From 396d300a6f684ef8130ce2d4d05d1c37404c694b Mon Sep 17 00:00:00 2001
From: Eric Allam <eallam@icloud.com>
Date: Thu, 7 May 2026 11:32:28 +0100
Subject: [PATCH 1/2] ci(claude): switch Claude Code actions to
 ANTHROPIC_API_KEY

The org disabled Claude subscription access for Claude Code, breaking
both Claude workflows that authenticated via CLAUDE_CODE_OAUTH_TOKEN.
Switch them to the new ANTHROPIC_API_KEY repo secret so the audit and
@claude-mention workflows authenticate via API key instead.
---
 .github/workflows/claude-md-audit.yml | 2 +-
 .github/workflows/claude.yml          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/claude-md-audit.yml b/.github/workflows/claude-md-audit.yml
index e8716b1d6a..01b1185cf1 100644
--- a/.github/workflows/claude-md-audit.yml
+++ b/.github/workflows/claude-md-audit.yml
@@ -36,7 +36,7 @@ jobs:
         id: claude
         uses: anthropics/claude-code-action@fefa07e9c665b7320f08c3b525980457f22f58aa # v1.0.111
         with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
           use_sticky_comment: true
           allowed_bots: "devin-ai-integration[bot]"
 
diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml
index a3c60b928e..c50ae4bedc 100644
--- a/.github/workflows/claude.yml
+++ b/.github/workflows/claude.yml
@@ -52,7 +52,7 @@ jobs:
         id: claude
         uses: anthropics/claude-code-action@fefa07e9c665b7320f08c3b525980457f22f58aa # v1.0.111
         with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
 
           # This is an optional setting that allows Claude to read CI results on PRs
           additional_permissions: |

From e20980da51b56dfcb02008c1fece532e4af1a278 Mon Sep 17 00:00:00 2001
From: Eric Allam <eallam@icloud.com>
Date: Thu, 7 May 2026 11:42:43 +0100
Subject: [PATCH 2/2] ci(claude): grant write perms in claude.yml to match
 upstream example

The official anthropics/claude-code-action example for anthropic_api_key
requires contents/pull-requests/issues: write so the action can comment
back on @claude mentions and push when Edit/Write tools are enabled.
Bring claude.yml in line with claude-md-audit.yml (which already had
PR/issue write) and the upstream examples/claude.yml.

Resolves Devin review feedback BUG-0001 + ANALYSIS-0002 on PR 3532.
---
 .github/workflows/claude.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml
index c50ae4bedc..96a3ec9638 100644
--- a/.github/workflows/claude.yml
+++ b/.github/workflows/claude.yml
@@ -19,9 +19,9 @@ jobs:
       (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
     runs-on: ubuntu-latest
     permissions:
-      contents: read
-      pull-requests: read
-      issues: read
+      contents: write
+      pull-requests: write
+      issues: write
       id-token: write
       actions: read # Required for Claude to read CI results on PRs
     steps: