feat: add model card generator workflow and configuration

[ilopezluna]

This pull request introduces a new automated workflow for generating AI model cards for Docker Hub repositories. The workflow leverages a custom agent configuration and integrates with Anthropic's Claude model to research reference URLs and produce detailed, standardized model documentation in Markdown format. The most important changes are grouped below:

Model Card Generation Agent and Template

• Added .github/agents/model-card-generator.yaml, which defines a new agent that uses the claude-sonnet-4-5 model from Anthropic to generate model cards. The agent includes detailed instructions, a strict Markdown template, and guidelines for factual, Docker-centric model documentation. It also specifies allowed shell and filesystem tool access for research and file writing.

GitHub Actions Workflow for Automation

• Introduced .github/workflows/generate-model-card.yml, a new reusable workflow that:
  • Accepts repository name and reference URLs as inputs.
  • Runs the model card generator agent to research and create the model card file.
  • Verifies the generated file exists and previews its content.
  • Automatically creates a pull request with the new model card, including metadata and references for review.

[gemini-code-assist]

Summary of Changes

Hello @ilopezluna, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request establishes the foundational configuration for an automated AI model card generation system. It defines an intelligent agent capable of researching model information from external sources and structuring it into a standardized Markdown document. This enhancement streamlines the process of creating consistent and informative documentation for AI models hosted on Docker Hub, ensuring clarity and accuracy for users.

Highlights

• New AI Model Card Generator Agent: Introduced a new agent configuration (.github/agents/model-card-generator.yaml) that leverages Anthropic's Claude-Sonnet-4-5 model to automatically generate comprehensive AI model cards in Markdown format. This agent is designed to research model details from provided URLs, adhere to a strict template, and save the output.
• Standardized Model Card Template: The agent includes a detailed and strict Markdown template for model cards, covering essential sections such as characteristics, available variants, intended uses, considerations, Docker Model Runner usage instructions, benchmarks, and external links. An example model card for 'Qwen3' is provided within the configuration.
• Tool Access and Restrictions: The model card generator agent is configured with specific tool access, allowing it to use curl for research and filesystem tools (read_file, write_file, list_directory) for managing files. It also includes strict guidelines on content, such as omitting namespaces for Docker references, avoiding fabrication of data, and restricting code blocks to only Docker Model Runner commands.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• .github/agents/model-card-generator.yaml
  • Added a new agent configuration file.
  • Defined the 'sonnet' model using Anthropic's Claude-Sonnet-4-5.
  • Configured the 'root' agent as an 'AI Model Card Generator' with detailed instructions.
  • Included a comprehensive Markdown template for model cards.
  • Provided an example model card for 'Qwen3'.
  • Specified important guidelines and code usage restrictions for the agent.
  • Granted filesystem and shell tool permissions for curl, cat, and echo commands.

Ignored Files

• Ignored by pattern: .github/workflows/** (1)
  • .github/workflows/generate-model-card.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new workflow and agent configuration for automatically generating AI model cards. The agent configuration in .github/agents/model-card-generator.yaml is well-structured with a detailed prompt, template, and example. My review focuses on improving the correctness, security, and consistency of this configuration. I've identified a few issues: a likely typo in the Anthropic model name, a contradictory instruction in the agent's prompt that could lead to incorrect output, and an overly permissive shell command that should be removed for security reasons. The suggested changes will help ensure the agent runs correctly and securely.

[gemini-code-assist]

The specified model name claude-sonnet-4-5 appears to be incorrect. The publicly available model from Anthropic is claude-3.5-sonnet. Using an incorrect model name will cause the agent to fail during initialization.

    model: claude-3.5-sonnet

[gemini-code-assist]

There's a contradiction in the instructions regarding the use of namespaces in Docker references. This guideline instructs to omit the namespace, but the template (e.g., lines 53, 76, 82) and the example (e.g., lines 145, 172, 177) consistently include a namespace (like aistaging/ or ai/). This inconsistency will likely confuse the model and lead to incorrect model card generation. The guideline should be updated to align with the template and example.

      - Always include the namespace for Docker references (e.g., aistaging/{model_name})

[gemini-code-assist]

The agent is granted permission to use cat *, which allows it to read any file on the runner's filesystem. This is an unnecessary and overly broad permission that violates the principle of least privilege. The agent's instructions do not require the use of cat, and the filesystem toolset already provides a safer read_file tool for this purpose. To enhance security, this permission should be removed.

[sourcery-ai]

Hey - I've found 2 issues, and left some high level feedback:

• The reference_urls input is described as comma-separated, but the agent prompt simply interpolates the raw string; consider updating the agent instructions or preprocessing in the workflow so the agent reliably receives one URL per line to avoid malformed curl commands.
• In .github/agents/model-card-generator.yaml, the instruction "do no attempt to create it" has a typo and could be clarified (e.g., "do not attempt to create it") to avoid confusion in future edits or reuse.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The `reference_urls` input is described as comma-separated, but the agent prompt simply interpolates the raw string; consider updating the agent instructions or preprocessing in the workflow so the agent reliably receives one URL per line to avoid malformed `curl` commands.
- In `.github/agents/model-card-generator.yaml`, the instruction "do no attempt to create it" has a typo and could be clarified (e.g., "do not attempt to create it") to avoid confusion in future edits or reuse.

## Individual Comments

### Comment 1
<location> `.github/agents/model-card-generator.yaml:24-33` </location>
<code_context>
+      Do not fetch HTML as the content is too large, use the Hugging Face API.
</code_context>

<issue_to_address>
**issue:** Clarify the apparent conflict between avoiding HTML and using curl on arbitrary reference URLs.

The current wording bans HTML fetching but the workflow later tells the agent to `curl` arbitrary reference URLs, including non‑HF sites (blogs, papers, etc.). This makes it unclear when HTML is allowed vs. when the HF API must be used. Please adjust the text to clearly distinguish Hugging Face model pages (where the API should be used instead of HTML) from other reference URLs (where HTML or other formats may be necessary) so the behavior is explicit and consistent.
</issue_to_address>

### Comment 2
<location> `.github/workflows/generate-model-card.yml:65` </location>
<code_context>
+
+            ---
+            Please review the generated content for accuracy before merging.
+          branch: model-card/${{ inputs.repository }}
+          base: main
+          labels: model-card,automated
</code_context>

<issue_to_address>
**suggestion:** Sanitize the repository input before using it in a branch name.

Because `inputs.repository` is used directly in the branch name, values with spaces, `..`, or extra `/` characters could produce invalid or unintended refs. Consider validating it (e.g., allowing only `[A-Za-z0-9._-]+`) or normalizing it by replacing invalid characters with `-` before composing the branch name.

```suggestion
          branch: model-card/${{ replace(replace(replace(inputs.repository, ' ', '-'), '/', '-'), '..', '-') }}
```
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

issue: Clarify the apparent conflict between avoiding HTML and using curl on arbitrary reference URLs.

The current wording bans HTML fetching but the workflow later tells the agent to curl arbitrary reference URLs, including non‑HF sites (blogs, papers, etc.). This makes it unclear when HTML is allowed vs. when the HF API must be used. Please adjust the text to clearly distinguish Hugging Face model pages (where the API should be used instead of HTML) from other reference URLs (where HTML or other formats may be necessary) so the behavior is explicit and consistent.

[sourcery-ai]

suggestion: Sanitize the repository input before using it in a branch name.

Because inputs.repository is used directly in the branch name, values with spaces, .., or extra / characters could produce invalid or unintended refs. Consider validating it (e.g., allowing only [A-Za-z0-9._-]+) or normalizing it by replacing invalid characters with - before composing the branch name.

Suggested change

	branch: model-card/${{ inputs.repository }}
	branch: model-card/${{ replace(replace(replace(inputs.repository, ' ', '-'), '/', '-'), '..', '-') }}