Summary
The GitHub guard does not fully cover 2 operation(s) from the github-mcp-server source inventory.
- MCP tools scanned: 115 source-registered tools
- CLI write commands scanned: 79
- Guard-covered write tools (
tools.rs): 116 (WRITE_OPERATIONS + READ_WRITE_OPERATIONS)
- Tools with explicit DIFC rules (
tool_rules.rs): 113 of 115 upstream tools
- New gaps found this run: 2
No new CLI-only gaps were identified in the scoped GitHub CLI write-command set. The newly observed gap is a feature-flagged upstream MCP capability for issue dependency relationships.
MCP Tool Classification Gaps (tools.rs)
These MCP tools perform write or mutating operations but are missing from WRITE_OPERATIONS or READ_WRITE_OPERATIONS in guards/github-guard/rust-guard/src/tools.rs:
| Tool Name |
Operation Type |
Suggested Classification |
Notes |
issue_dependency_write |
read-write |
READ_WRITE_OPERATIONS |
Adds/removes blocked-by and blocking relationships between issues after resolving issue numbers to GraphQL node IDs |
Suggested fix for tools.rs
pub const READ_WRITE_OPERATIONS: &[&str] = &[
// ... existing entries ...
"issue_dependency_write", // GraphQL addBlockedBy/removeBlockedBy after resolving issue IDs
// ... existing entries ...
];
MCP Tool DIFC Labeling Gaps (tool_rules.rs)
These upstream tools have no explicit match arm in apply_tool_labels and currently fall through to default label handling:
| Tool Name |
Data Scope |
Suggested Labels |
Risk |
issue_dependency_read |
repo-scoped issue graph |
secrecy: S(repo), integrity: same baseline as issue_read / repo-private reader floor |
Medium |
issue_dependency_write |
repo-scoped issue graph mutation |
secrecy: S(repo), integrity: writer(repo) |
High |
Suggested fix for tool_rules.rs
Add explicit handling alongside the issue rules:
"issue_dependency_read" => {
secrecy = apply_repo_visibility_secrecy(&owner, &repo, repo_id, secrecy, ctx);
integrity = private_writer_integrity(repo_id, repo_private, ctx);
}
"issue_dependency_write" => {
if !owner.is_empty() && !repo.is_empty() {
if let Some(issue_num) = extract_number_as_string(tool_args, field_names::ISSUE_NUMBER) {
desc = format!("issue:{}/{}#{}", owner, repo, issue_num);
}
}
secrecy = apply_repo_visibility_secrecy(&owner, &repo, repo_id, secrecy, ctx);
integrity = writer_integrity(repo_id, ctx);
}If you want issue_dependency_read to inherit author-derived integrity exactly like issue_read, factor the shared issue-scoped read logic into a helper and reuse it for both tools.
GitHub CLI-Only Gaps
No new CLI-only guard gaps were identified in this run.
References
Generated by GitHub Guard Coverage Checker (MCP + CLI) · 646.9 AIC · ⊞ 30.7K · ◷
Summary
The GitHub guard does not fully cover 2 operation(s) from the github-mcp-server source inventory.
tools.rs): 116 (WRITE_OPERATIONS+READ_WRITE_OPERATIONS)tool_rules.rs): 113 of 115 upstream toolsNo new CLI-only gaps were identified in the scoped GitHub CLI write-command set. The newly observed gap is a feature-flagged upstream MCP capability for issue dependency relationships.
MCP Tool Classification Gaps (
tools.rs)These MCP tools perform write or mutating operations but are missing from
WRITE_OPERATIONSorREAD_WRITE_OPERATIONSinguards/github-guard/rust-guard/src/tools.rs:issue_dependency_writeREAD_WRITE_OPERATIONSSuggested fix for
tools.rsMCP Tool DIFC Labeling Gaps (
tool_rules.rs)These upstream tools have no explicit match arm in
apply_tool_labelsand currently fall through to default label handling:issue_dependency_readS(repo), integrity: same baseline asissue_read/ repo-private reader floorissue_dependency_writeS(repo), integrity: writer(repo)Suggested fix for
tool_rules.rsAdd explicit handling alongside the issue rules:
If you want
issue_dependency_readto inherit author-derived integrity exactly likeissue_read, factor the shared issue-scoped read logic into a helper and reuse it for both tools.GitHub CLI-Only Gaps
No new CLI-only guard gaps were identified in this run.
References