Skip to content

Smoke AllowOnly: 27396299723 #7412

Closed as not planned
Closed as not planned
Smoke AllowOnly: 27396299723#7412
@github-actions

Description

@github-actions
github-actions
bot
opened on Jun 12, 2026

AllowOnly Guard Smoke Test Results

Policy: repos=["github/gh-aw*"], min-integrity=approved
Run: https://github.com/github/gh-aw-mcpg/actions/runs/27396299723

In-Scope Access (github/gh-aw*)

Tool Target Result Status
list_issues gh-aw-mcpg 3 issues returned
list_pull_requests gh-aw-mcpg 3 PRs returned
list_commits gh-aw-mcpg 3 commits returned
get_file_contents gh-aw-mcpg README.md content returned
list_branches gh-aw-mcpg 5 branches returned
search_code gh-aw-mcpg results returned
list_issues gh-aw allowed (3 items integrity-filtered)
get_file_contents gh-aw allowed (metadata integrity-filtered)

Out-of-Scope Access (octocat/Hello-World)

Tool Result Status
list_issues empty — 3 items blocked by integrity policy
list_pull_requests empty — 3 items blocked by integrity policy
list_commits empty — 3 items blocked by integrity policy
get_file_contents error — metadata filtered by integrity policy
search_code empty — metadata filtered by integrity policy

Global APIs

Tool Result Status
search_repositories empty — 3 items blocked by integrity policy
search_users N/A — tool not available in GitHub MCP server

Integrity Filtering

Observation Status
gh-aw-mcpg issues (20): no items filtered — all from approved authors (bots/maintainers)
gh-aw-mcpg PRs (20): no items filtered — all from approved authors
gh-aw issues: 3 items filtered with "integrity below unapproved" — filtering active
octocat/Hello-World: all items effectively blocked via integrity filtering

Note: Out-of-scope and global API results return as empty via integrity filtering (items tagged with lower-than-required integrity) rather than an explicit AllowOnly scope block. End result is equivalent — agent receives no data from disallowed repos.

Summary

  • In-Scope Access: 8/8 ✅
  • Out-of-Scope Blocked: 5/5 ✅
  • Global APIs Blocked: 1/1 ✅ (search_users N/A — tool not in MCP server)
  • Integrity Filtering: ✅
  • Overall: PASS

🛡️ AllowOnly guard smoke test by Smoke AllowOnly

  • expires on Jun 12, 2026, 7:26 AM UTC

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions