rm unrelated feature

Author: mnkiefer

cmd/gh-aw/main.go

@@ -494,7 +494,6 @@ Use "` + constants.CLIExtensionPrefix + ` help all" to show help for all command
 	mcpGatewayCmd := cli.NewMCPGatewayCommand()
 	prCmd := cli.NewPRCommand()
 	campaignCmd := campaign.NewCommand()
-	tokensCmd := cli.NewTokensCommand()
 
 	// Assign commands to groups
 	// Setup Commands
@@ -503,7 +502,6 @@ Use "` + constants.CLIExtensionPrefix + ` help all" to show help for all command
 	addCmd.GroupID = "setup"
 	removeCmd.GroupID = "setup"
 	updateCmd.GroupID = "setup"
-	tokensCmd.GroupID = "setup"
 
 	// Development Commands
 	compileCmd.GroupID = "development"
@@ -548,7 +546,6 @@ Use "` + constants.CLIExtensionPrefix + ` help all" to show help for all command
 	rootCmd.AddCommand(prCmd)
 	rootCmd.AddCommand(versionCmd)
 	rootCmd.AddCommand(campaignCmd)
-	rootCmd.AddCommand(tokensCmd)
 }
 
 func main() {

docs/src/content/docs/reference/tokens.md

@@ -7,50 +7,6 @@ sidebar:
 
 GitHub Agentic Workflows authenticate using multiple tokens depending on the operation. This reference explains which token to use, when it's required, and how precedence works across different operations.
 
-## Quick start: tokens you actually configure
-
-GitHub Actions always provides `GITHUB_TOKEN` for you automatically.
-For GitHub Agentic Workflows, you only need to create a few **optional** secrets in your own repo:
-
-| When you need this…                                  | Secret to create                       | Notes |
-|------------------------------------------------------|----------------------------------------|-------|
-| Cross-repo Project Ops / remote GitHub tools         | `GH_AW_GITHUB_TOKEN`                   | PAT or app token with cross-repo access. |
-| Copilot workflows (CLI, engine, agent tasks, etc.)   | `COPILOT_GITHUB_TOKEN`                 | Needs Copilot Requests permission and repo access. |
-| Assigning agents/bots to issues or pull requests     | `GH_AW_AGENT_TOKEN`                    | Used by `assign-to-agent` and Copilot assignee/reviewer flows. |
-| Isolating MCP server permissions (advanced optional) | `GH_AW_GITHUB_MCP_SERVER_TOKEN`        | Only if you want MCP to use a different token than other jobs. |
-
-Create these as **repository or organization secrets in *your* repo**, for example with the GitHub CLI:
-
-```bash
-gh secret set GH_AW_GITHUB_TOKEN -a actions --body "YOUR_PAT"
-gh secret set COPILOT_GITHUB_TOKEN -a actions --body "YOUR_COPILOT_PAT"
-gh secret set GH_AW_AGENT_TOKEN -a actions --body "YOUR_AGENT_PAT"
-```
-
-After these are set, gh-aw will automatically pick the right token for each operation; you should not need per-workflow PATs in most cases.
-
-### Security and scopes (least privilege)
-
-- Use `permissions:` at the workflow or job level so `GITHUB_TOKEN` only has what that workflow needs (for example, read contents and write PRs, but nothing else):
-
-```yaml
-permissions:
-  contents: read
-  pull-requests: write
-```
-
-- When creating each PAT/App token above, grant access **only** to the repos and scopes required for its scenario (cross-repo Project Ops, Copilot, agents, or MCP) and nothing more.
-- Only expose powerful secrets to the jobs that need them by scoping them to `env:` at the job or step level, not globally:
-
-```yaml
-jobs:
-  project-ops:
-    env:
-      GH_AW_GITHUB_TOKEN: ${{ secrets.GH_AW_GITHUB_TOKEN }}
-```
-
-- For very sensitive tokens, prefer GitHub Environments or organization-level secrets with required reviewers so only trusted workflows can use them.
-
 ## Token Overview
 
 | Token | Type | Purpose | User Configurable |

go.mod

@@ -14,13 +14,12 @@ require (
 	github.com/modelcontextprotocol/go-sdk v1.1.0
 	github.com/santhosh-tekuri/jsonschema/v6 v6.0.2
 	github.com/sourcegraph/conc v0.3.0
-	github.com/spf13/cobra v1.10.2
-	github.com/stretchr/testify v1.11.1
-	github.com/xeipuuv/gojsonschema v1.2.0
-	golang.org/x/crypto v0.36.0
-	golang.org/x/term v0.38.0
-	gopkg.in/yaml.v3 v3.0.1
-)
+		github.com/spf13/cobra v1.10.2
+		github.com/stretchr/testify v1.11.1
+		github.com/xeipuuv/gojsonschema v1.2.0
+		golang.org/x/term v0.38.0
+		gopkg.in/yaml.v3 v3.0.1
+	)
 
 require (
 	github.com/atotto/clipboard v0.1.4 // indirect

go.sum

@@ -139,8 +139,6 @@ github.com/yosida95/uritemplate/v3 v3.0.2/go.mod h1:ILOh0sOhIJR3+L/8afwt/kE++YT0
 go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
 go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
-golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34=
-golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc=
 golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=
 golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo=
 golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw=