The support for GitHub CLI has been added since 3.153 release, but if you still want to bypass the CLI-based traffic from sending to CASB, this KB can help.

You should consider isolating the GitBash CLI traffic from sending to CASB when configuring the proxy forwarding.

The proxy admin can isolate the GitBash CLI traffic from the browser-based traffic based on the user-agent tag. Below is an example of the rules that need to be added to the Proxy:

First, you need to identify the GitBash Cli traffic:

define condition exclue_cli_github

request.header.user-agent="git"

end

Then the proxy admin needs to exclude this from the WSS forward list:

<Forward Cloud> condition=casb_groups conditions=WSS_Forward_List condition=!exclude_cli_github