diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml
index 3564e18637..3f13b8cb9c 100644
--- a/.github/workflows/cli-consistency-checker.lock.yml
+++ b/.github/workflows/cli-consistency-checker.lock.yml
@@ -25,7 +25,6 @@ name: "CLI Consistency Checker"
 "on":
   schedule:
   - cron: "0 13 * * 1-5"
-    # Friendly format: daily (scattered)
   workflow_dispatch:
 
 permissions: {}
diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml
index 6fb5625c73..790c7ae672 100644
--- a/.github/workflows/daily-team-status.lock.yml
+++ b/.github/workflows/daily-team-status.lock.yml
@@ -367,10 +367,43 @@ jobs:
             }
           }
           EOF
+      - name: Generate Safe Outputs MCP Server Config
+        id: safe-outputs-config
+        run: |
+          # Generate a secure random API key (360 bits of entropy, 40+ chars)
+          API_KEY=""
+          API_KEY=$(openssl rand -base64 45 | tr -d '/+=')
+          PORT=3001
+          
+          # Register API key as secret to mask it from logs
+          echo "::add-mask::${API_KEY}"
+          
+          # Set outputs for next steps
+          {
+            echo "safe_outputs_api_key=${API_KEY}"
+            echo "safe_outputs_port=${PORT}"
+          } >> "$GITHUB_OUTPUT"
+          
+          echo "Safe Outputs MCP server will run on port ${PORT}"
+          
+      - name: Start Safe Outputs MCP HTTP Server
+        id: safe-outputs-start
+        env:
+          GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-config.outputs.safe_outputs_port }}
+          GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-config.outputs.safe_outputs_api_key }}
+        run: |
+          # Environment variables are set above to prevent template injection
+          export GH_AW_SAFE_OUTPUTS_PORT
+          export GH_AW_SAFE_OUTPUTS_API_KEY
+          
+          bash /opt/gh-aw/actions/start_safe_outputs_server.sh
+          
       - name: Start MCP gateway
         id: start-mcp-gateway
         env:
           GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
+          GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }}
+          GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }}
           GITHUB_MCP_LOCKDOWN: ${{ steps.determine-automatic-lockdown.outputs.lockdown == 'true' && '1' || '0' }}
           GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
         run: |
@@ -404,42 +437,10 @@ jobs:
                 }
               },
               "safeoutputs": {
-                "type": "stdio",
-                "container": "node:lts-alpine",
-                "entrypoint": "node",
-                "entrypointArgs": ["/opt/gh-aw/safeoutputs/mcp-server.cjs"],
-                "mounts": ["/opt/gh-aw:/opt/gh-aw:ro", "/tmp/gh-aw:/tmp/gh-aw:rw", "${{ github.workspace }}:${{ github.workspace }}:rw"],
-                "env": {
-                  "GH_AW_MCP_LOG_DIR": "\${GH_AW_MCP_LOG_DIR}",
-                  "GH_AW_SAFE_OUTPUTS": "\${GH_AW_SAFE_OUTPUTS}",
-                  "GH_AW_SAFE_OUTPUTS_CONFIG_PATH": "\${GH_AW_SAFE_OUTPUTS_CONFIG_PATH}",
-                  "GH_AW_SAFE_OUTPUTS_TOOLS_PATH": "\${GH_AW_SAFE_OUTPUTS_TOOLS_PATH}",
-                  "GH_AW_ASSETS_BRANCH": "\${GH_AW_ASSETS_BRANCH}",
-                  "GH_AW_ASSETS_MAX_SIZE_KB": "\${GH_AW_ASSETS_MAX_SIZE_KB}",
-                  "GH_AW_ASSETS_ALLOWED_EXTS": "\${GH_AW_ASSETS_ALLOWED_EXTS}",
-                  "GITHUB_REPOSITORY": "\${GITHUB_REPOSITORY}",
-                  "GITHUB_SERVER_URL": "\${GITHUB_SERVER_URL}",
-                  "GITHUB_SHA": "\${GITHUB_SHA}",
-                  "GITHUB_WORKSPACE": "\${GITHUB_WORKSPACE}",
-                  "DEFAULT_BRANCH": "\${DEFAULT_BRANCH}",
-                  "GITHUB_RUN_ID": "\${GITHUB_RUN_ID}",
-                  "GITHUB_RUN_NUMBER": "\${GITHUB_RUN_NUMBER}",
-                  "GITHUB_RUN_ATTEMPT": "\${GITHUB_RUN_ATTEMPT}",
-                  "GITHUB_JOB": "\${GITHUB_JOB}",
-                  "GITHUB_ACTION": "\${GITHUB_ACTION}",
-                  "GITHUB_EVENT_NAME": "\${GITHUB_EVENT_NAME}",
-                  "GITHUB_EVENT_PATH": "\${GITHUB_EVENT_PATH}",
-                  "GITHUB_ACTOR": "\${GITHUB_ACTOR}",
-                  "GITHUB_ACTOR_ID": "\${GITHUB_ACTOR_ID}",
-                  "GITHUB_TRIGGERING_ACTOR": "\${GITHUB_TRIGGERING_ACTOR}",
-                  "GITHUB_WORKFLOW": "\${GITHUB_WORKFLOW}",
-                  "GITHUB_WORKFLOW_REF": "\${GITHUB_WORKFLOW_REF}",
-                  "GITHUB_WORKFLOW_SHA": "\${GITHUB_WORKFLOW_SHA}",
-                  "GITHUB_REF": "\${GITHUB_REF}",
-                  "GITHUB_REF_NAME": "\${GITHUB_REF_NAME}",
-                  "GITHUB_REF_TYPE": "\${GITHUB_REF_TYPE}",
-                  "GITHUB_HEAD_REF": "\${GITHUB_HEAD_REF}",
-                  "GITHUB_BASE_REF": "\${GITHUB_BASE_REF}"
+                "type": "http",
+                "url": "http://host.docker.internal:$GH_AW_SAFE_OUTPUTS_PORT",
+                "headers": {
+                  "Authorization": "\${GH_AW_SAFE_OUTPUTS_API_KEY}"
                 }
               }
             },
diff --git a/actions/setup/setup.sh b/actions/setup/setup.sh
index 3cfe57c87b..355f1c409a 100755
--- a/actions/setup/setup.sh
+++ b/actions/setup/setup.sh
@@ -242,6 +242,23 @@ else
   echo "::warning::Safe-outputs MCP entry point not found: safe-outputs-mcp-server.cjs"
 fi
 
+# Copy safe_outputs_tools.json to tools.json (required by safe-outputs server)
+if [ -f "${JS_SOURCE_DIR}/safe_outputs_tools.json" ]; then
+  cp "${JS_SOURCE_DIR}/safe_outputs_tools.json" "${SAFE_OUTPUTS_DEST}/tools.json"
+  echo "Copied safe-outputs tools definition: tools.json"
+  SAFE_OUTPUTS_COUNT=$((SAFE_OUTPUTS_COUNT + 1))
+else
+  echo "::error::Safe-outputs tools definition not found: safe_outputs_tools.json"
+  exit 1
+fi
+
+# Create empty config.json if it doesn't exist (required by safe-outputs server check)
+# The actual config is optional and will be loaded from environment if provided
+if [ ! -f "${SAFE_OUTPUTS_DEST}/config.json" ]; then
+  echo "{}" > "${SAFE_OUTPUTS_DEST}/config.json"
+  echo "Created empty config.json for safe-outputs server"
+fi
+
 echo "Successfully copied ${SAFE_OUTPUTS_COUNT} safe-outputs files to ${SAFE_OUTPUTS_DEST}"
 
 # Set output
diff --git a/actions/setup/sh/start_safe_outputs_server.sh b/actions/setup/sh/start_safe_outputs_server.sh
index 660dc28fd1..e95cd11cf5 100755
--- a/actions/setup/sh/start_safe_outputs_server.sh
+++ b/actions/setup/sh/start_safe_outputs_server.sh
@@ -9,18 +9,23 @@ cd /opt/gh-aw/safeoutputs || exit 1
 # Verify required files exist
 echo "Verifying safe-outputs setup..."
 
-# Check core configuration files
+# Check core files (mcp-server.cjs and tools.json are required)
 if [ ! -f mcp-server.cjs ]; then
   echo "ERROR: mcp-server.cjs not found in /opt/gh-aw/safeoutputs"
   ls -la /opt/gh-aw/safeoutputs/
   exit 1
 fi
-if [ ! -f config.json ]; then
-  echo "ERROR: config.json not found in /opt/gh-aw/safeoutputs"
+if [ ! -f tools.json ]; then
+  echo "ERROR: tools.json not found in /opt/gh-aw/safeoutputs"
   ls -la /opt/gh-aw/safeoutputs/
   exit 1
 fi
 
+# config.json is optional - the server will create a default config if missing
+if [ ! -f config.json ]; then
+  echo "Note: config.json not found, server will use default configuration"
+fi
+
 # Check required dependency files for the MCP server
 # These files are required by safe_outputs_mcp_server_http.cjs and its dependencies
 REQUIRED_DEPS=(