diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml
index 2383fcb25e..3a7a5562bd 100644
--- a/.github/workflows/daily-performance-summary.lock.yml
+++ b/.github/workflows/daily-performance-summary.lock.yml
@@ -2433,7 +2433,7 @@ jobs:
           EOF
           chmod +x /tmp/gh-aw/safeoutputs/mcp-server.cjs
           
-      - name: Setup Safe Inputs MCP
+      - name: Setup Safe Inputs JavaScript and Config
         run: |
           mkdir -p /tmp/gh-aw/safe-inputs/logs
           cat > /tmp/gh-aw/safe-inputs/read_buffer.cjs << 'EOF_READ_BUFFER'
@@ -3195,6 +3195,9 @@ jobs:
             });
           EOFSI
           chmod +x /tmp/gh-aw/safe-inputs/mcp-server.cjs
+          
+      - name: Setup Safe Inputs Tool Files
+        run: |
           cat > /tmp/gh-aw/safe-inputs/github-discussion-query.sh << 'EOFSH_github-discussion-query'
           #!/bin/bash
           # Auto-generated safe-input tool: github-discussion-query
diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml
index 961f7e66a6..824464eac5 100644
--- a/.github/workflows/daily-team-status.lock.yml
+++ b/.github/workflows/daily-team-status.lock.yml
@@ -3491,6 +3491,8 @@ jobs:
                   "Safe Outputs": [],
                   "Safe Inputs": [],
                   "Git/GitHub": [],
+                  Playwright: [],
+                  Serena: [],
                   MCP: [],
                   "Custom Agents": [],
                   Other: [],
@@ -3530,6 +3532,10 @@ jobs:
                     categories["Safe Inputs"].push(toolName);
                   } else if (tool.startsWith("mcp__github__")) {
                     categories["Git/GitHub"].push(formatMcpName(tool));
+                  } else if (tool.startsWith("mcp__playwright__")) {
+                    categories["Playwright"].push(formatMcpName(tool));
+                  } else if (tool.startsWith("mcp__serena__")) {
+                    categories["Serena"].push(formatMcpName(tool));
                   } else if (tool.startsWith("mcp__") || ["ListMcpResourcesTool", "ReadMcpResourceTool"].includes(tool)) {
                     categories["MCP"].push(tool.startsWith("mcp__") ? formatMcpName(tool) : tool);
                   } else if (isLikelyCustomAgent(tool)) {
diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml
index dd1ad70d6d..ca539568e4 100644
--- a/.github/workflows/dev.lock.yml
+++ b/.github/workflows/dev.lock.yml
@@ -395,7 +395,7 @@ jobs:
           
           EOF
           chmod +x .claude/hooks/network_permissions.py
-      - name: Setup Safe Inputs MCP
+      - name: Setup Safe Inputs JavaScript and Config
         run: |
           mkdir -p /tmp/gh-aw/safe-inputs/logs
           cat > /tmp/gh-aw/safe-inputs/read_buffer.cjs << 'EOF_READ_BUFFER'
@@ -1100,6 +1100,9 @@ jobs:
             });
           EOFSI
           chmod +x /tmp/gh-aw/safe-inputs/mcp-server.cjs
+          
+      - name: Setup Safe Inputs Tool Files
+        run: |
           cat > /tmp/gh-aw/safe-inputs/gh.sh << 'EOFSH_gh'
           #!/bin/bash
           # Auto-generated safe-input tool: gh
diff --git a/.github/workflows/test-python-safe-input.lock.yml b/.github/workflows/test-python-safe-input.lock.yml
index 7b7c7f3bcb..61908dd4f6 100644
--- a/.github/workflows/test-python-safe-input.lock.yml
+++ b/.github/workflows/test-python-safe-input.lock.yml
@@ -1622,7 +1622,7 @@ jobs:
           EOF
           chmod +x /tmp/gh-aw/safeoutputs/mcp-server.cjs
           
-      - name: Setup Safe Inputs MCP
+      - name: Setup Safe Inputs JavaScript and Config
         run: |
           mkdir -p /tmp/gh-aw/safe-inputs/logs
           cat > /tmp/gh-aw/safe-inputs/read_buffer.cjs << 'EOF_READ_BUFFER'
@@ -2344,6 +2344,9 @@ jobs:
             });
           EOFSI
           chmod +x /tmp/gh-aw/safe-inputs/mcp-server.cjs
+          
+      - name: Setup Safe Inputs Tool Files
+        run: |
           cat > /tmp/gh-aw/safe-inputs/analyze-numbers.py << 'EOFPY_analyze-numbers'
           #!/usr/bin/env python3
           # Auto-generated safe-input tool: analyze-numbers
diff --git a/pkg/workflow/mcp_servers.go b/pkg/workflow/mcp_servers.go
index edc6231790..e9c305381e 100644
--- a/pkg/workflow/mcp_servers.go
+++ b/pkg/workflow/mcp_servers.go
@@ -277,7 +277,8 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 
 	// Write safe-inputs MCP server if configured and feature flag is enabled
 	if IsSafeInputsEnabled(workflowData.SafeInputs, workflowData) {
-		yaml.WriteString("      - name: Setup Safe Inputs MCP\n")
+		// Step 1: Write JavaScript and config files
+		yaml.WriteString("      - name: Setup Safe Inputs JavaScript and Config\n")
 		yaml.WriteString("        run: |\n")
 		yaml.WriteString("          mkdir -p /tmp/gh-aw/safe-inputs/logs\n")
 
@@ -343,6 +344,11 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any,
 		}
 		yaml.WriteString("          EOFSI\n")
 		yaml.WriteString("          chmod +x /tmp/gh-aw/safe-inputs/mcp-server.cjs\n")
+		yaml.WriteString("          \n")
+
+		// Step 2: Generate tool files (js/py/sh)
+		yaml.WriteString("      - name: Setup Safe Inputs Tool Files\n")
+		yaml.WriteString("        run: |\n")
 
 		// Generate individual tool files (sorted by name for stable code generation)
 		safeInputToolNames := make([]string, 0, len(workflowData.SafeInputs.Tools))