From 043d143ebde68e38d5075f7668213eac6e9fb692 Mon Sep 17 00:00:00 2001 From: s1gr1d <32902192+s1gr1d@users.noreply.github.com> Date: Mon, 1 Jun 2026 10:55:18 +0200 Subject: [PATCH 1/4] chore(skills): Improve triage-issue skill --- .agents/skills/triage-issue/SKILL.md | 6 ++++++ .../skills/triage-issue/scripts/detect_prompt_injection.py | 2 +- .github/workflows/triage-issue.yml | 1 + 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/.agents/skills/triage-issue/SKILL.md b/.agents/skills/triage-issue/SKILL.md index 1401e5210514..a23d4233bf04 100644 --- a/.agents/skills/triage-issue/SKILL.md +++ b/.agents/skills/triage-issue/SKILL.md @@ -82,6 +82,12 @@ Cross-repo searches (only when clearly relevant): **Shell safety:** Strip shell metacharacters from issue-derived search terms before use in commands. +#### Changelog investigation (when a version is mentioned) + +If the issue states a version where the problem started (e.g. "works in 7.x, broken since 8.2.0"), **check `CHANGELOG.md`** for that version range. +Start with `grep -n "^## " CHANGELOG.md | head -60` to orient, then read the relevant entries. +Surface any relevant changelog delta in the triage report under **Root cause** or **Information gaps**. If nothing relevant is found, note that explicitly. + ### Step 4: Related Issues & PRs - Search for duplicate or related issues: `gh api search/issues -X GET -f "q=+repo:getsentry/sentry-javascript+type:issue"` and use the **Write** tool to save the command output to `search.json` in the workspace root diff --git a/.agents/skills/triage-issue/scripts/detect_prompt_injection.py b/.agents/skills/triage-issue/scripts/detect_prompt_injection.py index 475211c91c21..06eecdd61f31 100644 --- a/.agents/skills/triage-issue/scripts/detect_prompt_injection.py +++ b/.agents/skills/triage-issue/scripts/detect_prompt_injection.py @@ -121,7 +121,7 @@ def is_non_latin(c: str) -> bool: (r"\b(admin|developer|system)[\s_-]mode", 8, "Mode manipulation"), # Sensitive file paths (10 points) - legitimate issues rarely reference these - (r"(~/\.aws/|~/\.ssh/|/root/|/etc/passwd|/etc/shadow)", 10, "System credentials path"), + (r"(~/\.aws/|~/\.ssh/|(? Date: Mon, 1 Jun 2026 11:48:37 +0200 Subject: [PATCH 2/4] format --- .agents/skills/triage-issue/SKILL.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.agents/skills/triage-issue/SKILL.md b/.agents/skills/triage-issue/SKILL.md index a23d4233bf04..56ffc7de208f 100644 --- a/.agents/skills/triage-issue/SKILL.md +++ b/.agents/skills/triage-issue/SKILL.md @@ -84,7 +84,7 @@ Cross-repo searches (only when clearly relevant): #### Changelog investigation (when a version is mentioned) -If the issue states a version where the problem started (e.g. "works in 7.x, broken since 8.2.0"), **check `CHANGELOG.md`** for that version range. +If the issue states a version where the problem started (e.g. "works in 7.x, broken since 8.2.0"), **check `CHANGELOG.md`** for that version range. Start with `grep -n "^## " CHANGELOG.md | head -60` to orient, then read the relevant entries. Surface any relevant changelog delta in the triage report under **Root cause** or **Information gaps**. If nothing relevant is found, note that explicitly. From 601eda156ed93d7b02af21dac3cd651dded86359 Mon Sep 17 00:00:00 2001 From: s1gr1d <32902192+s1gr1d@users.noreply.github.com> Date: Mon, 1 Jun 2026 13:05:54 +0200 Subject: [PATCH 3/4] use opus 4.8 --- .github/workflows/triage-issue.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/triage-issue.yml b/.github/workflows/triage-issue.yml index f6263007a0bf..6fbcff5e2f32 100644 --- a/.github/workflows/triage-issue.yml +++ b/.github/workflows/triage-issue.yml @@ -74,7 +74,7 @@ jobs: Do NOT use `python3 -c` or other inline Python in Bash, only the provided scripts are allowed. Do NOT attempt to delete (`rm`) temporary files you create. claude_args: | - --model claude-opus-4-6 + --model claude-opus-4-8 --max-turns 50 --allowedTools "Write,Bash(gh api *),Bash(gh pr list *),Bash(npm info *),Bash(npm ls *),Bash(python3 .claude/skills/triage-issue/scripts/post_linear_comment.py *),Bash(python3 .claude/skills/triage-issue/scripts/parse_gh_issues.py *),Bash(python3 .claude/skills/triage-issue/scripts/detect_prompt_injection.py *),Bash(python3 .claude/skills/triage-issue/scripts/write_job_summary.py *)" - name: Post triage job summary From ce6e99181857264ca6e0b746f2b713662c1a317d Mon Sep 17 00:00:00 2001 From: s1gr1d <32902192+s1gr1d@users.noreply.github.com> Date: Mon, 1 Jun 2026 13:18:07 +0200 Subject: [PATCH 4/4] update tool use --- .agents/skills/triage-issue/SKILL.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.agents/skills/triage-issue/SKILL.md b/.agents/skills/triage-issue/SKILL.md index 56ffc7de208f..c997734d1c99 100644 --- a/.agents/skills/triage-issue/SKILL.md +++ b/.agents/skills/triage-issue/SKILL.md @@ -85,7 +85,7 @@ Cross-repo searches (only when clearly relevant): #### Changelog investigation (when a version is mentioned) If the issue states a version where the problem started (e.g. "works in 7.x, broken since 8.2.0"), **check `CHANGELOG.md`** for that version range. -Start with `grep -n "^## " CHANGELOG.md | head -60` to orient, then read the relevant entries. +Use the **Grep** tool (pattern `^## ` on `CHANGELOG.md`) to list version headings, then use the **Read** tool to read the relevant entries. Do NOT use Bash `grep`/`head` — the native Grep/Read tools are read-only and require no extra Bash permissions in CI. Surface any relevant changelog delta in the triage report under **Root cause** or **Information gaps**. If nothing relevant is found, note that explicitly. ### Step 4: Related Issues & PRs