[go: up one dir, main page]
GitHub Tools
Guide

Scope with Presets

Browse all toolsSee examples
Expose only the tools your workflow needs using presets.

Presets limit the tools your agent can access to a specific workflow. This reduces the attack surface and keeps prompts focused.

AI assistant prompt (presets & scope)

Prompt
Tighten GitHub tool scope for this assistant using @github-tools/sdk.

- Switch to the smallest preset that still satisfies the feature; use an array to combine presets if needed (see https://github-tools.com/guide/presets)
- Align the GitHub PAT with https://github-tools.com/guide/token-permissions

Apply a single preset

Use a preset to restrict the tools to a specific capability domain. For example, a code review bot only needs pull request and commit tools:

review-bot.ts
import { createGithubTools } from '@github-tools/sdk'

const tools = createGithubTools({
  preset: 'code-review',
})

Combine multiple presets

When a workflow spans multiple domains, pass an array. This agent can both review PRs and manage issues:

triage-and-review.ts
import { createGithubTools } from '@github-tools/sdk'

const tools = createGithubTools({
  preset: ['code-review', 'issue-triage'],
})

Pick the right preset

PresetTools includedUse case
repo-explorerrepository metadata, branches, file content, code search, gists, workflowsknowledge retrieval, repo Q&A
ci-opsworkflows, runs, jobs, commits, repository contextCI monitoring, build ops
code-reviewpull requests, commits, file diffs, review commentsPR copilots, change summaries
issue-triageissues, labels, comments, close/createsupport triage, backlog bots
maintainerall tool families including branch creation, forking, repo creation, gists, and workflowsoperator workflows with strict approvals

Pair presets with token scopes

Each preset maps to specific GitHub token permissions:

  • repo-explorer — read-only token, no write permissions needed
  • code-review — add pull_requests: write only if comments are needed
  • issue-triage — add issues: write
  • ci-ops — add actions: write for triggering, cancelling, and re-running workflows
  • maintainer — all write scopes, always paired with approval control
Default to the smallest preset that can complete the task. Add more capabilities only after your prompt and approval policy are stable.

External references

Quick Start

Use GitHub tools in your first AI SDK call in under five minutes.

Control Write Safety

Gate dangerous operations with human approval policies.

Copyright © 2026