Add Claude Code GitHub Workflow

[chapati23]

🤖 Installing Claude Code GitHub App

This PR adds a GitHub Actions workflow that enables Claude Code integration in our repository.

What is Claude Code?

Claude Code is an AI coding agent that can help with:

• Bug fixes and improvements
• Documentation updates
• Implementing new features
• Code reviews and suggestions
• Writing tests
• And more!

How it works

Once this PR is merged, we'll be able to interact with Claude by mentioning @claude in a pull request or issue comment.
Once the workflow is triggered, Claude will analyze the comment and surrounding context, and execute on the request in a GitHub action.

Important Notes

• This workflow won't take effect until this PR is merged
• @claude mentions won't work until after the merge is complete
• The workflow runs automatically whenever Claude is mentioned in PR or issue comments
• Claude gets access to the entire PR or issue context including files, diffs, and previous comments

Security

• Our Anthropic API key is securely stored as a GitHub Actions secret
• Only users with write access to the repository can trigger the workflow
• All Claude runs are stored in the GitHub Actions run history
• Claude's default tools are limited to reading/writing files and interacting with our repo by creating comments, branches, and commits.
• We can add more allowed tools by adding them to the workflow file like:

allowed_tools: Bash(npm install),Bash(npm run build),Bash(npm run lint),Bash(npm run test)

There's more information in the Claude Code action repo.

After merging this PR, let's try mentioning @claude in a comment on any PR to get started!

---

Note

Medium Risk
Adds third-party GitHub Actions workflows triggered by comments and PR events and grants them id-token/repo read permissions, which can impact CI security posture if misconfigured. Functional code is unchanged, but workflow triggers and secret usage need review.

Overview
Introduces two new GitHub Actions workflows to integrate anthropics/claude-code-action@v1.

claude.yml runs on issue/PR comment and review events when the body contains @claude, using CLAUDE_CODE_OAUTH_TOKEN and allowing read access to Actions results.

claude-code-review.yml adds an automated PR code-review job on PR lifecycle events, invoking the Claude code-review plugin via a fixed /code-review prompt.

^{Reviewed by Cursor Bugbot for commit d5fe3ed. Bugbot is set up for automated code reviews on this repo. Configure here.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d5fe3edbc4

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Gate pull_request runs when Claude token is unavailable

This job is triggered for every pull_request (including fork-originated PRs) but later unconditionally passes secrets.CLAUDE_CODE_OAUTH_TOKEN to anthropics/claude-code-action. On fork PRs, GitHub does not expose repository secrets to pull_request workflows, so this configuration will reliably produce authentication failures for external contributors. Add an if guard for non-fork PRs (or secret presence) before running the Claude step, or use an event model designed for fork-safe secret usage.

Useful? React with 👍 / 👎.