بنقرة واحدة
http-mcp-headers
Implement secret-safe HTTP headers for MCP transport in gh-aw.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Implement secret-safe HTTP headers for MCP transport in gh-aw.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Conversational skill that interviews users to design new agentic workflows
Route gh-aw workflow design/create/debug/upgrade requests to the right prompts.
Analyze and reduce token consumption in agentic workflows — guardrail-specific entry points, measurement, and optimization techniques.
Review code that performs git or gh operations against repository checkouts in gh-aw, checking that the right credentials are available at the right time and that sparseness, shallowness and credential-free factors are properly considered.
Teach Copilot how to plan, address, and respond to pull request review feedback.
Query GitHub pull requests with jq filtering and reusable selectors.
| name | http_mcp_headers |
| description | Implement secret-safe HTTP headers for MCP transport in gh-aw. |
Use this reference for HTTP MCP header secret support in the copilot engine.
When HTTP MCP headers include GitHub Actions secrets, mcp-config.json must:
${{ secrets.DD_API_KEY }})on:
workflow_dispatch:
permissions:
contents: read
engine: copilot
mcp-servers:
datadog:
type: http
url: "https://mcp.datadoghq.com/api/unstable/mcp-server/mcp"
headers:
DD_API_KEY: "${{ secrets.DD_API_KEY }}"
DD_APPLICATION_KEY: "${{ secrets.DD_APPLICATION_KEY }}"
DD_SITE: "${{ secrets.DD_SITE || 'datadoghq.com' }}"
allowed:
- search_datadog_dashboards
- search_datadog_slos
- search_datadog_metrics
- get_datadog_metric
# Datadog Dashboard Search
Search for Datadog dashboards and provide a summary.
{
"mcpServers": {
"datadog": {
"type": "http",
"url": "https://mcp.datadoghq.com/api/unstable/mcp-server/mcp",
"headers": {
"DD_API_KEY": "${DD_API_KEY}",
"DD_APPLICATION_KEY": "${DD_APPLICATION_KEY}",
"DD_SITE": "${DD_SITE}"
},
"tools": [
"search_datadog_dashboards",
"search_datadog_slos",
"search_datadog_metrics",
"get_datadog_metric"
],
"env": {
"DD_API_KEY": "\\${DD_API_KEY}",
"DD_APPLICATION_KEY": "\\${DD_APPLICATION_KEY}",
"DD_SITE": "\\${DD_SITE}"
}
}
}
}
env:
DD_API_KEY: ${{ secrets.DD_API_KEY }}
DD_APPLICATION_KEY: ${{ secrets.DD_APPLICATION_KEY }}
DD_SITE: ${{ secrets.DD_SITE || 'datadoghq.com' }}
COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}
# ... other env vars
GH_AW_MCP_CONFIG is intentionally NOT in the YAML env: block — it is exported from the run script (export GH_AW_MCP_CONFIG="$HOME/.copilot/mcp-config.json") so $HOME is resolved at runtime. GitHub Actions does not shell-expand env: values, so the path must be set via export to work on self-hosted/containerized runners where HOME is not /home/runner.
extractSecretsFromValue(value string) - Extracts secret expressions from a string
${{ secrets.VAR_NAME }} patterns${{ secrets.VAR || 'default' }}extractSecretsFromHeaders(headers map[string]string) - Extracts all secrets from HTTP headers
replaceSecretsWithEnvVars(value string, secrets map[string]string) - Replaces secret expressions with env var references
${{ secrets.DD_API_KEY }} to ${DD_API_KEY}collectHTTPMCPHeaderSecrets(tools map[string]any) - Collects secrets from all HTTP MCP tools
\${VAR_NAME})${{ secrets.* }} syntaxAll tests pass ✓