Add list_code_scanning_alerts query-bounding guardrail and regression tests#46198
Conversation
…guardrails Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
…rails Add state: open and severity: critical,high guardrail to both GitHub MCP tools prompt files to prevent unbounded code-scanning queries that produce oversized responses and break downstream workflow runs. Add three regression tests in prompt_validation_test.go: - TestGitHubMCPToolsPromptBoundsCodeScanningAlertQueries - TestGitHubMCPToolsWithSafeOutputsPromptBoundsCodeScanningAlertQueries - TestGitHubMCPToolsPromptIncludedForCodeSecurityToolset Closes #46162 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
|
@copilot use the field selection feature from the GitHub MCP server 1.6.0 to apply these APIs. Update prompt. |
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
…er 1.6.0) Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Done in commit Both prompt files now include a Field selection guardrail documenting the Note: The SKILL.md Pull Requests section is also updated to prefer the |
There was a problem hiding this comment.
Pull request overview
Adds response-bounding guidance for GitHub MCP code-scanning queries and related regression tests.
Changes:
- Adds code-scanning and field-selection prompt guidance.
- Adds prompt-content and compilation regression tests.
- Updates GitHub MCP skill documentation.
Show a summary per file
| File | Description |
|---|---|
actions/setup/md/github_mcp_tools_prompt.md |
Adds MCP query guidance. |
actions/setup/md/github_mcp_tools_with_safeoutputs_prompt.md |
Adds equivalent safe-output guidance. |
pkg/workflow/prompt_validation_test.go |
Tests prompt content and inclusion. |
.github/skills/github-mcp-server/SKILL.md |
Updates MCP usage documentation. |
Review details
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comments suppressed due to low confidence (2)
actions/setup/md/github_mcp_tools_prompt.md:8
- This adds a separate field-selection policy, corresponding skill changes, and a fourth regression test, while the PR title and description claim the change is limited to the code-scanning guardrail and three tests. Either split this unrelated GitHub MCP 1.6.0 behavior into its own PR or document and justify the expanded scope.
**Field selection (GitHub MCP server ≥ 1.6.0)**: When calling list/search tools that accept a `fields` parameter (`list_pull_requests`, `list_issues`, `search_issues`, `search_pull_requests`, `list_commits`, `list_releases`, `search_code`, `get_file_contents`), pass only the fields you need to reduce response size. Example: `list_pull_requests` with `fields: [number, title, state, html_url]`.
pkg/workflow/prompt_validation_test.go:49
- This second test also requires the invalid comma-separated severity value, preventing a correct prompt fix. Assert the bounded
perPageguidance and the two valid single-severity examples instead.
assert.Contains(t, content, "severity: critical,high",
"prompt should require severity: critical,high to bound list_code_scanning_alerts queries")
- Files reviewed: 4/4 changed files
- Comments generated: 4
- Review effort level: Medium
|
|
||
| **Identity**: Do not call `get_me` — it returns 403 under the integration token. Read your identity (actor, repository, run ID) from the `<github-context>` block provided at the start of the prompt. | ||
|
|
||
| **Code scanning queries**: When calling `list_code_scanning_alerts`, always include `state: open` and `severity: critical,high` to bound the response size and avoid oversized payloads. |
|
|
||
| **Identity**: Do not call `get_me` — it returns 403 under the integration token. Read your identity (actor, repository, run ID) from the `<github-context>` block provided at the start of the prompt. | ||
|
|
||
| **Code scanning queries**: When calling `list_code_scanning_alerts`, always include `state: open` and `severity: critical,high` to bound the response size and avoid oversized payloads. |
| - `create_code_scanning_alert` - Create a code scanning alert | ||
|
|
||
| When invoking `list_code_scanning_alerts` from workflow prompts/templates, always include `state: open` and `severity: critical,high`. | ||
| When invoking `list_code_scanning_alerts` from workflow prompts/templates, always include `state: open` and `severity: critical,high` to bound the response size and avoid oversized payloads. |
| assert.Contains(t, content, "severity: critical,high", | ||
| "prompt should require severity: critical,high to bound list_code_scanning_alerts queries") |
|
🎉 This pull request is included in a new release. Release: |
Unbounded
list_code_scanning_alertsMCP calls return oversized payloads that break downstream workflow runs. Both GitHub MCP tools prompt files now instruct agents to always includestate: openandseverity: critical,high.Changes
actions/setup/md/github_mcp_tools_prompt.md— added**Code scanning queries**guardrail line requiringstate: openandseverity: critical,highon everylist_code_scanning_alertscallactions/setup/md/github_mcp_tools_with_safeoutputs_prompt.md— same guardrail in the safe-outputs variantpkg/workflow/prompt_validation_test.go— three new regression tests:TestGitHubMCPToolsPromptBoundsCodeScanningAlertQueries— asserts the plain prompt file contains both required parametersTestGitHubMCPToolsWithSafeOutputsPromptBoundsCodeScanningAlertQueries— same assertion on the with-safeoutputs variantTestGitHubMCPToolsPromptIncludedForCodeSecurityToolset— compiles acode_security-toolset workflow and verifies the generated lock file references one of the guardrail-carrying prompt filesThe guardrail text added to both prompt files: