GitHub
Give your agent access to GitHub — reading issues, opening pull requests, cloning repos, and more. The Pai sidecar injects the real PAT on every request; the agent never holds the token.
Get credentials
- Go to github.com/settings/tokens.
- Click Generate new token (classic).
- Select scopes:
repo(full repo access) or narrow it down as needed. - Copy the token — it starts with
ghp_.
Setup
Store the token, then create a Provider:
# 1. Store the token in a Pai secret
pai add secret github-pat --from-literal token=ghp_...
# 2. Create the Provider
pai apply -f - <<EOF
apiVersion: pai.io/v1
kind: Provider
metadata:
name: github-writer
spec:
type: github
auth:
type: pat
secretRef: github-pat
policy:
allow:
- pulls:create
- pulls:comment
- issues:read
- issues:comment
- contents:read
deny:
- admin:*
- repo:delete
scope:
repositories:
- "myorg/my-repo"
EOF
Supported actions
| Action | API operations |
|---|---|
contents:read | Read files, clone repo, git fetch/pull |
contents:write | Push commits, git push |
pulls:read | List and read pull requests |
pulls:create | Open a new pull request |
pulls:comment | Comment on pull requests |
pulls:update | Update PR title, body, labels |
issues:read | List and read issues |
issues:create | Open a new issue |
issues:comment | Comment on issues |
repo:read | Read repository metadata |
repo:delete | Delete a repository |
org:read | Read organization info |
org:update | Update organization settings |
admin:collaborators | Add or remove collaborators |
Scope — restricting to specific repos
scope:
repositories:
- "myorg/repo-a"
- "myorg/repo-b"
Requests to any repository not in this list are denied, even if the action is allowed by policy.
Attach to an agent
spec:
providers:
- github-writer
Access control
policy.allow / policy.deny gate which actions agents can call; scope.repositories pins them to specific repos. You can also use raw HTTP rules (e.g. "GET only") — see the Policy reference for the full field list and examples.