From 56229f4488bf3ae3ad26eca283e9bca341988f8d Mon Sep 17 00:00:00 2001 From: km-anthropic Date: Tue, 19 Aug 2025 15:32:04 -0700 Subject: [PATCH] Add allowed_tools input parameter and enable MCP file ops for agent mode - Add allowed_tools input to action.yml so workflows can specify allowed tools - Pass allowed_tools to prepare step via environment variable - Update agent mode to use allowed_tools when building claude_args - Add GitHub file ops MCP server to agent mode when use_commit_signing is enabled - This allows agent mode (used by auto-fix workflows) to write and commit files --- action.yml | 5 +++++ src/modes/agent/index.ts | 42 ++++++++++++++++++++++++++++++++++++---- 2 files changed, 43 insertions(+), 4 deletions(-) diff --git a/action.yml b/action.yml index 25ac686..559224b 100644 --- a/action.yml +++ b/action.yml @@ -81,6 +81,10 @@ inputs: description: "Enable commit signing using GitHub's commit signature verification. When false, Claude uses standard git commands" required: false default: "false" + allowed_tools: + description: "Comma-separated list of tools to allow Claude to use (e.g., 'Edit,MultiEdit,Write,Read'). If not set, mode defaults apply." + required: false + default: "" experimental_allowed_domains: description: "Restrict network access to these domains only (newline-separated). If not set, no restrictions are applied. Provider domains are auto-detected." required: false @@ -130,6 +134,7 @@ runs: ADDITIONAL_PERMISSIONS: ${{ inputs.additional_permissions }} CLAUDE_ARGS: ${{ inputs.claude_args }} MCP_CONFIG: ${{ inputs.mcp_config }} + ALLOWED_TOOLS: ${{ inputs.allowed_tools }} - name: Install Base Action Dependencies if: steps.prepare.outputs.contains_trigger == 'true' diff --git a/src/modes/agent/index.ts b/src/modes/agent/index.ts index e9d6ce4..43c5925 100644 --- a/src/modes/agent/index.ts +++ b/src/modes/agent/index.ts @@ -83,6 +83,29 @@ export const agentMode: Mode = { }, }; + // Add GitHub file ops server when using commit signing + if (context.inputs?.useCommitSigning) { + mcpConfig.mcpServers["github-file-ops-server"] = { + command: "bun", + args: [ + "run", + `${process.env.GITHUB_ACTION_PATH}/src/mcp/github-file-ops-server.ts`, + ], + env: { + GITHUB_TOKEN: githubToken || "", + REPO_OWNER: context.repository.owner, + REPO_NAME: context.repository.repo, + BRANCH_NAME: "", // Agent mode doesn't pre-create branches + BASE_BRANCH: "", + REPO_DIR: process.env.GITHUB_WORKSPACE || process.cwd(), + GITHUB_EVENT_NAME: process.env.GITHUB_EVENT_NAME || "", + IS_PR: "false", // Agent mode doesn't create PRs by default + GITHUB_API_URL: + process.env.GITHUB_API_URL || "https://api.github.com", + }, + }; + } + // Add user-provided additional MCP config if any const additionalMcpConfig = process.env.MCP_CONFIG || ""; if (additionalMcpConfig.trim()) { @@ -101,12 +124,23 @@ export const agentMode: Mode = { } } - // Agent mode: pass through user's claude_args with MCP config + // Agent mode: pass through user's claude_args with MCP config and allowed_tools const userClaudeArgs = process.env.CLAUDE_ARGS || ""; + const userAllowedTools = process.env.ALLOWED_TOOLS || ""; const escapedMcpConfig = JSON.stringify(mcpConfig).replace(/'/g, "'\\''"); - const claudeArgs = - `--mcp-config '${escapedMcpConfig}' ${userClaudeArgs}`.trim(); - core.setOutput("claude_args", claudeArgs); + let claudeArgs = `--mcp-config '${escapedMcpConfig}'`; + + // Add allowed_tools if specified + if (userAllowedTools) { + claudeArgs += ` --allowedTools "${userAllowedTools}"`; + } + + // Add user's additional claude_args + if (userClaudeArgs) { + claudeArgs += ` ${userClaudeArgs}`; + } + + core.setOutput("claude_args", claudeArgs.trim()); return { commentId: undefined,