diff --git a/.github/workflows/ai-triage-campaign.lock.yml b/.github/workflows/ai-triage-campaign.lock.yml
index 064365aece4..ddd8775118c 100644
--- a/.github/workflows/ai-triage-campaign.lock.yml
+++ b/.github/workflows/ai-triage-campaign.lock.yml
@@ -1545,6 +1545,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml
index 01247651264..d50ac7d1742 100644
--- a/.github/workflows/archie.lock.yml
+++ b/.github/workflows/archie.lock.yml
@@ -2544,6 +2544,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml
index d652bb5741c..ef800ef8b8e 100644
--- a/.github/workflows/artifacts-summary.lock.yml
+++ b/.github/workflows/artifacts-summary.lock.yml
@@ -1350,6 +1350,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml
index b9c837bc49b..c54bd610b01 100644
--- a/.github/workflows/audit-workflows.lock.yml
+++ b/.github/workflows/audit-workflows.lock.yml
@@ -2748,6 +2748,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/blog-auditor.lock.yml b/.github/workflows/blog-auditor.lock.yml
index bbcc7053b92..644e939c54f 100644
--- a/.github/workflows/blog-auditor.lock.yml
+++ b/.github/workflows/blog-auditor.lock.yml
@@ -1850,6 +1850,24 @@ jobs:
When using Playwright tools to take screenshots or generate files, all output files are automatically saved to this directory. This is the Playwright --output-dir and you can find any screenshots, traces, or other files generated by Playwright in this directory.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml
index 4680a62de79..2b332b4cc60 100644
--- a/.github/workflows/brave.lock.yml
+++ b/.github/workflows/brave.lock.yml
@@ -2355,6 +2355,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/changeset.lock.yml b/.github/workflows/changeset.lock.yml
index 9bdbe95bb34..503737f16d7 100644
--- a/.github/workflows/changeset.lock.yml
+++ b/.github/workflows/changeset.lock.yml
@@ -2138,6 +2138,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml
index 58b52d51d9d..166adaee57d 100644
--- a/.github/workflows/ci-doctor.lock.yml
+++ b/.github/workflows/ci-doctor.lock.yml
@@ -1898,6 +1898,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml
index 75261d8237b..63a1e4381da 100644
--- a/.github/workflows/cli-consistency-checker.lock.yml
+++ b/.github/workflows/cli-consistency-checker.lock.yml
@@ -1426,6 +1426,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml
index 46ef6a8d9a0..3571b5b5d71 100644
--- a/.github/workflows/cli-version-checker.lock.yml
+++ b/.github/workflows/cli-version-checker.lock.yml
@@ -1754,6 +1754,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml
index cc9523581ae..ae6b5940125 100644
--- a/.github/workflows/cloclo.lock.yml
+++ b/.github/workflows/cloclo.lock.yml
@@ -2889,6 +2889,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/close-old-discussions.lock.yml b/.github/workflows/close-old-discussions.lock.yml
index 9e3aee6f84f..aa60eb63cd8 100644
--- a/.github/workflows/close-old-discussions.lock.yml
+++ b/.github/workflows/close-old-discussions.lock.yml
@@ -1158,6 +1158,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/commit-changes-analyzer.lock.yml b/.github/workflows/commit-changes-analyzer.lock.yml
index 9a3dd20f4f0..6095ba52999 100644
--- a/.github/workflows/commit-changes-analyzer.lock.yml
+++ b/.github/workflows/commit-changes-analyzer.lock.yml
@@ -1783,6 +1783,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/copilot-agent-analysis.lock.yml b/.github/workflows/copilot-agent-analysis.lock.yml
index 1ab89167b43..60c78e53c8d 100644
--- a/.github/workflows/copilot-agent-analysis.lock.yml
+++ b/.github/workflows/copilot-agent-analysis.lock.yml
@@ -2421,6 +2421,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml
index cd60fdfe051..72934cc67c5 100644
--- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml
+++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml
@@ -2819,6 +2819,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml
index 1716c1837e7..ebb009f6be0 100644
--- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml
+++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml
@@ -1989,6 +1989,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/copilot-session-insights.lock.yml b/.github/workflows/copilot-session-insights.lock.yml
index f043e7de972..a39295c6a04 100644
--- a/.github/workflows/copilot-session-insights.lock.yml
+++ b/.github/workflows/copilot-session-insights.lock.yml
@@ -4212,6 +4212,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml
index 35a35d7a943..51a5dbd273f 100644
--- a/.github/workflows/craft.lock.yml
+++ b/.github/workflows/craft.lock.yml
@@ -2651,6 +2651,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/daily-code-metrics.lock.yml b/.github/workflows/daily-code-metrics.lock.yml
index b92036ddf3b..1f95e538d2d 100644
--- a/.github/workflows/daily-code-metrics.lock.yml
+++ b/.github/workflows/daily-code-metrics.lock.yml
@@ -2921,6 +2921,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/daily-doc-updater.lock.yml b/.github/workflows/daily-doc-updater.lock.yml
index 1cc097d758a..7a59d887bf2 100644
--- a/.github/workflows/daily-doc-updater.lock.yml
+++ b/.github/workflows/daily-doc-updater.lock.yml
@@ -1532,6 +1532,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml
index 540aec99742..8190ea4e552 100644
--- a/.github/workflows/daily-file-diet.lock.yml
+++ b/.github/workflows/daily-file-diet.lock.yml
@@ -1663,6 +1663,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml
index c7fe9242ca0..a2874459d88 100644
--- a/.github/workflows/daily-firewall-report.lock.yml
+++ b/.github/workflows/daily-firewall-report.lock.yml
@@ -2390,6 +2390,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml
index 4cc8f4072c6..7e38c56c8de 100644
--- a/.github/workflows/daily-malicious-code-scan.lock.yml
+++ b/.github/workflows/daily-malicious-code-scan.lock.yml
@@ -1624,6 +1624,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/daily-multi-device-docs-tester.lock.yml b/.github/workflows/daily-multi-device-docs-tester.lock.yml
index b3ceb792ee9..6441b0b7038 100644
--- a/.github/workflows/daily-multi-device-docs-tester.lock.yml
+++ b/.github/workflows/daily-multi-device-docs-tester.lock.yml
@@ -1371,6 +1371,24 @@ jobs:
When using Playwright tools to take screenshots or generate files, all output files are automatically saved to this directory. This is the Playwright --output-dir and you can find any screenshots, traces, or other files generated by Playwright in this directory.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml
index b72ab6befe6..9f1835843ff 100644
--- a/.github/workflows/daily-news.lock.yml
+++ b/.github/workflows/daily-news.lock.yml
@@ -2751,6 +2751,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml
index 89d69373ee3..6791da9578c 100644
--- a/.github/workflows/daily-repo-chronicle.lock.yml
+++ b/.github/workflows/daily-repo-chronicle.lock.yml
@@ -2479,6 +2479,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml
index 9fc6b1ec820..8f02a87481f 100644
--- a/.github/workflows/daily-team-status.lock.yml
+++ b/.github/workflows/daily-team-status.lock.yml
@@ -1264,6 +1264,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml
index 4c6767a1061..2d33619b546 100644
--- a/.github/workflows/dependabot-go-checker.lock.yml
+++ b/.github/workflows/dependabot-go-checker.lock.yml
@@ -1907,6 +1907,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml
index 2fd5c68ddcb..2775f8e8dfe 100644
--- a/.github/workflows/dev-hawk.lock.yml
+++ b/.github/workflows/dev-hawk.lock.yml
@@ -1747,6 +1747,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml
index 048edc34cd0..69ea9dad05d 100644
--- a/.github/workflows/dev.lock.yml
+++ b/.github/workflows/dev.lock.yml
@@ -1121,6 +1121,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/developer-docs-consolidator.lock.yml b/.github/workflows/developer-docs-consolidator.lock.yml
index 632da80c876..62ad497064a 100644
--- a/.github/workflows/developer-docs-consolidator.lock.yml
+++ b/.github/workflows/developer-docs-consolidator.lock.yml
@@ -2553,6 +2553,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml
index e075dddefd8..a85117052ea 100644
--- a/.github/workflows/dictation-prompt.lock.yml
+++ b/.github/workflows/dictation-prompt.lock.yml
@@ -1364,6 +1364,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml
index 4cb0df8ef08..977d8d3d016 100644
--- a/.github/workflows/docs-noob-tester.lock.yml
+++ b/.github/workflows/docs-noob-tester.lock.yml
@@ -1422,6 +1422,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml
index 01d4f470655..98f253515e6 100644
--- a/.github/workflows/duplicate-code-detector.lock.yml
+++ b/.github/workflows/duplicate-code-detector.lock.yml
@@ -1510,6 +1510,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml
index 3f19ed9e0e4..0855b62a951 100644
--- a/.github/workflows/example-workflow-analyzer.lock.yml
+++ b/.github/workflows/example-workflow-analyzer.lock.yml
@@ -1378,6 +1378,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/github-mcp-tools-report.lock.yml b/.github/workflows/github-mcp-tools-report.lock.yml
index cb27d713ea8..2bbc8b96ebd 100644
--- a/.github/workflows/github-mcp-tools-report.lock.yml
+++ b/.github/workflows/github-mcp-tools-report.lock.yml
@@ -2285,6 +2285,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml
index 0f80ad5f8b2..b62b19fd8ad 100644
--- a/.github/workflows/glossary-maintainer.lock.yml
+++ b/.github/workflows/glossary-maintainer.lock.yml
@@ -2365,6 +2365,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml
index daf0baa868c..0a614fefd52 100644
--- a/.github/workflows/go-logger.lock.yml
+++ b/.github/workflows/go-logger.lock.yml
@@ -1747,6 +1747,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml
index 9c425d9d977..acc5e99cda4 100644
--- a/.github/workflows/go-pattern-detector.lock.yml
+++ b/.github/workflows/go-pattern-detector.lock.yml
@@ -1443,6 +1443,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml
index c9c74dc3296..b1f6cfddef1 100644
--- a/.github/workflows/grumpy-reviewer.lock.yml
+++ b/.github/workflows/grumpy-reviewer.lock.yml
@@ -2432,6 +2432,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/instructions-janitor.lock.yml b/.github/workflows/instructions-janitor.lock.yml
index 08e0a5970fa..5c157b02d64 100644
--- a/.github/workflows/instructions-janitor.lock.yml
+++ b/.github/workflows/instructions-janitor.lock.yml
@@ -1530,6 +1530,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/issue-classifier.lock.yml b/.github/workflows/issue-classifier.lock.yml
index 2ba94c5ad12..3c07d9667f5 100644
--- a/.github/workflows/issue-classifier.lock.yml
+++ b/.github/workflows/issue-classifier.lock.yml
@@ -2151,6 +2151,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml
index c1fbc4c13e8..37989289280 100644
--- a/.github/workflows/issue-monster.lock.yml
+++ b/.github/workflows/issue-monster.lock.yml
@@ -1838,6 +1838,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml
index 145c1a89c3e..5fc3e973859 100644
--- a/.github/workflows/issue-triage-agent.lock.yml
+++ b/.github/workflows/issue-triage-agent.lock.yml
@@ -1443,6 +1443,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/lockfile-stats.lock.yml b/.github/workflows/lockfile-stats.lock.yml
index db7c309cff9..1db931feaf1 100644
--- a/.github/workflows/lockfile-stats.lock.yml
+++ b/.github/workflows/lockfile-stats.lock.yml
@@ -2018,6 +2018,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml
index 145ed660a1b..dad5d739bca 100644
--- a/.github/workflows/mcp-inspector.lock.yml
+++ b/.github/workflows/mcp-inspector.lock.yml
@@ -1933,6 +1933,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml
index e597f079609..15c6c333859 100644
--- a/.github/workflows/mergefest.lock.yml
+++ b/.github/workflows/mergefest.lock.yml
@@ -1998,6 +1998,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml
index bae531be95b..929e38fd972 100644
--- a/.github/workflows/notion-issue-summary.lock.yml
+++ b/.github/workflows/notion-issue-summary.lock.yml
@@ -1093,6 +1093,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml
index 690ed2db1c2..5f41a2b982a 100644
--- a/.github/workflows/pdf-summary.lock.yml
+++ b/.github/workflows/pdf-summary.lock.yml
@@ -2499,6 +2499,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml
index 55a6c083409..c14bff9e050 100644
--- a/.github/workflows/plan.lock.yml
+++ b/.github/workflows/plan.lock.yml
@@ -1917,6 +1917,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml
index b5ff92a2e66..91b844a72e6 100644
--- a/.github/workflows/poem-bot.lock.yml
+++ b/.github/workflows/poem-bot.lock.yml
@@ -2765,6 +2765,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml
index a968f6a4203..f51bf9cf4d3 100644
--- a/.github/workflows/pr-nitpick-reviewer.lock.yml
+++ b/.github/workflows/pr-nitpick-reviewer.lock.yml
@@ -2795,6 +2795,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml
index eeee08e3b60..2dadb853730 100644
--- a/.github/workflows/prompt-clustering-analysis.lock.yml
+++ b/.github/workflows/prompt-clustering-analysis.lock.yml
@@ -3152,6 +3152,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml
index 72028a6ae6c..090fcd597bd 100644
--- a/.github/workflows/python-data-charts.lock.yml
+++ b/.github/workflows/python-data-charts.lock.yml
@@ -3122,6 +3122,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml
index 8d7f1277a25..4a1024d737c 100644
--- a/.github/workflows/q.lock.yml
+++ b/.github/workflows/q.lock.yml
@@ -3014,6 +3014,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/release-highlights.lock.yml b/.github/workflows/release-highlights.lock.yml
index 4ba3c63ff89..70b8359927f 100644
--- a/.github/workflows/release-highlights.lock.yml
+++ b/.github/workflows/release-highlights.lock.yml
@@ -1340,6 +1340,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml
index 26f27b7659f..63438328b1a 100644
--- a/.github/workflows/repo-tree-map.lock.yml
+++ b/.github/workflows/repo-tree-map.lock.yml
@@ -1453,6 +1453,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml
index 61fbecc180f..13601df3c77 100644
--- a/.github/workflows/repository-quality-improver.lock.yml
+++ b/.github/workflows/repository-quality-improver.lock.yml
@@ -2354,6 +2354,24 @@ jobs:
- `/tmp/gh-aw/cache-memory-focus-areas/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in these folders as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml
index fc99ce71ec1..89f0f6a643c 100644
--- a/.github/workflows/research.lock.yml
+++ b/.github/workflows/research.lock.yml
@@ -1289,6 +1289,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml
index 05bb40f9d55..fbfebf4dfee 100644
--- a/.github/workflows/safe-output-health.lock.yml
+++ b/.github/workflows/safe-output-health.lock.yml
@@ -2238,6 +2238,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/schema-consistency-checker.lock.yml b/.github/workflows/schema-consistency-checker.lock.yml
index ec99d4db050..e5507b3a87c 100644
--- a/.github/workflows/schema-consistency-checker.lock.yml
+++ b/.github/workflows/schema-consistency-checker.lock.yml
@@ -2032,6 +2032,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml
index 9255c7eca1c..dd34abc8d32 100644
--- a/.github/workflows/scout.lock.yml
+++ b/.github/workflows/scout.lock.yml
@@ -3034,6 +3034,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/security-fix-pr.lock.yml b/.github/workflows/security-fix-pr.lock.yml
index 01a4488c39a..2f1e5136ea9 100644
--- a/.github/workflows/security-fix-pr.lock.yml
+++ b/.github/workflows/security-fix-pr.lock.yml
@@ -1496,6 +1496,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/semantic-function-refactor.lock.yml b/.github/workflows/semantic-function-refactor.lock.yml
index da0ae9b7a83..82b7b1df915 100644
--- a/.github/workflows/semantic-function-refactor.lock.yml
+++ b/.github/workflows/semantic-function-refactor.lock.yml
@@ -2192,6 +2192,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml
index 452ced97e17..6aff6bd0d77 100644
--- a/.github/workflows/smoke-claude.lock.yml
+++ b/.github/workflows/smoke-claude.lock.yml
@@ -1952,6 +1952,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml
index 40f27a5be5a..47c17d1c89a 100644
--- a/.github/workflows/smoke-codex.lock.yml
+++ b/.github/workflows/smoke-codex.lock.yml
@@ -1615,6 +1615,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml
index 151a00f18a7..e33dc902888 100644
--- a/.github/workflows/smoke-copilot.lock.yml
+++ b/.github/workflows/smoke-copilot.lock.yml
@@ -1626,6 +1626,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/smoke-detector.lock.yml b/.github/workflows/smoke-detector.lock.yml
index e03cddb5e36..d30959fb34e 100644
--- a/.github/workflows/smoke-detector.lock.yml
+++ b/.github/workflows/smoke-detector.lock.yml
@@ -2689,6 +2689,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml
index 4d87c76fb3a..1183734f74a 100644
--- a/.github/workflows/static-analysis-report.lock.yml
+++ b/.github/workflows/static-analysis-report.lock.yml
@@ -2061,6 +2061,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml
index 6b051976cfe..60fe291b812 100644
--- a/.github/workflows/super-linter.lock.yml
+++ b/.github/workflows/super-linter.lock.yml
@@ -1517,6 +1517,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml
index b95314062c9..097bfc9591a 100644
--- a/.github/workflows/technical-doc-writer.lock.yml
+++ b/.github/workflows/technical-doc-writer.lock.yml
@@ -2411,6 +2411,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml
index 192093e0780..f31b0859fbf 100644
--- a/.github/workflows/tidy.lock.yml
+++ b/.github/workflows/tidy.lock.yml
@@ -1592,6 +1592,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/typist.lock.yml b/.github/workflows/typist.lock.yml
index 09aa1c29d4c..0fced1dcd15 100644
--- a/.github/workflows/typist.lock.yml
+++ b/.github/workflows/typist.lock.yml
@@ -2286,6 +2286,24 @@ jobs:
Do NOT attempt to edit files outside these directories as you do not have the necessary permissions.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/unbloat-docs.lock.yml b/.github/workflows/unbloat-docs.lock.yml
index 0e59c0bb222..9c5af8d4a29 100644
--- a/.github/workflows/unbloat-docs.lock.yml
+++ b/.github/workflows/unbloat-docs.lock.yml
@@ -2692,6 +2692,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml
index d4fe5d0eca9..ebcdaab1ea7 100644
--- a/.github/workflows/video-analyzer.lock.yml
+++ b/.github/workflows/video-analyzer.lock.yml
@@ -1595,6 +1595,24 @@ jobs:
When you need to create temporary files or directories during your work, always use the /tmp/gh-aw/agent/ directory that has been pre-created for you. Do NOT use the root /tmp/ directory directly.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml
index 63fd3fb7dde..800ba7fd8ab 100644
--- a/.github/workflows/weekly-issue-summary.lock.yml
+++ b/.github/workflows/weekly-issue-summary.lock.yml
@@ -2341,6 +2341,24 @@ jobs:
- `/tmp/gh-aw/cache-memory/state/` - organized state files in subdirectories
Feel free to create, read, update, and organize files in this folder as needed for your tasks.
+ PROMPT_EOF
+ - name: Append safe outputs instructions to prompt
+ env:
+ GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
+ run: |
+ cat << 'PROMPT_EOF' | envsubst >> "$GH_AW_PROMPT"
+
+ GitHub API Access Instructions
+
+
+ The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+ To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+
+
PROMPT_EOF
- name: Append GitHub context to prompt
env:
diff --git a/pkg/workflow/compiler_yaml.go b/pkg/workflow/compiler_yaml.go
index ce04ff3f9d8..3014e7e5a92 100644
--- a/pkg/workflow/compiler_yaml.go
+++ b/pkg/workflow/compiler_yaml.go
@@ -746,9 +746,9 @@ func (c *Compiler) generatePrompt(yaml *strings.Builder, data *WorkflowData) {
// Add cache memory prompt as separate step if enabled
c.generateCacheMemoryPromptStep(yaml, data.CacheMemoryConfig)
- // NOTE: Safe outputs instructions are now provided via the safe-outputs MCP server
- // and do not need to be added to the prompt. The agent will discover available
- // tools through the MCP server's tool discovery mechanism.
+ // Add safe outputs instructions to prompt when safe-outputs are configured
+ // This tells agents to use the safeoutputs MCP server instead of gh CLI
+ c.generateSafeOutputsPromptStep(yaml, HasSafeOutputsEnabled(data.SafeOutputs))
// Add GitHub context prompt as separate step if GitHub tool is enabled
c.generateGitHubContextPromptStep(yaml, data)
diff --git a/pkg/workflow/safe_outputs_prompt.go b/pkg/workflow/safe_outputs_prompt.go
new file mode 100644
index 00000000000..26f695f8242
--- /dev/null
+++ b/pkg/workflow/safe_outputs_prompt.go
@@ -0,0 +1,14 @@
+package workflow
+
+import (
+ "strings"
+)
+
+// generateSafeOutputsPromptStep generates a separate step for safe outputs instructions
+// This tells agents to use the safeoutputs MCP server instead of gh CLI
+func (c *Compiler) generateSafeOutputsPromptStep(yaml *strings.Builder, hasSafeOutputs bool) {
+ generateStaticPromptStep(yaml,
+ "Append safe outputs instructions to prompt",
+ safeOutputsPromptText,
+ hasSafeOutputs)
+}
diff --git a/pkg/workflow/safe_outputs_prompt_test.go b/pkg/workflow/safe_outputs_prompt_test.go
new file mode 100644
index 00000000000..b84ce71bbb2
--- /dev/null
+++ b/pkg/workflow/safe_outputs_prompt_test.go
@@ -0,0 +1,51 @@
+package workflow
+
+import (
+ "strings"
+ "testing"
+)
+
+func TestGenerateSafeOutputsPromptStep_IncludesWhenEnabled(t *testing.T) {
+ compiler := &Compiler{}
+ var yaml strings.Builder
+
+ compiler.generateSafeOutputsPromptStep(&yaml, true)
+
+ output := yaml.String()
+ if !strings.Contains(output, "Append safe outputs instructions to prompt") {
+ t.Error("Expected safe outputs prompt step to be generated when enabled")
+ }
+ if !strings.Contains(output, "safeoutputs MCP server") {
+ t.Error("Expected prompt to mention safeoutputs MCP server")
+ }
+ if !strings.Contains(output, "gh (GitHub CLI) command is NOT authenticated") {
+ t.Error("Expected prompt to warn about gh CLI not being authenticated")
+ }
+}
+
+func TestGenerateSafeOutputsPromptStep_SkippedWhenDisabled(t *testing.T) {
+ compiler := &Compiler{}
+ var yaml strings.Builder
+
+ compiler.generateSafeOutputsPromptStep(&yaml, false)
+
+ output := yaml.String()
+ if strings.Contains(output, "safe outputs") {
+ t.Error("Expected safe outputs prompt step to NOT be generated when disabled")
+ }
+}
+
+func TestSafeOutputsPromptText_FollowsXMLFormat(t *testing.T) {
+ if !strings.Contains(safeOutputsPromptText, "") {
+ t.Error("Expected prompt to start with XML tag")
+ }
+ if !strings.Contains(safeOutputsPromptText, "") {
+ t.Error("Expected prompt to end with XML tag")
+ }
+ if !strings.Contains(safeOutputsPromptText, "") {
+ t.Error("Expected prompt to contain section")
+ }
+ if !strings.Contains(safeOutputsPromptText, "") {
+ t.Error("Expected prompt to contain section")
+ }
+}
diff --git a/pkg/workflow/sh.go b/pkg/workflow/sh.go
index 053debc7c1d..157b4cd8681 100644
--- a/pkg/workflow/sh.go
+++ b/pkg/workflow/sh.go
@@ -39,6 +39,9 @@ var playwrightPromptText string
//go:embed sh/edit_tool_prompt.md
var editToolPromptText string
+//go:embed sh/safe_outputs_prompt.md
+var safeOutputsPromptText string
+
// WriteShellScriptToYAML writes a shell script with proper indentation to a strings.Builder
func WriteShellScriptToYAML(yaml *strings.Builder, script string, indent string) {
scriptLines := strings.Split(script, "\n")
diff --git a/pkg/workflow/sh/safe_outputs_prompt.md b/pkg/workflow/sh/safe_outputs_prompt.md
new file mode 100644
index 00000000000..16770eeebce
--- /dev/null
+++ b/pkg/workflow/sh/safe_outputs_prompt.md
@@ -0,0 +1,11 @@
+
+GitHub API Access Instructions
+
+
+The gh (GitHub CLI) command is NOT authenticated in this environment. Do NOT use gh commands for GitHub API operations.
+
+
+
+To interact with GitHub (create issues, discussions, comments, pull requests, etc.), use the safe output tools provided by the safeoutputs MCP server instead of the gh CLI.
+
+