Fix safe-inputs MCP server to use HTTP transport for Codex engine

[Copilot]

The Codex engine was using stdio transport for safe-inputs MCP server while Copilot and Claude used HTTP transport, causing configuration inconsistency.

Changes

• Updated renderSafeInputsTOML to generate HTTP transport configuration:

  • Added type: "http" field (required by MCP spec)
  • Changed from command + args to url + headers format
  • Pass through server config and tool-specific environment variables

• Added tests verifying HTTP transport for Codex:

  • Validates presence of HTTP URL and Authorization header
  • Confirms absence of stdio transport configuration
  • Verifies environment variable passthrough including secrets

Configuration Format

Before (stdio):

[mcp_servers.safeinputs]
command = "node"
args = ["/tmp/gh-aw/safe-inputs/mcp-server.cjs"]
env_vars = []

After (HTTP):

[mcp_servers.safeinputs]
type = "http"
url = "http://localhost:$GH_AW_SAFE_INPUTS_PORT"
headers = { Authorization = "Bearer $GH_AW_SAFE_INPUTS_API_KEY" }
env_vars = ["GH_AW_SAFE_INPUTS_PORT", "GH_AW_SAFE_INPUTS_API_KEY"]

All engines now use HTTP transport consistently with the server setup steps already generated in the workflow.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/user
  • Triggering command: /usr/bin/gh gh api user --jq .login -json GO111MODULE che/go-build/67/67664249e070d459d5f0aa28d000ca357ac0300cf89c36277b573d7dd72341bb-d/gh-aw GOINSECURE GOMOD GOMODCACHE che/go-build/67/67664249e070d459 env action.git action.git e/git by/64ea3330c7ee1sh GOMOD GOMODCACHE e/git (http block)
  • Triggering command: /usr/bin/gh gh api user --jq .login /ref/tags/v8 GO111MODULE 1/x64/bin/node GOINSECURE GOMOD GOMODCACHE go env 27/parse_codex_log.js GO111MODULE (http block)
  • Triggering command: /usr/bin/gh gh api user --jq .login e=false GO111MODULE ad89924d698fbd50791f788b7e2e3682803/log.json GOINSECURE %H %ct %D GOMODCACHE go env -json GO111MODULE /bin/sh GOINSECURE GOMOD GOMODCACHE /bin/sh (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

Make sure safe-inputs MCP server is supported and properly code-generated for all agentic engines (Claude, copilot, codex).

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

---

Changeset

• Type: patch
• Description: Add changeset for pull request Fix safe-inputs MCP server to use HTTP transport for Codex engine #5782. PR description was empty, defaulted to a patch-level changeset for internal/tooling/documentation changes.

🏴‍☠️ Ahoy! This treasure was crafted by Changeset Generator

---

---

Smoke Test Summary - 2025-12-07T20:20:47Z

Status: PASS
Run ID: 20009775785
Summary: All 6 tests passed - GitHub MCP, file I/O, Playwright, cache memory, and gh safe-input verified successfully.

🤖 DIAGNOSTIC REPORT GENERATED BY Smoke Copilot No Firewall

🤖 DIAGNOSTIC REPORT GENERATED BY Smoke Copilot No Firewall

[github-actions]

💥 WHOOSH! Smoke Claude springs into action on this pull request! [Panel 1 begins...]

[github-actions]

🎉 Yo ho ho! Changeset Generator found the treasure and completed successfully! ⚓💰

[github-actions]

🔮 The ancient spirits stir... Smoke Codex awakens to divine this pull request...

[github-actions]

📰 BREAKING: Smoke Copilot Playwright is now investigating this pull request. Sources say the story is developing...

[github-actions]

📰🚀🔍👀📡🕵️ https://github.com/githubnext/gh-aw/actions/runs/20009775801

[github-actions]

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

[github-actions]

🤖 SYSTEM_INIT: Smoke Copilot No Firewall ACTIVATED. PROCESSING pull request. ALL SUBSYSTEMS ONLINE.

[github-actions]

Smoke Test Summary - Run 20009775794

Recent PRs:

• Replace envsubst with JavaScript-based substitution to prevent template injection #5773: Replace envsubst with JavaScript-based substitution to prevent template injection
• Add comprehensive test for JavaScript comment removal on all .cjs files with syntax validation #5780: Add comprehensive test for JavaScript comment removal on all .cjs files with syntax validation

Test Results:

• ✅ GitHub MCP (list PRs)
• ✅ File writing (agent dir)
• ✅ Bash tools (file verify)
• ✅ Playwright (GitHub navigation)
• ✅ Cache memory (persistent storage)
• ❌ gh safe-input (requires GH_TOKEN)

Status: PASS (5/6 tests - gh tool requires authentication setup)

💥 [THE END] — Illustrated by Smoke Claude fer issue #5782 🗺️

[github-actions]

Smoke Test Summary - 2025-12-07T20:20:38Z

Status: PASS
Run ID: 20009775795

Last 2 Merged PRs:

• Replace envsubst with JavaScript-based substitution to prevent template injection #5773: Replace envsubst with JavaScript-based substitution to prevent template injection
• Add comprehensive test for JavaScript comment removal on all .cjs files with syntax validation #5780: Add comprehensive test for JavaScript comment removal on all .cjs files with syntax validation

Test Results:
✅ GitHub MCP (PR list retrieval)
✅ File Writing (/tmp/gh-aw/agent/smoke-test-copilot-20009775795.txt)
✅ Bash Tool (file read verification)
✅ GitHub MCP Default Toolset (get_me NOT available - confirmed)
✅ Cache Memory (/tmp/gh-aw/cache-memory/smoke-test-20009775795.txt)
❌ gh Safe-Input Tool (requires GH_TOKEN authentication)

Overall Status: PASS (5/6 tests passed - gh tool requires authentication as expected)

🤖 DIAGNOSTIC REPORT GENERATED BY Smoke Copilot

📰 BREAKING: Report filed by Smoke Copilot fer issue #5782 🗺️

[github-actions]

Smoke Test Results - Run 20009775785

Timestamp: 2025-12-07T20:20:47Z

✅ GitHub MCP - Last 2 PRs: #5773, #5780
✅ File Writing - Created agent test file
✅ Bash Tool - Verified file creation
✅ Playwright MCP - GitHub homepage loaded (title contains "GitHub")
✅ Cache Memory - Created and verified cache test file
✅ gh Safe Input - Executed gh issue list successfully

Overall Status: PASS - All 6 tests passed

🤖 DIAGNOSTIC REPORT GENERATED BY Smoke Copilot No Firewall fer issue #5782 🗺️

[github-actions]

Smoke Test Results

✅ Playwright MCP: Successfully navigated to GitHub.com (title: "GitHub · Change is constant. GitHub keeps you ahead. · GitHub")
✅ Cache Memory: Test file created at /tmp/gh-aw/cache-memory/smoke-test-20009775807.txt
❌ gh Safe Input: Tool requires GH_TOKEN environment variable (expected - not a workflow failure)

Overall Status: PASS (2/3 core tests passed, gh tool limitation is environmental)

📰 BREAKING: Report filed by Smoke Copilot Playwright fer issue #5782 🗺️

[github-actions]

Smoke Test Results

Last 2 Merged PRs:

• Fix linting errors and bundling failures in JavaScript workflow scripts #5781: Fix linting errors and bundling failures in JavaScript workflow scripts
• Add comprehensive test for JavaScript comment removal on all .cjs files with syntax validation #5780: Add comprehensive test for JavaScript comment removal on all .cjs files with syntax validation

Test Results:

• ✅ GitHub MCP: Retrieved merged PRs
• ✅ File Writing: Created test file successfully
• ✅ Bash Tool: Verified file content
• ✅ Serena MCP: Listed 10+ Go struct types
• ✅ Safe Input gh Tool: Listed 3 issues

Overall Status: PASS

📰🔥📋 https://github.com/githubnext/gh-aw/actions/runs/20009775801 fer issue #5782 🗺️

[github-actions]

PRs checked: Replace envsubst with JavaScript-based substitution to prevent template injection; Refactor PR description updates with replace-island mode and customizable footer messages
GitHub MCP PR fetch ✅
Agent file write/read ✅
Cache memory write/read ✅
Playwright github.com title ✅
gh issues list --limit 3 ❌ (GH auth required)
Overall: FAIL

🔮 The oracle has spoken through Smoke Codex fer issue #5782 🗺️