Conversation
Cross-referenced pkg/workflow/data/github_toolsets_permissions.json against the github/github-mcp-server source files. Significant discrepancies found and resolved: Context toolset: - Replaced remote-only Copilot space tools with source-accurate tools: get_me, get_team_members, get_teams (from context_tools.go) Repos toolset: - Added write tools: create_branch, create_or_update_file, create_repository, delete_file, fork_repository, push_files - Removed non-existent: get_repository_tree Issues toolset: - Added: add_issue_comment, issue_write, sub_issue_write Pull requests toolset: - Added: add_comment_to_pending_review, add_reply_to_pull_request_comment, create_pull_request, merge_pull_request, pull_request_review_write, update_pull_request, update_pull_request_branch Actions toolset: - Added: actions_run_trigger; added actions to write_permissions Gists toolset: - Added: create_gist, update_gist Labels toolset: - Added: label_write Notifications toolset: - Added: dismiss_notification, manage_notification_subscription, manage_repository_notification_subscription, mark_all_notifications_read Experiments toolset (was empty): - Added: enable_toolset, get_toolset_tools, list_available_toolsets Projects toolset: - Replaced old granular tools with new consolidated API: projects_get, projects_list, projects_write Search toolset: - Removed search_issues and search_pull_requests (these belong to issues/pull_requests toolsets per source code analysis) Stargazers toolset: - Added: star_repository, unstar_repository Also created .github/instructions/github-mcp-server.instructions.md with comprehensive documentation of all 79 tools organized by toolset. Total tools: 56 → 79 (+23 net new after removals) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
github-actions
bot
added
automation
documentation
…cp-server.md Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Contributor
Contributor
There was a problem hiding this comment.
Pull request overview
Updates the repository’s GitHub MCP toolset/permission inventory and related documentation references to reflect an upstream github-mcp-server toolset update (v2.1).
Changes:
- Refreshes
pkg/workflow/data/github_toolsets_permissions.json(v2.1) with new/removed/moved tools and updated permission requirements. - Updates code/comments and the report workflow template to reference the new
.github/aw/github-mcp-server.mddocumentation path. - Adds new comprehensive GitHub MCP server documentation under
.github/aw/.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/workflow/github_toolsets.go | Updates comment reference for documented default toolsets. |
| pkg/workflow/github_tool_to_toolset.go | Updates comment reference to the new documentation path. |
| pkg/workflow/data/github_toolsets_permissions.json | Major update to toolset definitions, tools inventory, and required permissions (v2.1). |
| .github/workflows/github-mcp-tools-report.md | Updates the report template to link to the new documentation location. |
| .github/aw/github-mcp-server.md | Adds a new, detailed GitHub MCP documentation file with tool listings by toolset. |
Comments suppressed due to low confidence (4)
pkg/workflow/data/github_toolsets_permissions.json:22
context.toolsnow includesget_me, but the compiler’s tool-to-toolset mapping (pkg/workflow/data/github_tool_to_toolset.json) currently mapsget_meto theuserstoolset. This inconsistency will causeValidateGitHubToolsAgainstToolsetsto demanduserswhen a workflow allowlistsget_me, even though this file/documentation says it’s incontext. The toolset inventories/mappings should be kept consistent (updategithub_tool_to_toolset.jsonand its tests alongside this change).
"context": {
"description": "GitHub context and environment (current user, teams)",
"read_permissions": [],
"write_permissions": [],
"tools": ["get_me", "get_team_members", "get_teams"]
},
pkg/workflow/data/github_toolsets_permissions.json:58
- The
labelstoolset listslist_label, but the compiler’s tool-to-toolset map useslist_labels(pkg/workflow/data/github_tool_to_toolset.json), and existing docs also referencelist_labelsin places. This mismatch will lead to incorrect toolset validation for allowlists depending on which name a workflow uses. Please reconcile tool naming across the JSON inventories and the embedded tool-to-toolset mapping (and update any dependent docs/tests accordingly).
"labels": {
"description": "Label management",
"read_permissions": ["issues"],
"write_permissions": ["issues"],
"tools": ["get_label", "label_write", "list_label"]
},
pkg/workflow/data/github_toolsets_permissions.json:105
- The
repostoolset adds many new write-capable tools (create_branch,create_or_update_file,push_files, etc.), butValidateGitHubToolsAgainstToolsetsrelies onpkg/workflow/data/github_tool_to_toolset.jsonfor tool→toolset resolution, and that file currently doesn’t include these tool names. As a result, any workflow that tries to allowlist these tools will fail compilation with “Unknown GitHub tool(s)”. Updategithub_tool_to_toolset.json(and its tests) in the same PR to include the newly documented tools.
"tools": [
"create_branch",
"create_or_update_file",
"create_repository",
"delete_file",
"fork_repository",
"get_commit",
"get_file_contents",
.github/aw/github-mcp-server.md:163
- The actions tool names documented here (
actions_get,actions_list,actions_run_trigger) don’t match the tool names used throughout this repo today (e.g.,list_workflows,list_workflow_runs,get_workflow_runinpkg/constants/constants.goandpkg/workflow/data/github_tool_to_toolset.json). Unless the runtime tool names have changed everywhere else, this doc + the permissions JSON will be misleading and may cause users to write allowlists that fail compilation. Please either align the documentation/tool inventory with the repo’s current tool names or update the rest of the repo/tool-to-toolset mapping to the new names in the same PR.
### actions
**Description**: GitHub Actions workflows
**Source**: [`pkg/github/actions.go`](https://github.com/github/github-mcp-server/blob/main/pkg/github/actions.go)
| Tool | Purpose | Key Parameters |
|------|---------|----------------|
| `actions_get` | Get details of a specific workflow run | `owner`, `repo`, `run_id` |
| `actions_list` | List GitHub Actions workflows and runs | `owner`, `repo`, `workflow_id` |
| `actions_run_trigger` | Trigger a workflow run | `owner`, `repo`, `workflow_id`, `ref`, `inputs` |
| `get_job_logs` | Download logs for a specific workflow job | `owner`, `repo`, `job_id` |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Contributor
…ment Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Contributor
Fixed in 482fca3. The Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Contributor
|
@copilot ignore the write tools for permissions . Only consider read tools. |
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Contributor
Done in 20c1d28. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Contributor
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Contributor
Fixed in cddaa3d. The integration test Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Contributor
Author
|
Great work on this PR, Everything checks out cleanly — the file relocation, path reference updates, permission validation fix (limiting This PR looks ready for maintainer review. ✅
|
pelikhan
deleted the
update-github-mcp-tools-mapping-2026-03-01-c9678bc34863349b
branch
This was referenced Mar 1, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
.github/instructions/github-mcp-server.instructions.mdto.github/aw/github-mcp-server.md.github/workflows/github-mcp-tools-report.mdto reference the new pathpkg/workflow/github_tool_to_toolset.goandpkg/workflow/github_toolsets.gowith new pathcollectRequiredPermissionsnow only considersread_permissionsfrom toolset definitions — write tools are ignored for permission requirements✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.