Summary
When a workflow enables tools.github.toolsets: [..., actions], the compiled Claude --allowed-tools list grants the legacy Actions tool names (get_workflow_run, list_workflow_jobs, list_workflow_runs, …). But github-mcp-server (every version gh-aw pins, v0.32.0 → v1.1.2) consolidated those into actions_get / actions_list (only get_job_logs kept its name). So the agent sees actions_get/actions_list at runtime, calls them, and the engine blocks them as not-granted. The Actions toolset is effectively unusable for reads beyond get_job_logs.
Root cause
pkg/workflow/data/github_tool_to_toolset.json still maps the actions toolset to the granular pre-consolidation names. DefaultGitHubMCPServerVersion is v1.1.2, and the action-pins table only contains v0.32.0 and v1.x — all of which expose the consolidated names. The catalog and the pinned server therefore disagree.
The server's DeprecatedToolAliases map (get_workflow_run → actions_get, etc.) does not help, because it only resolves names passed via --tools; gh-aw launches the server with GITHUB_TOOLSETS, so only canonical names are registered/callable.
Reproduction
Run the server the way gh-aw does and list tools:
printf '%s\n' \
'{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"c","version":"1"}}}' \
'{"jsonrpc":"2.0","method":"notifications/initialized"}' \
'{"jsonrpc":"2.0","id":2,"method":"tools/list","params":{}}' \
| docker run -i --rm -e GITHUB_PERSONAL_ACCESS_TOKEN=$(gh auth token) \
-e GITHUB_READ_ONLY=1 -e GITHUB_TOOLSETS="context,repos,issues,pull_requests,actions" \
ghcr.io/github/github-mcp-server:v1.1.2Actions tools returned: actions_get, actions_list, get_job_logs — no get_workflow_run / list_workflow_jobs. Calling get_workflow_run returns unknown tool. Consolidation boundary is between v0.28.0 (legacy) and v0.31.0 (consolidated).
Trying to name the real tools fails compilation:
tools:
github:
toolsets: [default, actions]
allowed: [actions_get, actions_list, get_job_logs]error: Unknown GitHub tool(s): actions_get and actions_list
So there is currently no frontmatter-only way to grant the Actions read tools.
Impact
Any workflow using the actions toolset (e.g. the bundled ci-doctor) can't fetch workflow-run/job details — it can only call get_job_logs, which needs IDs it can't obtain. Observed as missing_tool failures reporting actions_get/actions_list denied.
Suggested fix
Update github_tool_to_toolset.json (and any validation/allow-list generation) to the consolidated actions_get/actions_list names to match the pinned github-mcp-server, and accept them in tools.github.allowed. Also worth verifying other consolidated groups (e.g. projects_*).
Versions: gh-aw v0.79.8 · github-mcp-server v1.1.2 (default) · mcpg v0.3.25 · engine claude
Summary
When a workflow enables
tools.github.toolsets: [..., actions], the compiled Claude--allowed-toolslist grants the legacy Actions tool names (get_workflow_run,list_workflow_jobs,list_workflow_runs, …). But github-mcp-server (every version gh-aw pins, v0.32.0 → v1.1.2) consolidated those intoactions_get/actions_list(onlyget_job_logskept its name). So the agent seesactions_get/actions_listat runtime, calls them, and the engine blocks them as not-granted. The Actions toolset is effectively unusable for reads beyondget_job_logs.Root cause
pkg/workflow/data/github_tool_to_toolset.jsonstill maps theactionstoolset to the granular pre-consolidation names.DefaultGitHubMCPServerVersionisv1.1.2, and the action-pins table only contains v0.32.0 and v1.x — all of which expose the consolidated names. The catalog and the pinned server therefore disagree.The server's
DeprecatedToolAliasesmap (get_workflow_run→actions_get, etc.) does not help, because it only resolves names passed via--tools; gh-aw launches the server withGITHUB_TOOLSETS, so only canonical names are registered/callable.Reproduction
Run the server the way gh-aw does and list tools:
Actions tools returned:
actions_get,actions_list,get_job_logs— noget_workflow_run/list_workflow_jobs. Callingget_workflow_runreturnsunknown tool. Consolidation boundary is between v0.28.0 (legacy) and v0.31.0 (consolidated).Trying to name the real tools fails compilation:
So there is currently no frontmatter-only way to grant the Actions read tools.
Impact
Any workflow using the
actionstoolset (e.g. the bundled ci-doctor) can't fetch workflow-run/job details — it can only callget_job_logs, which needs IDs it can't obtain. Observed asmissing_toolfailures reportingactions_get/actions_listdenied.Suggested fix
Update
github_tool_to_toolset.json(and any validation/allow-list generation) to the consolidatedactions_get/actions_listnames to match the pinned github-mcp-server, and accept them intools.github.allowed. Also worth verifying other consolidated groups (e.g.projects_*).Versions: gh-aw v0.79.8 · github-mcp-server v1.1.2 (default) · mcpg v0.3.25 · engine claude