feat(mcp): file_issue tool — hermes-github plugin (closes #57, G3 of devagentic#203)#64
Merged
Merged
Conversation
…devagentic#203)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #57. G3 of TechDevGroup/devagentic#203.
Summary
plugins/hermes-github/with the same shape as the other devagentic-adjacent plugins (canvas / docs / mutations / vertical-preamble).file_issue(repo, title, body, labels?)registered viamcp_serve.py::_register_github_tools.TechDevGroup/devagentic+TechDevGroup/hermes-agent— anything else returns{"error": ...}.Why
Under devagentic#203 §3.2 a worker session that discovers a stack gap (missing capability, broken behavior, bug) MUST surface it as a GitHub issue — never edit stack source. Until this tool existed there was no hermes-native path to do so, forcing workers to either (a) shell out to
gh(violates NousResearch#203 §1.2 invariant) or (b) silently work around the gap. This tool is the path.Auth model (worker never sees credentials)
The plugin holds NO credentials. Token resolution happens on the hermes host in priority order:
HERMES_GH_TOKEN(dedicated)GITHUB_TOKEN/GH_TOKEN(standard PAT env)gh auth tokensubprocess (whenghCLI is on PATH)The resolved token is sent only on the outbound
api.github.comrequest — never logged, never returned to the worker conversation. Required scope:repo(private repos like TechDevGroup/devagentic + TechDevGroup/hermes-agent) orpublic_repo.If no token is available,
file_issuereturns{"error": "no GitHub token available — set HERMES_GH_TOKEN / GITHUB_TOKEN / GH_TOKEN, or run \gh auth login` on the hermes host"}` so the worker gets actionable diagnostics.Test plan
tests/plugins/hermes-github/test_client.py): allowed-repo restriction (3), arg validation (3), token resolution priority (4 — env priority, env-fallback, gh-CLI fallback, no-token), HTTP behavior (5 — happy path, label handling, HTTP-error surface, network-error surface, invalid-JSON / missing-number guards), schema (1).create_mcp_server()smoke-import succeeds;file_issueregistered alongside existing 28 tools (29 total now).Notes
_ALLOWED_REPOSinclient.py. Operators wanting to widen the scope file a follow-up issue + extend explicitly.devagentic#203in any issue they file so stack maintainers understand the gap context (covered in plugin README).