github · pelikhan · Dec 8, 2025 · Dec 8, 2025 · Dec 8, 2025 · Dec 8, 2025
diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml
diff --git a/.github/workflows/smoke-codex.md b/.github/workflows/smoke-codex.md
@@ -35,6 +35,7 @@ safe-outputs:
     create-issue:
     add-labels:
       allowed: [smoke-codex]
+    minimize-comment:
     messages:
       footer: "> 🔮 *The oracle has spoken through [{workflow_name}]({run_url})*"
       run-started: "🔮 The ancient spirits stir... [{workflow_name}]({run_url}) awakens to divine this {event_type}..."

diff --git a/pkg/cli/workflows/test-claude-minimize-comment.md b/pkg/cli/workflows/test-claude-minimize-comment.md
@@ -0,0 +1,19 @@
+---
+on:
+  workflow_dispatch:
+engine: claude
+safe-outputs:
+  minimize-comment:
+    max: 3
+timeout-minutes: 5
+---
+
+# Test Claude Minimize Comment
+
+This is a test workflow to verify that Claude can minimize (hide) comments on GitHub issues.
+
+Test the minimize_comment safe output by minimizing a comment with the following node ID:
+
+- comment_id: "IC_kwDOABCD123456"
+
+Output the minimize-comment action as JSONL format using the minimize_comment tool.
diff --git a/pkg/cli/workflows/test-codex-minimize-comment.md b/pkg/cli/workflows/test-codex-minimize-comment.md
@@ -0,0 +1,19 @@
+---
+on:
+  workflow_dispatch:
+engine: codex
+safe-outputs:
+  minimize-comment:
+    max: 3
+timeout-minutes: 5
+---
+
+# Test Codex Minimize Comment
+
+This is a test workflow to verify that Codex can minimize (hide) comments on GitHub issues.
+
+Test the minimize_comment safe output by minimizing a comment with the following node ID:
+
+- comment_id: "IC_kwDOABCD123456"
+
+Output the minimize-comment action as JSONL format using the minimize_comment tool.
diff --git a/pkg/cli/workflows/test-copilot-minimize-comment.md b/pkg/cli/workflows/test-copilot-minimize-comment.md
@@ -0,0 +1,19 @@
+---
+on:
+  workflow_dispatch:
+engine: copilot
+safe-outputs:
+  minimize-comment:
+    max: 3
+timeout-minutes: 5
+---
+
+# Test Copilot Minimize Comment
+
+This is a test workflow to verify that Copilot can minimize (hide) comments on GitHub issues.
+
+Test the minimize_comment safe output by minimizing a comment with the following node ID:
+
+- comment_id: "IC_kwDOABCD123456"
+
+Output the minimize-comment action as JSONL format using the minimize_comment tool.
diff --git a/pkg/parser/schemas/main_workflow_schema.json b/pkg/parser/schemas/main_workflow_schema.json
@@ -2988,7 +2988,7 @@
     "safe-outputs": {
       "type": "object",
       "description": "Safe output processing configuration that automatically creates GitHub issues, comments, and pull requests from AI workflow output without requiring write permissions in the main job",
-      "$comment": "Required if workflow creates or modifies GitHub resources. Operations requiring safe-outputs: add-comment, add-labels, add-reviewer, assign-milestone, assign-to-agent, close-discussion, close-issue, close-pull-request, create-agent-task, create-code-scanning-alert, create-discussion, create-issue, create-pull-request, create-pull-request-review-comment, link-sub-issue, missing-tool, noop, push-to-pull-request-branch, threat-detection, update-issue, update-project, update-pull-request, update-release, upload-asset. See documentation for complete details.",
+      "$comment": "Required if workflow creates or modifies GitHub resources. Operations requiring safe-outputs: add-comment, add-labels, add-reviewer, assign-milestone, assign-to-agent, close-discussion, close-issue, close-pull-request, create-agent-task, create-code-scanning-alert, create-discussion, create-issue, create-pull-request, create-pull-request-review-comment, link-sub-issue, minimize-comment, missing-tool, noop, push-to-pull-request-branch, threat-detection, update-issue, update-project, update-pull-request, update-release, upload-asset. See documentation for complete details.",
       "properties": {
         "allowed-domains": {
           "type": "array",
@@ -4013,6 +4013,35 @@
             }
           ]
         },
+        "minimize-comment": {
+          "oneOf": [
+            {
+              "type": "null",
+              "description": "Enable comment minimization with default configuration"
+            },
+            {
+              "type": "object",
+              "description": "Configuration for minimizing (hiding) comments on GitHub issues, pull requests, or discussions from agentic workflow output",
+              "properties": {
+                "max": {
+                  "type": "integer",
+                  "description": "Maximum number of comments to minimize (default: 5)",
+                  "minimum": 1,
+                  "maximum": 100
+                },
+                "target-repo": {
+                  "type": "string",
+                  "description": "Target repository in format 'owner/repo' for cross-repository comment minimization. Takes precedence over trial target repo settings."
+                },
+                "github-token": {
+                  "$ref": "#/$defs/github_token",
+                  "description": "GitHub token to use for this specific output type. Overrides global github-token if specified."
+                }
+              },
+              "additionalProperties": false
+            }
+          ]
+        },
         "missing-tool": {
           "oneOf": [
             {

diff --git a/pkg/workflow/compiler_jobs.go b/pkg/workflow/compiler_jobs.go
@@ -657,6 +657,24 @@ func (c *Compiler) buildSafeOutputsJobs(data *WorkflowData, jobName, markdownPat
 		safeOutputJobNames = append(safeOutputJobNames, linkSubIssueJob.Name)
 	}
 
+	// Build minimize_comment job if safe-outputs.minimize-comment is configured
+	if data.SafeOutputs.MinimizeComment != nil {
+		minimizeCommentJob, err := c.buildMinimizeCommentJob(data, jobName)
+		if err != nil {
+			return fmt.Errorf("failed to build minimize_comment job: %w", err)
+		}
+		// Safe-output jobs should depend on agent job (always) AND detection job (if enabled)
+		if threatDetectionEnabled {
+			minimizeCommentJob.Needs = append(minimizeCommentJob.Needs, constants.DetectionJobName)
+			// Add detection success check to the job condition
+			minimizeCommentJob.If = AddDetectionSuccessCheck(minimizeCommentJob.If)
+		}
+		if err := c.jobManager.AddJob(minimizeCommentJob); err != nil {
+			return fmt.Errorf("failed to add minimize_comment job: %w", err)
+		}
+		safeOutputJobNames = append(safeOutputJobNames, minimizeCommentJob.Name)
+	}
+
 	// Build create_agent_task job if output.create-agent-task is configured
 	if data.SafeOutputs.CreateAgentTasks != nil {
 		createAgentTaskJob, err := c.buildCreateOutputAgentTaskJob(data, jobName)

diff --git a/pkg/workflow/compiler_types.go b/pkg/workflow/compiler_types.go
@@ -255,6 +255,7 @@ type SafeOutputsConfig struct {
 	CreateAgentTasks                *CreateAgentTaskConfig                 `yaml:"create-agent-task,omitempty"` // Create GitHub Copilot agent tasks
 	UpdateProjects                  *UpdateProjectConfig                   `yaml:"update-project,omitempty"`    // Smart project board management (create/add/update)
 	LinkSubIssue                    *LinkSubIssueConfig                    `yaml:"link-sub-issue,omitempty"`    // Link issues as sub-issues
+	MinimizeComment                 *MinimizeCommentConfig                 `yaml:"minimize-comment,omitempty"`  // Minimize (hide) comments
 	MissingTool                     *MissingToolConfig                     `yaml:"missing-tool,omitempty"`      // Optional for reporting missing functionality
 	NoOp                            *NoOpConfig                            `yaml:"noop,omitempty"`              // No-op output for logging only (always available as fallback)
 	ThreatDetection                 *ThreatDetectionConfig                 `yaml:"threat-detection,omitempty"`  // Threat detection configuration