Skip to content

feat: GitHub starter pack and profile #3

Open
Open
feat: GitHub starter pack and profile#3
@dpup

Description

@dpup
dpup
opened on Mar 24, 2026

Summary

Ship a GitHub profile and starter pack for agents using GitHub MCP tools. Focus on protecting production branches, preventing destructive operations, and constraining scope.

Profile: profiles/github.yaml

name: github
aliases:
  repo: "params.repository"
  branch: "params.branch"
  ref: "params.ref"
  owner: "params.owner"
  title: "params.title"
  body: "params.body"
  base: "params.base"
  head: "params.head"

Starter Pack: starter-packs/github-safe-defaults.yaml

name: github-safe-defaults
profile: github
rules:
  - name: no-force-push
    match:
      operation: "git_push"
      when: "has(params.force) && params.force == true"
    action: deny
    message: "Force push is not permitted. Use regular push."

  - name: protect-main
    match:
      operation: "git_push"
      when: "branch in ['main', 'master', 'production']"
    action: deny
    message: "Direct push to protected branches is not permitted. Use a pull request."

  - name: no-delete-repo
    match:
      operation: "delete_repository"
    action: deny
    message: "Repository deletion is not permitted."

  - name: no-delete-branch
    match:
      operation: "delete_branch"
      when: "branch in ['main', 'master', 'production', 'develop']"
    action: deny
    message: "Deletion of protected branches is not permitted."

  - name: pr-branch-pattern
    match:
      operation: "create_pull_request"
      when: "!head.matches('^agent/.*')"
    action: deny
    message: "Agent PRs must use the agent/* branch prefix."

  - name: audit-all
    match:
      operation: "*"
    action: log

Notes

  • Addresses PRD user story US-1 (constrain GitHub access beyond token scopes)
  • Branch protection rules complement server-side branch protection — defense in depth
  • The pr-branch-pattern rule is opinionated; users will commonly override it
  • Include fixture tests: allow normal push to feature branch, deny force push, deny push to main, deny repo delete, deny non-prefixed PR
  • Operation names should match actual GitHub MCP server tool names — verify against the live server before finalizing

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions