Secret scanning push protection integration with MCP Remote Server #19052 (#57020)

Co-authored-by: Sophie <[email protected]>

Author: am-stead

content/code-security/secret-scanning/introduction/about-push-protection.md

@@ -47,12 +47,13 @@ Push protection has some limitations. For more information, see [AUTOTITLE](/cod
 
 ## How push protection works
 
-Push protection works:
+Push protection blocks secrets detected in:
 
-* From the command line. See [AUTOTITLE](/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-command-line).
-* In the {% data variables.product.prodname_dotcom %} UI. See [AUTOTITLE](/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-in-the-github-ui).{% ifversion push-protection-delegated-bypass-file-upload-support %}
-* On files uploaded onto the repository on {% data variables.product.prodname_dotcom %}.{% endif %}{% ifversion secret-scanning-push-protection-content-endpoints %}
-* From the REST API. See [AUTOTITLE](/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-rest-api).{% endif %}
+* Pushes from the command line. See [AUTOTITLE](/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-command-line).
+* Commits made in the {% data variables.product.prodname_dotcom %} UI. See [AUTOTITLE](/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-in-the-github-ui).{% ifversion push-protection-delegated-bypass-file-upload-support %}
+* File uploads to a repository on {% data variables.product.prodname_dotcom %}.{% endif %}{% ifversion secret-scanning-push-protection-content-endpoints %}
+* Requests to the REST API. See [AUTOTITLE](/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-rest-api).{% endif %}
+* Interactions with the {% data variables.product.github %} MCP server (public repositories only). See [AUTOTITLE](/enterprise-cloud@latest/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-and-the-github-mcp-server).
 
 Once enabled, if push protection detects a potential secret during a push attempt, it will block the push and provide a detailed message explaining the reason for the block. You will need to review the code in question, remove any sensitive information, and reattempt the push.
 

content/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/index.md

@@ -18,6 +18,7 @@ children:
   - /working-with-push-protection-from-the-command-line
   - /working-with-push-protection-from-the-rest-api
   - /working-with-push-protection-in-the-github-ui
+  - /working-with-push-protection-and-the-github-mcp-server
 redirect_from:
   - /code-security/secret-scanning/working-with-push-protection
   - /code-security/secret-scanning/pushing-a-branch-blocked-by-push-protection

content/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-and-the-github-mcp-server.md

@@ -0,0 +1,36 @@
+---
+title: Working with push protection and the GitHub MCP server
+shortTitle: Push protection and the GitHub MCP server
+intro: 'Learn how you are protected from leaking secrets during interactions with the {% data variables.product.github %} MCP server, and how to bypass a push protection block if you need to.'
+product: 'Public repositories on {% data variables.product.prodname_dotcom_the_website %}'
+permissions: '{% data reusables.permissions.push-protection-resolve-block %}'
+versions:
+  feature: copilot
+type: how_to
+topics:
+  - Secret scanning
+  - Secret Protection
+  - Alerts
+  - Repositories
+  - Copilot
+---
+
+## About push protection and the {% data variables.product.github %} MCP server
+
+Push protection prevents you from inadvertently exposing secrets, such as tokens, keys and credentials, in your repository.
+
+When you're interacting with the {% data variables.product.github %} MCP server, push protection blocks secrets in AI-generated responses as well as preventing secrets from being included in any actions you perform, such as creating an issue.
+
+This protection is on by default for all interactions between the {% data variables.product.github %} MCP server and **public repositories** only, regardless of whether push protection is enabled on the repository's security settings page.
+
+## Resolving a block
+
+To resolve the block, you can either:
+
+* **Remove** the secret from the content of your request before trying again.
+* **Bypass the block.** If push protection is enabled for the repository, or you have push protection enabled for your personal account, you'll see an option to bypass the push protection block. You should carefully evaluate if it's safe to include the secret in your request before continuing.
+
+## Further reading
+
+* [AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection)
+* [About the {% data variables.product.github %} MCP server](/copilot/concepts/about-mcp#about-the-github-mcp-server)

content/copilot/concepts/about-mcp.md

@@ -37,6 +37,8 @@ The {% data variables.product.github %} MCP server is a Model Context Protocol (
 * Connect third-party tools (like Cursor, Windsurf, or future integrations) to leverage {% data variables.product.github %}’s context and AI capabilities.
 * Enable cloud-based workflows that work from any device, without local setup.
 
+For public repositories, interactions with the {% data variables.product.github %} MCP server are secured by push protection, which blocks secrets from being included in AI-generated responses and prevents you from exposing secrets through any actions you perform using the server, such as creating an issue. See [AUTOTITLE](/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-and-the-github-mcp-server).
+
 You can access the {% data variables.product.github %} MCP server remotely through {% data variables.product.prodname_vscode %}, or other editors that support remote MCP; or you can run it locally in any MCP-compatible editor, allowing you to choose between the convenience of a hosted solution or the customizability of a self-hosted setup.
 
 If you want to utilize the remote {% data variables.product.github %} MCP server, you can do so in a few steps, without any local setup. This is particularly useful for users who want to quickly leverage {% data variables.product.github %}’s AI capabilities without the overhead of managing a local MCP server.

content/copilot/tutorials/enhance-agent-mode-with-mcp.md

@@ -55,6 +55,7 @@ Follow these best practices to get the most out of combining MCP servers with ag
 * **Limit permissions**: Only grant MCP servers the minimum permissions necessary for your tasks.
 * **Review connections**: Regularly audit which MCP servers have access to your development environment.
 * **Monitor activity**: Keep track of what actions {% data variables.product.prodname_copilot_short %} performs through MCP servers.
+* **Prevent secret leaks**: Push protection blocks secrets from being included in AI-generated responses and prevents you from exposing secrets through any actions you perform using the {% data variables.product.github %} MCP server. This is currently available for public repositories only. See [AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection).
 
 ## Example scenario: Implementing accessibility compliance
 

content/copilot/tutorials/roll-out-at-scale/enable-developers/integrate-ai-agents.md

@@ -91,7 +91,9 @@ To hit a tight deadline, you're aiming to speed up each stage of the process, fo
 
 1. When they're satisfied with the tests, the developer asks agent mode to open a pull request for the work on {% data variables.product.github %}.
 
-   >[!TIP] With the **{% data variables.product.github %} MCP server** enabled, {% data variables.product.prodname_copilot_short %} can run the command to open a pull request directly from {% data variables.product.prodname_vscode_shortname %}, with the title and description already filled in.
+   >[!TIP]
+   > * With the **{% data variables.product.github %} MCP server** enabled, {% data variables.product.prodname_copilot_short %} can run the command to open a pull request directly from {% data variables.product.prodname_vscode_shortname %}, with the title and description already filled in.
+   > * Interactions with the {% data variables.product.github %} MCP server are secured by **push protection**, which blocks secrets from being included in AI-generated responses and prevents you from exposing secrets through any actions you perform using the server (public repositories only). See [AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection).
 
 ## 4. Review with {% data variables.copilot.copilot_code-review_short %}
 

data/reusables/copilot/mcp/troubleshooting-mcp-server.md

@@ -19,6 +19,10 @@ If you are having trouble with the {% data variables.copilot.copilot_chat_short
 * You have configured the MCP server correctly in your IDE.
 * You have the necessary permissions to perform the actions you are trying to execute.
 
+### Push protection block
+
+If you are using the {% data variables.product.github %} MCP server and push protection blocks a secret that you believe is safe to expose, you may be able to bypass the block by specifying a reason for allowing the secret. See [AUTOTITLE](/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-and-the-github-mcp-server#resolving-a-block).
+
 ### General tips
 
 If you are experiencing other issues with the {% data variables.product.github %} MCP server, here are some general tips to help you troubleshoot: