Add opt-in filtering for content from users without push access

[Copilot]

Overview

This PR adds an opt-in way to limit issue, comment and PR input from users without push access to a specified repository. This helps mitigate prompt injection attacks when using this repo in headless contexts, especially for coding agents.

Implementation Details

1. Added a new flag --trusted-repo to the CLI which takes a repository in the format owner/repo
2. Created a context-based content filtering system that checks if users have push access to the trusted repository
3. Updated relevant tools (currently GetIssue and GetIssueComments) to filter content based on user permissions
4. The filtering automatically disables itself for private repositories since all users with access to private repos are already trusted

Usage

To enable content filtering, start the server with the trusted repo flag:

github-mcp-server stdio --trusted-repo="owner/repo"

When filtering is enabled, any content from users without push access to the specified repository will be excluded from the results.

Technical Notes

• The implementation caches user permission checks to avoid redundant API calls
• For private repositories, the filter automatically disables itself
• The design allows for easy extension to other tools that handle user-generated content

Fixes #427.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[SamMorrowDrums]

@copilot there are some linter errors and also endpoints like search issues and possibly others also need this (remember all pull request body text, comments, issues etc. should be filtered this way.

Also do not filter out content from the logged in user either.

[Copilot]

@copilot there are some linter errors and also endpoints like search issues and possibly others also need this (remember all pull request body text, comments, issues etc. should be filtered this way.
...

I've fixed the content filtering to extend to more tools and also ensured content from the logged-in user won't be filtered. The changes include:

1. Added filtering to: SearchIssues, ListIssues, GetPullRequest, ListPullRequests, GetPullRequestComments, GetPullRequestReviews
2. Modified the content filter to store the authenticated user and exempt them from filtering
3. Fixed function signatures and updated tests

All code now builds successfully. See commit b34ec6f.

Warning

Firewall rules blocked me from connecting to one or more addresses

I tried to connect to the following addresses, but was blocked by firewall rules:

• cdn.fwupd.org

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to my firewall allow list