fix: update CLAUDE.md with accurate codebase info, add BOOKMARKS.md #16
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR Review | |
| # Automated code review for pull requests. | |
| # | |
| # Security: Uses pull_request trigger (not pull_request_target) to prevent | |
| # prompt injection attacks. Fork PRs will not receive automated reviews | |
| # since they don't have access to repository secrets. | |
| # | |
| # For fork contributors: Push your branch to the main repo instead of using | |
| # a fork, or request manual review. | |
| # | |
| # Fixes: GitHub #324 (wrong PR context) | |
| # Security: Prevents prompt injection attacks from fork PRs | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| issues: write | |
| jobs: | |
| review: | |
| name: Code Review | |
| runs-on: ubuntu-latest | |
| # Skip reviews on fork PRs (no secrets access anyway) | |
| if: github.event.pull_request.head.repo.full_name == github.repository | |
| steps: | |
| - name: Minimize old Claude review comments | |
| uses: actions/github-script@v8 | |
| with: | |
| script: | | |
| const comments = await github.rest.issues.listComments({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| }); | |
| for (const comment of comments.data) { | |
| if (comment.body.includes('AgentReady Code Review') && | |
| comment.user.login === 'github-actions[bot]') { | |
| await github.rest.issues.updateComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| comment_id: comment.id, | |
| body: `<details><summary>Outdated review (click to expand)</summary>\n\n${comment.body}\n</details>` | |
| }); | |
| } | |
| } | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Run AgentReady Code Review | |
| uses: anthropics/claude-code-action@v1 | |
| with: | |
| claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} | |
| settings: | | |
| { | |
| "permissions": { | |
| "allow": [ | |
| "Bash(gh pr:*)", | |
| "Bash(gh issue:*)", | |
| "Bash(gh search:*)", | |
| "Bash(git:*)" | |
| ] | |
| } | |
| } | |
| prompt: | | |
| Run the /review-agentready command on pull request #${{ github.event.pull_request.number }}. | |
| Provide a comprehensive code review focusing on: | |
| - AgentReady attribute compliance | |
| - Security issues | |
| - Code quality | |
| - Best practices | |
| Post the review as a comment on PR #${{ github.event.pull_request.number }}. |