Port consumer-repo preflight and coord hardening#74
Conversation
Port react_on_rails repo-local hardening into the shared pack so the skill-picker dedupe re-sync (react_on_rails #4356) does not revert it: - pr-security-preflight: abort when AGENT_WORKFLOWS_TRUST_CONFIG points to a missing file; treat explicit --trust-config paths outside the consuming repo's git root as user-global and warn on ignored unqualified team slugs; scan trusted metadata-bot comments for suspicious-text warnings; keep blocking-pattern warnings visible on resolved trusted-bot review threads; require full source-actor timeline coverage before trusting a PR source for diff-warning downgrades. - agent-coord-bounded: preserve captured stdout/stderr on interrupt and timeout exits; wait for the whole process group to exit during termination. Ported from react_on_rails #4148/#4151/#4170/#4288 (preflight) and #4161/#4381 (agent-coord-bounded), re-expressed on top of the --strict-trust semantics from #48. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
WalkthroughThis PR ports hardening documentation and behavior changes. Documentation updates clarify trust-config resolution and suspicious-text handling for pr-security-preflight. The agent-coord-bounded script gains process-group liveness checks and output flushing on interrupt/timeout/completion, with corresponding test updates including zombie-process detection. ChangesTrust and Preflight Documentation
agent-coord-bounded Termination Hardening
Estimated code review effort: 3 (Moderate) | ~25 minutes Sequence Diagram(s)sequenceDiagram
participant Script as agent-coord-bounded
participant ProcessGroup
participant CapturedOutput as stdout/stderr tempfiles
Script->>ProcessGroup: send configured signal (terminate)
Script->>ProcessGroup: wait_for_process_group_exit(deadline)
alt still alive after deadline
Script->>ProcessGroup: send KILL signal
Script->>ProcessGroup: wait_for_process_group_exit(deadline)
end
ProcessGroup-->>Script: process exited (or interrupted/timed out)
Script->>CapturedOutput: flush_captured_output(stdout_file, stderr_file)
CapturedOutput-->>Script: rewind and print contents
Script-->>Script: exit with computed status code
Related PRs: None identified. Suggested labels: documentation, skills, testing Suggested reviewers: None identified. 🐰 A process group waits, then bows to KILL, 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b4560fd63b
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Review summaryWent through the ported hardening for Findings posted inline:
What checked out fine:
I wasn't able to execute |
Address-review summaryScan scope: full PR #74 review-thread closeout through head Mattered
Optional
Skipped
Validation recorded in the PR body: Remaining non-code gate: hosted Next default scan starts after this comment. Say |
ReviewScope: this diff only touches CHANGELOG.md, docs/trust-and-preflight.md, skills/pr-batch/bin/agent-coord-bounded, and its test script — pr-security-preflight itself is unchanged here (already merged to main per the PR description), so the review focused on the agent-coord-bounded process-group hardening and doc accuracy. Correctness — agent-coord-bounded
Docs (docs/trust-and-preflight.md)
Portability
Shell/Ruby helper safety
Minor/non-blocking nit
No bugs or security issues found. LGTM. |
Summary
react_on_rails' repo-pinned copies of
pr-security-preflightandagent-coord-boundeddiverged ahead of this shared pack with deliberate hardening that was never upstreamed. The skill-picker dedupe re-sync (react_on_rails #4356) would silently revert that hardening downstream if the shared pack lacks it.Closeout note: this branch has now been merged with current
main. Thepr-security-preflightimplementation/test hardening from the original PR is already present in current mainline, so the remaining current-head diff preserves that implementation, adds the missing operator documentation/changelog coverage for those preflight semantics, and carries theagent-coord-boundedimplementation/test hardening.pr-security-preflightAGENT_WORKFLOWS_TRUST_CONFIGpoints to a missing file.--trust-configrepo-local vs user-global classification and owner-qualified global team slugs.timelineItems.agent-coord-boundedProvenance: react_on_rails #4148/#4151/#4170/#4288 (preflight) and #4161/#4381 (agent-coord-bounded).
Review and closeout
docs/trust-and-preflight.mdnow covers metadata-bot suspicious-text warnings, resolved-thread blocking-pattern visibility, and timeline coverage requirements.actor_trusted_for_suspicious_warning?predicate is gone after merging current mainline, which already usesallowed_metadata_actor?/trusted_metadata_text?.Validation
PR_BATCH_SKILL_DIR=skills/pr-batch skills/pr-batch/bin/pr-security-preflight --repo shakacode/agent-workflows 74—SECURITY_PREFLIGHT_OK.ruby skills/pr-batch/bin/agent-coord-bounded-test.rb— 14 runs, 81 assertions, 0 failures.ruby skills/pr-batch/bin/pr-security-preflight-test.rb— 94 runs, 760 assertions, 0 failures.bin/validate—PASS agent-workflows validation.codex review --base origin/main— no actionable correctness issues.$5budget cap, but local Claude reported weekly quota exhausted until July 6 at 9pm Pacific/Honolulu; no Claude local result was used as approval evidence.Follow-up
Once this merges, react_on_rails #4356 should re-sync its repo-pinned helper copies from the updated shared pack (for example with
bin/push-downstream), restoring full parity with zero behavior loss.Summary by CodeRabbit
Bug Fixes
Documentation