inputs'=20=E2=86=92=20'MCP=20?=
 =?UTF-8?q?Scripts'=20in=20server=20success=20message?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
 pkg/cli/mcp_inspect_mcp_scripts_server.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/cli/mcp_inspect_mcp_scripts_server.go b/pkg/cli/mcp_inspect_mcp_scripts_server.go
index 9c407e712f5..7dd31f0b251 100644
--- a/pkg/cli/mcp_inspect_mcp_scripts_server.go
+++ b/pkg/cli/mcp_inspect_mcp_scripts_server.go
@@ -177,7 +177,7 @@ func startMCPScriptsServer(mcpScriptsConfig *workflow.MCPScriptsConfig, verbose
 	}
 
 	if verbose {
-		fmt.Fprintln(os.Stderr, console.FormatSuccessMessage("Safe-inputs HTTP server started successfully"))
+		fmt.Fprintln(os.Stderr, console.FormatSuccessMessage("MCP Scripts HTTP server started successfully"))
 		fmt.Fprintln(os.Stderr, console.FormatInfoMessage(fmt.Sprintf("Server running on: http://localhost:%d", port)))
 	}
 

From f32cc7a4fa812c61da720a6ae470fd1647208866 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 20:49:55 +0000
Subject: [PATCH 04/10] Update docs: rename Safe Inputs to MCP Scripts
 throughout

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
 docs/astro.config.mjs                         |  4 +-
 .../schemas/mcp-scripts-config.schema.json    |  6 +--
 .../src/content/docs/agent-factory-status.mdx |  2 +-
 docs/src/content/docs/guides/mcps.md          |  2 +-
 docs/src/content/docs/guides/upgrading.md     |  1 +
 .../docs/introduction/how-they-work.mdx       |  4 +-
 .../docs/reference/environment-variables.md   |  4 +-
 .../src/content/docs/reference/frontmatter.md |  4 +-
 docs/src/content/docs/reference/glossary.md   |  4 +-
 .../src/content/docs/reference/mcp-gateway.md |  2 +-
 .../reference/mcp-scripts-specification.md    | 52 +++++++++----------
 .../src/content/docs/reference/mcp-scripts.md | 10 ++--
 docs/src/content/docs/reference/tools.md      |  2 +-
 13 files changed, 49 insertions(+), 48 deletions(-)

diff --git a/docs/astro.config.mjs b/docs/astro.config.mjs
index 8683a191817..a61a8c6f9fc 100644
--- a/docs/astro.config.mjs
+++ b/docs/astro.config.mjs
@@ -315,8 +315,8 @@ export default defineConfig({
 						{ label: 'Permissions', link: '/reference/permissions/' },
 						{ label: 'Rate Limiting Controls', link: '/reference/rate-limiting-controls/' },
 						{ label: 'Repo Memory', link: '/reference/repo-memory/' },
-						{ label: 'Safe Inputs', link: '/reference/safe-inputs/' },
-						{ label: 'Safe Inputs (Spec)', link: '/reference/safe-inputs-specification/' },
+						{ label: 'MCP Scripts', link: '/reference/mcp-scripts/' },
+						{ label: 'MCP Scripts (Spec)', link: '/reference/mcp-scripts-specification/' },
 						{ label: 'Safe Outputs', link: '/reference/safe-outputs/' },
 						{ label: 'Safe Outputs (Pull Requests)', link: '/reference/safe-outputs-pull-requests/' },
 						{ label: 'Safe Outputs (Spec)', link: '/reference/safe-outputs-specification/' },
diff --git a/docs/public/schemas/mcp-scripts-config.schema.json b/docs/public/schemas/mcp-scripts-config.schema.json
index 39d7f2d8935..16a5bec6cee 100644
--- a/docs/public/schemas/mcp-scripts-config.schema.json
+++ b/docs/public/schemas/mcp-scripts-config.schema.json
@@ -1,8 +1,8 @@
 {
   "$schema": "http://json-schema.org/draft-07/schema#",
   "$id": "https://docs.github.com/gh-aw/schemas/mcp-scripts-config.schema.json",
-  "title": "Safe Inputs Configuration",
-  "description": "Configuration schema for Safe Inputs custom MCP tools as defined in the Safe Inputs Specification v1.1.0. Safe Inputs enables inline definition of custom MCP tools directly in workflow frontmatter using JavaScript, shell scripts, Python, or Go.",
+  "title": "MCP Scripts Configuration",
+  "description": "Configuration schema for MCP Scripts custom MCP tools as defined in the MCP Scripts Specification v1.1.0. MCP Scripts enables inline definition of custom MCP tools directly in workflow frontmatter using JavaScript, shell scripts, Python, or Go.",
   "type": "object",
   "patternProperties": {
     "^[a-zA-Z][a-zA-Z0-9_-]*$": {
@@ -17,7 +17,7 @@
       "properties": {
         "description": {
           "type": "string",
-          "description": "Human-readable description of what the tool does. This is shown to the agent for tool selection. Required field per Safe Inputs Specification section 4.2.",
+          "description": "Human-readable description of what the tool does. This is shown to the agent for tool selection. Required field per MCP Scripts Specification section 4.2.",
           "minLength": 1
         },
         "inputs": {
diff --git a/docs/src/content/docs/agent-factory-status.mdx b/docs/src/content/docs/agent-factory-status.mdx
index 11aa8659b7b..f0ab31c1736 100644
--- a/docs/src/content/docs/agent-factory-status.mdx
+++ b/docs/src/content/docs/agent-factory-status.mdx
@@ -65,7 +65,7 @@ These are experimental agentic workflows used by the GitHub Next team to learn,
 | [Daily MCP Tool Concurrency Analysis](https://github.com/github/gh-aw/blob/main/.github/workflows/daily-mcp-concurrency-analysis.md) | copilot | [![Daily MCP Tool Concurrency Analysis](https://github.com/github/gh-aw/actions/workflows/daily-mcp-concurrency-analysis.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/daily-mcp-concurrency-analysis.lock.yml) | `0 9 * * 1-5` | - |
 | [Daily News](https://github.com/github/gh-aw/blob/main/.github/workflows/daily-news.md) | copilot | [![Daily News](https://github.com/github/gh-aw/actions/workflows/daily-news.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/daily-news.lock.yml) | `0 9 * * 1-5` | - |
 | [Daily Observability Report for AWF Firewall and MCP Gateway](https://github.com/github/gh-aw/blob/main/.github/workflows/daily-observability-report.md) | codex | [![Daily Observability Report for AWF Firewall and MCP Gateway](https://github.com/github/gh-aw/actions/workflows/daily-observability-report.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/daily-observability-report.lock.yml) | - | - |
-| [Daily Project Performance Summary Generator (Using Safe Inputs)](https://github.com/github/gh-aw/blob/main/.github/workflows/daily-performance-summary.md) | copilot | [![Daily Project Performance Summary Generator (Using Safe Inputs)](https://github.com/github/gh-aw/actions/workflows/daily-performance-summary.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/daily-performance-summary.lock.yml) | - | - |
+| [Daily Project Performance Summary Generator (Using MCP Scripts)](https://github.com/github/gh-aw/blob/main/.github/workflows/daily-performance-summary.md) | copilot | [![Daily Project Performance Summary Generator (Using MCP Scripts)](https://github.com/github/gh-aw/actions/workflows/daily-performance-summary.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/daily-performance-summary.lock.yml) | - | - |
 | [Daily Regulatory Report Generator](https://github.com/github/gh-aw/blob/main/.github/workflows/daily-regulatory.md) | copilot | [![Daily Regulatory Report Generator](https://github.com/github/gh-aw/actions/workflows/daily-regulatory.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/daily-regulatory.lock.yml) | - | - |
 | [Daily Rendering Scripts Verifier](https://github.com/github/gh-aw/blob/main/.github/workflows/daily-rendering-scripts-verifier.md) | claude | [![Daily Rendering Scripts Verifier](https://github.com/github/gh-aw/actions/workflows/daily-rendering-scripts-verifier.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/daily-rendering-scripts-verifier.lock.yml) | - | - |
 | [Daily Safe Output Tool Optimizer](https://github.com/github/gh-aw/blob/main/.github/workflows/daily-safe-output-optimizer.md) | claude | [![Daily Safe Output Tool Optimizer](https://github.com/github/gh-aw/actions/workflows/daily-safe-output-optimizer.lock.yml/badge.svg)](https://github.com/github/gh-aw/actions/workflows/daily-safe-output-optimizer.lock.yml) | - | - |
diff --git a/docs/src/content/docs/guides/mcps.md b/docs/src/content/docs/guides/mcps.md
index 2cfe5b6f93b..296a5216190 100644
--- a/docs/src/content/docs/guides/mcps.md
+++ b/docs/src/content/docs/guides/mcps.md
@@ -182,7 +182,7 @@ For advanced debugging, import `shared/mcp-debug.md` to access diagnostic tools
 
 ## Related Documentation
 
-- [Safe Inputs](/gh-aw/reference/mcp-scripts/) - Define custom inline tools without external MCP servers
+- [MCP Scripts](/gh-aw/reference/mcp-scripts/) - Define custom inline tools without external MCP servers
 - [Tools](/gh-aw/reference/tools/) - Complete tools reference
 - [CLI Commands](/gh-aw/setup/cli/) - CLI commands including `mcp inspect`
 - [Imports](/gh-aw/reference/imports/) - Modularizing workflows with includes
diff --git a/docs/src/content/docs/guides/upgrading.md b/docs/src/content/docs/guides/upgrading.md
index bb9ea1110ec..d0d363a0d32 100644
--- a/docs/src/content/docs/guides/upgrading.md
+++ b/docs/src/content/docs/guides/upgrading.md
@@ -84,6 +84,7 @@ The upgrade automatically applies codemods to fix deprecated fields in all workf
 | **sandbox-false-to-agent-false** | Converts `sandbox: false` to `sandbox.agent: false` | `sandbox: false` → `sandbox: { agent: false }` |
 | **network-firewall-migration** | Removes deprecated `network.firewall` field | Deletes `firewall: mandatory` |
 | **mcp-scripts-mode-removal** | Removes deprecated `mcp-scripts.mode` field | Deletes `mode: auto` |
+| **safe-inputs-to-mcp-scripts** | Renames `safe-inputs:` to `mcp-scripts:` | `safe-inputs:` → `mcp-scripts:` |
 | **schedule-at-to-around-migration** | Converts `daily at TIME` to `daily around TIME` | `daily at 10:00` → `daily around 10:00` |
 | **delete-schema-file** | Deletes deprecated schema file | Removes `.github/aw/schemas/agentic-workflow.json` |
 | **delete-old-agents** | Deletes old `.agent.md` files moved to `.github/aw/` | Removes outdated agent files |
diff --git a/docs/src/content/docs/introduction/how-they-work.mdx b/docs/src/content/docs/introduction/how-they-work.mdx
index 5d5600582d1..dd8baeb6365 100644
--- a/docs/src/content/docs/introduction/how-they-work.mdx
+++ b/docs/src/content/docs/introduction/how-they-work.mdx
@@ -50,9 +50,9 @@ flowchart LR
 
 Workflows run with minimal permissions (no write access by default), use tool allowlists, and process outputs through a [safety layer](/gh-aw/introduction/architecture/) before applying changes. Critical actions can require human approval. For detailed security documentation, see the [Security Architecture](/gh-aw/introduction/architecture/) page.
 
-## Safe Inputs and Safe Outputs
+## MCP Scripts and Safe Outputs
 
-- **[Safe inputs](/gh-aw/reference/mcp-scripts/)** (validated user input tools) - Custom MCP tools defined inline to prevent injection attacks
+- **[MCP Scripts](/gh-aw/reference/mcp-scripts/)** (custom inline tools) - Custom MCP tools defined inline in workflow frontmatter
 - **[Safe outputs](/gh-aw/reference/safe-outputs/)** (validated GitHub operations) - Pre-approved actions the AI can request without write permissions
 
 ## Regenerating the Lock File
diff --git a/docs/src/content/docs/reference/environment-variables.md b/docs/src/content/docs/reference/environment-variables.md
index 55964e37f23..6df5de254a3 100644
--- a/docs/src/content/docs/reference/environment-variables.md
+++ b/docs/src/content/docs/reference/environment-variables.md
@@ -22,7 +22,7 @@ GitHub Agentic Workflows supports environment variables in 13 distinct contexts:
 | **Sandbox Agent** | `sandbox.agent.env` | Sandbox runtime | Sandbox configuration |
 | **Sandbox MCP** | `sandbox.mcp.env` | Model Context Protocol (MCP) gateway | MCP debugging |
 | **MCP Tools** | `tools.<name>.env` | MCP server process | MCP server secrets |
-| **Safe Inputs** | `mcp-scripts.<name>.env` | Safe-input execution | Tool-specific tokens |
+| **MCP Scripts** | `mcp-scripts.<name>.env` | MCP script execution | Tool-specific tokens |
 | **Safe Outputs Global** | `safe-outputs.env` | All safe-output jobs | Shared safe-output config |
 | **Safe Outputs Job** | `safe-outputs.jobs.<name>.env` | Specific safe-output job | Job-specific config |
 | **GitHub Actions Step** | `githubActionsStep.env` | Pre-defined steps | Step configuration |
@@ -145,5 +145,5 @@ jobs:
 - [Safe Outputs](/gh-aw/reference/safe-outputs/) - Safe output environment configuration
 - [Sandbox](/gh-aw/reference/sandbox/) - Sandbox environment variables
 - [Tools](/gh-aw/reference/tools/) - MCP tool configuration
-- [Safe Inputs](/gh-aw/reference/mcp-scripts/) - Safe input tool configuration
+- [MCP Scripts](/gh-aw/reference/mcp-scripts/) - MCP script tool configuration
 - [GitHub Actions Environment Variables](https://docs.github.com/en/actions/learn-github-actions/variables) - GitHub Actions documentation
diff --git a/docs/src/content/docs/reference/frontmatter.md b/docs/src/content/docs/reference/frontmatter.md
index 9cb1d976ac9..a6f173a7e60 100644
--- a/docs/src/content/docs/reference/frontmatter.md
+++ b/docs/src/content/docs/reference/frontmatter.md
@@ -486,9 +486,9 @@ network:
     - "api.example.com"    # Custom domain
 ```
 
-### Safe Inputs (`mcp-scripts:`)
+### MCP Scripts (`mcp-scripts:`)
 
-Enables defining custom MCP tools inline using JavaScript or shell scripts. See [Safe Inputs](/gh-aw/reference/mcp-scripts/) for complete documentation on creating custom tools with controlled secret access.
+Enables defining custom MCP tools inline using JavaScript or shell scripts. See [MCP Scripts](/gh-aw/reference/mcp-scripts/) for complete documentation on creating custom tools with controlled secret access.
 
 ### Safe Outputs (`safe-outputs:`)
 
diff --git a/docs/src/content/docs/reference/glossary.md b/docs/src/content/docs/reference/glossary.md
index 582db3c2980..96e7114fd97 100644
--- a/docs/src/content/docs/reference/glossary.md
+++ b/docs/src/content/docs/reference/glossary.md
@@ -69,7 +69,7 @@ Capabilities that an AI agent can use during workflow execution. Tools are confi
 
 ## Security and Outputs
 
-### Safe Inputs
+### MCP Scripts
 
 Custom MCP tools defined inline in workflow frontmatter using JavaScript or shell scripts. Enables lightweight tool creation without external dependencies while maintaining controlled secret access. Tools are generated at runtime and mounted as an MCP server with typed input parameters, default values, and environment variables. Configured via `mcp-scripts:` section.
 
@@ -399,7 +399,7 @@ For detailed documentation on specific topics, see:
 
 - [Frontmatter Reference](/gh-aw/reference/frontmatter/)
 - [Tools Reference](/gh-aw/reference/tools/)
-- [Safe Inputs Reference](/gh-aw/reference/mcp-scripts/)
+- [MCP Scripts Reference](/gh-aw/reference/mcp-scripts/)
 - [Safe Outputs Reference](/gh-aw/reference/safe-outputs/)
 - [Using MCPs Guide](/gh-aw/guides/mcps/)
 - [Security Guide](/gh-aw/introduction/architecture/)
diff --git a/docs/src/content/docs/reference/mcp-gateway.md b/docs/src/content/docs/reference/mcp-gateway.md
index a4673b4522c..03fcb1e4956 100644
--- a/docs/src/content/docs/reference/mcp-gateway.md
+++ b/docs/src/content/docs/reference/mcp-gateway.md
@@ -1516,7 +1516,7 @@ Content-Type: application/json
   - Gateway MAY support custom server types beyond "stdio" and "http"
   - Custom types registered in top-level `customSchemas` field mapping type names to JSON Schema URLs
   - Custom server configurations validated against registered schemas
-  - Enables extensibility for specialized MCP server implementations (e.g., Safe Inputs)
+  - Enables extensibility for specialized MCP server implementations (e.g., MCP Scripts)
 - **Added**: `customSchemas` field to top-level configuration (Section 4.1.3a)
   - Maps custom type names to HTTPS URLs for JSON Schema validation
   - Supports empty string to skip validation for a custom type
diff --git a/docs/src/content/docs/reference/mcp-scripts-specification.md b/docs/src/content/docs/reference/mcp-scripts-specification.md
index 980f09b83b1..69221bf2153 100644
--- a/docs/src/content/docs/reference/mcp-scripts-specification.md
+++ b/docs/src/content/docs/reference/mcp-scripts-specification.md
@@ -1,11 +1,11 @@
 ---
-title: Safe Inputs Specification
-description: Formal specification for Safe Inputs custom MCP tools following W3C conventions
+title: MCP Scripts Specification
+description: Formal specification for MCP Scripts custom MCP tools following W3C conventions
 sidebar:
   order: 1360
 ---
 
-# Safe Inputs Specification
+# MCP Scripts Specification
 
 **Version**: 1.1.0  
 **Status**: Draft Specification  
@@ -17,7 +17,7 @@ sidebar:
 
 ## Abstract
 
-This specification defines Safe Inputs, an extension to the MCP Gateway that enables inline definition of custom MCP tools directly in workflow frontmatter using JavaScript, shell scripts, Python, or Go. Safe Inputs provides ephemeral, containerized tool execution with controlled secret access through a standardized MCP tools interface. Tool execution is stateless and session-independent, providing process isolation and security boundaries for custom functionality.
+This specification defines MCP Scripts, an extension to the MCP Gateway that enables inline definition of custom MCP tools directly in workflow frontmatter using JavaScript, shell scripts, Python, or Go. MCP Scripts provides ephemeral, containerized tool execution with controlled secret access through a standardized MCP tools interface. Tool execution is stateless and session-independent, providing process isolation and security boundaries for custom functionality.
 
 ## Status of This Document
 
@@ -44,7 +44,7 @@ This document is governed by the GitHub Agentic Workflows project specifications
 
 ### 1.1 Purpose
 
-Safe Inputs enables developers to define custom MCP tools inline in workflow frontmatter without requiring external MCP server implementations. It solves the following problems:
+MCP Scripts enables developers to define custom MCP tools inline in workflow frontmatter without requiring external MCP server implementations. It solves the following problems:
 
 - **Rapid Tool Development**: Define tools directly in workflow without creating separate services
 - **Secret Isolation**: Provide controlled access to secrets through explicit environment variable mapping
@@ -56,7 +56,7 @@ Safe Inputs enables developers to define custom MCP tools inline in workflow fro
 
 This specification covers:
 
-- Safe Inputs configuration format in workflow frontmatter
+- MCP Scripts configuration format in workflow frontmatter
 - Tool definition structure and validation rules
 - Supported implementation languages and their execution models
 - Secret access and environment variable handling
@@ -74,7 +74,7 @@ This specification does NOT cover:
 
 ### 1.3 Design Goals
 
-Safe Inputs is designed for:
+MCP Scripts is designed for:
 
 - **Developer Convenience**: Minimal configuration overhead for common tool patterns
 - **Security by Default**: Explicit secret access, process isolation, output sanitization
@@ -84,7 +84,7 @@ Safe Inputs is designed for:
 
 ### 1.4 Relationship to MCP Gateway
 
-Safe Inputs is an **extension** to the MCP Gateway Specification. The MCP Gateway allows additional fields in its configuration format, and Safe Inputs leverages this extensibility to provide inline tool definitions. Safe Inputs configurations are processed during workflow compilation and translated into MCP server configurations that are gatewayed by the MCP Gateway infrastructure.
+MCP Scripts is an **extension** to the MCP Gateway Specification. The MCP Gateway allows additional fields in its configuration format, and MCP Scripts leverages this extensibility to provide inline tool definitions. MCP Scripts configurations are processed during workflow compilation and translated into MCP server configurations that are gatewayed by the MCP Gateway infrastructure.
 
 ---
 
@@ -92,9 +92,9 @@ Safe Inputs is an **extension** to the MCP Gateway Specification. The MCP Gatewa
 
 ### 2.1 Conformance Classes
 
-A **conforming Safe Inputs implementation** is one that satisfies all MUST, REQUIRED, and SHALL requirements in this specification.
+A **conforming MCP Scripts implementation** is one that satisfies all MUST, REQUIRED, and SHALL requirements in this specification.
 
-A **partially conforming Safe Inputs implementation** is one that satisfies all MUST requirements for JavaScript tools but MAY lack support for Shell, Python, or Go implementations.
+A **partially conforming MCP Scripts implementation** is one that satisfies all MUST requirements for JavaScript tools but MAY lack support for Shell, Python, or Go implementations.
 
 ### 2.2 Requirements Notation
 
@@ -122,7 +122,7 @@ Implementations MUST support:
                        │ Compilation
                        ▼
 ┌─────────────────────────────────────────────────────────┐
-│              Safe Inputs MCP Server                     │
+│              MCP Scripts Server                     │
 │  ┌───────────────────────────────────────────────────┐  │
 │  │  Tool Registry & Configuration Loader             │  │
 │  └───────────────────────────────────────────────────┘  │
@@ -142,10 +142,10 @@ Implementations MUST support:
 
 ### 3.2 Execution Model
 
-Safe Inputs operates with the following execution model:
+MCP Scripts operates with the following execution model:
 
 1. **Compilation Phase**: Workflow frontmatter is parsed and validated
-2. **Server Startup**: Safe Inputs MCP server starts with tool configurations
+2. **Server Startup**: MCP Scripts server starts with tool configurations
 3. **Tool Registration**: Each tool is registered with the MCP server
 4. **Invocation**: Agent invokes tool via MCP protocol (HTTP transport)
 5. **Execution**: Tool handler executes in appropriate runtime environment
@@ -154,14 +154,14 @@ Safe Inputs operates with the following execution model:
 
 ### 3.3 Transport Model
 
-Safe Inputs MUST use HTTP transport for MCP communication. The transport architecture is:
+MCP Scripts MUST use HTTP transport for MCP communication. The transport architecture is:
 
 - **Client → Gateway**: HTTP with JSON-RPC payloads
-- **Gateway → Safe Inputs Server**: HTTP with JSON-RPC payloads
-- **Safe Inputs Server**: HTTP server on configurable port (default: 3000)
+- **Gateway → MCP Scripts Server**: HTTP with JSON-RPC payloads
+- **MCP Scripts Server**: HTTP server on configurable port (default: 3000)
 - **Authentication**: API key-based authentication via Authorization header
 
-Stdio transport is NOT supported for Safe Inputs.
+Stdio transport is NOT supported for MCP Scripts.
 
 ---
 
@@ -169,7 +169,7 @@ Stdio transport is NOT supported for Safe Inputs.
 
 ### 4.1 Frontmatter Structure
 
-Safe Inputs configuration MUST be defined in the `mcp-scripts:` section of workflow frontmatter:
+MCP Scripts configuration MUST be defined in the `mcp-scripts:` section of workflow frontmatter:
 
 ```yaml
 mcp-scripts:
@@ -350,7 +350,7 @@ Implementations SHOULD validate:
 
 ### 5.1 Invocation Flow
 
-1. Agent sends JSON-RPC request to Safe Inputs MCP server
+1. Agent sends JSON-RPC request to MCP Scripts server
 2. Server validates request format and authentication
 3. Server validates tool inputs against schema
 4. Server dispatches to appropriate language handler
@@ -769,16 +769,16 @@ Implementations MUST:
 
 ### 9.1 Configuration Extension
 
-Safe Inputs extends the MCP Gateway configuration format. During workflow compilation:
+MCP Scripts extends the MCP Gateway configuration format. During workflow compilation:
 
-1. Safe Inputs tools are compiled into MCP server configuration
+1. MCP Scripts tools are compiled into MCP server configuration
 2. Configuration is passed to MCP Gateway as additional server
-3. Gateway routes requests to Safe Inputs MCP server
-4. Safe Inputs server handles tool execution
+3. Gateway routes requests to MCP Scripts server
+4. MCP Scripts server handles tool execution
 
 ### 9.2 Gateway Communication
 
-Safe Inputs MCP server MUST:
+MCP Scripts server MUST:
 
 1. Expose HTTP endpoint for MCP communication
 2. Accept JSON-RPC requests from gateway
@@ -787,7 +787,7 @@ Safe Inputs MCP server MUST:
 
 ### 9.3 Configuration Generation
 
-At compilation time, Safe Inputs generates:
+At compilation time, MCP Scripts generates:
 
 ```json
 {
@@ -807,7 +807,7 @@ This configuration is merged with other MCP servers and passed to gateway.
 
 ### 9.4 Server Lifecycle
 
-Safe Inputs MCP server:
+MCP Scripts server:
 
 1. **Startup**: Server starts during workflow initialization
 2. **Tool Registration**: All tools are registered at startup
diff --git a/docs/src/content/docs/reference/mcp-scripts.md b/docs/src/content/docs/reference/mcp-scripts.md
index 5aa5e1bbb0f..4bd343017b7 100644
--- a/docs/src/content/docs/reference/mcp-scripts.md
+++ b/docs/src/content/docs/reference/mcp-scripts.md
@@ -1,5 +1,5 @@
 ---
-title: Safe Inputs
+title: MCP Scripts
 description: Define custom MCP tools inline as JavaScript or shell scripts with secret access, providing lightweight tool creation without external dependencies.
 sidebar:
   order: 750
@@ -25,7 +25,7 @@ The agent can now call `greet-user` with a `name` parameter.
 
 ## Tool Definition
 
-Each safe-input tool requires a unique name and configuration:
+Each mcp-script tool requires a unique name and configuration:
 
 ```yaml wrap
 mcp-scripts:
@@ -293,7 +293,7 @@ Secrets using `${{ secrets.* }}` are masked in logs.
 
 When output exceeds 500 characters, it's saved to a file. The agent receives the file path, size, and JSON schema preview (if applicable).
 
-## Importing Safe Inputs
+## Importing MCP Scripts
 
 Import tools from shared workflows using `imports:`. Local tool definitions override imported ones on name conflicts:
 
@@ -338,7 +338,7 @@ Tools provide secret isolation (only specified env vars), process isolation (sep
 
 ## Comparison with Other Options
 
-| Feature | Safe Inputs | Custom MCP Servers | Bash Tool |
+| Feature | MCP Scripts | Custom MCP Servers | Bash Tool |
 |---------|-------------|-------------------|-----------|
 | Setup | Inline in frontmatter | External service | Simple commands |
 | Languages | JavaScript, Shell, Python | Any language | Shell only |
@@ -354,7 +354,7 @@ Tools provide secret isolation (only specified env vars), process isolation (sep
 
 ## Related Documentation
 
-- [Safe Inputs Specification](/gh-aw/reference/mcp-scripts-specification/) - Formal W3C-style specification
+- [MCP Scripts Specification](/gh-aw/reference/mcp-scripts-specification/) - Formal W3C-style specification
 - [Tools](/gh-aw/reference/tools/) - Other tool configuration options
 - [Imports](/gh-aw/reference/imports/) - Importing shared workflows
 - [Safe Outputs](/gh-aw/reference/safe-outputs/) - Automated post-workflow actions
diff --git a/docs/src/content/docs/reference/tools.md b/docs/src/content/docs/reference/tools.md
index 7a2ba6f133b..2081c12470d 100644
--- a/docs/src/content/docs/reference/tools.md
+++ b/docs/src/content/docs/reference/tools.md
@@ -172,7 +172,7 @@ The `registry` field is informational and does not affect server execution. It c
 - [Playwright](/gh-aw/reference/playwright/) - Browser automation and testing configuration
 - [Cache Memory](/gh-aw/reference/cache-memory/) - Persistent memory across workflow runs
 - [Repo Memory](/gh-aw/reference/repo-memory/) - Repository-specific memory storage
-- [Safe Inputs](/gh-aw/reference/mcp-scripts/) - Define custom inline tools with JavaScript or shell scripts
+- [MCP Scripts](/gh-aw/reference/mcp-scripts/) - Define custom inline tools with JavaScript or shell scripts
 - [Frontmatter](/gh-aw/reference/frontmatter/) - All frontmatter configuration options
 - [Network Permissions](/gh-aw/reference/network/) - Network access control for AI engines
 - [MCPs](/gh-aw/guides/mcps/) - Complete Model Context Protocol setup and usage

From fc7d5dcf368e0d513a558439857d54bc4d665ee8 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 21:37:57 +0000
Subject: [PATCH 05/10] Fix setup.sh stale error msg; update mcp-scripts docs
 to note runner-host execution

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
 actions/setup/setup.sh                         | 2 +-
 docs/src/content/docs/reference/mcp-scripts.md | 4 ++--
 pkg/workflow/mcp_scripts_renderer.go           | 6 +++---
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/actions/setup/setup.sh b/actions/setup/setup.sh
index ca731aa4104..4e5ecfca15a 100755
--- a/actions/setup/setup.sh
+++ b/actions/setup/setup.sh
@@ -176,7 +176,7 @@ for file in "${MCP_SCRIPTS_FILES[@]}"; do
     echo "Copied mcp-scripts: ${file}"
     MCP_SCRIPTS_COUNT=$((MCP_SCRIPTS_COUNT + 1))
   else
-    echo "::error::Safe-inputs file not found: ${file}"
+    echo "::error::MCP Scripts file not found: ${file}"
     MCP_SCRIPTS_MISSING+=("${file}")
   fi
 done
diff --git a/docs/src/content/docs/reference/mcp-scripts.md b/docs/src/content/docs/reference/mcp-scripts.md
index 4bd343017b7..06696f49c52 100644
--- a/docs/src/content/docs/reference/mcp-scripts.md
+++ b/docs/src/content/docs/reference/mcp-scripts.md
@@ -5,7 +5,7 @@ sidebar:
   order: 750
 ---
 
-The [`mcp-scripts:`](/gh-aw/reference/glossary/#mcp-scripts) (validated user input tools) element allows you to define custom [MCP](/gh-aw/reference/glossary/#mcp-model-context-protocol) (Model Context Protocol) tools directly in your workflow [frontmatter](/gh-aw/reference/glossary/#frontmatter) using JavaScript, shell scripts, or Python. These tools are generated at runtime and mounted as an MCP server, giving your agent access to custom functionality with controlled secret access.
+The [`mcp-scripts:`](/gh-aw/reference/glossary/#mcp-scripts) element allows you to define custom [MCP](/gh-aw/reference/glossary/#mcp-model-context-protocol) (Model Context Protocol) tools directly in your workflow [frontmatter](/gh-aw/reference/glossary/#frontmatter) using JavaScript, shell scripts, or Python. These tools are generated at runtime and run as an HTTP MCP server **on the GitHub Actions runner, outside the agent container**. The agent reaches the server via `host.docker.internal`, keeping tool execution isolated from the AI sandbox while still providing controlled secret access.
 
 ## Quick Start
 
@@ -334,7 +334,7 @@ Analyze provided text using the `analyze-text` tool and create a discussion with
 
 ## Security Considerations
 
-Tools provide secret isolation (only specified env vars), process isolation (separate execution), and output sanitization (large outputs saved to files). Only predefined tools are available to agents.
+MCP Scripts tools run on the GitHub Actions **runner host** — outside the agent container — so they can access the runner's file system and environment but are isolated from the AI's own execution environment. Tools also provide secret isolation (only specified env vars are forwarded), process isolation (separate execution), and output sanitization (large outputs saved to files). Only predefined tools are available to agents.
 
 ## Comparison with Other Options
 
diff --git a/pkg/workflow/mcp_scripts_renderer.go b/pkg/workflow/mcp_scripts_renderer.go
index 093de338b8a..fe6b45754d9 100644
--- a/pkg/workflow/mcp_scripts_renderer.go
+++ b/pkg/workflow/mcp_scripts_renderer.go
@@ -46,10 +46,10 @@ func collectMCPScriptsSecrets(mcpScripts *MCPScriptsConfig) map[string]string {
 	return secrets
 }
 
-// renderMCPScriptsMCPConfigWithOptions generates the Safe Inputs MCP server configuration with engine-specific options
+// renderMCPScriptsMCPConfigWithOptions generates the MCP Scripts server configuration with engine-specific options
 // Always uses HTTP transport mode
 func renderMCPScriptsMCPConfigWithOptions(yaml *strings.Builder, mcpScripts *MCPScriptsConfig, isLast bool, includeCopilotFields bool, workflowData *WorkflowData) {
-	mcpScriptsRendererLog.Printf("Rendering Safe Inputs MCP config: includeCopilotFields=%t, isLast=%t",
+	mcpScriptsRendererLog.Printf("Rendering MCP Scripts config: includeCopilotFields=%t, isLast=%t",
 		includeCopilotFields, isLast)
 
 	yaml.WriteString("              \"" + constants.MCPScriptsMCPServerID.String() + "\": {\n")
@@ -63,7 +63,7 @@ func renderMCPScriptsMCPConfigWithOptions(yaml *strings.Builder, mcpScripts *MCP
 	if workflowData != nil && workflowData.SandboxConfig != nil && workflowData.SandboxConfig.Agent != nil && workflowData.SandboxConfig.Agent.Disabled {
 		// When agent is disabled (no firewall), use localhost instead of host.docker.internal
 		host = "localhost"
-		mcpScriptsRendererLog.Print("Agent disabled, using localhost for Safe Inputs MCP server")
+		mcpScriptsRendererLog.Print("Agent disabled, using localhost for MCP Scripts server")
 	}
 
 	// HTTP URL using environment variable - NOT escaped so shell expands it before awmg validation

From b89a5e4fd21d31068f76a6810bad15eb3908c971 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 22:31:47 +0000
Subject: [PATCH 06/10] Rename all remaining 'safe inputs'/'safe-inputs'
 terminology to 'MCP Scripts'

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
 .github/aw/campaign.md                        |  2 +-
 .github/aw/github-agentic-workflows.md        |  4 +--
 .github/aw/runbooks/workflow-health.md        | 32 +++++++++----------
 .github/aw/upgrade-agentic-workflows.md       |  2 +-
 .../copilot-pr-merged-report.lock.yml         |  8 ++---
 .../workflows/daily-cli-performance.lock.yml  |  8 ++---
 .../daily-performance-summary.lock.yml        |  8 ++---
 .github/workflows/daily-regulatory.lock.yml   |  8 ++---
 .github/workflows/go-logger.lock.yml          |  8 ++---
 .github/workflows/smoke-claude.lock.yml       |  8 ++---
 .github/workflows/smoke-codex.lock.yml        |  8 ++---
 .github/workflows/smoke-copilot-arm.lock.yml  |  8 ++---
 .github/workflows/smoke-copilot.lock.yml      |  8 ++---
 .github/workflows/smoke-gemini.lock.yml       |  8 ++---
 actions/setup/README.md                       |  2 +-
 .../setup/js/generate_mcp_scripts_config.cjs  |  4 +--
 .../js/generate_mcp_scripts_config.test.cjs   |  2 +-
 actions/setup/js/log_parser_shared.cjs        |  4 +--
 actions/setup/js/log_parser_shared.test.cjs   |  4 +--
 actions/setup/js/mcp-scripts-runner.cjs       |  2 +-
 actions/setup/js/mcp_handler_go.cjs           |  2 +-
 actions/setup/js/mcp_handler_javascript.cjs   |  2 +-
 actions/setup/js/mcp_handler_python.cjs       |  2 +-
 actions/setup/js/mcp_handler_shell.cjs        |  2 +-
 actions/setup/js/mcp_scripts_bootstrap.cjs    |  2 +-
 .../setup/js/mcp_scripts_config_loader.cjs    |  2 +-
 actions/setup/js/mcp_scripts_mcp_server.cjs   |  2 +-
 .../setup/js/mcp_scripts_mcp_server_http.cjs  |  8 ++---
 actions/setup/js/mcp_scripts_tool_factory.cjs |  2 +-
 actions/setup/js/mcp_scripts_validation.cjs   |  2 +-
 actions/setup/js/parse_mcp_scripts_logs.cjs   |  4 +--
 .../setup/js/parse_mcp_scripts_logs.test.cjs  |  8 ++---
 actions/setup/sh/start_mcp_scripts_server.sh  | 10 +++---
 docs/public/editor/autocomplete-data.json     |  2 +-
 .../content/docs/guides/editing-workflows.md  |  2 +-
 .../docs/reference/frontmatter-full.md        |  2 +-
 pkg/cli/mcp_inspect.go                        |  2 +-
 pkg/parser/schemas/main_workflow_schema.json  |  2 +-
 pkg/workflow/compiler_yaml_ai_execution.go    |  2 +-
 pkg/workflow/features_import_test.go          |  2 +-
 pkg/workflow/mcp_api_key_masking_test.go      |  6 ++--
 pkg/workflow/mcp_config_builtin.go            |  2 +-
 pkg/workflow/mcp_config_utils.go              |  4 +--
 pkg/workflow/mcp_detection_test.go            |  4 +--
 pkg/workflow/mcp_environment.go               |  4 +--
 pkg/workflow/mcp_renderer.go                  |  8 ++---
 pkg/workflow/mcp_scripts_conditional_test.go  | 28 ++++++++--------
 pkg/workflow/mcp_scripts_http_codex_test.go   |  2 +-
 pkg/workflow/mcp_scripts_mode_test.go         |  2 +-
 pkg/workflow/mcp_scripts_parser.go            |  2 +-
 pkg/workflow/mcp_scripts_parser_test.go       |  2 +-
 pkg/workflow/mcp_setup_generator.go           |  8 ++---
 52 files changed, 136 insertions(+), 136 deletions(-)

diff --git a/.github/aw/campaign.md b/.github/aw/campaign.md
index ba9e97199e6..865fd039160 100644
--- a/.github/aw/campaign.md
+++ b/.github/aw/campaign.md
@@ -109,7 +109,7 @@ KPI workflows are campaigns where the first-class output is a **metric** and an
 **Inputs (when you need knobs):**
 
 - Use `workflow_dispatch` inputs for user-controlled parameters (e.g., target threshold, window size) and have a deterministic `steps:` block normalize those inputs into a JSON config the agent reads.
-- Use `safe-inputs:` when the agent needs a constrained, auditable tool to fetch privileged data (it’s not a human input mechanism).
+- Use `mcp-scripts:` when the agent needs a constrained, auditable tool to fetch privileged data (it’s not a human input mechanism).
 
 **Minimum viable KPI spec (keep it explicit):**
 
diff --git a/.github/aw/github-agentic-workflows.md b/.github/aw/github-agentic-workflows.md
index 97b848ab90d..17341743379 100644
--- a/.github/aw/github-agentic-workflows.md
+++ b/.github/aw/github-agentic-workflows.md
@@ -1110,7 +1110,7 @@ The YAML frontmatter supports these fields:
               run: echo "Custom threat check"
       ```
 
-- **`safe-inputs:`** - Define custom lightweight MCP tools as JavaScript, shell, Python, or Go scripts (object)
+- **`mcp-scripts:`** - Define custom lightweight MCP tools as JavaScript, shell, Python, or Go scripts (object)
   - Tools mounted in MCP server with access to specified secrets
   - Each tool requires `description` and one of: `script` (JavaScript), `run` (shell), `py` (Python), or `go` (Go)
   - Tool configuration properties:
@@ -1124,7 +1124,7 @@ The YAML frontmatter supports these fields:
     - `timeout:` - Execution timeout in seconds (default: 60)
   - Example:
     ```yaml
-    safe-inputs:
+    mcp-scripts:
       search-issues:
         description: "Search GitHub issues using API"
         inputs:
diff --git a/.github/aw/runbooks/workflow-health.md b/.github/aw/runbooks/workflow-health.md
index 788a19df993..8c353b6bf4f 100644
--- a/.github/aw/runbooks/workflow-health.md
+++ b/.github/aw/runbooks/workflow-health.md
@@ -39,12 +39,12 @@ Use this runbook when:
 ### Input/Secret Validation Failures
 
 **Symptoms**:
-- Safe-inputs action fails
+- MCP Scripts action fails
 - Environment variable not available
 - Template expression evaluation errors
 
 **Common Causes**:
-- Safe-inputs action not configured
+- MCP Scripts action not configured
 - Missing required secrets
 - Incorrect secret references
 
@@ -192,19 +192,19 @@ tools:
 Analyze repository issues and provide insights.
 ```
 
-### Configuring Safe-Inputs and Safe-Outputs
+### Configuring MCP Scripts and Safe-Outputs
 
 **Problem**: Workflow fails with missing safeinputs-gh or safe-output errors.
 
-**Solution**: Configure safe-inputs and safe-outputs in the workflow.
+**Solution**: Configure mcp-scripts and safe-outputs in the workflow.
 
-#### Adding Safe-Inputs
+#### Adding MCP Scripts
 
-Safe-inputs securely pass GitHub context to AI agents:
+MCP Scripts securely pass GitHub context to AI agents:
 
 ```aw
 ---
-safe-inputs:
+mcp-scripts:
   issue:
     title: ${{ github.event.issue.title }}
     body: ${{ github.event.issue.body }}
@@ -212,7 +212,7 @@ safe-inputs:
 ---
 ```
 
-The safe-inputs are automatically made available to the agent as environment variables.
+The mcp-scripts are automatically made available to the agent as environment variables.
 
 #### Adding Safe-Outputs
 
@@ -230,7 +230,7 @@ safe-outputs:
 ---
 ```
 
-**Example**: Complete workflow with safe-inputs and safe-outputs
+**Example**: Complete workflow with mcp-scripts and safe-outputs
 
 ```aw
 ---
@@ -246,7 +246,7 @@ tools:
   github:
     mode: remote
     toolsets: [default]
-safe-inputs:
+mcp-scripts:
   issue:
     title: ${{ github.event.issue.title }}
     body: ${{ github.event.issue.body }}
@@ -319,7 +319,7 @@ The DeepReport Intelligence Briefing (Discussion #7277) identified several workf
 
 **Daily Copilot PR Merged**:
 - Error: "missing tool configuration for safeinputs-gh"
-- Root cause: Safe-inputs action not set up in workflow
+- Root cause: MCP Scripts action not set up in workflow
 - PR merge data not being passed securely to agent
 
 ### Resolution
@@ -340,10 +340,10 @@ tools:
 ```
 
 **Daily Copilot PR Merged**:
-Added safe-inputs configuration:
+Added mcp-scripts configuration:
 
 ```aw
-safe-inputs:
+mcp-scripts:
   pull_request:
     number: ${{ github.event.pull_request.number }}
     title: ${{ github.event.pull_request.title }}
@@ -353,7 +353,7 @@ safe-inputs:
 
 1. **MCP-first approach**: Always configure GitHub MCP server when workflows need GitHub API access
 2. **Permission planning**: Define required permissions upfront based on workflow operations
-3. **Safe-inputs for context**: Use safe-inputs to securely pass GitHub event context to agents
+3. **MCP Scripts for context**: Use mcp-scripts to securely pass GitHub event context to agents
 4. **Test after compilation**: Always test workflows manually after making configuration changes
 5. **Monitor systematically**: Use `gh aw logs` for regular workflow health monitoring
 
@@ -396,7 +396,7 @@ tools:
 ---
 ```
 
-**Issue-triggered workflow with safe-inputs**:
+**Issue-triggered workflow with mcp-scripts**:
 ```aw
 ---
 on:
@@ -405,7 +405,7 @@ on:
 permissions:
   contents: read
   issues: write
-safe-inputs:
+mcp-scripts:
   issue:
     title: ${{ github.event.issue.title }}
     body: ${{ github.event.issue.body }}
diff --git a/.github/aw/upgrade-agentic-workflows.md b/.github/aw/upgrade-agentic-workflows.md
index 8b1762b04fa..f10e14cb185 100644
--- a/.github/aw/upgrade-agentic-workflows.md
+++ b/.github/aw/upgrade-agentic-workflows.md
@@ -102,7 +102,7 @@ Before attempting to compile, apply automatic codemods:
    This will automatically update workflow files with changes like:
    - Replacing 'timeout_minutes' with 'timeout-minutes'
    - Replacing 'network.firewall' with 'sandbox.agent: false'
-   - Removing deprecated 'safe-inputs.mode' field
+   - Removing deprecated 'mcp-scripts.mode' field
 
 2. **Review the Changes**
    - Note which workflows were updated by the codemods
diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml
index 2b3af5450d1..328a5b6e30e 100644
--- a/.github/workflows/copilot-pr-merged-report.lock.yml
+++ b/.github/workflows/copilot-pr-merged-report.lock.yml
@@ -626,7 +626,7 @@ jobs:
           
           bash /opt/gh-aw/actions/start_safe_outputs_server.sh
           
-      - name: Setup Safe Inputs Config
+      - name: Setup MCP Scripts Config
         run: |
           mkdir -p /opt/gh-aw/mcp-scripts/logs
           cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
@@ -677,7 +677,7 @@ jobs:
           GH_AW_MCP_SCRIPTS_SERVER_EOF
           chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
-      - name: Setup Safe Inputs Tool Files
+      - name: Setup MCP Scripts Tool Files
         run: |
           cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
@@ -709,7 +709,7 @@ jobs:
             echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
-          echo "Safe Inputs MCP server will run on port ${PORT}"
+          echo "MCP Scripts server will run on port ${PORT}"
           
       - name: Start MCP Scripts HTTP Server
         id: mcp-scripts-start
@@ -941,7 +941,7 @@ jobs:
             setupGlobals(core, github, context, exec, io);
             const { main } = require('/opt/gh-aw/actions/parse_copilot_log.cjs');
             await main();
-      - name: Parse Safe Inputs logs for step summary
+      - name: Parse MCP Scripts logs for step summary
         if: always()
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         with:
diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml
index 9bd2e8de9fe..7ad681c59f4 100644
--- a/.github/workflows/daily-cli-performance.lock.yml
+++ b/.github/workflows/daily-cli-performance.lock.yml
@@ -708,7 +708,7 @@ jobs:
           
           bash /opt/gh-aw/actions/start_safe_outputs_server.sh
           
-      - name: Setup Safe Inputs Config
+      - name: Setup MCP Scripts Config
         run: |
           mkdir -p /opt/gh-aw/mcp-scripts/logs
           cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
@@ -773,7 +773,7 @@ jobs:
           GH_AW_MCP_SCRIPTS_SERVER_EOF
           chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
-      - name: Setup Safe Inputs Tool Files
+      - name: Setup MCP Scripts Tool Files
         run: |
           cat > /opt/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_EOF'
           #!/bin/bash
@@ -817,7 +817,7 @@ jobs:
             echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
-          echo "Safe Inputs MCP server will run on port ${PORT}"
+          echo "MCP Scripts server will run on port ${PORT}"
           
       - name: Start MCP Scripts HTTP Server
         id: mcp-scripts-start
@@ -1043,7 +1043,7 @@ jobs:
             setupGlobals(core, github, context, exec, io);
             const { main } = require('/opt/gh-aw/actions/parse_copilot_log.cjs');
             await main();
-      - name: Parse Safe Inputs logs for step summary
+      - name: Parse MCP Scripts logs for step summary
         if: always()
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         with:
diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml
index 4a5a657370b..40e2c32b5aa 100644
--- a/.github/workflows/daily-performance-summary.lock.yml
+++ b/.github/workflows/daily-performance-summary.lock.yml
@@ -745,7 +745,7 @@ jobs:
           
           bash /opt/gh-aw/actions/start_safe_outputs_server.sh
           
-      - name: Setup Safe Inputs Config
+      - name: Setup MCP Scripts Config
         run: |
           mkdir -p /opt/gh-aw/mcp-scripts/logs
           cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
@@ -860,7 +860,7 @@ jobs:
           GH_AW_MCP_SCRIPTS_SERVER_EOF
           chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
-      - name: Setup Safe Inputs Tool Files
+      - name: Setup MCP Scripts Tool Files
         run: |
           cat > /opt/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
           #!/bin/bash
@@ -1184,7 +1184,7 @@ jobs:
             echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
-          echo "Safe Inputs MCP server will run on port ${PORT}"
+          echo "MCP Scripts server will run on port ${PORT}"
           
       - name: Start MCP Scripts HTTP Server
         id: mcp-scripts-start
@@ -1419,7 +1419,7 @@ jobs:
             setupGlobals(core, github, context, exec, io);
             const { main } = require('/opt/gh-aw/actions/parse_copilot_log.cjs');
             await main();
-      - name: Parse Safe Inputs logs for step summary
+      - name: Parse MCP Scripts logs for step summary
         if: always()
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         with:
diff --git a/.github/workflows/daily-regulatory.lock.yml b/.github/workflows/daily-regulatory.lock.yml
index 1d6cd8f8e0c..965477155dc 100644
--- a/.github/workflows/daily-regulatory.lock.yml
+++ b/.github/workflows/daily-regulatory.lock.yml
@@ -665,7 +665,7 @@ jobs:
           
           bash /opt/gh-aw/actions/start_safe_outputs_server.sh
           
-      - name: Setup Safe Inputs Config
+      - name: Setup MCP Scripts Config
         run: |
           mkdir -p /opt/gh-aw/mcp-scripts/logs
           cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
@@ -780,7 +780,7 @@ jobs:
           GH_AW_MCP_SCRIPTS_SERVER_EOF
           chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
-      - name: Setup Safe Inputs Tool Files
+      - name: Setup MCP Scripts Tool Files
         run: |
           cat > /opt/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_EOF'
           #!/bin/bash
@@ -1104,7 +1104,7 @@ jobs:
             echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
-          echo "Safe Inputs MCP server will run on port ${PORT}"
+          echo "MCP Scripts server will run on port ${PORT}"
           
       - name: Start MCP Scripts HTTP Server
         id: mcp-scripts-start
@@ -1333,7 +1333,7 @@ jobs:
             setupGlobals(core, github, context, exec, io);
             const { main } = require('/opt/gh-aw/actions/parse_copilot_log.cjs');
             await main();
-      - name: Parse Safe Inputs logs for step summary
+      - name: Parse MCP Scripts logs for step summary
         if: always()
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         with:
diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml
index 87536e2c75d..82199dd3651 100644
--- a/.github/workflows/go-logger.lock.yml
+++ b/.github/workflows/go-logger.lock.yml
@@ -653,7 +653,7 @@ jobs:
           
           bash /opt/gh-aw/actions/start_safe_outputs_server.sh
           
-      - name: Setup Safe Inputs Config
+      - name: Setup MCP Scripts Config
         run: |
           mkdir -p /opt/gh-aw/mcp-scripts/logs
           cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
@@ -718,7 +718,7 @@ jobs:
           GH_AW_MCP_SCRIPTS_SERVER_EOF
           chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
-      - name: Setup Safe Inputs Tool Files
+      - name: Setup MCP Scripts Tool Files
         run: |
           cat > /opt/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_EOF'
           #!/bin/bash
@@ -762,7 +762,7 @@ jobs:
             echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
-          echo "Safe Inputs MCP server will run on port ${PORT}"
+          echo "MCP Scripts server will run on port ${PORT}"
           
       - name: Start MCP Scripts HTTP Server
         id: mcp-scripts-start
@@ -1055,7 +1055,7 @@ jobs:
             setupGlobals(core, github, context, exec, io);
             const { main } = require('/opt/gh-aw/actions/parse_claude_log.cjs');
             await main();
-      - name: Parse Safe Inputs logs for step summary
+      - name: Parse MCP Scripts logs for step summary
         if: always()
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         with:
diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml
index 5e22f8eca7b..1bc90168327 100644
--- a/.github/workflows/smoke-claude.lock.yml
+++ b/.github/workflows/smoke-claude.lock.yml
@@ -1589,7 +1589,7 @@ jobs:
           
           bash /opt/gh-aw/actions/start_safe_outputs_server.sh
           
-      - name: Setup Safe Inputs Config
+      - name: Setup MCP Scripts Config
         run: |
           mkdir -p /opt/gh-aw/mcp-scripts/logs
           cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
@@ -1762,7 +1762,7 @@ jobs:
           GH_AW_MCP_SCRIPTS_SERVER_EOF
           chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
-      - name: Setup Safe Inputs Tool Files
+      - name: Setup MCP Scripts Tool Files
         run: |
           cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
@@ -2124,7 +2124,7 @@ jobs:
             echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
-          echo "Safe Inputs MCP server will run on port ${PORT}"
+          echo "MCP Scripts server will run on port ${PORT}"
           
       - name: Start MCP Scripts HTTP Server
         id: mcp-scripts-start
@@ -2480,7 +2480,7 @@ jobs:
             setupGlobals(core, github, context, exec, io);
             const { main } = require('/opt/gh-aw/actions/parse_claude_log.cjs');
             await main();
-      - name: Parse Safe Inputs logs for step summary
+      - name: Parse MCP Scripts logs for step summary
         if: always()
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         with:
diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml
index 71cafbf3243..221dc0ead6b 100644
--- a/.github/workflows/smoke-codex.lock.yml
+++ b/.github/workflows/smoke-codex.lock.yml
@@ -979,7 +979,7 @@ jobs:
           
           bash /opt/gh-aw/actions/start_safe_outputs_server.sh
           
-      - name: Setup Safe Inputs Config
+      - name: Setup MCP Scripts Config
         run: |
           mkdir -p /opt/gh-aw/mcp-scripts/logs
           cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
@@ -1030,7 +1030,7 @@ jobs:
           GH_AW_MCP_SCRIPTS_SERVER_EOF
           chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
-      - name: Setup Safe Inputs Tool Files
+      - name: Setup MCP Scripts Tool Files
         run: |
           cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
@@ -1062,7 +1062,7 @@ jobs:
             echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
-          echo "Safe Inputs MCP server will run on port ${PORT}"
+          echo "MCP Scripts server will run on port ${PORT}"
           
       - name: Start MCP Scripts HTTP Server
         id: mcp-scripts-start
@@ -1365,7 +1365,7 @@ jobs:
             setupGlobals(core, github, context, exec, io);
             const { main } = require('/opt/gh-aw/actions/parse_codex_log.cjs');
             await main();
-      - name: Parse Safe Inputs logs for step summary
+      - name: Parse MCP Scripts logs for step summary
         if: always()
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         with:
diff --git a/.github/workflows/smoke-copilot-arm.lock.yml b/.github/workflows/smoke-copilot-arm.lock.yml
index 3afa5043025..b1f53afeb82 100644
--- a/.github/workflows/smoke-copilot-arm.lock.yml
+++ b/.github/workflows/smoke-copilot-arm.lock.yml
@@ -1148,7 +1148,7 @@ jobs:
           
           bash /opt/gh-aw/actions/start_safe_outputs_server.sh
           
-      - name: Setup Safe Inputs Config
+      - name: Setup MCP Scripts Config
         run: |
           mkdir -p /opt/gh-aw/mcp-scripts/logs
           cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
@@ -1285,7 +1285,7 @@ jobs:
           GH_AW_MCP_SCRIPTS_SERVER_EOF
           chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
-      - name: Setup Safe Inputs Tool Files
+      - name: Setup MCP Scripts Tool Files
         run: |
           cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
@@ -1622,7 +1622,7 @@ jobs:
             echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
-          echo "Safe Inputs MCP server will run on port ${PORT}"
+          echo "MCP Scripts server will run on port ${PORT}"
           
       - name: Start MCP Scripts HTTP Server
         id: mcp-scripts-start
@@ -1886,7 +1886,7 @@ jobs:
             setupGlobals(core, github, context, exec, io);
             const { main } = require('/opt/gh-aw/actions/parse_copilot_log.cjs');
             await main();
-      - name: Parse Safe Inputs logs for step summary
+      - name: Parse MCP Scripts logs for step summary
         if: always()
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         with:
diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml
index d54937748cb..8f9117f3a08 100644
--- a/.github/workflows/smoke-copilot.lock.yml
+++ b/.github/workflows/smoke-copilot.lock.yml
@@ -1201,7 +1201,7 @@ jobs:
           
           bash /opt/gh-aw/actions/start_safe_outputs_server.sh
           
-      - name: Setup Safe Inputs Config
+      - name: Setup MCP Scripts Config
         run: |
           mkdir -p /opt/gh-aw/mcp-scripts/logs
           cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
@@ -1338,7 +1338,7 @@ jobs:
           GH_AW_MCP_SCRIPTS_SERVER_EOF
           chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
-      - name: Setup Safe Inputs Tool Files
+      - name: Setup MCP Scripts Tool Files
         run: |
           cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
@@ -1675,7 +1675,7 @@ jobs:
             echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
-          echo "Safe Inputs MCP server will run on port ${PORT}"
+          echo "MCP Scripts server will run on port ${PORT}"
           
       - name: Start MCP Scripts HTTP Server
         id: mcp-scripts-start
@@ -1939,7 +1939,7 @@ jobs:
             setupGlobals(core, github, context, exec, io);
             const { main } = require('/opt/gh-aw/actions/parse_copilot_log.cjs');
             await main();
-      - name: Parse Safe Inputs logs for step summary
+      - name: Parse MCP Scripts logs for step summary
         if: always()
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         with:
diff --git a/.github/workflows/smoke-gemini.lock.yml b/.github/workflows/smoke-gemini.lock.yml
index f095409fb87..95876d757af 100644
--- a/.github/workflows/smoke-gemini.lock.yml
+++ b/.github/workflows/smoke-gemini.lock.yml
@@ -791,7 +791,7 @@ jobs:
           
           bash /opt/gh-aw/actions/start_safe_outputs_server.sh
           
-      - name: Setup Safe Inputs Config
+      - name: Setup MCP Scripts Config
         run: |
           mkdir -p /opt/gh-aw/mcp-scripts/logs
           cat > /opt/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_EOF'
@@ -842,7 +842,7 @@ jobs:
           GH_AW_MCP_SCRIPTS_SERVER_EOF
           chmod +x /opt/gh-aw/mcp-scripts/mcp-server.cjs
           
-      - name: Setup Safe Inputs Tool Files
+      - name: Setup MCP Scripts Tool Files
         run: |
           cat > /opt/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_EOF'
           #!/bin/bash
@@ -874,7 +874,7 @@ jobs:
             echo "mcp_scripts_port=${PORT}"
           } >> "$GITHUB_OUTPUT"
           
-          echo "Safe Inputs MCP server will run on port ${PORT}"
+          echo "MCP Scripts server will run on port ${PORT}"
           
       - name: Start MCP Scripts HTTP Server
         id: mcp-scripts-start
@@ -1089,7 +1089,7 @@ jobs:
             setupGlobals(core, github, context, exec, io);
             const { main } = require('/opt/gh-aw/actions/parse_gemini_log.cjs');
             await main();
-      - name: Parse Safe Inputs logs for step summary
+      - name: Parse MCP Scripts logs for step summary
         if: always()
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         with:
diff --git a/actions/setup/README.md b/actions/setup/README.md
index 7adac3541e4..26c5a94787e 100644
--- a/actions/setup/README.md
+++ b/actions/setup/README.md
@@ -64,7 +64,7 @@ This action copies files from `actions/setup/`, including:
 
 ### Shell Scripts (7 files from `sh/`)
 - `create_gh_aw_tmp_dir.sh` - Creates temporary directory structure
-- `start_safe_inputs_server.sh` - Starts safe-inputs HTTP server
+- `start_mcp_scripts_server.sh` - Starts MCP Scripts HTTP server
 - `print_prompt_summary.sh` - Prints prompt summary to logs
 - `generate_git_patch.sh` - Generates git patches
 - `create_cache_memory_dir.sh` - Creates cache-memory directory
diff --git a/actions/setup/js/generate_mcp_scripts_config.cjs b/actions/setup/js/generate_mcp_scripts_config.cjs
index d8041b2b95a..29869f58223 100644
--- a/actions/setup/js/generate_mcp_scripts_config.cjs
+++ b/actions/setup/js/generate_mcp_scripts_config.cjs
@@ -2,7 +2,7 @@
 /// <reference types="@actions/github-script" />
 
 /**
- * Generates configuration for the Safe Inputs MCP HTTP server
+ * Generates configuration for the MCP Scripts HTTP server
  * @param {object} params - Parameters for config generation
  * @param {typeof import("@actions/core")} params.core - GitHub Actions core library
  * @param {typeof import("crypto")} params.crypto - Node.js crypto library
@@ -22,7 +22,7 @@ function generateMCPScriptsConfig({ core, crypto }) {
   core.setOutput("mcp_scripts_api_key", apiKey);
   core.setOutput("mcp_scripts_port", port.toString());
 
-  core.info(`Safe Inputs MCP server will run on port ${port}`);
+  core.info(`MCP Scripts server will run on port ${port}`);
 
   return { apiKey, port };
 }
diff --git a/actions/setup/js/generate_mcp_scripts_config.test.cjs b/actions/setup/js/generate_mcp_scripts_config.test.cjs
index b9f4a1a3783..4b9b40b5a4f 100644
--- a/actions/setup/js/generate_mcp_scripts_config.test.cjs
+++ b/actions/setup/js/generate_mcp_scripts_config.test.cjs
@@ -39,7 +39,7 @@ describe("generateMCPScriptsConfig", () => {
     expect(mockCore.setOutput).toHaveBeenCalledWith("mcp_scripts_port", "3000");
 
     // Verify info message was logged
-    expect(mockCore.info).toHaveBeenCalledWith("Safe Inputs MCP server will run on port 3000");
+    expect(mockCore.info).toHaveBeenCalledWith("MCP Scripts server will run on port 3000");
   });
 
   it("should generate different API keys on each call", () => {
diff --git a/actions/setup/js/log_parser_shared.cjs b/actions/setup/js/log_parser_shared.cjs
index 56c6b5e1100..f966a4dc971 100644
--- a/actions/setup/js/log_parser_shared.cjs
+++ b/actions/setup/js/log_parser_shared.cjs
@@ -597,7 +597,7 @@ function formatInitializationSummary(initEntry, options = {}) {
       "File Operations": [],
       Builtin: [],
       "Safe Outputs": [],
-      "Safe Inputs": [],
+      "MCP Scripts": [],
       "Git/GitHub": [],
       Playwright: [],
       Serena: [],
@@ -628,7 +628,7 @@ function formatInitializationSummary(initEntry, options = {}) {
       } else if (tool.startsWith("safeinputs-") || tool.startsWith("mcp_scripts-")) {
         // Extract the tool name without the prefix for cleaner display
         const toolName = tool.replace(/^safeinputs-|^mcp_scripts-/, "");
-        categories["Safe Inputs"].push(toolName);
+        categories["MCP Scripts"].push(toolName);
       } else if (tool.startsWith("mcp__github__")) {
         categories["Git/GitHub"].push(formatMcpName(tool));
       } else if (tool.startsWith("mcp__playwright__")) {
diff --git a/actions/setup/js/log_parser_shared.test.cjs b/actions/setup/js/log_parser_shared.test.cjs
index eabaa5739d8..b86cdade5b6 100644
--- a/actions/setup/js/log_parser_shared.test.cjs
+++ b/actions/setup/js/log_parser_shared.test.cjs
@@ -789,7 +789,7 @@ describe("log_parser_shared.cjs", () => {
       expect(result.markdown).toContain("**File Operations:**");
       expect(result.markdown).toContain("**Builtin:**");
       expect(result.markdown).toContain("**Safe Outputs:**");
-      expect(result.markdown).toContain("**Safe Inputs:**");
+      expect(result.markdown).toContain("**MCP Scripts:**");
       expect(result.markdown).toContain("**Git/GitHub:**");
       expect(result.markdown).toContain("**Playwright:**");
       expect(result.markdown).toContain("**Serena:**");
@@ -943,7 +943,7 @@ describe("log_parser_shared.cjs", () => {
 
       const result = formatInitializationSummary(initEntry);
 
-      expect(result.markdown).toContain("**Safe Inputs:**");
+      expect(result.markdown).toContain("**MCP Scripts:**");
       expect(result.markdown).toContain("get_data");
       expect(result.markdown).toContain("query_database");
       expect(result.markdown).toContain("fetch_config");
diff --git a/actions/setup/js/mcp-scripts-runner.cjs b/actions/setup/js/mcp-scripts-runner.cjs
index c044b7a4ead..b36b71565b6 100644
--- a/actions/setup/js/mcp-scripts-runner.cjs
+++ b/actions/setup/js/mcp-scripts-runner.cjs
@@ -1,7 +1,7 @@
 // @ts-check
 
 /**
- * Safe Inputs Script Runner
+ * MCP Scripts Runner
  *
  * Provides the main execution harness for generated mcp-script JavaScript tools.
  * Generated .cjs files export an `execute(inputs)` function and delegate to this
diff --git a/actions/setup/js/mcp_handler_go.cjs b/actions/setup/js/mcp_handler_go.cjs
index a6952e53c9c..630d94bc7d7 100644
--- a/actions/setup/js/mcp_handler_go.cjs
+++ b/actions/setup/js/mcp_handler_go.cjs
@@ -1,7 +1,7 @@
 // @ts-check
 
 /**
- * Go Script Handler for Safe-Inputs
+ * Go Script Handler for MCP Scripts
  *
  * This module provides a handler for executing Go scripts in mcp-scripts tools.
  * It uses `go run` to execute Go source files with inputs via JSON on stdin.
diff --git a/actions/setup/js/mcp_handler_javascript.cjs b/actions/setup/js/mcp_handler_javascript.cjs
index 6b9939055f3..37a8fee6606 100644
--- a/actions/setup/js/mcp_handler_javascript.cjs
+++ b/actions/setup/js/mcp_handler_javascript.cjs
@@ -1,7 +1,7 @@
 // @ts-check
 
 /**
- * JavaScript Handler for Safe-Inputs
+ * JavaScript Handler for MCP Scripts
  *
  * This module provides a handler for executing JavaScript (.cjs) files in mcp-scripts tools.
  * It executes JavaScript handlers in a separate Node.js process for isolation.
diff --git a/actions/setup/js/mcp_handler_python.cjs b/actions/setup/js/mcp_handler_python.cjs
index 788a0dd436f..ce5dc96cdf1 100644
--- a/actions/setup/js/mcp_handler_python.cjs
+++ b/actions/setup/js/mcp_handler_python.cjs
@@ -1,7 +1,7 @@
 // @ts-check
 
 /**
- * Python Script Handler for Safe-Inputs
+ * Python Script Handler for MCP Scripts
  *
  * This module provides a handler for executing Python scripts in mcp-scripts tools.
  * It uses a Pythonic approach for passing inputs via JSON on stdin.
diff --git a/actions/setup/js/mcp_handler_shell.cjs b/actions/setup/js/mcp_handler_shell.cjs
index 26b45ad6668..e1dd547c9f9 100644
--- a/actions/setup/js/mcp_handler_shell.cjs
+++ b/actions/setup/js/mcp_handler_shell.cjs
@@ -1,7 +1,7 @@
 // @ts-check
 
 /**
- * Shell Script Handler for Safe-Inputs
+ * Shell Script Handler for MCP Scripts
  *
  * This module provides a handler for executing shell scripts in mcp-scripts tools.
  * It follows GitHub Actions conventions for passing inputs and reading outputs.
diff --git a/actions/setup/js/mcp_scripts_bootstrap.cjs b/actions/setup/js/mcp_scripts_bootstrap.cjs
index ae4f3428a1d..df541f385eb 100644
--- a/actions/setup/js/mcp_scripts_bootstrap.cjs
+++ b/actions/setup/js/mcp_scripts_bootstrap.cjs
@@ -1,7 +1,7 @@
 // @ts-check
 
 /**
- * Safe Inputs Bootstrap Module
+ * MCP Scripts Bootstrap Module
  *
  * This module provides shared bootstrap logic for mcp-scripts MCP servers.
  * It handles configuration loading, tool handler loading, and cleanup that is
diff --git a/actions/setup/js/mcp_scripts_config_loader.cjs b/actions/setup/js/mcp_scripts_config_loader.cjs
index 2938a7ff89b..9b5a28c9e20 100644
--- a/actions/setup/js/mcp_scripts_config_loader.cjs
+++ b/actions/setup/js/mcp_scripts_config_loader.cjs
@@ -1,7 +1,7 @@
 // @ts-check
 
 /**
- * Safe Inputs Configuration Loader
+ * MCP Scripts Configuration Loader
  *
  * This module provides utilities for loading and validating mcp-scripts
  * configuration from JSON files.
diff --git a/actions/setup/js/mcp_scripts_mcp_server.cjs b/actions/setup/js/mcp_scripts_mcp_server.cjs
index f40716d2d6d..b6ce0403d3e 100644
--- a/actions/setup/js/mcp_scripts_mcp_server.cjs
+++ b/actions/setup/js/mcp_scripts_mcp_server.cjs
@@ -2,7 +2,7 @@
 /// <reference types="@actions/github-script" />
 
 /**
- * Safe Inputs MCP Server Module
+ * MCP Scripts Server Module
  *
  * This module provides a reusable MCP server for mcp-scripts configuration.
  * It uses the mcp_server_core module for JSON-RPC handling and tool registration.
diff --git a/actions/setup/js/mcp_scripts_mcp_server_http.cjs b/actions/setup/js/mcp_scripts_mcp_server_http.cjs
index 1389dccbb7d..7e31062b38c 100644
--- a/actions/setup/js/mcp_scripts_mcp_server_http.cjs
+++ b/actions/setup/js/mcp_scripts_mcp_server_http.cjs
@@ -2,7 +2,7 @@
 /// <reference types="@actions/github-script" />
 
 /**
- * Safe Inputs MCP Server with HTTP Transport
+ * MCP Scripts Server with HTTP Transport
  *
  * This module extends the mcp-scripts MCP server to support HTTP transport
  * using the StreamableHTTPServerTransport from the MCP SDK.
@@ -129,7 +129,7 @@ async function startHttpServer(configPath, options = {}) {
 
   const logger = createLogger("mcp-scripts-startup");
 
-  logger.debug(`=== Starting Safe Inputs MCP HTTP Server ===`);
+  logger.debug(`=== Starting MCP Scripts HTTP Server ===`);
   logger.debug(`Configuration file: ${configPath}`);
   logger.debug(`Port: ${port}`);
   logger.debug(`Mode: ${stateless ? "stateless" : "stateful"}`);
@@ -249,7 +249,7 @@ async function startHttpServer(configPath, options = {}) {
     // Start listening
     logger.debug(`Attempting to bind to port ${port}...`);
     httpServer.listen(port, () => {
-      logger.debug(`=== Safe Inputs MCP HTTP Server Started Successfully ===`);
+      logger.debug(`=== MCP Scripts HTTP Server Started Successfully ===`);
       logger.debug(`HTTP server listening on http://localhost:${port}`);
       logger.debug(`MCP endpoint: POST http://localhost:${port}/`);
       logger.debug(`Server name: ${config.serverName || "mcpscripts"}`);
@@ -293,7 +293,7 @@ async function startHttpServer(configPath, options = {}) {
   } catch (error) {
     // Log detailed error information for startup failures
     const errorLogger = createLogger("mcp-scripts-startup-error");
-    errorLogger.debug(`=== FATAL ERROR: Failed to start Safe Inputs MCP HTTP Server ===`);
+    errorLogger.debug(`=== FATAL ERROR: Failed to start MCP Scripts HTTP Server ===`);
     if (error && typeof error === "object") {
       if ("constructor" in error && error.constructor) {
         errorLogger.debug(`Error type: ${error.constructor.name}`);
diff --git a/actions/setup/js/mcp_scripts_tool_factory.cjs b/actions/setup/js/mcp_scripts_tool_factory.cjs
index 28a0ce89c4b..ed6fce9a440 100644
--- a/actions/setup/js/mcp_scripts_tool_factory.cjs
+++ b/actions/setup/js/mcp_scripts_tool_factory.cjs
@@ -1,7 +1,7 @@
 // @ts-check
 
 /**
- * Safe Inputs Tool Factory
+ * MCP Scripts Tool Factory
  *
  * This module provides a factory function for creating tool configuration objects
  * for different handler types (JavaScript, Shell, Python).
diff --git a/actions/setup/js/mcp_scripts_validation.cjs b/actions/setup/js/mcp_scripts_validation.cjs
index 724c727ecee..7acbe2778d7 100644
--- a/actions/setup/js/mcp_scripts_validation.cjs
+++ b/actions/setup/js/mcp_scripts_validation.cjs
@@ -1,7 +1,7 @@
 // @ts-check
 
 /**
- * Safe Inputs Validation Helpers
+ * MCP Scripts Validation Helpers
  *
  * This module provides validation utilities for mcp-scripts MCP server.
  */
diff --git a/actions/setup/js/parse_mcp_scripts_logs.cjs b/actions/setup/js/parse_mcp_scripts_logs.cjs
index e5b6929c3d5..cffee71c9f6 100644
--- a/actions/setup/js/parse_mcp_scripts_logs.cjs
+++ b/actions/setup/js/parse_mcp_scripts_logs.cjs
@@ -110,7 +110,7 @@ function generatePlainTextSummary(logEntries) {
   const lines = [];
 
   // Header
-  lines.push("=== Safe Inputs MCP Server Logs ===");
+  lines.push("=== MCP Scripts Server Logs ===");
   lines.push("");
 
   // Count events by type
@@ -259,7 +259,7 @@ function generateMCPScriptsSummary(logEntries) {
 
   // Wrap entire section in a details tag
   summary.push("<details>");
-  summary.push("<summary>Safe Inputs MCP Server Logs</summary>\n");
+  summary.push("<summary>MCP Scripts Server Logs</summary>\n");
 
   // Statistics
   summary.push("**Statistics**\n");
diff --git a/actions/setup/js/parse_mcp_scripts_logs.test.cjs b/actions/setup/js/parse_mcp_scripts_logs.test.cjs
index e3721706cca..2062853db7f 100644
--- a/actions/setup/js/parse_mcp_scripts_logs.test.cjs
+++ b/actions/setup/js/parse_mcp_scripts_logs.test.cjs
@@ -153,7 +153,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
 
       const summary = generatePlainTextSummary(logEntries);
 
-      expect(summary).toContain("=== Safe Inputs MCP Server Logs ===");
+      expect(summary).toContain("=== MCP Scripts Server Logs ===");
       expect(summary).toContain("Total entries: 2");
       expect(summary).toContain("Startup events: 2");
     });
@@ -222,7 +222,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
       const logEntries = [];
       const summary = generatePlainTextSummary(logEntries);
 
-      expect(summary).toContain("=== Safe Inputs MCP Server Logs ===");
+      expect(summary).toContain("=== MCP Scripts Server Logs ===");
       expect(summary).toContain("Total entries: 0");
     });
 
@@ -276,7 +276,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
 
       expect(summary).toContain("<details>");
       expect(summary).toContain("</details>");
-      expect(summary).toContain("<summary>Safe Inputs MCP Server Logs</summary>");
+      expect(summary).toContain("<summary>MCP Scripts Server Logs</summary>");
       expect(summary).toContain("**Statistics**");
       expect(summary).toContain("| Metric | Count |");
       expect(summary).toContain("| Total Log Entries | 3 |");
@@ -400,7 +400,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
 
       expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Found 1 mcp-scripts log file"));
       expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("Parsing mcp-scripts log: server.log"));
-      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("=== Safe Inputs MCP Server Logs ==="));
+      expect(mockCore.info).toHaveBeenCalledWith(expect.stringContaining("=== MCP Scripts Server Logs ==="));
       expect(mockCore.summary.addRaw).toHaveBeenCalled();
       expect(mockCore.summary.write).toHaveBeenCalled();
       expect(mockCore.setFailed).not.toHaveBeenCalled();
diff --git a/actions/setup/sh/start_mcp_scripts_server.sh b/actions/setup/sh/start_mcp_scripts_server.sh
index 2d7874b52f3..e1899ab3b26 100755
--- a/actions/setup/sh/start_mcp_scripts_server.sh
+++ b/actions/setup/sh/start_mcp_scripts_server.sh
@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-# Start Safe Inputs MCP HTTP Server
+# Start MCP Scripts HTTP Server
 # This script starts the mcp-scripts MCP server and waits for it to become ready
 
 set -e
@@ -75,7 +75,7 @@ mkdir -p /tmp/gh-aw/mcp-scripts/logs
 
 # Create initial server.log file for artifact upload
 {
-  echo "Safe Inputs MCP Server Log"
+  echo "MCP Scripts Server Log"
   echo "Start time: $(date)"
   echo "==========================================="
   echo ""
@@ -100,10 +100,10 @@ for i in {1..10}; do
   
   # Check if server is responding
   if curl -s -f "http://localhost:$GH_AW_MCP_SCRIPTS_PORT/health" > /dev/null 2>&1; then
-    echo "Safe Inputs MCP server is ready (attempt $i/10)"
+    echo "MCP Scripts server is ready (attempt $i/10)"
     
     # Print the startup log for debugging
-    echo "::notice::Safe Inputs MCP Server Startup Log"
+    echo "::notice::MCP Scripts Server Startup Log"
     echo "::group::Server Log Contents"
     cat /tmp/gh-aw/mcp-scripts/logs/server.log
     echo "::endgroup::"
@@ -112,7 +112,7 @@ for i in {1..10}; do
   fi
   
   if [ "$i" -eq 10 ]; then
-    echo "ERROR: Safe Inputs MCP server failed to start after 10 seconds"
+    echo "ERROR: MCP Scripts server failed to start after 10 seconds"
     echo "Process status: $(pgrep -f 'mcp-server.cjs' || echo 'not running')"
     echo "Server log contents:"
     cat /tmp/gh-aw/mcp-scripts/logs/server.log
diff --git a/docs/public/editor/autocomplete-data.json b/docs/public/editor/autocomplete-data.json
index c8db93f3dbf..27604801bf3 100644
--- a/docs/public/editor/autocomplete-data.json
+++ b/docs/public/editor/autocomplete-data.json
@@ -1498,7 +1498,7 @@
     },
     "mcp-scripts": {
       "type": "object",
-      "desc": "Safe inputs configuration for defining custom lightweight MCP tools as JavaScript, shell scripts, or Python scripts."
+      "desc": "MCP Scripts configuration for defining custom lightweight MCP tools as JavaScript, shell scripts, or Python scripts."
     },
     "runtimes": {
       "type": "object",
diff --git a/docs/src/content/docs/guides/editing-workflows.md b/docs/src/content/docs/guides/editing-workflows.md
index e62d9459e55..710c92e3eb8 100644
--- a/docs/src/content/docs/guides/editing-workflows.md
+++ b/docs/src/content/docs/guides/editing-workflows.md
@@ -103,7 +103,7 @@ Any changes to the frontmatter configuration between `---` markers:
 - **Tools** (`tools:`): Tool configurations, MCP servers, allowed tools
 - **Network** (`network:`): Allowed domains, firewall rules
 - **Safe outputs** (`safe-outputs:`): Output types, threat detection
-- **Safe inputs** (`mcp-scripts:`): Input validation rules
+- **MCP Scripts** (`mcp-scripts:`): Custom MCP tools defined inline
 - **Runtimes** (`runtimes:`): Node, Python, Go version overrides
 - **Imports** (`imports:`): Shared configuration files
 - **Custom jobs** (`jobs:`): Additional workflow jobs
diff --git a/docs/src/content/docs/reference/frontmatter-full.md b/docs/src/content/docs/reference/frontmatter-full.md
index 42e22dffcda..3cccba1d060 100644
--- a/docs/src/content/docs/reference/frontmatter-full.md
+++ b/docs/src/content/docs/reference/frontmatter-full.md
@@ -4554,7 +4554,7 @@ strict: true
 # (optional)
 private: true
 
-# Safe inputs configuration for defining custom lightweight MCP tools as
+# MCP Scripts configuration for defining custom lightweight MCP tools as
 # JavaScript, shell scripts, or Python scripts. Tools are mounted in an MCP server
 # and have access to secrets specified by the user. Only one of 'script'
 # (JavaScript), 'run' (shell), or 'py' (Python) must be specified per tool.
diff --git a/pkg/cli/mcp_inspect.go b/pkg/cli/mcp_inspect.go
index 86af41f246b..0924aaa390e 100644
--- a/pkg/cli/mcp_inspect.go
+++ b/pkg/cli/mcp_inspect.go
@@ -173,7 +173,7 @@ func NewMCPInspectSubcommand() *cobra.Command {
 This command starts each MCP server configured in the workflow, queries its capabilities,
 and displays the results in a formatted table. It supports stdio, Docker, and HTTP MCP servers.
 
-Safe-inputs servers are automatically detected and inspected when present in the workflow.
+MCP Scripts servers are automatically detected and inspected when present in the workflow.
 
 The workflow-id-or-file can be:
 - A workflow ID (basename without .md extension, e.g., "weekly-research")
diff --git a/pkg/parser/schemas/main_workflow_schema.json b/pkg/parser/schemas/main_workflow_schema.json
index d5f44604e15..15eff888a50 100644
--- a/pkg/parser/schemas/main_workflow_schema.json
+++ b/pkg/parser/schemas/main_workflow_schema.json
@@ -7307,7 +7307,7 @@
     },
     "mcp-scripts": {
       "type": "object",
-      "description": "Safe inputs configuration for defining custom lightweight MCP tools as JavaScript, shell scripts, or Python scripts. Tools are mounted in an MCP server and have access to secrets specified by the user. Only one of 'script' (JavaScript), 'run' (shell), or 'py' (Python) must be specified per tool.",
+      "description": "MCP Scripts configuration for defining custom lightweight MCP tools as JavaScript, shell scripts, or Python scripts. Tools are mounted in an MCP server and have access to secrets specified by the user. Only one of 'script' (JavaScript), 'run' (shell), or 'py' (Python) must be specified per tool.",
       "patternProperties": {
         "^([a-ln-z][a-z0-9_-]*|m[a-np-z][a-z0-9_-]*|mo[a-ce-z][a-z0-9_-]*|mod[a-df-z][a-z0-9_-]*|mode[a-z0-9_-]+)$": {
           "type": "object",
diff --git a/pkg/workflow/compiler_yaml_ai_execution.go b/pkg/workflow/compiler_yaml_ai_execution.go
index 5c7806f2782..c0ac972ff18 100644
--- a/pkg/workflow/compiler_yaml_ai_execution.go
+++ b/pkg/workflow/compiler_yaml_ai_execution.go
@@ -58,7 +58,7 @@ func (c *Compiler) generateLogParsing(yaml *strings.Builder, engine CodingAgentE
 func (c *Compiler) generateMCPScriptsLogParsing(yaml *strings.Builder) {
 	compilerYamlLog.Print("Generating mcp-scripts log parsing step")
 
-	yaml.WriteString("      - name: Parse Safe Inputs logs for step summary\n")
+	yaml.WriteString("      - name: Parse MCP Scripts logs for step summary\n")
 	yaml.WriteString("        if: always()\n")
 	fmt.Fprintf(yaml, "        uses: %s\n", GetActionPin("actions/github-script"))
 	yaml.WriteString("        with:\n")
diff --git a/pkg/workflow/features_import_test.go b/pkg/workflow/features_import_test.go
index d92922865f6..624f6ed8815 100644
--- a/pkg/workflow/features_import_test.go
+++ b/pkg/workflow/features_import_test.go
@@ -76,7 +76,7 @@ This workflow should have merged features.
 
 	// Verify mcp-scripts feature from import is recognized (comment mentioning mcp-scripts if enabled)
 	if !strings.Contains(workflowData, "mcp-scripts") && !strings.Contains(workflowData, "mcp_scripts") {
-		// Safe-inputs feature may be mentioned in comments or configuration
+		// MCP Scripts feature may be mentioned in comments or configuration
 		t.Logf("Note: mcp-scripts feature may not generate visible output in lock file")
 	}
 
diff --git a/pkg/workflow/mcp_api_key_masking_test.go b/pkg/workflow/mcp_api_key_masking_test.go
index 09c348f3202..86638d16fe7 100644
--- a/pkg/workflow/mcp_api_key_masking_test.go
+++ b/pkg/workflow/mcp_api_key_masking_test.go
@@ -70,7 +70,7 @@ func TestSafeOutputsAPIKeyImmediateMasking(t *testing.T) {
 	}
 }
 
-// TestMCPScriptsAPIKeyImmediateMasking verifies that the Safe Inputs API key
+// TestMCPScriptsAPIKeyImmediateMasking verifies that the MCP Scripts API key
 // is masked immediately after generation, before any other operations.
 func TestMCPScriptsAPIKeyImmediateMasking(t *testing.T) {
 	workflowData := &WorkflowData{
@@ -96,9 +96,9 @@ func TestMCPScriptsAPIKeyImmediateMasking(t *testing.T) {
 	require.NoError(t, compiler.generateMCPSetup(&yaml, workflowData.Tools, mockEngine, workflowData))
 	output := yaml.String()
 
-	// Find the Safe Inputs config generation section
+	// Find the MCP Scripts config generation section
 	configStart := strings.Index(output, "Generate MCP Scripts Server Config")
-	require.Greater(t, configStart, -1, "Should find Safe Inputs config generation step")
+	require.Greater(t, configStart, -1, "Should find MCP Scripts config generation step")
 
 	// Extract just the run script for this step
 	runStart := strings.Index(output[configStart:], "run: |")
diff --git a/pkg/workflow/mcp_config_builtin.go b/pkg/workflow/mcp_config_builtin.go
index 6669893fba9..a1dbf157ee2 100644
--- a/pkg/workflow/mcp_config_builtin.go
+++ b/pkg/workflow/mcp_config_builtin.go
@@ -69,7 +69,7 @@
 //   - mcp_renderer.go: Main renderer that calls these functions
 //   - mcp_setup_generator.go: Generates setup steps for these servers
 //   - safe_outputs.go: Safe-outputs configuration and validation
-//   - mcp_scripts.go: Safe-inputs configuration (similar pattern)
+//   - mcp_scripts.go: MCP Scripts configuration (similar pattern)
 //
 // Example safe-outputs config:
 //
diff --git a/pkg/workflow/mcp_config_utils.go b/pkg/workflow/mcp_config_utils.go
index 76c04d1e1e1..c023e643a7e 100644
--- a/pkg/workflow/mcp_config_utils.go
+++ b/pkg/workflow/mcp_config_utils.go
@@ -27,13 +27,13 @@
 //
 // Use cases:
 //   - Safe-outputs HTTP server accessed from firewall container
-//   - Safe-inputs HTTP server accessed from firewall container
+//   - MCP Scripts HTTP server accessed from firewall container
 //   - Custom HTTP MCP servers on localhost
 //
 // Related files:
 //   - mcp_renderer.go: Uses URL rewriting for HTTP MCP servers
 //   - safe_outputs.go: Safe outputs HTTP server configuration
-//   - mcp_scripts.go: Safe inputs HTTP server configuration
+//   - mcp_scripts.go: MCP Scripts HTTP server configuration
 //
 // Example:
 //
diff --git a/pkg/workflow/mcp_detection_test.go b/pkg/workflow/mcp_detection_test.go
index ec1d5767c96..fa16d0ca8c3 100644
--- a/pkg/workflow/mcp_detection_test.go
+++ b/pkg/workflow/mcp_detection_test.go
@@ -186,7 +186,7 @@ func TestHasMCPServers_EdgeCases(t *testing.T) {
 			Features: map[string]any{},
 		}
 		result := HasMCPServers(workflowData)
-		// Safe-inputs feature flag is optional now, so this should return true
-		assert.True(t, result, "Safe-inputs without feature flag should still return true")
+		// MCP Scripts feature flag is optional now, so this should return true
+		assert.True(t, result, "MCP Scripts without feature flag should still return true")
 	})
 }
diff --git a/pkg/workflow/mcp_environment.go b/pkg/workflow/mcp_environment.go
index cc1487e354d..98539ef1a49 100644
--- a/pkg/workflow/mcp_environment.go
+++ b/pkg/workflow/mcp_environment.go
@@ -18,7 +18,7 @@
 // Environment variable categories:
 //   - GitHub MCP: GITHUB_MCP_SERVER_TOKEN, GITHUB_MCP_LOCKDOWN
 //   - Safe Outputs: GH_AW_SAFE_OUTPUTS_*, GH_AW_ASSETS_*
-//   - Safe Inputs: GH_AW_MCP_SCRIPTS_PORT, GH_AW_MCP_SCRIPTS_API_KEY
+//   - MCP Scripts: GH_AW_MCP_SCRIPTS_PORT, GH_AW_MCP_SCRIPTS_API_KEY
 //   - Serena: GH_AW_SERENA_PORT (local mode only)
 //   - Playwright: Secrets from custom args expressions
 //   - HTTP MCP: Custom secrets from headers and env sections
@@ -37,7 +37,7 @@
 //   - mcp_setup_generator.go: Uses collected env vars in gateway setup
 //   - mcp_github_config.go: GitHub-specific token and configuration
 //   - safe_outputs.go: Safe outputs configuration
-//   - mcp_scripts.go: Safe inputs configuration
+//   - mcp_scripts.go: MCP Scripts configuration
 //
 // Example usage:
 //
diff --git a/pkg/workflow/mcp_renderer.go b/pkg/workflow/mcp_renderer.go
index 255ce4bd5cb..327f305147c 100644
--- a/pkg/workflow/mcp_renderer.go
+++ b/pkg/workflow/mcp_renderer.go
@@ -30,7 +30,7 @@
 //   - GitHub: Local (Docker) or remote (hosted) GitHub API access
 //   - Playwright: Browser automation with domain restrictions
 //   - Safe-outputs: Controlled output storage for AI agents
-//   - Safe-inputs: Custom tool execution with secret passthrough
+//   - MCP Scripts: Custom tool execution with secret passthrough
 //   - Cache-memory: Memory/knowledge base management
 //   - Agentic-workflows: Workflow execution via gh-aw extension
 //   - Serena: Local search functionality
@@ -348,9 +348,9 @@ func (r *MCPConfigRendererUnified) renderSafeOutputsTOML(yaml *strings.Builder,
 	yaml.WriteString("          Authorization = \"$GH_AW_SAFE_OUTPUTS_API_KEY\"\n")
 }
 
-// RenderMCPScriptsMCP generates the Safe Inputs MCP server configuration
+// RenderMCPScriptsMCP generates the MCP Scripts server configuration
 func (r *MCPConfigRendererUnified) RenderMCPScriptsMCP(yaml *strings.Builder, mcpScripts *MCPScriptsConfig, workflowData *WorkflowData) {
-	mcpRendererLog.Printf("Rendering Safe Inputs MCP: format=%s", r.options.Format)
+	mcpRendererLog.Printf("Rendering MCP Scripts: format=%s", r.options.Format)
 
 	if r.options.Format == "toml" {
 		r.renderMCPScriptsTOML(yaml, mcpScripts, workflowData)
@@ -361,7 +361,7 @@ func (r *MCPConfigRendererUnified) RenderMCPScriptsMCP(yaml *strings.Builder, mc
 	renderMCPScriptsMCPConfigWithOptions(yaml, mcpScripts, r.options.IsLast, r.options.IncludeCopilotFields, workflowData)
 }
 
-// renderMCPScriptsTOML generates Safe Inputs MCP configuration in TOML format
+// renderMCPScriptsTOML generates MCP Scripts configuration in TOML format
 // Uses HTTP transport exclusively
 func (r *MCPConfigRendererUnified) renderMCPScriptsTOML(yaml *strings.Builder, mcpScripts *MCPScriptsConfig, workflowData *WorkflowData) {
 	yaml.WriteString("          \n")
diff --git a/pkg/workflow/mcp_scripts_conditional_test.go b/pkg/workflow/mcp_scripts_conditional_test.go
index e13b70ab91f..d52632b1018 100644
--- a/pkg/workflow/mcp_scripts_conditional_test.go
+++ b/pkg/workflow/mcp_scripts_conditional_test.go
@@ -11,8 +11,8 @@ import (
 	"github.com/github/gh-aw/pkg/stringutil"
 )
 
-// TestMCPGatewayMCPScriptsEnvVarsConditional tests that Safe Inputs environment variables
-// are only included in the MCP gateway step when Safe Inputs is actually configured
+// TestMCPGatewayMCPScriptsEnvVarsConditional tests that MCP Scripts environment variables
+// are only included in the MCP gateway step when MCP Scripts is actually configured
 func TestMCPGatewayMCPScriptsEnvVarsConditional(t *testing.T) {
 	tests := []struct {
 		name                    string
@@ -21,7 +21,7 @@ func TestMCPGatewayMCPScriptsEnvVarsConditional(t *testing.T) {
 		description             string
 	}{
 		{
-			name: "No Safe Inputs - Should Not Include Env Vars",
+			name: "No MCP Scripts - Should Not Include Env Vars",
 			workflowContent: `---
 on: workflow_dispatch
 engine: copilot
@@ -33,10 +33,10 @@ tools:
 Test workflow without mcp-scripts
 `,
 			expectMCPScriptsEnvVars: false,
-			description:             "When mcp-scripts is not configured, the MCP gateway should not reference Safe Inputs env vars",
+			description:             "When mcp-scripts is not configured, the MCP gateway should not reference MCP Scripts env vars",
 		},
 		{
-			name: "With Safe Inputs - Should Include Env Vars",
+			name: "With MCP Scripts - Should Include Env Vars",
 			workflowContent: `---
 on: workflow_dispatch
 engine: copilot
@@ -53,10 +53,10 @@ mcp-scripts:
 Test workflow with mcp-scripts
 `,
 			expectMCPScriptsEnvVars: true,
-			description:             "When mcp-scripts is configured, the MCP gateway should reference Safe Inputs env vars",
+			description:             "When mcp-scripts is configured, the MCP gateway should reference MCP Scripts env vars",
 		},
 		{
-			name: "Claude Engine Without Safe Inputs",
+			name: "Claude Engine Without MCP Scripts",
 			workflowContent: `---
 on: workflow_dispatch
 engine: claude
@@ -68,10 +68,10 @@ tools:
 Test Claude workflow without mcp-scripts
 `,
 			expectMCPScriptsEnvVars: false,
-			description:             "Claude engine without mcp-scripts should not include Safe Inputs env vars",
+			description:             "Claude engine without mcp-scripts should not include MCP Scripts env vars",
 		},
 		{
-			name: "Codex Engine With Safe Inputs",
+			name: "Codex Engine With MCP Scripts",
 			workflowContent: `---
 on: workflow_dispatch
 engine: codex
@@ -85,7 +85,7 @@ mcp-scripts:
 Test Codex workflow with mcp-scripts
 `,
 			expectMCPScriptsEnvVars: true,
-			description:             "Codex engine with mcp-scripts should include Safe Inputs env vars",
+			description:             "Codex engine with mcp-scripts should include MCP Scripts env vars",
 		},
 	}
 
@@ -133,11 +133,11 @@ Test Codex workflow with mcp-scripts
 				mcpGatewaySection = yamlStr[startIdx:]
 			}
 
-			// Check for Safe Inputs env vars in the env section
+			// Check for MCP Scripts env vars in the env section
 			hasEnvVarsInEnvSection := strings.Contains(mcpGatewaySection, "GH_AW_MCP_SCRIPTS_PORT:") &&
 				strings.Contains(mcpGatewaySection, "GH_AW_MCP_SCRIPTS_API_KEY:")
 
-			// Check for Safe Inputs env vars in the Docker command
+			// Check for MCP Scripts env vars in the Docker command
 			hasEnvVarsInDockerCmd := strings.Contains(mcpGatewaySection, "-e GH_AW_MCP_SCRIPTS_PORT") &&
 				strings.Contains(mcpGatewaySection, "-e GH_AW_MCP_SCRIPTS_API_KEY")
 
@@ -161,9 +161,9 @@ Test Codex workflow with mcp-scripts
 }
 
 // TestMCPGatewayMCPScriptsValidation tests that the workflow fails validation
-// if Safe Inputs env vars are referenced but the mcp-scripts-start step doesn't exist
+// if MCP Scripts env vars are referenced but the mcp-scripts-start step doesn't exist
 func TestMCPGatewayMCPScriptsValidation(t *testing.T) {
 	t.Skip("This test is for future validation logic - not implemented yet")
-	// This would test that if someone manually adds Safe Inputs to MCP tools list
+	// This would test that if someone manually adds MCP Scripts to MCP tools list
 	// without actually configuring mcp-scripts, validation catches the error
 }
diff --git a/pkg/workflow/mcp_scripts_http_codex_test.go b/pkg/workflow/mcp_scripts_http_codex_test.go
index 75f30993715..b4ec8731e93 100644
--- a/pkg/workflow/mcp_scripts_http_codex_test.go
+++ b/pkg/workflow/mcp_scripts_http_codex_test.go
@@ -67,7 +67,7 @@ Test mcp-scripts HTTP transport for Codex
 
 	// Verify HTTP transport in TOML config (not stdio)
 	if !strings.Contains(yamlStr, "[mcp_servers.mcpscripts]") {
-		t.Error("Safe-inputs MCP server config section not found")
+		t.Error("MCP Scripts server config section not found")
 	}
 
 	// Should have explicit type field
diff --git a/pkg/workflow/mcp_scripts_mode_test.go b/pkg/workflow/mcp_scripts_mode_test.go
index 49254ce6b39..832550141c8 100644
--- a/pkg/workflow/mcp_scripts_mode_test.go
+++ b/pkg/workflow/mcp_scripts_mode_test.go
@@ -82,7 +82,7 @@ Test mcp-scripts HTTP mode
 
 			// Verify HTTP configuration in MCP setup
 			if !strings.Contains(yamlStr, `"mcpscripts"`) {
-				t.Error("Safe-inputs MCP server config not found")
+				t.Error("MCP Scripts server config not found")
 			}
 
 			// Should use HTTP transport
diff --git a/pkg/workflow/mcp_scripts_parser.go b/pkg/workflow/mcp_scripts_parser.go
index 2e0edaa4175..cfdf94b49ec 100644
--- a/pkg/workflow/mcp_scripts_parser.go
+++ b/pkg/workflow/mcp_scripts_parser.go
@@ -60,7 +60,7 @@ func HasMCPScripts(mcpScripts *MCPScriptsConfig) bool {
 }
 
 // IsMCPScriptsEnabled checks if mcp-scripts are configured.
-// Safe-inputs are enabled by default when configured in the workflow.
+// MCP Scripts are enabled by default when configured in the workflow.
 // The workflowData parameter is kept for backward compatibility but is not used.
 func IsMCPScriptsEnabled(mcpScripts *MCPScriptsConfig, workflowData *WorkflowData) bool {
 	return HasMCPScripts(mcpScripts)
diff --git a/pkg/workflow/mcp_scripts_parser_test.go b/pkg/workflow/mcp_scripts_parser_test.go
index 5d83f660dba..a47727d0500 100644
--- a/pkg/workflow/mcp_scripts_parser_test.go
+++ b/pkg/workflow/mcp_scripts_parser_test.go
@@ -119,7 +119,7 @@ func TestIsMCPScriptsEnabledWithEnv(t *testing.T) {
 		},
 	}
 
-	// Safe-inputs are enabled by default when configured, environment variable no longer needed
+	// MCP Scripts are enabled by default when configured, environment variable no longer needed
 	t.Run("with tools - enabled regardless of GH_AW_FEATURES", func(t *testing.T) {
 		t.Setenv("GH_AW_FEATURES", "mcp-scripts")
 		result := IsMCPScriptsEnabled(configWithTools, nil)
diff --git a/pkg/workflow/mcp_setup_generator.go b/pkg/workflow/mcp_setup_generator.go
index 83ace3168ba..fdc53a72ff1 100644
--- a/pkg/workflow/mcp_setup_generator.go
+++ b/pkg/workflow/mcp_setup_generator.go
@@ -47,7 +47,7 @@
 //   - mcp_environment.go: Environment variable collection
 //   - mcp_renderer.go: MCP configuration YAML rendering
 //   - safe_outputs.go: Safe outputs server configuration
-//   - mcp_scripts.go: Safe inputs server configuration
+//   - mcp_scripts.go: MCP Scripts server configuration
 //
 // Example workflow setup:
 //   - Download Docker images
@@ -303,7 +303,7 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 	// For stdio mode, we only write the files but don't start the HTTP server
 	if IsMCPScriptsEnabled(workflowData.MCPScripts, workflowData) {
 		// Step 1: Write config files (JavaScript files are now copied by actions/setup)
-		yaml.WriteString("      - name: Setup Safe Inputs Config\n")
+		yaml.WriteString("      - name: Setup MCP Scripts Config\n")
 		yaml.WriteString("        run: |\n")
 		yaml.WriteString("          mkdir -p /opt/gh-aw/mcp-scripts/logs\n")
 
@@ -328,7 +328,7 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 		yaml.WriteString("          \n")
 
 		// Step 2: Generate tool files (js/py/sh)
-		yaml.WriteString("      - name: Setup Safe Inputs Tool Files\n")
+		yaml.WriteString("      - name: Setup MCP Scripts Tool Files\n")
 		yaml.WriteString("        run: |\n")
 
 		// Generate individual tool files (sorted by name for stable code generation)
@@ -396,7 +396,7 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 		yaml.WriteString("            echo \"mcp_scripts_port=${PORT}\"\n")
 		yaml.WriteString("          } >> \"$GITHUB_OUTPUT\"\n")
 		yaml.WriteString("          \n")
-		yaml.WriteString("          echo \"Safe Inputs MCP server will run on port ${PORT}\"\n")
+		yaml.WriteString("          echo \"MCP Scripts server will run on port ${PORT}\"\n")
 		yaml.WriteString("          \n")
 
 		// Step 4: Start the HTTP server in the background

From 30e9037949a03f639636f5f0a99ea86f74b1c0e3 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 22:51:58 +0000
Subject: [PATCH 07/10] Fix remaining safe-inputs/safeinputs terminology and
 tool name references

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
 .github/aw/runbooks/workflow-health.md        |  8 ++++----
 .github/skills/debugging-workflows/SKILL.md   | 17 +++++++++-------
 .github/workflows/copilot-pr-merged-report.md | 16 +++++++--------
 .github/workflows/daily-cli-performance.md    | 10 +++++-----
 .../daily-performance-summary.lock.yml        | 20 +++++++++----------
 .../workflows/daily-performance-summary.md    |  2 +-
 .github/workflows/go-logger.md                | 12 +++++------
 .github/workflows/security-review.md          |  2 +-
 .github/workflows/smoke-claude.lock.yml       |  8 ++++----
 .github/workflows/smoke-claude.md             |  6 +++---
 .github/workflows/smoke-copilot-arm.md        |  2 +-
 .github/workflows/smoke-copilot.md            |  2 +-
 AGENTS.md                                     |  4 ++--
 actions/setup/js/add_comment.test.cjs         |  2 +-
 actions/setup/js/log_parser_shared.cjs        |  4 ++--
 actions/setup/js/log_parser_shared.test.cjs   |  4 +++-
 docs/src/content/docs/reference/faq.md        |  2 +-
 docs/src/content/docs/reference/imports.md    |  2 +-
 pkg/cli/mcp_inspect.go                        |  8 ++++----
 .../smoke-copilot.golden                      |  2 +-
 .../wasm_golden/fixtures/smoke-copilot.md     |  2 +-
 21 files changed, 70 insertions(+), 65 deletions(-)

diff --git a/.github/aw/runbooks/workflow-health.md b/.github/aw/runbooks/workflow-health.md
index 8c353b6bf4f..3ebe72915dd 100644
--- a/.github/aw/runbooks/workflow-health.md
+++ b/.github/aw/runbooks/workflow-health.md
@@ -77,7 +77,7 @@ Missing-tool errors typically appear in this format:
 
 ```
 Error: Tool 'github:read_issue' not found
-Error: missing tool configuration for safeinputs-gh
+Error: missing tool configuration for mcpscripts-gh
 ```
 
 To identify which tools are missing:
@@ -194,7 +194,7 @@ Analyze repository issues and provide insights.
 
 ### Configuring MCP Scripts and Safe-Outputs
 
-**Problem**: Workflow fails with missing safeinputs-gh or safe-output errors.
+**Problem**: Workflow fails with missing mcpscripts-gh or safe-output errors.
 
 **Solution**: Configure mcp-scripts and safe-outputs in the workflow.
 
@@ -303,7 +303,7 @@ The DeepReport Intelligence Briefing (Discussion #7277) identified several workf
 
 1. **Weekly Issue Summary workflow** - Failed in recent runs
 2. **Dev workflow** - Missing GitHub MCP read_issue capability (Run #20435819459)
-3. **Daily Copilot PR Merged workflow** - Missing safeinputs-gh tool
+3. **Daily Copilot PR Merged workflow** - Missing mcpscripts-gh tool
 
 ### Investigation
 
@@ -318,7 +318,7 @@ The DeepReport Intelligence Briefing (Discussion #7277) identified several workf
 - The workflow attempted to read issue information without GitHub MCP toolset
 
 **Daily Copilot PR Merged**:
-- Error: "missing tool configuration for safeinputs-gh"
+- Error: "missing tool configuration for mcpscripts-gh"
 - Root cause: MCP Scripts action not set up in workflow
 - PR merge data not being passed securely to agent
 
diff --git a/.github/skills/debugging-workflows/SKILL.md b/.github/skills/debugging-workflows/SKILL.md
index 6de57841dbe..74d9392f836 100644
--- a/.github/skills/debugging-workflows/SKILL.md
+++ b/.github/skills/debugging-workflows/SKILL.md
@@ -233,7 +233,7 @@ Use GitHub context like ${{ github.event.issue.number }}.
      ↓
 2. Activation Job
    - Validates permissions
-   - Processes safe-inputs
+   - Processes mcp-scripts
    - Sanitizes context
      ↓
 3. AI Agent Job
@@ -258,7 +258,7 @@ Use GitHub context like ${{ github.event.issue.number }}.
 |-----------|---------|---------------|
 | **Engine** | AI model to use | `engine: copilot`, `claude`, `codex` |
 | **Tools** | APIs available to agent | `tools:` section with MCP servers |
-| **Safe-Inputs** | Context passed to agent | `safe-inputs:` with GitHub expressions |
+| **MCP Scripts** | Context passed to agent | `mcp-scripts:` with GitHub expressions |
 | **Safe-Outputs** | Resources agent can create | `safe-outputs:` with allowed operations |
 | **Permissions** | GitHub token permissions | `permissions:` block |
 | **Network** | Allowed network access | `network:` with domain/ecosystem lists |
@@ -309,16 +309,19 @@ permissions:
 ### Safe-Input Errors
 
 **Symptoms**:
-- "missing tool configuration for safeinputs-gh"
+- "missing tool configuration for mcpscripts-gh"
 - Environment variable not available
 
-**Solution**: Configure safe-inputs:
+**Solution**: Configure mcp-scripts:
 
 ```yaml
-safe-inputs:
+mcp-scripts:
   issue:
-    title: ${{ github.event.issue.title }}
-    body: ${{ github.event.issue.body }}
+    script: |
+      return { title: process.env.ISSUE_TITLE, body: process.env.ISSUE_BODY };
+    env:
+      ISSUE_TITLE: ${{ github.event.issue.title }}
+      ISSUE_BODY: ${{ github.event.issue.body }}
 ```
 
 ### Safe-Output Errors
diff --git a/.github/workflows/copilot-pr-merged-report.md b/.github/workflows/copilot-pr-merged-report.md
index 6f0406f86a3..53b948c985d 100644
--- a/.github/workflows/copilot-pr-merged-report.md
+++ b/.github/workflows/copilot-pr-merged-report.md
@@ -75,9 +75,9 @@ echo "Looking for PRs merged since: $DATE_24H_AGO"
 
 **Step 1.2: Search for Merged Copilot PRs**
 
-Use the `safeinputs-gh` mcp-script tool to search for merged PRs from Copilot:
+Use the `mcpscripts-gh` mcp-script tool to search for merged PRs from Copilot:
 ```
-safeinputs-gh with args: "pr list --repo ${{ github.repository }} --search \"head:copilot/ is:merged merged:>=$DATE_24H_AGO\" --state merged --limit 100 --json number,title,mergedAt,additions,deletions,files,url"
+mcpscripts-gh with args: "pr list --repo ${{ github.repository }} --search \"head:copilot/ is:merged merged:>=$DATE_24H_AGO\" --state merged --limit 100 --json number,title,mergedAt,additions,deletions,files,url"
 ```
 
 This searches for:
@@ -88,7 +88,7 @@ This searches for:
 
 **Step 1.3: Parse Results**
 
-Parse the JSON output from the safeinputs-gh tool to extract:
+Parse the JSON output from the mcpscripts-gh tool to extract:
 - List of PR numbers
 - Total number of merged PRs
 - Sum of lines added across all PRs
@@ -103,9 +103,9 @@ For each merged PR found in Phase 1:
 
 **Step 2.1: Get PR Files**
 
-Use the `safeinputs-gh` tool to get detailed file information:
+Use the `mcpscripts-gh` tool to get detailed file information:
 ```
-safeinputs-gh with args: "pr view <PR_NUMBER> --repo ${{ github.repository }} --json files"
+mcpscripts-gh with args: "pr view <PR_NUMBER> --repo ${{ github.repository }} --json files"
 ```
 
 **Step 2.2: Count Test Files**
@@ -122,19 +122,19 @@ For token usage information, we need to find the workflow run associated with th
 
 1. Get commits from the PR:
    ```
-   safeinputs-gh with args: "pr view <PR_NUMBER> --repo ${{ github.repository }} --json commits"
+   mcpscripts-gh with args: "pr view <PR_NUMBER> --repo ${{ github.repository }} --json commits"
    ```
 
 2. For the latest commit, find associated workflow runs:
    ```
-   safeinputs-gh with args: "api repos/${{ github.repository }}/commits/<COMMIT_SHA>/check-runs"
+   mcpscripts-gh with args: "api repos/${{ github.repository }}/commits/<COMMIT_SHA>/check-runs"
    ```
 
 3. From the check runs, identify GitHub Actions workflow runs
 
 4. Get workflow run usage data:
    ```
-   safeinputs-gh with args: "api repos/${{ github.repository }}/actions/runs/<RUN_ID>/timing"
+   mcpscripts-gh with args: "api repos/${{ github.repository }}/actions/runs/<RUN_ID>/timing"
    ```
 
    This returns timing information including billable time.
diff --git a/.github/workflows/daily-cli-performance.md b/.github/workflows/daily-cli-performance.md
index b0f0dbb8f7a..04dfdc3653a 100644
--- a/.github/workflows/daily-cli-performance.md
+++ b/.github/workflows/daily-cli-performance.md
@@ -54,8 +54,8 @@ Run daily performance benchmarks for workflow compilation, store results in cach
 ## Available Safe-Input Tools
 
 This workflow imports `shared/go-make.md` which provides:
-- **safeinputs-go** - Execute Go commands (e.g., args: "test ./...", "build ./cmd/gh-aw")
-- **safeinputs-make** - Execute Make targets (e.g., args: "build", "test-unit", "bench")
+- **mcpscripts-go** - Execute Go commands (e.g., args: "test ./...", "build ./cmd/gh-aw")
+- **mcpscripts-make** - Execute Make targets (e.g., args: "build", "test-unit", "bench")
 
 **IMPORTANT**: Always use these mcp-script tools for Go and Make commands instead of running them directly via bash.
 
@@ -63,7 +63,7 @@ This workflow imports `shared/go-make.md` which provides:
 
 ### 1.1 Run Compilation Benchmarks
 
-Run the benchmark suite and capture results using the **safeinputs-make** tool:
+Run the benchmark suite and capture results using the **mcpscripts-make** tool:
 
 **Step 1**: Create directory for results
 
@@ -71,9 +71,9 @@ Run the benchmark suite and capture results using the **safeinputs-make** tool:
 mkdir -p /tmp/gh-aw/benchmarks
 ```
 
-**Step 2**: Run benchmarks using safeinputs-make
+**Step 2**: Run benchmarks using mcpscripts-make
 
-Use the **safeinputs-make** tool with args: "bench-performance" to run the critical performance benchmark suite.
+Use the **mcpscripts-make** tool with args: "bench-performance" to run the critical performance benchmark suite.
 
 This will execute `make bench-performance` which runs targeted performance benchmarks and saves results to `bench_performance.txt`.
 
diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml
index 40e2c32b5aa..6edd2268d79 100644
--- a/.github/workflows/daily-performance-summary.lock.yml
+++ b/.github/workflows/daily-performance-summary.lock.yml
@@ -31,7 +31,7 @@
 #
 # gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"c18fdbf83211c18b0c1841b7350de90b0a4b88a7a5a0a0c2026345fc6054c691","strict":true}
 
-name: "Daily Project Performance Summary Generator (Using Safe Inputs)"
+name: "Daily Project Performance Summary Generator (Using MCP Scripts)"
 "on":
   schedule:
   - cron: "26 19 * * *"
@@ -43,7 +43,7 @@ permissions: {}
 concurrency:
   group: "gh-aw-${{ github.workflow }}"
 
-run-name: "Daily Project Performance Summary Generator (Using Safe Inputs)"
+run-name: "Daily Project Performance Summary Generator (Using MCP Scripts)"
 
 jobs:
   activation:
@@ -74,7 +74,7 @@ jobs:
           GH_AW_INFO_MODEL: ${{ vars.GH_AW_MODEL_AGENT_COPILOT || '' }}
           GH_AW_INFO_VERSION: ""
           GH_AW_INFO_AGENT_VERSION: "latest"
-          GH_AW_INFO_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using Safe Inputs)"
+          GH_AW_INFO_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using MCP Scripts)"
           GH_AW_INFO_EXPERIMENTAL: "false"
           GH_AW_INFO_SUPPORTS_TOOLS_ALLOWLIST: "true"
           GH_AW_INFO_STAGED: "false"
@@ -1517,7 +1517,7 @@ jobs:
         if: always() && steps.detection_guard.outputs.run_detection == 'true'
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         env:
-          WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using Safe Inputs)"
+          WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using MCP Scripts)"
           WORKFLOW_DESCRIPTION: "Daily project performance summary (90-day window) with trend charts using mcp-scripts"
           HAS_PATCH: ${{ steps.collect_output.outputs.has_patch }}
         with:
@@ -1653,7 +1653,7 @@ jobs:
         env:
           GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
           GH_AW_NOOP_MAX: "1"
-          GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using Safe Inputs)"
+          GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using MCP Scripts)"
           GH_AW_TRACKER_ID: "daily-performance-summary"
         with:
           github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
@@ -1667,7 +1667,7 @@ jobs:
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         env:
           GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
-          GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using Safe Inputs)"
+          GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using MCP Scripts)"
           GH_AW_TRACKER_ID: "daily-performance-summary"
         with:
           github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
@@ -1681,7 +1681,7 @@ jobs:
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         env:
           GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
-          GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using Safe Inputs)"
+          GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using MCP Scripts)"
           GH_AW_TRACKER_ID: "daily-performance-summary"
           GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
           GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
@@ -1705,7 +1705,7 @@ jobs:
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
         env:
           GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
-          GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using Safe Inputs)"
+          GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using MCP Scripts)"
           GH_AW_TRACKER_ID: "daily-performance-summary"
           GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
           GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
@@ -1733,7 +1733,7 @@ jobs:
       GH_AW_ENGINE_ID: "copilot"
       GH_AW_TRACKER_ID: "daily-performance-summary"
       GH_AW_WORKFLOW_ID: "daily-performance-summary"
-      GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using Safe Inputs)"
+      GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using MCP Scripts)"
     outputs:
       code_push_failure_count: ${{ steps.process_safe_outputs.outputs.code_push_failure_count }}
       code_push_failure_errors: ${{ steps.process_safe_outputs.outputs.code_push_failure_errors }}
@@ -1901,7 +1901,7 @@ jobs:
           GH_AW_ASSETS_BRANCH: "assets/${{ github.workflow }}"
           GH_AW_ASSETS_MAX_SIZE_KB: 10240
           GH_AW_ASSETS_ALLOWED_EXTS: ".png,.jpg,.jpeg"
-          GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using Safe Inputs)"
+          GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using MCP Scripts)"
           GH_AW_TRACKER_ID: "daily-performance-summary"
           GH_AW_ENGINE_ID: "copilot"
         with:
diff --git a/.github/workflows/daily-performance-summary.md b/.github/workflows/daily-performance-summary.md
index 40edf560885..8041e5df7fc 100644
--- a/.github/workflows/daily-performance-summary.md
+++ b/.github/workflows/daily-performance-summary.md
@@ -34,7 +34,7 @@ imports:
 
 {{#runtime-import? .github/shared-instructions.md}}
 
-# Daily Project Performance Summary Generator (Using Safe Inputs)
+# Daily Project Performance Summary Generator (Using MCP Scripts)
 
 You are an expert analyst that generates comprehensive daily performance summaries using **mcp-script tools** to query GitHub data (PRs, issues, discussions) and creates trend visualizations.
 
diff --git a/.github/workflows/go-logger.md b/.github/workflows/go-logger.md
index b3a43c56143..21596f1b6e7 100644
--- a/.github/workflows/go-logger.md
+++ b/.github/workflows/go-logger.md
@@ -64,8 +64,8 @@ You are an AI agent that improves Go code by adding debug logging statements to
 ## Available Safe-Input Tools
 
 This workflow imports `shared/go-make.md` which provides:
-- **safeinputs-go** - Execute Go commands (e.g., args: "test ./...", "build ./cmd/gh-aw")
-- **safeinputs-make** - Execute Make targets (e.g., args: "build", "test-unit", "lint", "recompile")
+- **mcpscripts-go** - Execute Go commands (e.g., args: "test ./...", "build ./cmd/gh-aw")
+- **mcpscripts-make** - Execute Make targets (e.g., args: "build", "test-unit", "lint", "recompile")
 
 Use these tools for consistent execution instead of running commands directly via bash.
 
@@ -220,17 +220,17 @@ For each file:
 After adding logging to the selected files, **validate your changes** before creating a PR:
 
 1. **Build the project to ensure no compilation errors:**
-   Use the safeinputs-make tool with args: "build"
+   Use the mcpscripts-make tool with args: "build"
    
    This will compile the Go code and catch any syntax errors or import issues.
 
 2. **Run unit tests to ensure nothing broke:**
-   Use the safeinputs-make tool with args: "test-unit"
+   Use the mcpscripts-make tool with args: "test-unit"
    
    This validates that your changes don't break existing functionality.
 
 3. **Test the workflow compilation with debug logging enabled:**
-   Use the safeinputs-go tool with args: "run ./cmd/gh-aw compile dev"
+   Use the mcpscripts-go tool with args: "run ./cmd/gh-aw compile dev"
    
    Or you can run it directly with bash if needed:
    ```bash
@@ -242,7 +242,7 @@ After adding logging to the selected files, **validate your changes** before cre
    - Debug logging from your changes appears in the output
 
 4. **If needed, recompile workflows:**
-   Use the safeinputs-make tool with args: "recompile"
+   Use the mcpscripts-make tool with args: "recompile"
 
 ### 6. Create Pull Request
 
diff --git a/.github/workflows/security-review.md b/.github/workflows/security-review.md
index 85ebf8e128a..3054bbc24dd 100644
--- a/.github/workflows/security-review.md
+++ b/.github/workflows/security-review.md
@@ -97,7 +97,7 @@ The AWF controls network access, sandboxing, and command execution. Look for:
 - Target repositories being expanded (`target-repo:`)
 - Label or permission restrictions being removed
 
-**Safe Inputs (`mcp-scripts:` field)**
+**MCP Scripts (`mcp-scripts:` field)**
 - New scripts being added with secret access
 - Environment variables exposing sensitive data
 - External command execution in scripts
diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml
index 1bc90168327..9ef25565421 100644
--- a/.github/workflows/smoke-claude.lock.yml
+++ b/.github/workflows/smoke-claude.lock.yml
@@ -35,7 +35,7 @@
 #
 # inlined-imports: true
 #
-# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"9ccaafdfcb88733fa3c5383f6b03f4902c51380ce360f90b9131f75540f103a3","strict":true}
+# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"ce1db450f8ac78040e972a4a41fe2c780e51d97c7d931f9ec7f883a6ae8006d7","strict":true}
 
 name: "Smoke Claude"
 "on":
@@ -473,11 +473,11 @@ jobs:
           ## Test Requirements
           
           1. **GitHub MCP Testing**: Review the last 2 merged pull requests in __GH_AW_GITHUB_REPOSITORY__
-          2. **Safe Inputs GH CLI Testing**: Use the `safeinputs-gh` tool to query 2 pull requests from __GH_AW_GITHUB_REPOSITORY__ (use args: "pr list --repo __GH_AW_GITHUB_REPOSITORY__ --limit 2 --json number,title,author")
+          2. **MCP Scripts GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from __GH_AW_GITHUB_REPOSITORY__ (use args: "pr list --repo __GH_AW_GITHUB_REPOSITORY__ --limit 2 --json number,title,author")
           3. **Serena MCP Testing**: 
-             - Use the Serena MCP server tool `activate_project` to initialize the workspace at `__GH_AW_GITHUB_WORKSPACE__` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools or the safeinputs-go/safeinputs-make tools from the go-make shared workflow)
+             - Use the Serena MCP server tool `activate_project` to initialize the workspace at `__GH_AW_GITHUB_WORKSPACE__` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools or the mcpscripts-go/mcpscripts-make tools from the go-make shared workflow)
              - After initialization, use the `find_symbol` tool to search for symbols (find which tool to call) and verify that at least 3 symbols are found in the results
-          4. **Make Build Testing**: Use the `safeinputs-make` tool to build the project (use args: "build") and verify it succeeds
+          4. **Make Build Testing**: Use the `mcpscripts-make` tool to build the project (use args: "build") and verify it succeeds
           5. **Playwright Testing**: Use the playwright tools to navigate to https://github.com and verify the page title contains "GitHub" (do NOT try to install playwright - use the provided MCP tools)
           6. **Tavily Web Search Testing**: Use the Tavily MCP server to perform a web search for "GitHub Agentic Workflows" and verify that results are returned with at least one item
           7. **File Writing Testing**: Create a test file `/tmp/gh-aw/agent/smoke-test-claude-__GH_AW_GITHUB_RUN_ID__.txt` with content "Smoke test passed for Claude at $(date)" (create the directory if it doesn't exist)
diff --git a/.github/workflows/smoke-claude.md b/.github/workflows/smoke-claude.md
index 36944891ee9..639c16f1e00 100644
--- a/.github/workflows/smoke-claude.md
+++ b/.github/workflows/smoke-claude.md
@@ -102,11 +102,11 @@ timeout-minutes: 10
 ## Test Requirements
 
 1. **GitHub MCP Testing**: Review the last 2 merged pull requests in ${{ github.repository }}
-2. **Safe Inputs GH CLI Testing**: Use the `safeinputs-gh` tool to query 2 pull requests from ${{ github.repository }} (use args: "pr list --repo ${{ github.repository }} --limit 2 --json number,title,author")
+2. **MCP Scripts GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from ${{ github.repository }} (use args: "pr list --repo ${{ github.repository }} --limit 2 --json number,title,author")
 3. **Serena MCP Testing**: 
-   - Use the Serena MCP server tool `activate_project` to initialize the workspace at `${{ github.workspace }}` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools or the safeinputs-go/safeinputs-make tools from the go-make shared workflow)
+   - Use the Serena MCP server tool `activate_project` to initialize the workspace at `${{ github.workspace }}` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools or the mcpscripts-go/mcpscripts-make tools from the go-make shared workflow)
    - After initialization, use the `find_symbol` tool to search for symbols (find which tool to call) and verify that at least 3 symbols are found in the results
-4. **Make Build Testing**: Use the `safeinputs-make` tool to build the project (use args: "build") and verify it succeeds
+4. **Make Build Testing**: Use the `mcpscripts-make` tool to build the project (use args: "build") and verify it succeeds
 5. **Playwright Testing**: Use the playwright tools to navigate to https://github.com and verify the page title contains "GitHub" (do NOT try to install playwright - use the provided MCP tools)
 6. **Tavily Web Search Testing**: Use the Tavily MCP server to perform a web search for "GitHub Agentic Workflows" and verify that results are returned with at least one item
 7. **File Writing Testing**: Create a test file `/tmp/gh-aw/agent/smoke-test-claude-${{ github.run_id }}.txt` with content "Smoke test passed for Claude at $(date)" (create the directory if it doesn't exist)
diff --git a/.github/workflows/smoke-copilot-arm.md b/.github/workflows/smoke-copilot-arm.md
index 3cc58ac75d2..39ea35d5304 100644
--- a/.github/workflows/smoke-copilot-arm.md
+++ b/.github/workflows/smoke-copilot-arm.md
@@ -120,7 +120,7 @@ strict: true
 
 1. **Architecture Verification**: Run `uname -m` to confirm you are running on an ARM64 (aarch64) host. Report the architecture.
 2. **GitHub MCP Testing**: Review the last 2 merged pull requests in ${{ github.repository }}
-3. **Safe Inputs GH CLI Testing**: Use the `safeinputs-gh` tool to query 2 pull requests from ${{ github.repository }} (use args: "pr list --repo ${{ github.repository }} --limit 2 --json number,title,author")
+3. **MCP Scripts GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from ${{ github.repository }} (use args: "pr list --repo ${{ github.repository }} --limit 2 --json number,title,author")
 4. **Serena MCP Testing**:
    - Use the Serena MCP server tool `activate_project` to initialize the workspace at `${{ github.workspace }}` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools)
    - After initialization, use the `find_symbol` tool to search for symbols (find which tool to call) and verify that at least 3 symbols are found in the results
diff --git a/.github/workflows/smoke-copilot.md b/.github/workflows/smoke-copilot.md
index 9573e5a6e92..a906b68804a 100644
--- a/.github/workflows/smoke-copilot.md
+++ b/.github/workflows/smoke-copilot.md
@@ -121,7 +121,7 @@ strict: true
 ## Test Requirements
 
 1. **GitHub MCP Testing**: Review the last 2 merged pull requests in ${{ github.repository }}
-2. **Safe Inputs GH CLI Testing**: Use the `safeinputs-gh` tool to query 2 pull requests from ${{ github.repository }} (use args: "pr list --repo ${{ github.repository }} --limit 2 --json number,title,author")
+2. **MCP Scripts GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from ${{ github.repository }} (use args: "pr list --repo ${{ github.repository }} --limit 2 --json number,title,author")
 3. **Serena MCP Testing**: 
    - Use the Serena MCP server tool `activate_project` to initialize the workspace at `${{ github.workspace }}` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools)
    - After initialization, use the `find_symbol` tool to search for symbols (find which tool to call) and verify that at least 3 symbols are found in the results
diff --git a/AGENTS.md b/AGENTS.md
index 4a8664a643d..69cb7b0d95d 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -905,7 +905,7 @@ if engine.IsValid() {
 **Available semantic types in `pkg/constants`**:
 - `LineLength` - Character counts for formatting (e.g., `MaxExpressionLineLength`)
 - `Version` - Software version strings (e.g., `DefaultCopilotVersion`)
-- `FeatureFlag` - Feature flag identifiers (e.g., `SafeInputsFeatureFlag`)
+- `FeatureFlag` - Feature flag identifiers (e.g., `MCPScriptsFeatureFlag`)
 - `URL` - URL strings (e.g., `DefaultMCPRegistryURL`)
 - `ModelName` - AI model names (e.g., `DefaultCopilotDetectionModel`)
 - `JobName` - GitHub Actions job identifiers (e.g., `AgentJobName`)
@@ -955,7 +955,7 @@ The `FrontmatterConfig` struct in `pkg/workflow/frontmatter_types.go` is gradual
 - `Tools *ToolsConfig` - Tool and MCP server configurations
 - `Network *NetworkPermissions` - Network access permissions
 - `SafeOutputs *SafeOutputsConfig` - Safe output configurations
-- `SafeInputs *SafeInputsConfig` - Safe input configurations
+- `MCPScripts *MCPScriptsConfig` - MCP Scripts configurations
 - `Sandbox *SandboxConfig` - Sandbox environment configuration
 - `RuntimesTyped *RuntimesConfig` - Runtime version overrides (node, python, go, uv, bun, deno)
 - `PermissionsTyped *PermissionsConfig` - GitHub Actions permissions (shorthand + detailed)
diff --git a/actions/setup/js/add_comment.test.cjs b/actions/setup/js/add_comment.test.cjs
index b6cab3e4aae..e2304ce3937 100644
--- a/actions/setup/js/add_comment.test.cjs
+++ b/actions/setup/js/add_comment.test.cjs
@@ -378,7 +378,7 @@ describe("add_comment", () => {
 
       const message = {
         type: "add_comment",
-        body: "## Smoke Test: Copilot Safe Inputs\n\n✅ Test passed",
+        body: "## Smoke Test: Copilot MCP Scripts\n\n✅ Test passed",
       };
 
       const result = await handler(message, {});
diff --git a/actions/setup/js/log_parser_shared.cjs b/actions/setup/js/log_parser_shared.cjs
index f966a4dc971..0e37fc69bc3 100644
--- a/actions/setup/js/log_parser_shared.cjs
+++ b/actions/setup/js/log_parser_shared.cjs
@@ -625,9 +625,9 @@ function formatInitializationSummary(initEntry, options = {}) {
         // Extract the tool name without the prefix for cleaner display
         const toolName = tool.replace(/^safeoutputs-|^safe_outputs-/, "");
         categories["Safe Outputs"].push(toolName);
-      } else if (tool.startsWith("safeinputs-") || tool.startsWith("mcp_scripts-")) {
+      } else if (tool.startsWith("safeinputs-") || tool.startsWith("mcp_scripts-") || tool.startsWith("mcpscripts-")) {
         // Extract the tool name without the prefix for cleaner display
-        const toolName = tool.replace(/^safeinputs-|^mcp_scripts-/, "");
+        const toolName = tool.replace(/^safeinputs-|^mcp_scripts-|^mcpscripts-/, "");
         categories["MCP Scripts"].push(toolName);
       } else if (tool.startsWith("mcp__github__")) {
         categories["Git/GitHub"].push(formatMcpName(tool));
diff --git a/actions/setup/js/log_parser_shared.test.cjs b/actions/setup/js/log_parser_shared.test.cjs
index b86cdade5b6..e8465ea962e 100644
--- a/actions/setup/js/log_parser_shared.test.cjs
+++ b/actions/setup/js/log_parser_shared.test.cjs
@@ -938,7 +938,7 @@ describe("log_parser_shared.cjs", () => {
       const { formatInitializationSummary } = await import("./log_parser_shared.cjs");
 
       const initEntry = {
-        tools: ["safeinputs-get_data", "safeinputs-query_database", "mcp_scripts-fetch_config"],
+        tools: ["safeinputs-get_data", "safeinputs-query_database", "mcp_scripts-fetch_config", "mcpscripts-query_issues"],
       };
 
       const result = formatInitializationSummary(initEntry);
@@ -947,9 +947,11 @@ describe("log_parser_shared.cjs", () => {
       expect(result.markdown).toContain("get_data");
       expect(result.markdown).toContain("query_database");
       expect(result.markdown).toContain("fetch_config");
+      expect(result.markdown).toContain("query_issues");
       // Should NOT contain the prefix in output
       expect(result.markdown).not.toContain("safeinputs-");
       expect(result.markdown).not.toContain("mcp_scripts-");
+      expect(result.markdown).not.toContain("mcpscripts-");
     });
   });
 
diff --git a/docs/src/content/docs/reference/faq.md b/docs/src/content/docs/reference/faq.md
index 61ed86ab5ad..beaafa83c9b 100644
--- a/docs/src/content/docs/reference/faq.md
+++ b/docs/src/content/docs/reference/faq.md
@@ -38,7 +38,7 @@ Yes! Agentic workflows can analyze repositories, generate reports, triage issues
 
 ### Can agentic workflows mix regular GitHub Actions steps with AI agentic steps?
 
-Yes! Agentic workflows can include both AI agentic steps and traditional GitHub Actions steps. You can add custom steps before the agentic job using the [`steps:` configuration](/gh-aw/reference/frontmatter/#custom-steps-steps). Additionally, [custom safe output jobs](/gh-aw/reference/safe-outputs/#custom-safe-output-jobs-jobs) can be used as consumers of agentic outputs. [Safe inputs](/gh-aw/reference/mcp-scripts/) allow you to pass data between traditional steps and the AI agent with added checking.
+Yes! Agentic workflows can include both AI agentic steps and traditional GitHub Actions steps. You can add custom steps before the agentic job using the [`steps:` configuration](/gh-aw/reference/frontmatter/#custom-steps-steps). Additionally, [custom safe output jobs](/gh-aw/reference/safe-outputs/#custom-safe-output-jobs-jobs) can be used as consumers of agentic outputs. [MCP Scripts](/gh-aw/reference/mcp-scripts/) allow you to pass data between traditional steps and the AI agent with added checking.
 
 ### Can agentic workflows read other repositories?
 
diff --git a/docs/src/content/docs/reference/imports.md b/docs/src/content/docs/reference/imports.md
index 5eb8d45b507..b687232cd5e 100644
--- a/docs/src/content/docs/reference/imports.md
+++ b/docs/src/content/docs/reference/imports.md
@@ -131,7 +131,7 @@ Shared workflow files (without `on:` field) can define:
 - `mcp-servers:` - Model Context Protocol server configurations
 - `services:` - Docker services for workflow execution
 - `safe-outputs:` - Safe output handlers and configuration
-- `mcp-scripts:` - Safe input configurations
+- `mcp-scripts:` - MCP Scripts configurations
 - `network:` - Network permission specifications
 - `permissions:` - GitHub Actions permissions (validated, not merged)
 - `runtimes:` - Runtime version overrides (node, python, go, etc.)
diff --git a/pkg/cli/mcp_inspect.go b/pkg/cli/mcp_inspect.go
index baa19083421..68b0021c55d 100644
--- a/pkg/cli/mcp_inspect.go
+++ b/pkg/cli/mcp_inspect.go
@@ -66,8 +66,8 @@ func InspectWorkflowMCP(workflowFile string, serverFilter string, toolFilter str
 		return fmt.Errorf("failed to parse workflow file: %w", err)
 	}
 
-	mcpInspectLog.Printf("Workflow parsed: name=%s, has_safe_inputs=%t",
-		workflowData.Name, workflowData.SafeInputs != nil)
+	mcpInspectLog.Printf("Workflow parsed: name=%s, has_mcp_scripts=%t",
+		workflowData.Name, workflowData.MCPScripts != nil)
 
 	if verbose {
 		fmt.Fprintln(os.Stderr, console.FormatSuccessMessage("Workflow parsed successfully"))
@@ -101,13 +101,13 @@ func InspectWorkflowMCP(workflowFile string, serverFilter string, toolFilter str
 			if verbose {
 				fmt.Fprintln(os.Stderr, console.FormatWarningMessage(fmt.Sprintf("Failed to start mcp-scripts server: %v", err)))
 			}
-			mcpInspectLog.Printf("Failed to start safe-inputs server: %v", err)
+			mcpInspectLog.Printf("Failed to start mcp-scripts server: %v", err)
 		} else {
 			mcpScriptsServerCmd = serverCmd
 			mcpScriptsTmpDir = tmpDir
 			// Add mcp-scripts config to the list of MCP servers to inspect
 			mcpConfigs = append(mcpConfigs, *config)
-			mcpInspectLog.Print("Safe-inputs server started successfully")
+			mcpInspectLog.Print("MCP Scripts server started successfully")
 		}
 	}
 
diff --git a/pkg/workflow/testdata/wasm_golden/TestWasmGolden_CompileFixtures/smoke-copilot.golden b/pkg/workflow/testdata/wasm_golden/TestWasmGolden_CompileFixtures/smoke-copilot.golden
index ef3c6e6278c..4711c044e3c 100644
--- a/pkg/workflow/testdata/wasm_golden/TestWasmGolden_CompileFixtures/smoke-copilot.golden
+++ b/pkg/workflow/testdata/wasm_golden/TestWasmGolden_CompileFixtures/smoke-copilot.golden
@@ -174,7 +174,7 @@ jobs:
           ## Test Requirements
           
           1. **GitHub MCP Testing**: Review the last 2 merged pull requests in __GH_AW_GITHUB_REPOSITORY__
-          2. **Safe Inputs GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from __GH_AW_GITHUB_REPOSITORY__ (use args: "pr list --repo __GH_AW_GITHUB_REPOSITORY__ --limit 2 --json number,title,author")
+          2. **MCP Scripts GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from __GH_AW_GITHUB_REPOSITORY__ (use args: "pr list --repo __GH_AW_GITHUB_REPOSITORY__ --limit 2 --json number,title,author")
           3. **Serena MCP Testing**: 
              - Use the Serena MCP server tool `activate_project` to initialize the workspace at `__GH_AW_GITHUB_WORKSPACE__` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools)
              - After initialization, use the `find_symbol` tool to search for symbols (find which tool to call) and verify that at least 3 symbols are found in the results
diff --git a/pkg/workflow/testdata/wasm_golden/fixtures/smoke-copilot.md b/pkg/workflow/testdata/wasm_golden/fixtures/smoke-copilot.md
index 0b16a05c5b0..1c7496f6e4b 100644
--- a/pkg/workflow/testdata/wasm_golden/fixtures/smoke-copilot.md
+++ b/pkg/workflow/testdata/wasm_golden/fixtures/smoke-copilot.md
@@ -116,7 +116,7 @@ strict: true
 ## Test Requirements
 
 1. **GitHub MCP Testing**: Review the last 2 merged pull requests in ${{ github.repository }}
-2. **Safe Inputs GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from ${{ github.repository }} (use args: "pr list --repo ${{ github.repository }} --limit 2 --json number,title,author")
+2. **MCP Scripts GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from ${{ github.repository }} (use args: "pr list --repo ${{ github.repository }} --limit 2 --json number,title,author")
 3. **Serena MCP Testing**: 
    - Use the Serena MCP server tool `activate_project` to initialize the workspace at `${{ github.workspace }}` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools)
    - After initialization, use the `find_symbol` tool to search for symbols (find which tool to call) and verify that at least 3 symbols are found in the results

From 2eb1cbeaba15d12805694817bcf75b174e3490e0 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 23:03:19 +0000
Subject: [PATCH 08/10] Fix pkg/parser/mcp.go: skip non-tool keys like 'mode'
 when building mcp-scripts allowed list

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
 pkg/parser/mcp.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/parser/mcp.go b/pkg/parser/mcp.go
index 1c9b8f50fcd..fe560bc4d13 100644
--- a/pkg/parser/mcp.go
+++ b/pkg/parser/mcp.go
@@ -159,6 +159,10 @@ func ExtractMCPConfigurations(frontmatter map[string]any, serverFilter string) (
 			// Parse mcp-scripts configuration to determine enabled tools
 			if mcpScriptsMap, ok := mcpScriptsSection.(map[string]any); ok {
 				for toolName := range mcpScriptsMap {
+					// Skip non-tool metadata keys like "mode"
+					if toolName == "mode" {
+						continue
+					}
 					config.Allowed = append(config.Allowed, toolName)
 				}
 			}

From 5f5740f9a7dd146a74b24defb78acf6695b424d6 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 23:17:57 +0000
Subject: [PATCH 09/10] Fix parse_mcp_scripts_logs.test.cjs: update test
 fixture messages from 'Safe Inputs MCP Server' to 'mcp-scripts MCP Server'

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
 .../setup/js/parse_mcp_scripts_logs.test.cjs  | 24 +++++++++----------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/actions/setup/js/parse_mcp_scripts_logs.test.cjs b/actions/setup/js/parse_mcp_scripts_logs.test.cjs
index 2062853db7f..2d5c80fe571 100644
--- a/actions/setup/js/parse_mcp_scripts_logs.test.cjs
+++ b/actions/setup/js/parse_mcp_scripts_logs.test.cjs
@@ -56,13 +56,13 @@ describe("parse_mcp_scripts_logs.cjs", () => {
 
   describe("parseMCPScriptsLogLine", () => {
     it("should parse valid mcp-scripts log line with standard format", () => {
-      const line = "[2025-12-31T15:43:54.123Z] [mcp-scripts-server] Starting Safe Inputs MCP Server";
+      const line = "[2025-12-31T15:43:54.123Z] [mcp-scripts-server] Starting mcp-scripts MCP Server";
       const result = parseMCPScriptsLogLine(line);
 
       expect(result).not.toBeNull();
       expect(result.timestamp).toBe("2025-12-31T15:43:54.123Z");
       expect(result.serverName).toBe("mcp-scripts-server");
-      expect(result.message).toBe("Starting Safe Inputs MCP Server");
+      expect(result.message).toBe("Starting mcp-scripts MCP Server");
       expect(result.raw).toBe(false);
     });
 
@@ -147,7 +147,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
   describe("generatePlainTextSummary", () => {
     it("should generate summary with startup events", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:43:54.123Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false },
+        { timestamp: "2025-12-31T15:43:54.123Z", serverName: "mcp-scripts", message: "Starting mcp-scripts MCP Server", raw: false },
         { timestamp: "2025-12-31T15:43:54.456Z", serverName: "mcp-scripts", message: "Server started successfully", raw: false },
       ];
 
@@ -201,7 +201,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
 
     it("should generate summary with mixed event types", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false },
+        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting mcp-scripts MCP Server", raw: false },
         { timestamp: "2025-12-31T15:43:55.000Z", serverName: "mcp-scripts", message: "Registering tool: create_issue", raw: false },
         { timestamp: "2025-12-31T15:44:10.000Z", serverName: "mcp-scripts", message: "Calling handler for tool: create_issue", raw: false },
         { timestamp: "2025-12-31T15:44:10.500Z", serverName: "mcp-scripts", message: "Handler returned successfully", raw: false },
@@ -228,7 +228,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
 
     it("should include full logs in plain text summary", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false },
+        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting mcp-scripts MCP Server", raw: false },
         { timestamp: "2025-12-31T15:43:55.000Z", serverName: "mcp-scripts", message: "Server started successfully", raw: false },
         { timestamp: null, serverName: null, message: "Unparsed log line", raw: true },
       ];
@@ -236,7 +236,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
       const summary = generatePlainTextSummary(logEntries);
 
       expect(summary).toContain("Full Logs (first 5000 lines):");
-      expect(summary).toContain("[mcp-scripts] Starting Safe Inputs MCP Server");
+      expect(summary).toContain("[mcp-scripts] Starting mcp-scripts MCP Server");
       expect(summary).toContain("[mcp-scripts] Server started successfully");
       expect(summary).toContain("Unparsed log line");
     });
@@ -267,7 +267,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
   describe("generateMCPScriptsSummary", () => {
     it("should generate markdown summary with details/summary structure", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false },
+        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting mcp-scripts MCP Server", raw: false },
         { timestamp: "2025-12-31T15:43:55.000Z", serverName: "mcp-scripts", message: "Registering tool: create_issue", raw: false },
         { timestamp: "2025-12-31T15:44:10.000Z", serverName: "mcp-scripts", message: "Calling handler for tool: create_issue", raw: false },
       ];
@@ -317,7 +317,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
 
     it("should generate markdown summary with full logs section", () => {
       const logEntries = [
-        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false },
+        { timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting mcp-scripts MCP Server", raw: false },
         { timestamp: null, serverName: null, message: "Unparsed log line", raw: true },
       ];
 
@@ -326,7 +326,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
       expect(summary).toContain("**Full Logs**");
       expect(summary).toContain("<summary>View full mcp-scripts logs</summary>");
       expect(summary).toContain("```");
-      expect(summary).toContain("[2025-12-31T15:43:54.000Z] [mcp-scripts] Starting Safe Inputs MCP Server");
+      expect(summary).toContain("[2025-12-31T15:43:54.000Z] [mcp-scripts] Starting mcp-scripts MCP Server");
       expect(summary).toContain("Unparsed log line");
     });
 
@@ -344,7 +344,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
     });
 
     it("should not show tool executions section when no tools called", () => {
-      const logEntries = [{ timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false }];
+      const logEntries = [{ timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting mcp-scripts MCP Server", raw: false }];
 
       const summary = generateMCPScriptsSummary(logEntries);
 
@@ -352,7 +352,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
     });
 
     it("should not show errors section when no errors", () => {
-      const logEntries = [{ timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting Safe Inputs MCP Server", raw: false }];
+      const logEntries = [{ timestamp: "2025-12-31T15:43:54.000Z", serverName: "mcp-scripts", message: "Starting mcp-scripts MCP Server", raw: false }];
 
       const summary = generateMCPScriptsSummary(logEntries);
 
@@ -389,7 +389,7 @@ describe("parse_mcp_scripts_logs.cjs", () => {
     });
 
     it("should process log files and generate summaries", async () => {
-      const logContent = "[2025-12-31T15:43:54.000Z] [mcp-scripts] Starting Safe Inputs MCP Server\n[2025-12-31T15:43:55.000Z] [mcp-scripts] Registering tool: create_issue\n";
+      const logContent = "[2025-12-31T15:43:54.000Z] [mcp-scripts] Starting mcp-scripts MCP Server\n[2025-12-31T15:43:55.000Z] [mcp-scripts] Registering tool: create_issue\n";
 
       // Mock fs functions
       vi.spyOn(fs, "existsSync").mockReturnValue(true);

From f32288d93ef2d24e0eb139c18ab108a8b75e68b6 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Sun, 8 Mar 2026 23:32:35 +0000
Subject: [PATCH 10/10] Add changeset [skip-ci]

---
 .changeset/minor-rename-safe-inputs-to-mcp-scripts.md | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 .changeset/minor-rename-safe-inputs-to-mcp-scripts.md

diff --git a/.changeset/minor-rename-safe-inputs-to-mcp-scripts.md b/.changeset/minor-rename-safe-inputs-to-mcp-scripts.md
new file mode 100644
index 00000000000..8309f8b99fc
--- /dev/null
+++ b/.changeset/minor-rename-safe-inputs-to-mcp-scripts.md
@@ -0,0 +1,4 @@
+---
+"gh-aw": minor
+---
+Renamed the SafeInputs workflow integration to MCP Scripts (frontmatter field `SafeInputs`/`safe-inputs`, Go refs, docs, tooling, logs) and added the `safe-inputs-to-mcp-scripts` codemod so existing workflows can be migrated automatically.