Skip to content

Replace threat-detection XML marker token across JS and spec#32458

Merged
pelikhan merged 2 commits into
mainfrom
copilot/replace-thread-detection-marker
May 15, 2026
Merged

Replace threat-detection XML marker token across JS and spec#32458
pelikhan merged 2 commits into
mainfrom
copilot/replace-thread-detection-marker

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented May 15, 2026
edited
Loading

This PR updates the threat-detection XML marker used for machine-readable annotations from agentic threat detected to gh-aw-thread-detected in runtime JS output and normative spec text. Human-facing caution copy remains unchanged.

  • Runtime marker update (JavaScript)

    • Updated threat marker helpers to emit the new XML token:
      • <!-- gh-aw-thread-detected -->
    • This affects warning-mode caution blocks generated for threat-detected flows.

  • Assertion updates (JavaScript tests)

    • Updated marker assertions in related tests to match the new emitted XML token.
    • Scope includes footer/message/comment and activation-comment test coverage where marker presence is validated.

  • Specification alignment

    • Updated the Safe Outputs specification language to reference the new XML marker token in the warn-mode threat detection requirements.
// before
return "<!-- agentic threat detected -->";

// after
return "<!-- gh-aw-thread-detected -->";

@pelikhan
Rename threat detection XML marker token
880743d 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title Replace threat detection XML marker token in specs and JavaScript Replace threat-detection XML marker token across JS and spec May 15, 2026
Copilot AI requested a review from pelikhan May 15, 2026 18:51
pelikhan
pelikhan reviewed May 15, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@pelikhan pelikhan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot fix typo

gh-aw-threat-detected

Not thread

@pelikhan pelikhan marked this pull request as ready for review May 15, 2026 21:39
Copilot AI review requested due to automatic review settings May 15, 2026 21:39
Copilot AI reviewed May 15, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR replaces the threat-detection XML comment marker token from <!-- agentic threat detected --> to <!-- gh-aw-thread-detected --> in the runtime JS helpers, the normative Safe Outputs specification, and all related test assertions. Human-facing caution text (agentic threat detected) is intentionally left unchanged.

Changes:

  • Update the two marker helper return values in threat_detection_warning.cjs to the new token.
  • Update the normative marker reference in safe-outputs-specification.md.
  • Update marker assertions across add_comment, generate_footer, messages, threat_detection_warning, and update_activation_comment tests.
Show a summary per file
File Description
actions/setup/js/threat_detection_warning.cjs Updates both getThreatDetectedMarker and getThreatDetectedMarkerTemplate to emit the new XML token.
actions/setup/js/threat_detection_warning.test.cjs Updates marker helper assertions to expect the new token.
actions/setup/js/add_comment.test.cjs Updates comment-body marker assertion.
actions/setup/js/generate_footer.test.cjs Updates footer caution-alert marker assertion.
actions/setup/js/messages.test.cjs Updates messages caution-alert marker assertion.
actions/setup/js/update_activation_comment.test.cjs Updates inlined mock template to use the new token.
docs/src/content/docs/reference/safe-outputs-specification.md Updates WTD1 normative marker text to the new token.

Note: the new token spells "thread" rather than "threat", which appears to be an unintended typo given the surrounding "threat detection" context. See the inline comment.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 7/7 changed files
  • Comments generated: 1

Comment thread actions/setup/js/threat_detection_warning.cjs Outdated
Comment on lines +30 to +39
@@ -36,7 +36,7 @@ function getThreatDetectedMarker(reason) {
* @returns {string}
*/
function getThreatDetectedMarkerTemplate() {
return "<!-- agentic threat detected -->";
return "<!-- gh-aw-thread-detected -->";
@pelikhan
Fix marker typo: threat not thread
3cc9617 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Copy Markdown
Contributor Author

Copilot AI commented May 15, 2026

@copilot fix typo

gh-aw-threat-detected ...

Fixed in 3cc9617 — updated the marker to gh-aw-threat-detected across runtime output, tests, and spec references.

Copilot AI requested a review from pelikhan May 15, 2026 21:45
@pelikhan pelikhan merged commit 49fdb86 into main May 15, 2026
@pelikhan pelikhan deleted the copilot/replace-thread-detection-marker branch May 15, 2026 21:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@pelikhan pelikhan pelikhan approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pelikhan