From fe5c8812a4fee4cc4160ce755206ef0871658dc7 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 9 Mar 2026 23:23:56 +0000
Subject: [PATCH 1/2] Initial plan


From 9666a3e5af953556793cb60ecc46133adbef0244 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 9 Mar 2026 23:41:04 +0000
Subject: [PATCH 2/2] Fix: add "public" to repos enum in guard-policies schema
 for GitHub MCP server

Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
---
 pkg/parser/schemas/main_workflow_schema.json | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/pkg/parser/schemas/main_workflow_schema.json b/pkg/parser/schemas/main_workflow_schema.json
index c2d32a32f1d..4501c1d9695 100644
--- a/pkg/parser/schemas/main_workflow_schema.json
+++ b/pkg/parser/schemas/main_workflow_schema.json
@@ -3024,19 +3024,19 @@
                   "examples": [["/data:/data:ro", "/tmp:/tmp:rw"], ["/opt:/opt:ro"]]
                 },
                 "repos": {
-                  "description": "Guard policy: repository access configuration. Restricts which repositories the agent can access. Use 'all' to allow all repos or an array of 'owner/repo' strings.",
+                  "description": "Guard policy: repository access configuration. Restricts which repositories the agent can access. Use 'all' to allow all repos, 'public' for public repositories only, or an array of repository patterns (e.g., 'owner/repo', 'owner/*', 'owner/prefix*').",
                   "oneOf": [
                     {
                       "type": "string",
-                      "enum": ["all"],
-                      "description": "Allow access to all repositories"
+                      "enum": ["all", "public"],
+                      "description": "Allow access to all repositories ('all') or only public repositories ('public')"
                     },
                     {
                       "type": "array",
-                      "description": "Allow access to specific repositories",
+                      "description": "Allow access to specific repositories using patterns (e.g., 'owner/repo', 'owner/*', 'owner/prefix*')",
                       "items": {
                         "type": "string",
-                        "description": "Repository slug in the format 'owner/repo'"
+                        "description": "Repository pattern in the format 'owner/repo', 'owner/*' (all repos under owner), or 'owner/prefix*' (repos with name prefix)"
                       },
                       "minItems": 1
                     }