GitHub MCP server with the same six-rule shield pattern as Gmail. Read-only scope: list repos, search code, get file contents, list issues, list pull requests, get commit history. Every call produces an Inherence receipt. Code complete in inherence-python; mcp.inherencelabs.com/v1/github deployment pending.
Real-world incident: in 2026 several MCP-server bugs allowed agents access to private repositories outside their declared scope. The fix isn't a better GitHub MCP server — it's an enforcement boundary BETWEEN the agent and any GitHub MCP server. Inherence is that boundary. Read access is allowed; bulk-export-then-egress is denied; everything is receipt-tracked.