[guard-coverage] Guard coverage gap: 3 operations from github-mcp-server / GitHub CLI not fully covered

[github-actions]

Summary

The GitHub guard does not fully cover 3 operation(s) from the github-mcp-server and/or GitHub CLI. This may allow write operations to bypass DIFC classification or leave repo-scoped mutations without explicit secrecy/integrity labeling.

• MCP tools scanned: 114
• CLI write commands scanned: 79
• Guard-covered write tools (tools.rs): 117
• Tools with explicit DIFC rules (tool_rules.rs): 118
• New gaps found this run: 3

---

MCP Tool Classification Gaps (tools.rs)

These MCP tools perform write or mutating operations but are missing from WRITE_OPERATIONS or READ_WRITE_OPERATIONS in guards/github-guard/rust-guard/src/tools.rs:

Tool Name	Operation Type	Suggested Classification	Notes
add_issue_reaction	write	WRITE_OPERATIONS	Upstream tool: "Add a reaction to an issue or pull request." Mutates repo discussion state.
add_issue_comment_reaction	write	WRITE_OPERATIONS	Upstream tool: "Add a reaction to an issue or pull request comment." Mutates repo discussion state.
add_pull_request_review_comment_reaction	write	WRITE_OPERATIONS	Upstream tool: "Add a reaction to a pull request review comment." Mutates repo discussion state.

Suggested fix for tools.rs

// Add to WRITE_OPERATIONS (keep sorted for binary_search correctness):
pub const WRITE_OPERATIONS: &[&str] = &[
    // ... existing entries ...
    "add_issue_comment_reaction", // POST reaction on issue/PR comment
    "add_issue_reaction",         // POST reaction on issue or PR
    "add_pull_request_review_comment_reaction", // POST reaction on PR review comment
];

---

MCP Tool DIFC Labeling Gaps (tool_rules.rs)

These MCP tools exist in the upstream server but have no explicit match arm in apply_tool_labels in guards/github-guard/rust-guard/src/labels/tool_rules.rs. They currently fall through to default handling even though they are repo-scoped writes:

Tool Name	Data Scope	Suggested Labels	Risk
add_issue_reaction	repo-scoped	secrecy: S(repo), integrity: writer(repo)	Medium
add_issue_comment_reaction	repo-scoped	secrecy: S(repo), integrity: writer(repo)	Medium
add_pull_request_review_comment_reaction	repo-scoped	secrecy: S(repo), integrity: writer(repo)	Medium

Suggested fix for tool_rules.rs

Add an explicit repo-scoped write rule alongside the existing issue / PR write cases:

"add_issue_reaction"
| "add_issue_comment_reaction"
| "add_pull_request_review_comment_reaction" => {
    secrecy = apply_repo_visibility_secrecy(&owner, &repo, repo_id, secrecy, ctx);
    integrity = writer_integrity(repo_id, ctx);
}

---

GitHub CLI-Only Gaps

No new CLI-only gaps were identified in this run beyond operations already modeled in the guard or already tracked in cache.

---

Stale Guard Entries (bonus)

No stale guard entries were identified in this run.

---

References

• github-mcp-server tools
• GitHub CLI commands
• guard tools.rs
• guard tool_rules.rs
• Run: §28309931245

Generated by GitHub Guard Coverage Checker (MCP + CLI) · 238.1 AIC · ⊞ 30.8K · ◷

• expires on Jul 12, 2026, 3:26 AM UTC

[github-actions]

🤖 This is an automated response from Repo Assist.

I've implemented this fix in draft PR #8235.

The three reaction tools were inserted into WRITE_OPERATIONS (sorted for binary_search) in tools.rs and added to the repo-scoped write match arm in tool_rules.rs, following the same pattern as adjacent issue/PR write operations. Tests added for both classification and DIFC label assignment. All 539 Rust guard tests pass.

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• proxy.golang.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "proxy.golang.org"

See Network Configuration for more information.

Generated by Repo Assist · 180.3 AIC · ⊞ 12.2K · ◷
_{Comment /repo-assist to run again}

Add this agentic workflows to your repo

To install this agentic workflow, run

gh aw add githubnext/agentics/workflows/repo-assist.md@851905c06e905bf362a9f6cc54f912e3df747d55