github · pelikhan · Feb 12, 2026 · Feb 12, 2026 · Feb 12, 2026 · Feb 12, 2026
diff --git a/.changeset/patch-add-mcp-actor-validation.md b/.changeset/patch-add-mcp-actor-validation.md
diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml
diff --git a/.github/workflows/agent-persona-explorer.lock.yml b/.github/workflows/agent-persona-explorer.lock.yml
diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml
diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml
diff --git a/.github/workflows/daily-cli-tools-tester.lock.yml b/.github/workflows/daily-cli-tools-tester.lock.yml
diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml
diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml
diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml
diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml
diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml
diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml
diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml
diff --git a/.github/workflows/metrics-collector.lock.yml b/.github/workflows/metrics-collector.lock.yml
diff --git a/.github/workflows/portfolio-analyst.lock.yml b/.github/workflows/portfolio-analyst.lock.yml
diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml
diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml
diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml
diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml
diff --git a/.github/workflows/security-review.lock.yml b/.github/workflows/security-review.lock.yml
diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml
diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml
diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml
diff --git a/.github/workflows/workflow-normalizer.lock.yml b/.github/workflows/workflow-normalizer.lock.yml
diff --git a/Dockerfile b/Dockerfile
@@ -35,9 +35,10 @@ WORKDIR /workspace
 # Set the entrypoint to gh-aw
 ENTRYPOINT ["gh-aw"]
 
-# Default command runs MCP server
-# Note: Binary path detection is automatic via os.Executable()
-CMD ["mcp-server"]
+# Default command runs MCP server with actor validation enabled
+# The GITHUB_ACTOR environment variable must be set for logs and audit tools to be available
+# Binary path detection is automatic via os.Executable()
-# The GITHUB_ACTOR environment variable must be set for logs and audit tools to be available
-# Binary path detection is automatic via os.Executable()
+# The GITHUB_ACTOR environment variable must be set and pass validation to use logs and audit tools;
+# tools remain mounted/visible, but unauthorized access will result in permission denied errors.
-# The GITHUB_ACTOR environment variable must be set for logs and audit tools to be available
-# Binary path detection is automatic via os.Executable()
+# The GITHUB_ACTOR environment variable must be set and pass validation to use logs and audit tools;
+# tools remain mounted/visible, but unauthorized access will result in permission denied errors.
+CMD ["mcp-server", "--validate-actor"]
 
 # Metadata labels
 LABEL org.opencontainers.image.source="https://github.com/github/gh-aw"