Skip to content

[docs] Update documentation for features from 2026-03-15 #21025

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
pelikhan merged 1 commit into from
Mar 15, 2026
Merged

[docs] Update documentation for features from 2026-03-15 #21025

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 7 additions & 5 deletions docs/src/content/docs/reference/github-tools.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,17 +144,19 @@ tools:
min-integrity: approved
```

### Safe Outputs Integration
### Non-GitHub MCP Server Integration

When you configure `repos` in the GitHub guard policy, the compiler automatically derives a linked guard-policy for the [safe outputs](/gh-aw/reference/safe-outputs/) MCP server:
When you configure `repos` in the GitHub guard policy, the compiler automatically derives a linked write-sink guard-policy for **all non-GitHub MCP servers** — including [safe outputs](/gh-aw/reference/safe-outputs/), playwright, serena, mcp-scripts, agentic-workflows, web-fetch, and any custom tools. This ensures that as guard policies are applied to GitHub inputs, the corresponding write operations to non-GitHub servers are permitted.

- **`repos: "all"` or `repos: "public"`**: Creates a write-sink policy with `accept: ["*"]` to allow all safe output operations
- **`repos: [patterns]`**: Each entry in the `repos` list is transformed and added as an accept entry in the safeoutputs policy:
The transformation rules are:

- **`repos: "all"` or `repos: "public"`**: Creates a write-sink policy with `accept: ["*"]` to allow all write operations
- **`repos: [patterns]`**: Each entry is transformed and added as an accept entry:
- `"owner/*"` → `"private:owner"` (owner wildcard → strip wildcard)
- `"owner/prefix*"` → `"private:owner/prefix*"` (prefix wildcard → keep as-is)
- `"owner/repo"` → `"private:owner/repo"` (specific repo → keep as-is)

This derivation happens at compile time and requires no additional configuration, allowing the MCP gateway to read repository data through the GitHub tools and still write outputs via safeoutputs.
This derivation happens at compile time and requires no additional configuration, allowing the MCP gateway to read repository data through the GitHub tools and write outputs to any configured non-GitHub MCP server.

```yaml wrap
tools:
Expand Down
2 changes: 2 additions & 0 deletions docs/src/content/docs/setup/cli.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,8 @@ gh aw logs workflow --repo github.enterprise.com/owner/repo # Use with comm

Commands that support `--create-pull-request` (such as `gh aw add`, `gh aw add-wizard`, `gh aw init`, `gh aw update`, and `gh aw upgrade`) automatically detect the enterprise host from the git remote and route PR creation to the correct GHES instance. No extra flags are needed.

`gh aw audit` and `gh aw add-wizard` also auto-detect the GHES host from the git remote, so running them inside a GHES repository works without setting `GH_HOST` manually.

#### Configuring `gh` CLI in workflow steps on GHES

When agentic workflows run on GitHub Enterprise Server and use custom `steps:` that invoke `gh` CLI commands, source the bundled helper script to configure `gh` for the enterprise host:
Expand Down