Conversation
m-y-mo
requested review from
JarLob,
kevinbackhouse,
p- and
sylwia-budzynska
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates two README files to reflect recent changes in the codebase configuration and usage patterns. The updates provide better guidance for users on setting up AI API configurations, GitHub tokens, and alert triage workflows.
Key changes:
- Added comprehensive documentation for AI API endpoint and token configuration requirements
- Documented how to configure Actions alert rules with different severity levels and how to override them via command line
- Updated variable references from
ALERT_RESULTS_DIRtoDATA_DIRto align with user-facing environment variables
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| README.md | Adds documentation for AI API configuration (AI_API_TOKEN, AI_API_ENDPOINT) and GH_TOKEN environment variables required for the taskflows |
| src/seclab_taskflows/taskflows/alert_triage_examples/README.md | Adds section explaining Actions alert rule configuration with severity levels and command-line override examples; updates database location reference from ALERT_RESULTS_DIR to DATA_DIR for consistency |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| The `MEMCACHE_STATE_DIR` is needed to persist some intermediate data in the memcache, `DATA_DIR` is needed for various mcp servers to store intermediate results, and `LOG_DIR` is used to store log files generated by the servers. These can be set in a `.env` file in the `src` directory. | ||
|
|
||
| In addition, AI API endpoints and secrets also needs to be configured via [environment variables or Codespace secrets](https://github.com/GitHubSecurityLab/seclab-taskflow-agent?tab=readme-ov-file#configuration). In particular, the environment variables `AI_API_TOKEN` and `AI_API_ENDPOINT` needs to be set to the approach AI API endpoints and credentials. If not set, the default `AI_API_ENDPOINT` is GitHub models: |
There was a problem hiding this comment.
Grammar issue: "also needs" should be "also need" for subject-verb agreement with the plural subject "AI API endpoints and secrets".
Suggested change
| In addition, AI API endpoints and secrets also needs to be configured via [environment variables or Codespace secrets](https://github.com/GitHubSecurityLab/seclab-taskflow-agent?tab=readme-ov-file#configuration). In particular, the environment variables `AI_API_TOKEN` and `AI_API_ENDPOINT` needs to be set to the approach AI API endpoints and credentials. If not set, the default `AI_API_ENDPOINT` is GitHub models: | |
| In addition, AI API endpoints and secrets also need to be configured via [environment variables or Codespace secrets](https://github.com/GitHubSecurityLab/seclab-taskflow-agent?tab=readme-ov-file#configuration). In particular, the environment variables `AI_API_TOKEN` and `AI_API_ENDPOINT` needs to be set to the approach AI API endpoints and credentials. If not set, the default `AI_API_ENDPOINT` is GitHub models: |
|
|
||
| The `MEMCACHE_STATE_DIR` is needed to persist some intermediate data in the memcache, `DATA_DIR` is needed for various mcp servers to store intermediate results, and `LOG_DIR` is used to store log files generated by the servers. These can be set in a `.env` file in the `src` directory. | ||
|
|
||
| In addition, AI API endpoints and secrets also needs to be configured via [environment variables or Codespace secrets](https://github.com/GitHubSecurityLab/seclab-taskflow-agent?tab=readme-ov-file#configuration). In particular, the environment variables `AI_API_TOKEN` and `AI_API_ENDPOINT` needs to be set to the approach AI API endpoints and credentials. If not set, the default `AI_API_ENDPOINT` is GitHub models: |
There was a problem hiding this comment.
Typo: "approach" should be "appropriate" to correctly convey that these are the correct/proper AI API endpoints.
Suggested change
| In addition, AI API endpoints and secrets also needs to be configured via [environment variables or Codespace secrets](https://github.com/GitHubSecurityLab/seclab-taskflow-agent?tab=readme-ov-file#configuration). In particular, the environment variables `AI_API_TOKEN` and `AI_API_ENDPOINT` needs to be set to the approach AI API endpoints and credentials. If not set, the default `AI_API_ENDPOINT` is GitHub models: | |
| In addition, AI API endpoints and secrets also needs to be configured via [environment variables or Codespace secrets](https://github.com/GitHubSecurityLab/seclab-taskflow-agent?tab=readme-ov-file#configuration). In particular, the environment variables `AI_API_TOKEN` and `AI_API_ENDPOINT` needs to be set to the appropriate AI API endpoints and credentials. If not set, the default `AI_API_ENDPOINT` is GitHub models: |
|
|
||
| The `MEMCACHE_STATE_DIR` is needed to persist some intermediate data in the memcache, `DATA_DIR` is needed for various mcp servers to store intermediate results, and `LOG_DIR` is used to store log files generated by the servers. These can be set in a `.env` file in the `src` directory. | ||
|
|
||
| In addition, AI API endpoints and secrets also needs to be configured via [environment variables or Codespace secrets](https://github.com/GitHubSecurityLab/seclab-taskflow-agent?tab=readme-ov-file#configuration). In particular, the environment variables `AI_API_TOKEN` and `AI_API_ENDPOINT` needs to be set to the approach AI API endpoints and credentials. If not set, the default `AI_API_ENDPOINT` is GitHub models: |
There was a problem hiding this comment.
Grammar issue: "needs" should be "need" for subject-verb agreement with the plural subject "environment variables AI_API_TOKEN and AI_API_ENDPOINT".
Suggested change
| In addition, AI API endpoints and secrets also needs to be configured via [environment variables or Codespace secrets](https://github.com/GitHubSecurityLab/seclab-taskflow-agent?tab=readme-ov-file#configuration). In particular, the environment variables `AI_API_TOKEN` and `AI_API_ENDPOINT` needs to be set to the approach AI API endpoints and credentials. If not set, the default `AI_API_ENDPOINT` is GitHub models: | |
| In addition, AI API endpoints and secrets also need to be configured via [environment variables or Codespace secrets](https://github.com/GitHubSecurityLab/seclab-taskflow-agent?tab=readme-ov-file#configuration). In particular, the environment variables `AI_API_TOKEN` and `AI_API_ENDPOINT` needs to be set to the approach AI API endpoints and credentials. If not set, the default `AI_API_ENDPOINT` is GitHub models: |
p-
approved these changes
Dec 16, 2025
kiandadban
pushed a commit
to kiandadban/seclab-taskflows
that referenced
this pull request
May 4, 2026
…_readme update README to reflect recent changes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.