http_mcp_headers
OfficialSecurely pass secrets to HTTP MCP servers.
Authorgithubnext
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill details the secure implementation of HTTP MCP header secret support, allowing AI agents to safely pass GitHub Actions secrets to external MCP servers without exposing sensitive information in configuration files. It ensures robust security for AI integrations.
Core Features & Use Cases
- Secure Secret Extraction: Automatically identify and extract secret expressions (e.g.,
${{ secrets.VAR_NAME }}) from HTTP headers. - Environment Variable Passthrough: Declare secrets as environment variables in the execution step and configure MCP config to pass them through securely.
- Consistent Security Pattern: Matches existing GitHub remote MCP server implementation for reliable secret handling.
- Test Coverage: Comprehensive unit and integration tests ensure the secure handling of secrets across various scenarios.
- Use Case: A workflow author needs to configure an AI agent to interact with a Datadog MCP server using API keys stored as GitHub secrets. This skill explains how the system securely handles
${{ secrets.DD_API_KEY }}in the MCP server headers.
Quick Start
Consult the http-mcp-headers skill to understand how GitHub Actions secrets are securely passed to HTTP MCP servers via environment variables.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: http_mcp_headers Download link: https://github.com/githubnext/gh-aw/archive/main.zip#http-mcp-headers Please download this .zip file, extract it, and install it in the .claude/skills/ directory.