Skip to content

ci: add tool constraints to pr-severity prompt #10550

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Roasbeef merged 1 commit into from
Feb 4, 2026
Merged

ci: add tool constraints to pr-severity prompt #10550

Roasbeef merged 1 commit into from
Feb 4, 2026
+12 −0

Conversation

@Roasbeef
Copy link
Member

@Roasbeef Roasbeef commented Feb 3, 2026

The pr-severity workflow has been posting severity classification comments on PRs but never actually applying the labels. Every single run shows the same pattern: Claude tries to use gh api to add labels, the allowed tools restriction correctly denies it, but then Claude silently gives up instead of retrying with the permitted gh pr edit --add-label command.

You can see this across multiple PRs -- #10529, #10472, #10538, #10540 all have severity comments but zero severity labels. The permission_denials array in the run output confirms gh api attempts were blocked each time.

This adds an explicit "Tool Constraints" section at the top of the prompt that tells Claude upfront it only has gh pr view, gh pr edit, and gh pr comment. By making the available tools clear before any instructions, Claude should use gh pr edit --add-label directly instead of attempting gh api first.

Failed run that surfaced this: https://github.com/lightningnetwork/lnd/actions/runs/21614145381/job/62289184152

@Roasbeef
ci: add tool constraints to pr-severity prompt
7b93441 
Claude keeps trying to use `gh api` to add severity labels, which gets
denied by the allowed tools restriction. Instead of retrying with the
permitted `gh pr edit --add-label` command, it silently gives up and
only posts the comment. The result is that severity comments appear on
PRs but the actual labels are never applied.

Add an explicit tool constraints section at the top of the prompt so
Claude knows upfront that only `gh pr view`, `gh pr edit`, and
`gh pr comment` are available.
@gemini-code-assist
Copy link

gemini-code-assist bot commented Feb 3, 2026

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

@lightninglabs-deploy
Copy link
Collaborator

lightninglabs-deploy commented Feb 3, 2026

🟢 PR Severity: LOW

CI/CD Configuration | 1 file | 12 lines changed

🟢 Low (1 file)
  • .github/workflows/pr-severity.yml - GitHub Actions workflow configuration

Analysis

This PR modifies only CI/CD configuration in the .github/ directory. According to the severity classification rules, changes to .github/* (CI/CD configuration) are categorized as severity-low and require best-effort review.

The change adds tool constraints to the pr-severity prompt workflow, which is a meta-improvement to the CI/CD pipeline itself. This has no impact on:

  • Lightning Network protocol operations
  • Wallet or channel management
  • Payment routing or HTLC forwarding
  • Key management or security-critical code
  • Database operations

No severity bump required:

  • Single file changed (threshold: >20 files)
  • Only 12 lines added (threshold: >500 lines)
  • No critical packages touched

To override, add a severity-override-{critical,high,medium,low} label.

@Roasbeef Roasbeef merged commit 4d77545 into lightningnetwork:master Feb 4, 2026
36 of 37 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Roasbeef @lightninglabs-deploy