From c8acad5bf1682e36469dad0a63f535f2895b553a Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 25 Feb 2026 06:29:02 +0000
Subject: [PATCH 1/2] Initial plan


From 79f1738b9f27675e7bc82106619395ee0a9c2d9c Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 25 Feb 2026 06:36:20 +0000
Subject: [PATCH 2/2] fix: propagate MCP request context into
 checkActorPermission

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
 pkg/cli/mcp_server_helpers.go   | 4 ++--
 pkg/cli/mcp_tools_privileged.go | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/pkg/cli/mcp_server_helpers.go b/pkg/cli/mcp_server_helpers.go
index 7d684c0794d..3f0000f70bd 100644
--- a/pkg/cli/mcp_server_helpers.go
+++ b/pkg/cli/mcp_server_helpers.go
@@ -166,7 +166,7 @@ func validateWorkflowName(workflowName string) error {
 // checkActorPermission validates if the actor has sufficient permissions for restricted tools.
 // Returns nil if access is allowed, or a jsonrpc.Error if access is denied.
 // Uses GitHub API to query the actor's actual repository role with 1-hour caching.
-func checkActorPermission(actor string, validateActor bool, toolName string) error {
+func checkActorPermission(ctx context.Context, actor string, validateActor bool, toolName string) error {
 	// If validation is disabled, always allow access
 	if !validateActor {
 		mcpLog.Printf("Tool %s: access allowed (validation disabled)", toolName)
@@ -202,7 +202,7 @@ func checkActorPermission(actor string, validateActor bool, toolName string) err
 	}
 
 	// Query actor's role in the repository with caching
-	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	ctx, cancel := context.WithTimeout(ctx, 5*time.Second)
 	defer cancel()
 
 	permission, err := queryActorRole(ctx, actor, repo)
diff --git a/pkg/cli/mcp_tools_privileged.go b/pkg/cli/mcp_tools_privileged.go
index cb5f53ba46d..bbb7f92ac5d 100644
--- a/pkg/cli/mcp_tools_privileged.go
+++ b/pkg/cli/mcp_tools_privileged.go
@@ -71,7 +71,7 @@ return a schema description instead of the full output. Adjust the 'max_tokens'
 		},
 	}, func(ctx context.Context, req *mcp.CallToolRequest, args logsArgs) (*mcp.CallToolResult, any, error) {
 		// Check actor permissions first
-		if err := checkActorPermission(actor, validateActor, "logs"); err != nil {
+		if err := checkActorPermission(ctx, actor, validateActor, "logs"); err != nil {
 			return nil, nil, err
 		}
 
@@ -263,7 +263,7 @@ Returns JSON with the following structure:
 		},
 	}, func(ctx context.Context, req *mcp.CallToolRequest, args auditArgs) (*mcp.CallToolResult, any, error) {
 		// Check actor permissions first
-		if err := checkActorPermission(actor, validateActor, "audit"); err != nil {
+		if err := checkActorPermission(ctx, actor, validateActor, "audit"); err != nil {
 			return nil, nil, err
 		}