Skip to content

[aw-failures] GitHub Remote MCP Auth Test 100% red — gateway config emits invalid JSON (\(redacted) bad escape), gateway exits [Content truncated due to length] #41862

Description

@github-actions

Fix the gateway env-value escaping in start_mcp_gateway config generation — a stray leading backslash makes the JSON invalid, so the gateway never starts and the agent never runs.

This is a NEW P0 gap. It is NOT covered by #41455 (DNS EAI_AGAIN awmg-cli-proxy) or #41711 (firewall denies awmg, false-red after run completes). Here the firewall is clean and the agent makes zero requests — the gateway aborts on a JSON parse error before anything starts.

Problem statement

The Start MCP Gateway step fails with exit code 1. start_mcp_gateway.cjs rejects its own generated config:

[error] ERROR: Configuration is not valid JSON
[error] JSON validation error:
[error] Bad escaped character in JSON at position 162 (line 7 column 35)

The github MCP server env block expands to invalid JSON — note the stray leading backslash:

"env": {
  "GITHUB_HOST": "\https://github.com",
  "GITHUB_PERSONAL_ACCESS_TOKEN": "\***"
}

\h is not a valid JSON escape sequence, so parsing aborts. Gateway never launches → Gateway PID not provided / Gateway may not have been started.

Affected workflow and run IDs

  • Workflow: GitHub Remote MCP Authentication Test (.github/workflows/github-remote-mcp-auth-test.lock.yml), engine copilot, awf v0.27.11, mcpg v0.3.30.
  • Failing run: §28281278932 — step Start MCP Gateway, exit 1.
  • Successful baseline: §28007221589 (2026-06-23, 12 turns) → this is a regression.

Probable root cause

The config template feeds the github MCP env values as "\\${GITHUB_SERVER_URL}" and "\\${GITHUB_MCP_SERVER_TOKEN}". After heredoc/shell expansion the \\ collapses to a single \ and the variable expands to a plain string, yielding "\https://github.com" / "\<token>". The leading backslash is never a needed JSON escape for these plain-string values; it corrupts the document.

Evidence: audit-diff vs baseline (regression confirmation)

audit-diff (base 28007221589 → compare 28281278932):

Proposed remediation

  1. In the github MCP server env config generation (compiler / convert_gateway_config_* + start_mcp_gateway path), emit env values as plain "${GITHUB_SERVER_URL}" / "${GITHUB_MCP_SERVER_TOKEN}" without the \\ prefix; only apply JSON string-escaping to characters that actually require it.
  2. Add a JSON-lint/round-trip assertion on the generated gateway config before launch so a malformed document fails fast with the offending key, instead of a generic position offset.

Success criteria / verification

  • Generated gateway config passes JSON validation; Start MCP Gateway exits 0.
  • A scheduled run of GitHub Remote MCP Authentication Test produces ≥1 turn and ≥1 allowed request to api.githubcopilot.com:443.
  • Workflow returns green on main; no Bad escaped character in start_mcp_gateway output.

Other failures triaged this window (no new issue needed)

References: §28281278932 · §28007221589 · §28281337868

Generated by 🔍 [aw] Failure Investigator (6h) · 178.9 AIC · ⌖ 34.8 AIC · ⊞ 5.2K ·

  • expires on Jul 3, 2026, 11:52 PM UTC-08:00

Metadata

Metadata

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions