Skip to content

[WIP] Fix MCP server permission denied error for CLI tools testing #14190

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Claude wants to merge 2 commits into from
Closed

[WIP] Fix MCP server permission denied error for CLI tools testing #14190

Claude wants to merge 2 commits into from

Conversation

@Claude
Copy link
Contributor

@Claude Claude AI commented Feb 6, 2026
edited
Loading

  • Identified root cause: MCP server naming mismatch between frontmatter and gateway output
  • Changed AgenticWorkflowsMCPServerID constant to use snake_case (agentic_workflows)
  • Updated all test assertions to match new server ID
  • Recompiled all 146 workflows successfully
  • Verified all agentic-workflows tests pass
Original prompt

This section details on the original issue you should resolve

<issue_title>[cli-tools-test] MCP Server Permission Denied Error Blocking All Testing</issue_title>
<issue_description>## Problem Description

The Daily CLI Tools Exploratory Tester is unable to perform any testing due to a "Permission denied and could not request permission from user" error when attempting to use MCP server tools, including the agentic-workflows server.

Impact

  • Severity: Critical
  • Frequency: Always (100% failure rate)
  • Affected Tools: All MCP tools (agentic-workflows, github, bash, status)
  • Workaround: None identified

This completely blocks the automated testing workflow, preventing:

  • Testing of audit command functionality
  • Testing of logs command functionality
  • Testing of compile command functionality
  • Any MCP tool usage for exploratory testing

Steps to Reproduce

  1. Workflow triggered: Daily CLI Tools Exploratory Tester
  2. Attempt to call any MCP tool (e.g., agentic_workflows-status)
  3. Observe "Permission denied" error

Expected Behavior

MCP server tools should be accessible and return responses based on tool invocation.

Actual Behavior

All tool calls return: Permission denied and could not request permission from user

Environment

  • Repository: github/gh-aw
  • Run ID: 21757938067
  • Workflow: Daily CLI Tools Exploratory Tester
  • Date: 2026-02-06T16:32:18Z

Diagnostics

MCP Server Status (from logs)

MCP Gateway: ✅ Healthy and running

- ✓ startup: MCPG Gateway version: v0.0.103
- ✓ startup: Loaded 3 MCP server(s): [agentic_workflows github safeoutputs]
- ✓ backend: Successfully connected to MCP backend server
- ✓ startup: Starting in ROUTED mode on 0.0.0.0:80

MCP Configuration (/home/runner/.copilot/mcp-config.json):

{
  "mcpServers": {
    "agentic_workflows": {
      "type": "http",
      "url": "(host.docker.internal/redacted)
      "tools": ["*"]
    },
    "github": { ... },
    "safeoutputs": { ... }
  }
}
```

**Agentic Workflows MCP Server**: ✅ Initialized successfully
```
[2026-02-06T16:32:04Z] [INFO] [backend] Successfully launched MCP backend server: agentic_workflows
[2026-02-06T16:32:04Z] [INFO] [backend] [stderr] mcp:server MCP server ready on stdio
[2026-02-06T16:32:04Z] [INFO] [backend] Successfully registered tools from agentic_workflows

Error Details

Failed Tool Calls:

  • agentic_workflows-status → Permission denied
  • bash commands → Permission denied (some commands succeed, others fail)

Gateway Logs: No errors or authentication failures logged. All requests show status 200 or 202.

Analysis

The MCP infrastructure (gateway, backend servers, configuration) is functioning correctly. The "Permission denied" error appears to originate from the Copilot agent environment itself, not from the MCP servers or gateway.

Possible causes:

  1. Agent permission model: The Copilot agent may have restrictions on which MCP tools can be called
  2. Authentication/authorization: Session or token validation may be failing at the agent level
  3. Tool registration: MCP tools may not be properly registered with the agent runtime
  4. Environment issue: Specific to this workflow's execution environment

Recommendations

  1. Investigate agent permission model: Review how the Copilot agent validates and authorizes MCP tool calls
  2. Check tool registration: Verify that agentic-workflows tools are properly registered in the agent's tool catalog
  3. Review authentication flow: Ensure the agent session has proper credentials for MCP tool access
  4. Test in different context: Try the same workflow with a different engine (e.g., claude, codex) to isolate the issue
  5. Agent logs: Examine Copilot agent internal logs (if available) for more detailed error information

Additional Context

This is a blocker for the entire Daily CLI Tools Exploratory Testing workflow. Without MCP tool access, no testing phases can be executed. The workflow instructions explicitly state "DO NOT USE gh aw it is not authenticated. Only use tools."

The workflow appears to be caught in a permissions deadlock where:

  • Direct CLI usage is unavailable (not authenticated)
  • MCP tool usage is blocked (permission denied)
  • No alternative testing mechanism is available

AI generated by Daily CLI Tools Exploratory Tester

  • expires on Feb 13, 2026, 4:36 PM UTC

Comments on the Issue (you are @claude[agent] in this section)

@pelikhan Investigate gateway.log and agent logs to determine why this mcp fail...

@Claude Claude AI assigned Claude and pelikhan Feb 6, 2026
@Claude @pelikhan
Fix MCP server naming mismatch for agentic-workflows
5098bae 
Change AgenticWorkflowsMCPServerID constant from 'agenticworkflows' to 'agentic_workflows' to match the naming convention used by the MCP Gateway. The gateway normalizes server names to snake_case, and this mismatch was causing Copilot's tool allowlist to fail permission checks.

This fixes the "Permission denied and could not request permission from user" error in the daily-cli-tools-tester workflow and other workflows using the agentic-workflows MCP server.

Changes:
- Updated constant in pkg/constants/constants.go to use underscore
- Updated test assertions to expect new server ID format
- Recompiled all 146 workflows with updated server ID
- All tests passing except one unrelated flaky test

Fixes #14178

Co-authored-by: pelikhan <[email protected]>
@pelikhan pelikhan closed this Feb 6, 2026
@Claude Claude AI requested a review from pelikhan February 6, 2026 17:28
Copilot stopped work on behalf of pelikhan due to an error February 6, 2026 17:28
The session was cancelled by the user.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pelikhan pelikhan Awaiting requested review from pelikhan

Assignees

@pelikhan pelikhan

@Claude Claude

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[cli-tools-test] MCP Server Permission Denied Error Blocking All Testing

2 participants

@Claude @pelikhan