From 5c1dcd4ba80f82cd20676ca932396d9fd1f8c321 Mon Sep 17 00:00:00 2001
From: Sam Morrow <sammorrowdrums@github.com>
Date: Mon, 15 Jun 2026 15:55:40 +0200
Subject: [PATCH] fix(repos): default create_repository to private when
 visibility omitted

Previously, omitting the `private` parameter on create_repository
defaulted the new repository to public, an insecure default that could
unintentionally expose code, configuration, and history. Omission now
defaults to a private repository; public repositories are only created
when `private` is explicitly set to false.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---
 README.md                                     |  2 +-
 .../__toolsnaps__/create_repository.snap      |  3 ++-
 pkg/github/repositories.go                    |  5 ++--
 pkg/github/repositories_test.go               | 26 +++++++++++++++++--
 4 files changed, 30 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index dc063f22ce..5d6caae6d3 100644
--- a/README.md
+++ b/README.md
@@ -1204,7 +1204,7 @@ The following sets of tools are available:
   - `description`: Repository description (string, optional)
   - `name`: Repository name (string, required)
   - `organization`: Organization to create the repository in (omit to create in your personal account) (string, optional)
-  - `private`: Whether repo should be private (boolean, optional)
+  - `private`: Whether the repository should be private. Defaults to true (private) when omitted. (boolean, optional)
 
 - **delete_file** - Delete file
   - **Required OAuth Scopes**: `repo`
diff --git a/pkg/github/__toolsnaps__/create_repository.snap b/pkg/github/__toolsnaps__/create_repository.snap
index 2cc4227b23..0aa2123673 100644
--- a/pkg/github/__toolsnaps__/create_repository.snap
+++ b/pkg/github/__toolsnaps__/create_repository.snap
@@ -22,7 +22,8 @@
         "type": "string"
       },
       "private": {
-        "description": "Whether repo should be private",
+        "default": true,
+        "description": "Whether the repository should be private. Defaults to true (private) when omitted.",
         "type": "boolean"
       }
     },
diff --git a/pkg/github/repositories.go b/pkg/github/repositories.go
index 60bb45c44f..21cbf7e643 100644
--- a/pkg/github/repositories.go
+++ b/pkg/github/repositories.go
@@ -600,7 +600,8 @@ func CreateRepository(t translations.TranslationHelperFunc) inventory.ServerTool
 					},
 					"private": {
 						Type:        "boolean",
-						Description: "Whether repo should be private",
+						Description: "Whether the repository should be private. Defaults to true (private) when omitted.",
+						Default:     json.RawMessage("true"),
 					},
 					"autoInit": {
 						Type:        "boolean",
@@ -624,7 +625,7 @@ func CreateRepository(t translations.TranslationHelperFunc) inventory.ServerTool
 			if err != nil {
 				return utils.NewToolResultError(err.Error()), nil, nil
 			}
-			private, err := OptionalParam[bool](args, "private")
+			private, err := OptionalBoolParamWithDefault(args, "private", true)
 			if err != nil {
 				return utils.NewToolResultError(err.Error()), nil, nil
 			}
diff --git a/pkg/github/repositories_test.go b/pkg/github/repositories_test.go
index 8b0b196a63..e5531cc55b 100644
--- a/pkg/github/repositories_test.go
+++ b/pkg/github/repositories_test.go
@@ -2020,7 +2020,7 @@ func Test_CreateRepository(t *testing.T) {
 			expectedRepo: mockRepo,
 		},
 		{
-			name: "successful repository creation with minimal parameters",
+			name: "successful repository creation with minimal parameters defaults to private",
 			mockedClient: NewMockedHTTPClient(
 				WithRequestMatchHandler(
 					EndpointPattern("POST /user/repos"),
@@ -2028,7 +2028,7 @@ func Test_CreateRepository(t *testing.T) {
 						"name":        "test-repo",
 						"auto_init":   false,
 						"description": "",
-						"private":     false,
+						"private":     true,
 					}).andThen(
 						mockResponse(t, http.StatusCreated, mockRepo),
 					),
@@ -2040,6 +2040,28 @@ func Test_CreateRepository(t *testing.T) {
 			expectError:  false,
 			expectedRepo: mockRepo,
 		},
+		{
+			name: "successful public repository creation when private is explicitly false",
+			mockedClient: NewMockedHTTPClient(
+				WithRequestMatchHandler(
+					EndpointPattern("POST /user/repos"),
+					expectRequestBody(t, map[string]any{
+						"name":        "test-repo",
+						"auto_init":   false,
+						"description": "",
+						"private":     false,
+					}).andThen(
+						mockResponse(t, http.StatusCreated, mockRepo),
+					),
+				),
+			),
+			requestArgs: map[string]any{
+				"name":    "test-repo",
+				"private": false,
+			},
+			expectError:  false,
+			expectedRepo: mockRepo,
+		},
 		{
 			name: "repository creation fails",
 			mockedClient: NewMockedHTTPClient(