test

Author: dsyme

.github/workflows/mcp-lockdown-mode-proof.yml

@@ -104,11 +104,11 @@ jobs:
           echo "Session ID: $SESSION_ID"
           echo "SESSION_ID=$SESSION_ID" >> "$GITHUB_ENV"
 
-      - name: "Test 2: Call issue_read on a public repo (expect lockdown to block)"
+      - name: "Test 2: Call issue_read on admin content in a public repo (desired: results returned, actual: lockdown blocks)"
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          echo "=== Calling issue_read (method: get) on a public repo issue ==="
+          echo "=== Calling issue_read (method: get) on a public repo issue created by an admin ==="
           echo "This targets github/github-mcp-server#1 (a public repo)."
           echo "With GITHUB_TOKEN read-all, the collaborators GraphQL query returns"
           echo "empty results, so lockdown will treat ALL authors as unsafe."
@@ -128,9 +128,9 @@ jobs:
                 "name": "issue_read",
                 "arguments": {
                   "method": "get",
-                  "owner": "github",
-                  "repo": "github-mcp-server",
-                  "issue_number": 1
+                  "owner": "githubnext",
+                  "repo": "gh-aw-test",
+                  "issue_number": 44
                 }
               }
             }')
@@ -158,7 +158,7 @@ jobs:
             echo "Unexpectedly succeeded — lockdown did not block. Check response above."
           fi
 
-      - name: "Test 3: Call issue_read get_comments on a public repo (expect filtered to zero)"
+      - name: "Test 3: Call issue_read get_comments on admin content in a public repo (desired: returns admin comments, actual: filtered to zero)"
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
@@ -181,9 +181,9 @@ jobs:
                 "name": "issue_read",
                 "arguments": {
                   "method": "get_comments",
-                  "owner": "github",
-                  "repo": "github-mcp-server",
-                  "issue_number": 1
+                  "owner": "githubnext",
+                  "repo": "gh-aw-test",
+                  "issue_number": 44
                 }
               }
             }')
@@ -223,9 +223,9 @@ jobs:
                 "name": "issue_read",
                 "arguments": {
                   "method": "get",
-                  "owner": "github",
-                  "repo": "github-mcp-server",
-                  "issue_number": 1
+                  "owner": "githubnext",
+                  "repo": "gh-aw-test",
+                  "issue_number": 44
                 }
               }
             }')