Skip to content

chore(ci): strengthen AGENT_PR_TOKEN usage in raise-pr skill#2198

Closed
naqvitalha wants to merge 1 commit intomainfrom
chore/strengthen-agent-pr-token
Closed

chore(ci): strengthen AGENT_PR_TOKEN usage in raise-pr skill#2198
naqvitalha wants to merge 1 commit intomainfrom
chore/strengthen-agent-pr-token

Conversation

@naqvitalha
Copy link
Copy Markdown
Collaborator

@naqvitalha naqvitalha commented Mar 23, 2026

Description

Strengthen the AGENT_PR_TOKEN instructions in the raise-pr skill to prevent agents from creating PRs with the wrong token. In a recent run (Agent Fix #23455139708), the agent created PR #2196 as app/github-actions instead of using AGENT_PR_TOKEN, making it unmergeable.

Adds a pre-flight token verification step, a fallback to SHOPIFY_GH_ACCESS_TOKEN, and a post-creation author check.

Reviewers' hat-rack 🎩

Check that the blockquote instructions are clear and unambiguous — this needs to be impossible for the agent to skip.

Test plan

  • Next agent-fix run creates PRs with the correct author (not app/github-actions)

@naqvitalha
chore(ci): strengthen AGENT_PR_TOKEN usage in raise-pr skill
89c4cdc 
Add token verification step and fallback to prevent PRs being created
with the wrong token (default GITHUB_TOKEN shows as app/github-actions
and can't be merged). Adds post-creation author check.
@naqvitalha
Copy link
Copy Markdown
Collaborator Author

naqvitalha commented Mar 23, 2026

Superseded by #2200 (combined PR)

@naqvitalha naqvitalha closed this Mar 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@naqvitalha