Summary
tend runs full agent sessions for events on the bot's own PRs that can never produce an action, costing ~$1 per nightly regen PR. Both cases live in upstream-owned generated workflows (.github/workflows/tend-*.yaml, "Do not edit this file directly"), so this issue asks whether to escalate the fix to max-sixty/tend rather than patching locally.
Surfaced by the review-runs sweep (run 26356611825) while analyzing the cluster of runs around PR #93.
Case 1 — tend-mention fires on automated bot comments (doubled by created+edited)
PR #93 was authored by dormouse-bot. The tend-mention verify gate short-circuits to should_run=true for any comment on a bot-authored PR — it never inspects the comment author. So the cloudflare-workers-and-pages[bot] deploy notification (comment 4527716896, author type Bot) spun up a full agent session. Worse, that bot edits its comment to update deploy status, so with issue_comment: [created, edited] two sessions fired for one comment:
| Run |
Trigger |
Comment timestamp |
Outcome |
Cost |
| 26355149816 |
created |
created 07:27:53 |
exited silently |
$0.22 |
| 26355164490 |
edited |
updated 07:28:45 |
exited silently |
$0.23 |
Both runs behaved correctly — they identified the comment as an undirected deploy notification and exited without posting. The session simply never needed to start. This recurs on every nightly regen PR, since each gets a created+edited Cloudflare deploy comment.
Proposed upstream fix: in the verify job, before the PR_AUTHOR == "$BOT_NAME" short-circuit, skip issue_comment events whose comment author is a Bot (github.event.comment.user.type == 'Bot') and whose body does not contain @dormouse-bot. The existing @dormouse-bot-mention check already runs first, so legitimate bot summons are preserved.
Case 2 — tend-review no-op self-review of bot-authored PRs
tend-review fires on the bot's own PRs (run 26355149220 on #93, $0.55), reads the full diff, then discovers self-approval isn't allowed and exits without a review. Same pattern was recorded for #88–90 in the prior sweep (run 26328198983) — 4 occurrences now. Behaviorally correct, but it reads ~460K cache tokens before the self-approval guard short-circuits.
Proposed upstream fix: short-circuit on PR_AUTHOR == BOT_LOGIN before reading the diff (or gate the tend-review workflow to skip bot-authored PRs).
Ask
These are upstream-owned generated files — no clean local override exists. Should I open the corresponding issue(s) at max-sixty/tend? The combined waste is modest (~$1/nightly-PR) but fully avoidable and structural.
Summary
tend runs full agent sessions for events on the bot's own PRs that can never produce an action, costing ~$1 per nightly regen PR. Both cases live in upstream-owned generated workflows (
.github/workflows/tend-*.yaml, "Do not edit this file directly"), so this issue asks whether to escalate the fix to max-sixty/tend rather than patching locally.Surfaced by the
review-runssweep (run 26356611825) while analyzing the cluster of runs around PR #93.Case 1 —
tend-mentionfires on automated bot comments (doubled by created+edited)PR #93 was authored by
dormouse-bot. Thetend-mentionverifygate short-circuits toshould_run=truefor any comment on a bot-authored PR — it never inspects the comment author. So thecloudflare-workers-and-pages[bot]deploy notification (comment 4527716896, author typeBot) spun up a full agent session. Worse, that bot edits its comment to update deploy status, so withissue_comment: [created, edited]two sessions fired for one comment:creatededitedBoth runs behaved correctly — they identified the comment as an undirected deploy notification and exited without posting. The session simply never needed to start. This recurs on every nightly regen PR, since each gets a created+edited Cloudflare deploy comment.
Proposed upstream fix: in the
verifyjob, before thePR_AUTHOR == "$BOT_NAME"short-circuit, skipissue_commentevents whose comment author is aBot(github.event.comment.user.type == 'Bot') and whose body does not contain@dormouse-bot. The existing@dormouse-bot-mention check already runs first, so legitimate bot summons are preserved.Case 2 —
tend-reviewno-op self-review of bot-authored PRstend-reviewfires on the bot's own PRs (run 26355149220 on #93, $0.55), reads the full diff, then discovers self-approval isn't allowed and exits without a review. Same pattern was recorded for #88–90 in the prior sweep (run 26328198983) — 4 occurrences now. Behaviorally correct, but it reads ~460K cache tokens before the self-approval guard short-circuits.Proposed upstream fix: short-circuit on
PR_AUTHOR == BOT_LOGINbefore reading the diff (or gate thetend-reviewworkflow to skip bot-authored PRs).Ask
These are upstream-owned generated files — no clean local override exists. Should I open the corresponding issue(s) at max-sixty/tend? The combined waste is modest (~$1/nightly-PR) but fully avoidable and structural.