[BUG] Claude Code on the web: git push and GitHub MCP refuse changes under .github/workflows/ — proxy OAuth token missing workflow scope

Resolved 💬 2 comments Opened May 21, 2026 by wmwmw Closed Jun 21, 2026

What's Wrong?

In a cloud (Claude Code on the web) session linked to a GitHub repository that ships GitHub Actions, neither git push nor the GitHub MCP write tools can land a commit that modifies any file under .github/workflows/. Both paths return the same GitHub-side rejection:

refusing to allow an OAuth App to create or update workflow .github/workflows/<file>.yml without workflow scope

This is a hard wall for the most legitimate kind of cloud-session task there is: fixing a broken CI workflow. The session has done all the analysis and produced a correct one-line patch, then can neither push it nor write it via the MCP API. The only workarounds (manual push from a local machine, or restructuring the fix to avoid touching the workflow file) defeat the point of running the session in the cloud in the first place.

Detailed symptoms

  1. Both write surfaces fail with the same OAuth-scope error.

git push against origin (which is configured as http://local_proxy@127.0.0.1:36213/git/<owner>/<repo>):

``
To http://127.0.0.1:36213/git/<owner>/<repo>
! [remote rejected] <branch> -> <branch>
(refusing to allow an OAuth App to create or update workflow
.github/workflows/<file>.yml without workflow scope)
error: failed to push some refs to 'http://127.0.0.1:36213/git/<owner>/<repo>'
``

mcp__github__create_or_update_file and mcp__github__push_files:

``
failed to create/update file: PUT https://api.github.com/repos/<owner>/<repo>/contents/.github/workflows/<file>.yml:
403 refusing to allow an OAuth App to create or update workflow
.github/workflows/<file>.yml without workflow scope
``

The shared "OAuth App" wording in both errors strongly suggests the in-container git proxy and the GitHub MCP server are backed by the same OAuth credential — and that credential was issued without the workflow scope.

  1. The Claude GitHub App being installed on the repo does not help. The user confirmed the Claude GitHub App has full repo access. But the proxy/MCP path doesn't use the App installation token; it uses an OAuth App credential bound to the user's session. The two are independent identities, and only the App one has the right permissions.
  1. The failure happens only at the push step, after the model has already:
  • read the workflow file,
  • identified the bug,
  • edited the file,
  • committed locally,
  • drafted (and agreed with the user on) the fix.

So the entire session budget is spent producing a commit that GitHub then refuses. There's no early signal that workflow-file edits will be unpushable — git commit succeeds, MCP file-write attempts only fail at PUT, and nothing in the harness warns ahead of time.

  1. Retry logic doesn't help. The environment's git-push retry policy is scoped to network errors; this is an authorization error from GitHub, so retries return the identical refusal.
  1. The stop-hook keeps firing about the unpushed commit, but there is no in-session action that resolves it — only the user can push from outside.
  1. Side effect: when probing alternative paths, the model created a placeholder branch on the remote via mcp__github__create_branch (which is not gated by the workflow-scope check — only the file write is). So a no-op branch is left behind on the remote even though the actual fix can't be pushed. This is harmless but a little untidy.

Reproduction

  1. Start a Claude Code on the web session against a repo that has .github/workflows/*.yml.
  2. Have Claude edit and commit a change to one of those workflow files.
  3. Have Claude git push the branch, or call mcp__github__create_or_update_file / mcp__github__push_files against the same path.

Expected: the commit lands.

Actual: both paths fail with refusing to allow an OAuth App to create or update workflow ... without 'workflow' scope.

Environment

  • CLAUDE_CODE_REMOTE_ENVIRONMENT_TYPE=cloud_default
  • CLAUDE_CODE_VERSION=2.1.42
  • Git remote: http://local_proxy@127.0.0.1:36213/git/<owner>/<repo> (proxy-mediated)
  • GitHub MCP server: standard mcp__github__* tools
  • Claude GitHub App: installed and authorized on the repo

Expected behavior

Either:

  1. Add workflow scope to the proxy/MCP OAuth token when the linked repo contains GitHub Actions workflows (cheapest fix, scoped to repos that need it), or
  2. Prefer the Claude GitHub App installation token over the OAuth App token for write paths against repos where the App is installed (best long-term — installation tokens already carry the right per-repo permissions and avoid the OAuth scope drift entirely), or
  3. At minimum, fail fast: detect on session start that the OAuth credential lacks workflow scope while the repo has workflows, and surface a warning so Claude doesn't waste a session producing an unpushable commit.

Impact

Blocks legitimate CI-fix tasks in cloud sessions. Silent until push time, so the full task budget is spent before the failure surfaces.

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗