Fix safe-inputs configuration for Copilot CLI

[Copilot]

Plan: Fix safe-inputs type field for Copilot CLI

• Understand the problem: safe-inputs with copilot engine generates "type": "stdio" but should use "type": "local" for Copilot CLI compatibility
• Locate the issue in renderSafeInputsMCPConfigWithOptions function in pkg/workflow/safe_inputs.go
• Fix the type field to use "local" when includeCopilotFields is true
• Fix the MCP server startup error caused by calling .catch() on undefined
• Update the test in safe_inputs_mode_test.go to verify "local" is used for copilot
• Add test for Claude engine to verify "stdio" is still used
• Run tests to validate the fix
• Run make agent-finish for complete validation
• Recompile all workflows
• Fix config file deletion issue for stdio mode

Summary

Fixed three issues with safe-inputs configuration for the Copilot engine:

1. Type field conversion: When using mode: stdio with Copilot engine, the generated MCP configuration now correctly uses "type": "local" instead of "type": "stdio" for Copilot CLI compatibility. Other engines (Claude, Custom) continue to use "type": "stdio".

2. Server startup error: Fixed JavaScript error where the generated entry point script was calling .catch() on startSafeInputsServer() which returns undefined. Changed to use try/catch block instead.

3. Config file deletion: Fixed "Configuration file not found" error that occurred when Copilot CLI restarted the MCP server. The server was deleting the tools.json config file after loading, preventing restarts. Now stdio mode keeps the config file to support agent restarts.

Changes

• Modified renderSafeInputsMCPConfigWithOptions to convert "stdio" to "local" when includeCopilotFields is true (line 643-650 in safe_inputs.go)
• Modified generateSafeInputsMCPServerScript to use try/catch instead of .catch() for error handling
• Added skipCleanup option to startSafeInputsServer function in safe_inputs_mcp_server.cjs
• Set skipCleanup: true for stdio mode in generated entry point scripts to keep config file available for agent restarts
• Updated tests to verify "local" type is used for Copilot engine
• Added test to verify "stdio" type is still used for Claude engine
• Recompiled all Copilot workflows to use the corrected configuration

Verification

Tested with both Copilot and Claude engines:

• Copilot: Generates "type": "local" with skipCleanup: true ✓
• Claude: Generates "type": "stdio" with skipCleanup: true ✓

Recompiled workflows now contain the correct type field and skipCleanup option, allowing Copilot CLI to successfully restart the MCP server without "Configuration file not found" errors.

Original prompt

The agent mode for "safe-inputs" with copilot cli generated a configuration entry with "type": "stdio" but copilot uses "type": "local" instead. Fix this.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

---

Changeset

• Type: patch
• Description: Fix safe-inputs MCP config for Copilot CLI: convert type: stdio to type: local when generating Copilot fields; fix server startup JS to avoid calling .catch() on undefined; update tests to assert behavior for Copilot and Claude.

🏴‍☠️ Ahoy! This treasure was crafted by Changeset Generator

---

Changeset

• Type: patch
• Description: Fix safe-inputs MCP config for Copilot CLI: convert type: stdio to type: local when generating Copilot fields; fix server startup JS to avoid calling .catch() on undefined; update tests to assert behavior for Copilot and Claude.

🏴‍☠️ Ahoy! This treasure was crafted by Changeset Generator

---

---

Smoke Test: Copilot Engine (No Firewall)

Run 20038440913 | 2025-12-08 18:25 UTC | PASS ✅
All tests passed: GitHub MCP, File I/O, Bash, Playwright, Cache Memory, Safe Input gh tool

🤖 DIAGNOSTIC REPORT GENERATED BY Smoke Copilot No Firewall

---

Changeset

• Type: patch
• Description: Fix safe-inputs MCP config for Copilot CLI: convert type: stdio to type: local when generating Copilot fields; fix server startup JS to avoid calling .catch() on undefined; update tests to assert behavior for Copilot and Claude.

🏴‍☠️ Ahoy! This treasure was crafted by Changeset Generator

---

---

Smoke Test - Copilot Engine (No Firewall)

Run: 20041195065 | Status: ✅ PASS | Time: 2025-12-08 20:06:37 UTC
All 6 tests passed: GitHub MCP, file writing, bash, Playwright, cache memory, safe-input gh tool

🤖 DIAGNOSTIC REPORT GENERATED BY Smoke Copilot No Firewall

[pelikhan]

@copilot review the failure of the mcp server launch:

2025-12-08T17:24:02.567Z [INFO] Starting Copilot CLI: 0.0.367
Commit: 9b421b4
2025-12-08T17:24:02.568Z [INFO] Node.js version: v22.21.0
2025-12-08T17:24:02.820Z [DEBUG] Fetched Copilot URL for mnkiefer from https://api.github.com/graphql: 200 https://api.enterprise.githubcopilot.com
2025-12-08T17:24:03.661Z [LOG] Starting MCP client for safeinputs with 
command: node 
args: /tmp/gh-aw/safe-inputs/mcp-server.cjs 
cwd: /home/runner/work/gh-aw/gh-aw
2025-12-08T17:24:03.661Z [LOG] Starting MCP client for safeinputs with command: node and args: /tmp/gh-aw/safe-inputs/mcp-server.cjs
2025-12-08T17:24:03.662Z [LOG] Creating MCP client for safeinputs...
2025-12-08T17:24:03.665Z [LOG] Connecting MCP client for safeinputs...
2025-12-08T17:24:03.690Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.687Z] [safeinputs] Loading safe-inputs configuration from: /tmp/gh-aw/safe-inputs/tools.json

2025-12-08T17:24:03.691Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.690Z] [safeinputs] Base path for handlers: /tmp/gh-aw/safe-inputs

2025-12-08T17:24:03.691Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.691Z] [safeinputs] Tools to load: 1

2025-12-08T17:24:03.691Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.691Z] [safeinputs] Loading tool handlers...

2025-12-08T17:24:03.691Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.691Z] [safeinputs]   Total tools to process: 1

2025-12-08T17:24:03.691Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.691Z] [safeinputs]   Base path: /tmp/gh-aw/safe-inputs

2025-12-08T17:24:03.691Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.691Z] [safeinputs]   [gh] Handler path specified: gh.sh

2025-12-08T17:24:03.691Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.691Z] [safeinputs]   [gh] Resolved relative path to: /tmp/gh-aw/safe-inputs/gh.sh

2025-12-08T17:24:03.691Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.691Z] [safeinputs]   [gh] Loading handler from: /tmp/gh-aw/safe-inputs/gh.sh

2025-12-08T17:24:03.692Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.691Z] [safeinputs]   [gh] Handler file extension: .sh
[2025-12-08T17:24:03.691Z] [safeinputs]   [gh] Detected shell script handler

2025-12-08T17:24:03.692Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.691Z] [safeinputs]   [gh] Shell script is executable

2025-12-08T17:24:03.693Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.693Z] [safeinputs]   [gh] Shell handler created successfully with timeout: 60s

2025-12-08T17:24:03.693Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.693Z] [safeinputs] Handler loading complete:
[2025-12-08T17:24:03.693Z] [safeinputs]   Loaded: 1

2025-12-08T17:24:03.693Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.693Z] [safeinputs]   Skipped (no handler path): 0
[2025-12-08T17:24:03.693Z] [safeinputs]   Errors: 0

2025-12-08T17:24:03.693Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.693Z] [safeinputs] Registered tool: gh

2025-12-08T17:24:03.694Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.694Z] [safeinputs] Deleted configuration file: /tmp/gh-aw/safe-inputs/tools.json

2025-12-08T17:24:03.694Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.694Z] [safeinputs] v1.0.0 ready on stdio

2025-12-08T17:24:03.694Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.694Z] [safeinputs]   tools: gh

2025-12-08T17:24:03.694Z [LOG] [mcp server safeinputs stderr] [2025-12-08T17:24:03.694Z] [safeinputs] listening...

2025-12-08T17:24:03.695Z [LOG] [mcp server safeinputs stderr] /tmp/gh-aw/safe-inputs/mcp-server.cjs:6
  }).catch(error => {
    ^

TypeError: Cannot read properties of undefined (reading 'catch')
    at Object.<anonymous> (/tmp/gh-aw/safe-inputs/mcp-server.cjs:6:5)
    at Module._compile (node:internal/modules/cjs/loader:1706:14)
    at Object..js (node:internal/modules/cjs/loader:1839:10)
    at Module.load (node:internal/modules/cjs/loader:1441:32)
    at Function._load (node:internal/modules/cjs/loader:1263:12)
    at TracingChannel.traceSync (node:diagnostics_channel:328:14)
    at wrapModuleLoad (node:internal/modules/cjs/loader:237:24)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:171:5)
    at node:internal/main/run_main_module:36:49

Node.js v22.21.0

[pelikhan]

@copilot restart, accidental closing

[Copilot]

@copilot review the failure of the mcp server launch:

...

Fixed in commit eb4cec2. The issue was that startSafeInputsServer() doesn't return a Promise (it returns undefined), but the generated code was calling .catch() on it. Changed to use try/catch instead.

Additionally fixed the original issue where safe-inputs with copilot engine was generating "type": "stdio" instead of "type": "local" for Copilot CLI compatibility.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/user
  • Triggering command: /usr/bin/gh gh api user --jq .login -json GO111MODULE ps GOINSECURE GOMOD GOMODCACHE ps out.�� out.git GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • Triggering command: /usr/bin/gh gh api user --jq .login -bun.git GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 75717773/gh-aw GOINSECURE GOMOD GOMODCACHE 75717773/gh-aw (http block)
  • Triggering command: /usr/bin/gh gh api user --jq .login -node.git -node.git dd54216120117948a0873f5b729e6ec32db/log.json GOINSECURE GOMOD GOMODCACHE go 1/x6�� -json GO111MODULE /bin/sh GOINSECURE GOMOD GOMODCACHE /bin/sh (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[github-actions]

🎉 Yo ho ho! Changeset Generator found the treasure and completed successfully! ⚓💰

[github-actions]

🔮 The ancient spirits stir... Smoke Codex awakens to divine this pull request...

[github-actions]

🤖 DIAGNOSTIC COMPLETE: Smoke Copilot No Firewall STATUS: ALL_UNITS_OPERATIONAL. MISSION_SUCCESS.

[github-actions]

💥 WHOOSH! Smoke Claude springs into action on this pull request! [Panel 1 begins...]

[github-actions]

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

📰✅🎉🏁✨🎤 https://github.com/githubnext/gh-aw/actions/runs/20037778759

[github-actions]

📰 VERDICT: Smoke Copilot Playwright has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

Smoke Test Results - Claude Engine

Last 2 Merged PRs:

• Add log file folder location to audit command overview section #5889: Add log file folder location to audit command overview section
• Fix action SHA validation to extract version from lock file comments #5886: Fix action SHA validation to extract version from lock file comments

Test Results:

• ✅ GitHub MCP: List PRs successful
• ✅ File Writing: Created /tmp/gh-aw/agent/smoke-test-claude-20037778746.txt
• ✅ Bash Tool: Verified file contents
• ✅ Playwright: Navigated to GitHub, title contains "GitHub"
• ✅ Cache Memory: Created and verified /tmp/gh-aw/cache-memory/smoke-test-20037778746.txt
• ✅ Safe Input gh: GitHub issues list accessible

Overall Status: PASS

💥 [THE END] — Illustrated by Smoke Claude fer issue #5890 🗺️

[github-actions]

Latest merged PRs:

• Fix action SHA validation to extract version from lock file comments
• Add log file folder location to audit command overview section
  Tests:
• ✅ GitHub MCP PR fetch
• ✅ File write/read /tmp/gh-aw/agent/smoke-test-codex-20037778761.txt
• ✅ Cache write/read /tmp/gh-aw/cache-memory/smoke-test-20037778761.txt
• ✅ Playwright title contains GitHub
• ❌ safeinputs-gh gh issues list --limit 3 (command not available)
  Overall: FAIL

🔮 The oracle has spoken through Smoke Codex fer issue #5890 🗺️

[pelikhan]

@copilot the MCP server config still contains type: stdio

[github-actions]

PRs reviewed: #5891 "[instructions] Sync github-agentic-workflows.md with release v0.31.10"; #5887 "Add local changes warning to run command"
✅ GitHub MCP: last 2 merged PRs reviewed
✅ File write: /tmp/gh-aw/agent/smoke-test-codex-20038440897.txt created
✅ Bash verify: file contents read back
✅ Playwright: github.com title contains "GitHub"
✅ Cache memory: /tmp/gh-aw/cache-memory/smoke-test-20038440897.txt written
❌ safeinputs-gh: tool unavailable here (gh CLI unauthenticated)
Overall: FAIL

🔮 The oracle has spoken through Smoke Codex fer issue #5890 🗺️

[pelikhan]

@copilot investigate this configuration issue:

2025-12-08T18:24:41.826Z [LOG] Starting MCP client for safeoutputs with command: node and args: /tmp/gh-aw/safeoutputs/mcp-server.cjs
2025-12-08T18:24:41.827Z [LOG] Creating MCP client for safeoutputs...
2025-12-08T18:24:41.827Z [LOG] Connecting MCP client for safeoutputs...
2025-12-08T18:24:41.855Z [LOG] [mcp server safeinputs stderr] [2025-12-08T18:24:41.851Z] [safeinputs] Loading safe-inputs configuration from: /tmp/gh-aw/safe-inputs/tools.json

2025-12-08T18:24:41.856Z [LOG] [mcp server safeinputs stderr] Failed to start safe-inputs stdio server: Error: Configuration file not found: /tmp/gh-aw/safe-inputs/tools.json
    at loadConfig (/tmp/gh-aw/safe-inputs/safe_inputs_config_loader.cjs:4:13)
    at bootstrapSafeInputsServer (/tmp/gh-aw/safe-inputs/safe_inputs_bootstrap.cjs:7:20)
    at startSafeInputsServer (/tmp/gh-aw/safe-inputs/safe_inputs_mcp_server.cjs:8:31)
    at Object.<anonymous> (/tmp/gh-aw/safe-inputs/mcp-server.cjs:5:5)
    at Module._compile (node:internal/modules/cjs/loader:1706:14)
    at Object..js (node:internal/modules/cjs/loader:1839:10)
    at Module.load (node:internal/modules/cjs/loader:1441:32)
    at Function._load (node:internal/modules/cjs/loader:1263:12)
    at TracingChannel.traceSync (node:diagnostics_channel:328:14)
    at wrapModuleLoad (node:internal/modules/cjs/loader:237:24)
    
    ```

[Copilot]

@copilot investigate this configuration issue:

...

Fixed in commit 51a36fe. The issue was that the safe-inputs MCP server was deleting the tools.json config file after loading it. When Copilot CLI restarted the MCP server, the file was gone, causing the "Configuration file not found" error.

Solution: Added skipCleanup: true option for stdio mode to keep the config file available for agent restarts.

[github-actions]

🔮 The ancient spirits stir... Smoke Codex awakens to divine this pull request...

[github-actions]

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

[github-actions]

💥 WHOOSH! Smoke Claude springs into action on this pull request! [Panel 1 begins...]

[github-actions]

🤖 SYSTEM_INIT: Smoke Copilot No Firewall ACTIVATED. PROCESSING pull request. ALL SUBSYSTEMS ONLINE.

[github-actions]

📰🚀🔍👀📡🕵️ https://github.com/githubnext/gh-aw/actions/runs/20041195034

[github-actions]

🎉 Yo ho ho! Changeset Generator found the treasure and completed successfully! ⚓💰

[github-actions]

📰 BREAKING: Smoke Copilot Playwright is now investigating this pull request. Sources say the story is developing...

[github-actions]

Smoke Test Results

PRs: #5896, #5892

1. ✅ GitHub MCP
2. ✅ File Writing
3. ✅ Bash Tool
4. ✅ Default Toolset (get_me unavailable)
5. ✅ Cache Memory
6. ❌ Safe Input gh (HTTP/HTTPS mismatch)
7. ❌ Firewall Health (connection failed)
8. ✅ Available Tools

Status: FAIL

📰 BREAKING: Report filed by Smoke Copilot fer issue #5890 🗺️

[github-actions]

Smoke Test Results - Claude Engine

Last 2 Merged PRs:

• Comprehensive GitHub tokens documentation overhaul #5896: Comprehensive GitHub tokens documentation overhaul
• Make NDJSON parser resilient to invalid JSON - show warnings without failing step #5892: Make NDJSON parser resilient to invalid JSON

Test Results:

• ✅ GitHub MCP (fetched PRs)
• ✅ File Writing (/tmp/gh-aw/agent/)
• ✅ Bash Tool (verified file)
• ✅ Playwright MCP (page title: "GitHub · Change is constant...")
• ✅ Cache Memory (/tmp/gh-aw/cache-memory/)
• ❌ Safe Input gh Tool (not available - see safe-outputs tools instead)

Status: PASS (5/6 tests - gh tool not applicable)

💥 [THE END] — Illustrated by Smoke Claude fer issue #5890 🗺️

[github-actions]

Smoke Test Results - Copilot Engine (No Firewall)

Timestamp: 2025-12-08 20:06:37 UTC
Run ID: 20041195065

Test Results

• ✅ GitHub MCP: Retrieved last 2 merged PRs (feat: update assign-to-agent to use REST API instead of GraphQL #5898, Comprehensive GitHub tokens documentation overhaul #5896)
• ✅ File Writing: Created agent test file successfully
• ✅ Bash Tool: Verified file creation with cat
• ✅ Playwright MCP: Navigated to github.com, title verified
• ✅ Cache Memory: Created and verified cache test file
• ✅ Safe Input gh Tool: Listed 3 issues successfully

Overall Status: ✅ PASS

🤖 DIAGNOSTIC REPORT GENERATED BY Smoke Copilot No Firewall fer issue #5890 🗺️

[github-actions]

Smoke Test Results (Run #20041195039)

✅ Playwright MCP: Successfully navigated to github.com, page title verified
✅ Cache Memory: Test file created and verified at /tmp/gh-aw/cache-memory/smoke-test-20041195039.txt
❌ Safe Input gh Tool: Failed - HTTP/HTTPS client error

Status: PARTIAL PASS (2/3 tests passed, safe-input tool has configuration issue)

📰 BREAKING: Report filed by Smoke Copilot Playwright fer issue #5890 🗺️

[github-actions]

Copilot Engine Smoke Test Results

Last 2 Merged PRs: (Unable to fetch - GitHub API not accessible)

Test Results:

• ✅ Bash Tool: File created successfully
• ❌ GitHub MCP: CLI not authenticated
• ❌ Serena MCP: Binary missing
• ❌ safeinputs-gh: HTTPS error

STATUS: FAIL - Environment lacks necessary tooling and authentication

📰🔥📋 https://github.com/githubnext/gh-aw/actions/runs/20041195034 fer issue #5890 🗺️

[github-actions]

PR titles: Comprehensive GitHub tokens documentation overhaul; Make NDJSON parser resilient to invalid JSON - show warnings without failing step
GitHub MCP ✅
File write/read ✅
Playwright GitHub title ✅
Cache memory ✅
safeinputs-gh issues list ❌ (command not found in PATH)
Overall: FAIL

🔮 The oracle has spoken through Smoke Codex fer issue #5890 🗺️