Skip to content

feat: GitHub starter pack and profile #3

Open
Open
feat: GitHub starter pack and profile#3
@dpup

Description

@dpup
dpup
opened on Mar 24, 2026

Summary

Ship a GitHub profile and starter pack for agents using GitHub MCP tools. Focus on protecting production branches, preventing destructive operations, and constraining scope.

Profile: profiles/github.yaml

name: github
aliases:
  repo: "params.repository"
  branch: "params.branch"
  ref: "params.ref"
  owner: "params.owner"
  title: "params.title"
  body: "params.body"
  base: "params.base"
  head: "params.head"

Starter Pack: starter-packs/github-safe-defaults.yaml

name: github-safe-defaults
profile: github
rules:
  - name: no-force-push
    match:
      operation: "git_push"
      when: "has(params.force) && params.force == true"
    action: deny
    message: "Force push is not permitted. Use regular push."

  - name: protect-main
    match:
      operation: "git_push"
      when: "branch in ['main', 'master', 'production']"
    action: deny
    message: "Direct push to protected branches is not permitted. Use a pull request."

  - name: no-delete-repo
    match:
      operation: "delete_repository"
    action: deny
    message: "Repository deletion is not permitted."

  - name: no-delete-branch
    match:
      operation: "delete_branch"
      when: "branch in ['main', 'master', 'production', 'develop']"
    action: deny
    message: "Deletion of protected branches is not permitted."

  - name: pr-branch-pattern
    match:
      operation: "create_pull_request"
      when: "!head.matches('^agent/.*')"
    action: deny
    message: "Agent PRs must use the agent/* branch prefix."

  - name: audit-all
    match:
      operation: "*"
    action: log

Notes

  • Addresses PRD user story US-1 (constrain GitHub access beyond token scopes)
  • Branch protection rules complement server-side branch protection — defense in depth
  • The pr-branch-pattern rule is opinionated; users will commonly override it
  • Include fixture tests: allow normal push to feature branch, deny force push, deny push to main, deny repo delete, deny non-prefixed PR
  • Operation names should match actual GitHub MCP server tool names — verify against the live server before finalizing

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions