github · JoannaaKL · Nov 10, 2025 · Nov 7, 2025 · Nov 7, 2025 · Nov 7, 2025
@@ -64,7 +64,7 @@ func generateReadmeDocs(readmePath string) error {
 	t, _ := translations.TranslationHelper()
 
 	// Create toolset group with mock clients
-	tsg := github.DefaultToolsetGroup(false, mockGetClient, mockGetGQLClient, mockGetRawClient, t, 5000)
+	tsg := github.DefaultToolsetGroup(false, mockGetClient, mockGetGQLClient, mockGetRawClient, t, 5000, github.FeatureFlags{})
 
 	// Generate toolsets documentation
 	toolsetsDoc := generateToolsetsDoc(tsg)
@@ -302,7 +302,7 @@ func generateRemoteToolsetsDoc() string {
 	t, _ := translations.TranslationHelper()
 
 	// Create toolset group with mock clients
-	tsg := github.DefaultToolsetGroup(false, mockGetClient, mockGetGQLClient, mockGetRawClient, t, 5000)
+	tsg := github.DefaultToolsetGroup(false, mockGetClient, mockGetGQLClient, mockGetRawClient, t, 5000, github.FeatureFlags{})
 
 	// Generate table header
 	buf.WriteString("| Name           | Description                                      | API URL                                               | 1-Click Install (VS Code)                                                                                                                                                                                                 | Read-only Link                                                                                                 | 1-Click Read-only Install (VS Code)                                                                                                                                                                                                 |\n")

@@ -61,6 +61,7 @@ var (
 				EnableCommandLogging: viper.GetBool("enable-command-logging"),
 				LogFilePath:          viper.GetString("log-file"),
 				ContentWindowSize:    viper.GetInt("content-window-size"),
+				LockdownEnabled:      viper.GetBool("lockdown-enabled"),
 			}
 			return ghmcp.RunStdioServer(stdioServerConfig)
 		},
@@ -82,6 +83,7 @@ func init() {
 	rootCmd.PersistentFlags().Bool("export-translations", false, "Save translations to a JSON file")
 	rootCmd.PersistentFlags().String("gh-host", "", "Specify the GitHub hostname (for GitHub Enterprise etc.)")
 	rootCmd.PersistentFlags().Int("content-window-size", 5000, "Specify the content window size")
+	rootCmd.PersistentFlags().Bool("lockdown-enabled", false, "Enable lockdown mode")
 
 	// Bind flag to viper
 	_ = viper.BindPFlag("toolsets", rootCmd.PersistentFlags().Lookup("toolsets"))
@@ -92,6 +94,7 @@ func init() {
 	_ = viper.BindPFlag("export-translations", rootCmd.PersistentFlags().Lookup("export-translations"))
 	_ = viper.BindPFlag("host", rootCmd.PersistentFlags().Lookup("gh-host"))
 	_ = viper.BindPFlag("content-window-size", rootCmd.PersistentFlags().Lookup("content-window-size"))
+	_ = viper.BindPFlag("lockdown-enabled", rootCmd.PersistentFlags().Lookup("lockdown-enabled"))
 
 	// Add subcommands
 	rootCmd.AddCommand(stdioCmd)

@@ -51,6 +51,9 @@ type MCPServerConfig struct {
 
 	// Content window size
 	ContentWindowSize int
+
+	// LockdownEnabled indicates if we should enable lockdown mode
+	LockdownEnabled bool
 }
 
 const stdioServerLogPrefix = "stdioserver"
@@ -154,7 +157,15 @@ func NewMCPServer(cfg MCPServerConfig) (*server.MCPServer, error) {
 	}
 
 	// Create default toolsets
-	tsg := github.DefaultToolsetGroup(cfg.ReadOnly, getClient, getGQLClient, getRawClient, cfg.Translator, cfg.ContentWindowSize)
+	tsg := github.DefaultToolsetGroup(
+		cfg.ReadOnly,
+		getClient,
+		getGQLClient,
+		getRawClient,
+		cfg.Translator,
+		cfg.ContentWindowSize,
+		github.FeatureFlags{LockdownEnabled: cfg.LockdownEnabled},
+	)
 	err = tsg.EnableToolsets(enabledToolsets, nil)
 
 	if err != nil {
@@ -205,6 +216,9 @@ type StdioServerConfig struct {
 
 	// Content window size
 	ContentWindowSize int
+
+	// LockdownEnabled indicates if we should enable lockdown mode
+	LockdownEnabled bool
 }
 
 // RunStdioServer is not concurrent safe.
@@ -224,6 +238,7 @@ func RunStdioServer(cfg StdioServerConfig) error {
 		ReadOnly:          cfg.ReadOnly,
 		Translator:        t,
 		ContentWindowSize: cfg.ContentWindowSize,
+		LockdownEnabled:   cfg.LockdownEnabled,
 	})
 	if err != nil {
 		return fmt.Errorf("failed to create MCP server: %w", err)
@@ -245,7 +260,7 @@ func RunStdioServer(cfg StdioServerConfig) error {
 		slogHandler = slog.NewTextHandler(logOutput, &slog.HandlerOptions{Level: slog.LevelInfo})
 	}
 	logger := slog.New(slogHandler)
-	logger.Info("starting server", "version", cfg.Version, "host", cfg.Host, "dynamicToolsets", cfg.DynamicToolsets, "readOnly", cfg.ReadOnly)
+	logger.Info("starting server", "version", cfg.Version, "host", cfg.Host, "dynamicToolsets", cfg.DynamicToolsets, "readOnly", cfg.ReadOnly, "lockdownEnabled", cfg.LockdownEnabled)
 	stdLogger := log.New(logOutput, stdioServerLogPrefix, 0)
 	stdioServer.SetErrorLogger(stdLogger)
 

@@ -0,0 +1,6 @@
+package github
+
+// FeatureFlags defines runtime feature toggles that adjust tool behavior.
+type FeatureFlags struct {
+	LockdownEnabled bool
+}
@@ -10,6 +10,7 @@ import (
 	"time"
 
 	ghErrors "github.com/github/github-mcp-server/pkg/errors"
+	"github.com/github/github-mcp-server/pkg/lockdown"
 	"github.com/github/github-mcp-server/pkg/sanitize"
 	"github.com/github/github-mcp-server/pkg/translations"
 	"github.com/go-viper/mapstructure/v2"
@@ -227,7 +228,7 @@ func fragmentToIssue(fragment IssueFragment) *github.Issue {
 }
 
 // GetIssue creates a tool to get details of a specific issue in a GitHub repository.
-func IssueRead(getClient GetClientFn, getGQLClient GetGQLClientFn, t translations.TranslationHelperFunc) (tool mcp.Tool, handler server.ToolHandlerFunc) {
+func IssueRead(getClient GetClientFn, getGQLClient GetGQLClientFn, t translations.TranslationHelperFunc, flags FeatureFlags) (tool mcp.Tool, handler server.ToolHandlerFunc) {
 	return mcp.NewTool("issue_read",
 			mcp.WithDescription(t("TOOL_ISSUE_READ_DESCRIPTION", "Get information about a specific issue in a GitHub repository.")),
 			mcp.WithToolAnnotation(mcp.ToolAnnotation{
@@ -296,7 +297,7 @@ Options are:
 
 			switch method {
 			case "get":
-				return GetIssue(ctx, client, owner, repo, issueNumber)
+				return GetIssue(ctx, client, gqlClient, owner, repo, issueNumber, flags)
 			case "get_comments":
 				return GetIssueComments(ctx, client, owner, repo, issueNumber, pagination)
 			case "get_sub_issues":
@@ -309,7 +310,7 @@ Options are:
 		}
 }
 
-func GetIssue(ctx context.Context, client *github.Client, owner string, repo string, issueNumber int) (*mcp.CallToolResult, error) {
+func GetIssue(ctx context.Context, client *github.Client, gqlClient *githubv4.Client, owner string, repo string, issueNumber int, flags FeatureFlags) (*mcp.CallToolResult, error) {
 	issue, resp, err := client.Issues.Get(ctx, owner, repo, issueNumber)
 	if err != nil {
 		return nil, fmt.Errorf("failed to get issue: %w", err)
@@ -324,6 +325,13 @@ func GetIssue(ctx context.Context, client *github.Client, owner string, repo str
 		return mcp.NewToolResultError(fmt.Sprintf("failed to get issue: %s", string(body))), nil
 	}
 
+	if flags.LockdownEnabled {
+		shouldFilter := lockdown.ShouldRemoveContent(ctx, gqlClient, *issue.User.Login, *issue.Repository.Owner.Login, *issue.Repository.Name)
+		if shouldFilter {
+			return mcp.NewToolResultError("access to issue details is restricted by lockdown mode"), nil
+		}
+	}
+
 	// Sanitize title/body on response
 	if issue != nil {
 		if issue.Title != nil {