Skip to content

Comments

Add shared workflow edit guardrails fragment#74

Merged
strawgate merged 2 commits intomainfrom
main-b359a3ec1662493e
Feb 17, 2026
Merged

Add shared workflow edit guardrails fragment#74
strawgate merged 2 commits intomainfrom
main-b359a3ec1662493e

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Feb 17, 2026

Summary

  • add a shared fragment that instructs agents not to edit .github/workflows
  • import the fragment across all gh-aw workflow prompts for consistent guardrails

Testing

  • make lint

Notes

  • .github/workflows copies/lock files were not regenerated; run make compile if needed

Related to #73.

AI generated by Mention In Issue

@github-actions @Copilot
Add workflow edit guardrails fragment
338cdd5 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@strawgate strawgate marked this pull request as ready for review February 17, 2026 03:01
@strawgate
Copy link
Collaborator

strawgate commented Feb 17, 2026

@claude I don't think we need this for workflows that can't push code like the scheduled report one

@github-actions
Copy link
Contributor Author

github-actions bot commented Feb 17, 2026
edited
Loading

Claude finished @strawgate's task in 1m 15s —— View job

Addressed Feedback

Removed the workflow-edit-guardrails.md import from read-only workflows (rwx suffix) that cannot push code:

  • Understand which workflows can push code vs read-only
  • Remove the guardrails fragment from read-only workflows
    • scheduled-report-rwx.md - detection/reporting only
    • issue-triage-rwx.md - investigation/planning only
    • pr-review-rwx.md - read-only review
  • Commit and push changes

The fragment remains in place for workflows that can push code (rwxp suffix):

  • mention-in-issue-rwxp.md
  • mention-in-pr-rwxp.md
  • pr-checks-fix-rwxp.md
  • small-problem-fixer-rwxp.md

--- |

Why is Claude responding? | Type @claude to interact further

Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.

@github-actions @strawgate
Remove workflow-edit-guardrails from read-only workflows
e6bdb61 
The guardrails fragment is unnecessary for workflows that cannot push
code (rwx suffix vs rwxp). These workflows only produce comments/reports.

Removed from:
- scheduled-report-rwx.md
- issue-triage-rwx.md
- pr-review-rwx.md

Co-authored-by: Bill Easton <strawgate@users.noreply.github.com>
github-actions[bot]
github-actions bot commented Feb 17, 2026
View reviewed changes
Copy link
Contributor Author

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

APPROVE

What is this? | From workflow: Pr Review

Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not. for issue #74

@strawgate strawgate merged commit 646364b into main Feb 17, 2026
1 check passed
@strawgate strawgate deleted the main-b359a3ec1662493e branch February 17, 2026 03:44
This was referenced Feb 19, 2026
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Consistently provide prompt for not editing .github/workflows

1 participant

@strawgate