Skip to content

Add GitHub lockdown mode to workflows processing non-collaborator content#14840

Merged
pelikhan merged 4 commits intomainfrom
copilot/set-github-lockdown-true
Feb 10, 2026
Merged

Add GitHub lockdown mode to workflows processing non-collaborator content#14840
pelikhan merged 4 commits intomainfrom
copilot/set-github-lockdown-true

Conversation

Copy link
Contributor

Copilot AI commented Feb 10, 2026
edited
Loading

Enables lockdown mode for workflows that process issues, PRs, and discussions from public repository contributors. This filters content to only items authored by users with push access.

Changes

Core workflows (explicit lockdown):

  • issue-monster.md - Issue assignment orchestrator
  • discussion-task-miner.md - Discussion content analyzer
  • workflow-generator.md - Workflow creation from issue forms

Triage and moderation (explicit lockdown):

  • issue-triage-agent.md, pr-triage-agent.md
  • issue-arborist.md, weekly-issue-summary.md, daily-issues-report.md

Slash commands (explicit lockdown):

  • grumpy-reviewer.md (PR reviews)
  • plan.md (issue/discussion planning)

Workflows using automatic lockdown detection:

  • auto-triage-issues.md - Uses $GITHUB_MCP_LOCKDOWN for dynamic lockdown based on repository visibility
  • ai-moderator.md - Uses $GITHUB_MCP_LOCKDOWN for dynamic lockdown based on repository visibility

Implementation

Explicit lockdown:

tools:
  github:
    lockdown: true  # Forces lockdown mode
    toolsets: [default, issues, pull_requests]

Compiles to GITHUB_LOCKDOWN_MODE: "1" in workflow lock files.

Automatic lockdown detection:

tools:
  github:
    # No lockdown field - uses automatic detection
    toolsets: [default, issues, pull_requests]

Compiles to GITHUB_LOCKDOWN_MODE: "$GITHUB_MCP_LOCKDOWN" in workflow lock files, automatically enabling lockdown for public repositories when GH_AW_GITHUB_MCP_SERVER_TOKEN is set.

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot stopped work on behalf of pelikhan due to an error February 10, 2026 21:43
Failed to launch agent
Copilot stopped work on behalf of pelikhan due to an error February 10, 2026 21:43
Failed to launch agent
@pelikhan
Add lockdown: true to workflows processing non-collaborator items
5a08258 
Set tools.github.lockdown: true for workflows that could work on non-collaborator generated items (issues, PRs, discussions) from public repositories. This ensures these workflows only process content from users with push access.

Workflows updated:
- issue-monster.md
- discussion-task-miner.md
- workflow-generator.md
- auto-triage-issues.md
- issue-triage-agent.md
- pr-triage-agent.md
- ai-moderator.md
- issue-arborist.md
- weekly-issue-summary.md
- daily-issues-report.md
- grumpy-reviewer.md
- plan.md

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Set tools.github.lockdown to true for specific workflows Add GitHub lockdown mode to workflows processing non-collaborator content Feb 10, 2026
Copilot AI requested a review from pelikhan February 10, 2026 21:52
pelikhan
pelikhan reviewed Feb 10, 2026
View reviewed changes
@pelikhan
Remove lockdown mode from ai-moderator and auto-triage-issues
5bd3631 
Per review feedback, removed lockdown: true from:
- ai-moderator.md - uses automatic lockdown detection
- auto-triage-issues.md - uses automatic lockdown detection

These workflows now use $GITHUB_MCP_LOCKDOWN for dynamic lockdown
based on repository visibility rather than forced lockdown.

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI requested a review from pelikhan February 10, 2026 22:07
@pelikhan pelikhan marked this pull request as ready for review February 10, 2026 22:12
Copilot AI review requested due to automatic review settings February 10, 2026 22:12
Copilot AI reviewed Feb 10, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR enables GitHub “lockdown mode” for several workflows that process issues/PRs/discussions, ensuring the GitHub MCP server only returns content authored by users with push access.

Changes:

  • Added tools.github.lockdown: true to selected workflow frontmatter files.
  • Updated corresponding *.lock.yml files to hardcode GITHUB_LOCKDOWN_MODE: "1" and remove the “determine automatic lockdown” step/env wiring.

Reviewed changes

Copilot reviewed 20 out of 20 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
.github/workflows/workflow-generator.md Enables explicit lockdown for the workflow generator.
.github/workflows/workflow-generator.lock.yml Regenerates lockfile to hardcode lockdown mode and remove auto-detection step.
.github/workflows/weekly-issue-summary.md Enables explicit lockdown for weekly issue summary workflow.
.github/workflows/weekly-issue-summary.lock.yml Regenerates lockfile to hardcode lockdown mode and remove auto-detection step.
.github/workflows/pr-triage-agent.md Enables explicit lockdown for PR triage agent.
.github/workflows/pr-triage-agent.lock.yml Regenerates lockfile to hardcode lockdown mode and remove auto-detection step.
.github/workflows/plan.md Enables explicit lockdown for /plan slash-command workflow.
.github/workflows/plan.lock.yml Regenerates lockfile to hardcode lockdown mode and remove auto-detection step.
.github/workflows/issue-triage-agent.md Enables explicit lockdown for issue triage agent.
.github/workflows/issue-triage-agent.lock.yml Regenerates lockfile to hardcode lockdown mode and remove auto-detection step.
.github/workflows/issue-monster.md Enables explicit lockdown for issue-monster orchestration workflow.
.github/workflows/issue-monster.lock.yml Regenerates lockfile to hardcode lockdown mode and remove auto-detection step.
.github/workflows/issue-arborist.md Enables explicit lockdown for issue arborist workflow.
.github/workflows/issue-arborist.lock.yml Regenerates lockfile to hardcode lockdown mode and remove auto-detection step; updates MCP env lists accordingly.
.github/workflows/grumpy-reviewer.md Enables explicit lockdown for grumpy reviewer slash-command workflow.
.github/workflows/grumpy-reviewer.lock.yml Regenerates lockfile to hardcode lockdown mode and remove auto-detection step.
.github/workflows/discussion-task-miner.md Enables explicit lockdown for discussion task miner.
.github/workflows/discussion-task-miner.lock.yml Regenerates lockfile to hardcode lockdown mode and remove auto-detection step.
.github/workflows/daily-issues-report.md Enables explicit lockdown for daily issues report workflow.
.github/workflows/daily-issues-report.lock.yml Regenerates lockfile to hardcode lockdown mode and remove auto-detection step; updates MCP env lists accordingly.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@pelikhan pelikhan merged commit 3676ad2 into main Feb 10, 2026
51 checks passed
@pelikhan pelikhan deleted the copilot/set-github-lockdown-true branch February 10, 2026 22:33
@github-actions github-actions bot mentioned this pull request Feb 11, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@pelikhan pelikhan Awaiting requested review from pelikhan

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pelikhan