diff --git a/.github/workflows/contribution-check.lock.yml b/.github/workflows/contribution-check.lock.yml index e99fe5c9d44..62fb028f1d4 100644 --- a/.github/workflows/contribution-check.lock.yml +++ b/.github/workflows/contribution-check.lock.yml @@ -22,7 +22,7 @@ # For more information: https://github.github.com/gh-aw/introduction/overview/ # # -# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"4de9281fdf89dba8197d91de6339b21a8b01ddb1645d17de1f09b3a70fc4cf53","strict":true} +# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"23a89d50ad95694dbbfba8c7872a41f03697c87526de949a7725c12497d05d1c","strict":true} name: "Contribution Check" "on": @@ -316,16 +316,6 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.24.2 - - name: Determine automatic lockdown mode for GitHub MCP Server - id: determine-automatic-lockdown - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 - env: - GH_AW_GITHUB_TOKEN: ${{ secrets.GH_AW_GITHUB_TOKEN }} - GH_AW_GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN }} - with: - script: | - const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); - await determineAutomaticLockdown(github, context, core); - name: Download container images run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/gh-aw-firewall/agent:0.24.2 ghcr.io/github/gh-aw-firewall/api-proxy:0.24.2 ghcr.io/github/gh-aw-firewall/squid:0.24.2 ghcr.io/github/gh-aw-mcpg:v0.1.15 ghcr.io/github/github-mcp-server:v0.32.0 node:lts-alpine - name: Write Safe Outputs Config @@ -725,8 +715,6 @@ jobs: GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }} GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }} GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }} - GITHUB_MCP_GUARD_MIN_INTEGRITY: ${{ steps.determine-automatic-lockdown.outputs.min_integrity }} - GITHUB_MCP_GUARD_REPOS: ${{ steps.determine-automatic-lockdown.outputs.repos }} GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} run: | set -eo pipefail @@ -761,8 +749,8 @@ jobs: }, "guard-policies": { "allow-only": { - "min-integrity": "$GITHUB_MCP_GUARD_MIN_INTEGRITY", - "repos": "$GITHUB_MCP_GUARD_REPOS" + "min-integrity": "none", + "repos": "all" } } }, @@ -771,6 +759,13 @@ jobs: "url": "http://host.docker.internal:$GH_AW_SAFE_OUTPUTS_PORT", "headers": { "Authorization": "\${GH_AW_SAFE_OUTPUTS_API_KEY}" + }, + "guard-policies": { + "write-sink": { + "accept": [ + "*" + ] + } } } }, diff --git a/.github/workflows/contribution-check.md b/.github/workflows/contribution-check.md index bb821a09563..c26f2c6b529 100644 --- a/.github/workflows/contribution-check.md +++ b/.github/workflows/contribution-check.md @@ -15,7 +15,8 @@ env: tools: github: toolsets: [default] - lockdown: false + repos: all + min-integrity: none safe-outputs: create-issue: title-prefix: "[Contribution Check Report]" diff --git a/.github/workflows/daily-syntax-error-quality.lock.yml b/.github/workflows/daily-syntax-error-quality.lock.yml index 0aaecde445c..5f4e589ce91 100644 --- a/.github/workflows/daily-syntax-error-quality.lock.yml +++ b/.github/workflows/daily-syntax-error-quality.lock.yml @@ -27,7 +27,7 @@ # Imports: # - shared/reporting.md # -# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"c4b7c52a6c58b8c054b75b4e9240efd1b9435789fa1f35652462876451aed8b2","strict":true} +# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"617798aaf755b934777aa3c92ed8e6c6c45d1f3b23a20ab7e5b0ff2b8536f2cf","strict":true} name: "Daily Syntax Error Quality Check" "on": diff --git a/.github/workflows/daily-syntax-error-quality.md b/.github/workflows/daily-syntax-error-quality.md index 6e5cacd114f..5f88458dd24 100644 --- a/.github/workflows/daily-syntax-error-quality.md +++ b/.github/workflows/daily-syntax-error-quality.md @@ -12,7 +12,6 @@ tracker-id: daily-syntax-error-quality engine: copilot tools: github: - lockdown: false toolsets: - default bash: diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index d1b635d1b82..253f9caa49b 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -23,7 +23,7 @@ # # Generates project plans and task breakdowns when invoked with /plan command in issues or PRs # -# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"0557f488754d46db0b535c04267efa16ae72869133b87a4a9a8de87a96067ed3","strict":true} +# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"84959bfbc2abf6ea65661e0164519d62d375c38bff49f43d702c29cc56f98af0","strict":true} name: "Plan Command" "on": @@ -376,16 +376,6 @@ jobs: GH_HOST: github.com - name: Install AWF binary run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.24.2 - - name: Determine automatic lockdown mode for GitHub MCP Server - id: determine-automatic-lockdown - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 - env: - GH_AW_GITHUB_TOKEN: ${{ secrets.GH_AW_GITHUB_TOKEN }} - GH_AW_GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN }} - with: - script: | - const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); - await determineAutomaticLockdown(github, context, core); - name: Download container images run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/gh-aw-firewall/agent:0.24.2 ghcr.io/github/gh-aw-firewall/api-proxy:0.24.2 ghcr.io/github/gh-aw-firewall/squid:0.24.2 ghcr.io/github/gh-aw-mcpg:v0.1.15 ghcr.io/github/github-mcp-server:v0.32.0 node:lts-alpine - name: Write Safe Outputs Config @@ -751,8 +741,6 @@ jobs: GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }} GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }} GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }} - GITHUB_MCP_GUARD_MIN_INTEGRITY: ${{ steps.determine-automatic-lockdown.outputs.min_integrity }} - GITHUB_MCP_GUARD_REPOS: ${{ steps.determine-automatic-lockdown.outputs.repos }} GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} run: | set -eo pipefail @@ -787,8 +775,8 @@ jobs: }, "guard-policies": { "allow-only": { - "min-integrity": "$GITHUB_MCP_GUARD_MIN_INTEGRITY", - "repos": "$GITHUB_MCP_GUARD_REPOS" + "min-integrity": "none", + "repos": "all" } } }, @@ -797,6 +785,13 @@ jobs: "url": "http://host.docker.internal:$GH_AW_SAFE_OUTPUTS_PORT", "headers": { "Authorization": "\${GH_AW_SAFE_OUTPUTS_API_KEY}" + }, + "guard-policies": { + "write-sink": { + "accept": [ + "*" + ] + } } } }, diff --git a/.github/workflows/plan.md b/.github/workflows/plan.md index f7f817565be..4ae7615277b 100644 --- a/.github/workflows/plan.md +++ b/.github/workflows/plan.md @@ -13,8 +13,9 @@ permissions: engine: copilot tools: github: - lockdown: false toolsets: [default, discussions] + repos: all + min-integrity: none safe-outputs: create-issue: expires: 2d diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml index 3a792d9c776..e1b355a9f08 100644 --- a/.github/workflows/scout.lock.yml +++ b/.github/workflows/scout.lock.yml @@ -33,7 +33,7 @@ # - shared/mcp/tavily.md # - shared/reporting.md # -# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"ab1cde07589013cf3883a1da93d56db5e5aa305c3baae6e98dae8954cf10dcdd","strict":true} +# gh-aw-metadata: {"schema_version":"v2","frontmatter_hash":"1257d91a7cbfe146dbfc43fb7b731d709fe84bfc4622da42ad1cf548a7f04428","strict":true} name: "Scout" "on": @@ -485,16 +485,6 @@ jobs: run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.24.2 - name: Install Claude Code CLI run: npm install -g @anthropic-ai/claude-code@latest - - name: Determine automatic lockdown mode for GitHub MCP Server - id: determine-automatic-lockdown - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 - env: - GH_AW_GITHUB_TOKEN: ${{ secrets.GH_AW_GITHUB_TOKEN }} - GH_AW_GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN }} - with: - script: | - const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); - await determineAutomaticLockdown(github, context, core); - name: Download container images run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/gh-aw-firewall/agent:0.24.2 ghcr.io/github/gh-aw-firewall/api-proxy:0.24.2 ghcr.io/github/gh-aw-firewall/squid:0.24.2 ghcr.io/github/gh-aw-mcpg:v0.1.15 ghcr.io/github/github-mcp-server:v0.32.0 mcp/arxiv-mcp-server mcp/markitdown node:lts-alpine - name: Write Safe Outputs Config @@ -812,8 +802,6 @@ jobs: GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }} GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }} GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }} - GITHUB_MCP_GUARD_MIN_INTEGRITY: ${{ steps.determine-automatic-lockdown.outputs.min_integrity }} - GITHUB_MCP_GUARD_REPOS: ${{ steps.determine-automatic-lockdown.outputs.repos }} GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} TAVILY_API_KEY: ${{ secrets.TAVILY_API_KEY }} run: | @@ -844,7 +832,14 @@ jobs: "search_arxiv", "get_paper_details", "get_paper_pdf" - ] + ], + "guard-policies": { + "write-sink": { + "accept": [ + "*" + ] + } + } }, "deepwiki": { "type": "http", @@ -853,7 +848,14 @@ jobs: "read_wiki_structure", "read_wiki_contents", "ask_question" - ] + ], + "guard-policies": { + "write-sink": { + "accept": [ + "*" + ] + } + } }, "github": { "container": "ghcr.io/github/github-mcp-server:v0.32.0", @@ -865,8 +867,8 @@ jobs: }, "guard-policies": { "allow-only": { - "min-integrity": "$GITHUB_MCP_GUARD_MIN_INTEGRITY", - "repos": "$GITHUB_MCP_GUARD_REPOS" + "min-integrity": "none", + "repos": "all" } } }, @@ -875,20 +877,41 @@ jobs: "container": "mcp/markitdown", "tools": [ "*" - ] + ], + "guard-policies": { + "write-sink": { + "accept": [ + "*" + ] + } + } }, "microsoftdocs": { "type": "http", "url": "https://learn.microsoft.com/api/mcp", "tools": [ "*" - ] + ], + "guard-policies": { + "write-sink": { + "accept": [ + "*" + ] + } + } }, "safeoutputs": { "type": "http", "url": "http://host.docker.internal:$GH_AW_SAFE_OUTPUTS_PORT", "headers": { "Authorization": "$GH_AW_SAFE_OUTPUTS_API_KEY" + }, + "guard-policies": { + "write-sink": { + "accept": [ + "*" + ] + } } }, "tavily": { @@ -899,7 +922,14 @@ jobs: }, "tools": [ "*" - ] + ], + "guard-policies": { + "write-sink": { + "accept": [ + "*" + ] + } + } } }, "gateway": { diff --git a/.github/workflows/scout.md b/.github/workflows/scout.md index d240b82251c..5e63626e253 100644 --- a/.github/workflows/scout.md +++ b/.github/workflows/scout.md @@ -35,7 +35,8 @@ tools: edit: cache-memory: true github: - lockdown: false + repos: all + min-integrity: none safe-outputs: add-comment: max: 1