Skip to content

Add agent security and rate limiting guide#2627

Open
advancedresearcharray wants to merge 3 commits into
github:mainfrom
advancedresearcharray:docs/agent-security-guide-2233
Open

Add agent security and rate limiting guide#2627
advancedresearcharray wants to merge 3 commits into
github:mainfrom
advancedresearcharray:docs/agent-security-guide-2233

Conversation

@advancedresearcharray
Copy link
Copy Markdown

@advancedresearcharray advancedresearcharray commented Jun 6, 2026
edited
Loading

Summary

Add documentation and a sample policy template for limiting what AI agents can do with the GitHub MCP Server in production workflows.

Why

Fixes #2233

Agents connected to the GitHub MCP Server can invoke destructive and write tools without built-in per-tool rate limits. PAT scopes alone are too coarse for per-tool control. This PR adds practical guidance for combining server configuration, authentication best practices, and optional MCP enforcement proxies.

What changed

  • Add docs/agent-security-guide.md covering built-in safeguards (read-only mode, tool allowlists, exclude-tools), authentication best practices, and MCP enforcement proxies for runtime rate limiting
  • Add docs/examples/recommended-security-policy.yaml as a reference policy template with suggested defaults: block destructive tools, rate-limit writes at 30/hour, cap create_repository at 5/hour
  • Link the guide from the README, Server Configuration Guide, Host Integration Guide, and Policies & Governance doc

MCP impact

  • No tool or API changes

Security / limits

  • Auth / permissions considered
  • Data exposure, filtering, or token/size limits considered

Tool renaming

  • I am not renaming tools as part of this PR

Lint & tests

  • Docs-only change; no code paths modified

Docs

  • Updated (README / docs / examples)

Test plan

  • Verify all new doc links resolve correctly
  • Confirm sample policy references real tool names from the server
  • Maintainer review of recommended rate limit defaults

@cursoragent
Add agent security and rate limiting guide
ef9a3d9 
Document built-in safeguards, recommended deployment profiles, and a
sample policy template for MCP enforcement proxies. Closes github#2233.

Co-authored-by: Cursor <cursoragent@cursor.com>
@advancedresearcharray advancedresearcharray requested a review from a team as a code owner June 6, 2026 19:10
root and others added 2 commits June 6, 2026 19:15
@cursoragent
docs: expand destructive tool coverage in security policy
b2e90c4 
Add projects_write to the sample blocked-tools list and cross-link the
agent security guide from the host integration docs.

Co-authored-by: Cursor <cursoragent@cursor.com>
@cursoragent
docs: cover all DestructiveHint tools in security policy
b12b57b 
Add delete_pending_pull_request_review and remove_sub_issue to the
sample blocked-tools list, document the full DestructiveHint set in the
agent security guide, and cross-link from scope-filtering docs.

Co-authored-by: Cursor <cursoragent@cursor.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Suggestion: add a recommended security policy / rate limiting guide

1 participant

@advancedresearcharray