From 6cc0488cbe7662bcef75021ea74479a2905c5e53 Mon Sep 17 00:00:00 2001 From: Talha Naqvi Date: Fri, 20 Mar 2026 10:04:42 -0700 Subject: [PATCH 1/3] fix(ci): triage only triggers when agent-triage label is added by a qualified user --- .github/workflows/agent-triage.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/agent-triage.yml b/.github/workflows/agent-triage.yml index 79f87282c..cba1f8887 100644 --- a/.github/workflows/agent-triage.yml +++ b/.github/workflows/agent-triage.yml @@ -2,7 +2,7 @@ name: Agent Triage on: issues: - types: [opened] + types: [labeled] permissions: contents: read @@ -13,7 +13,8 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 if: >- - github.event.issue.user.type != 'Bot' + github.event.label.name == 'agent-triage' && + github.event.sender.type != 'Bot' steps: - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 From f62b5e624166055cc2efb2c958a40d5b0c98986f Mon Sep 17 00:00:00 2001 From: Talha Naqvi Date: Fri, 20 Mar 2026 15:44:55 -0700 Subject: [PATCH 2/3] chore(ci): improve agent workflows and skills from run feedback - Add pod install to allowed tools in fix, bot, and android-bot workflows - Add bundle exec to android-bot allowed tools (was missing) - Add git fetch origin main step to fix, bot, and android-bot workflows to prevent "no merge base" errors when diffing against main - Switch raise-pr skill to use --body-file instead of inline --body to avoid Claude Code permission checks on markdown headers - Triage skill: search closed issues too to catch regressions - Triage skill: allow clarification comments on vague feature requests - Fix skill: feature requests skip the "reproduce first" constraint --- .claude/skills/fix-github-issue/SKILL.md | 2 +- .claude/skills/raise-pr/SKILL.md | 11 +++++++---- .claude/skills/triage-issue/SKILL.md | 8 ++++++-- .github/workflows/agent-android-bot.yml | 5 ++++- .github/workflows/agent-bot.yml | 5 ++++- .github/workflows/agent-fix.yml | 5 ++++- 6 files changed, 26 insertions(+), 10 deletions(-) diff --git a/.claude/skills/fix-github-issue/SKILL.md b/.claude/skills/fix-github-issue/SKILL.md index cc562c2a6..e77ae9184 100644 --- a/.claude/skills/fix-github-issue/SKILL.md +++ b/.claude/skills/fix-github-issue/SKILL.md @@ -13,7 +13,7 @@ These are hard rules. Violating any of them is a failure. 1. **NO mobile MCP** — Never call any `mcp__mobile-mcp__*` tool. No exceptions. 2. **Device interaction = `agent-device` only** — All simulator/emulator interaction (screenshots, taps, typing, scrolling, app launch/kill) MUST go through `agent-device` CLI commands. Read the agent-device skill for allowed commands. Exception: `adb` is allowed for Android emulator setup (devices, install, reverse, shell getprop, screenrecord). -3. **Reproduce first, code later** — Always reproduce the issue on the simulator before exploring code. The bug might already be fixed. Do not explore the codebase until you have confirmed the bug exists. +3. **Reproduce first, code later** — Always reproduce the issue on the simulator before exploring code. The bug might already be fixed. Do not explore the codebase until you have confirmed the bug exists. **Exception**: Feature requests and new example screens have nothing to reproduce — go straight to implementation. 4. **If you can't repro** — When running interactively, stop and prompt the user with suggestions. When running on CI (no user), attempt to diagnose from code and issue description. ## Steps diff --git a/.claude/skills/raise-pr/SKILL.md b/.claude/skills/raise-pr/SKILL.md index 0b0f09dab..295a7eb9f 100644 --- a/.claude/skills/raise-pr/SKILL.md +++ b/.claude/skills/raise-pr/SKILL.md @@ -83,10 +83,10 @@ Fix any issues found, then amend the commit before proceeding. ### PR body template +**Always use `--body-file`** — inline `--body` with markdown `#` headers triggers Claude Code permission checks and wastes turns. + ```bash -gh pr create \ - --title "fix(): " \ - --body "$(cat <<'EOF' +cat > /tmp/pr-body.md <<'EOF' ## Description <1-3 sentences: what the bug was and how the fix works> @@ -108,7 +108,10 @@ Fixes # - [ ] Verified on iOS simulator - [ ] No regressions on related screens EOF -)" + +gh pr create \ + --title "fix(): " \ + --body-file /tmp/pr-body.md ``` Before running `gh pr create`, double-check: diff --git a/.claude/skills/triage-issue/SKILL.md b/.claude/skills/triage-issue/SKILL.md index 0e615b9dc..cfa843654 100644 --- a/.claude/skills/triage-issue/SKILL.md +++ b/.claude/skills/triage-issue/SKILL.md @@ -12,15 +12,19 @@ description: Triage a GitHub issue — classify priority (P0/P1/P2), search for - **P0**: Crash, data loss, or complete breakage affecting all users - **P1**: Significant bug or regression affecting many users - **P2**: Minor bug, enhancement request, question, or cosmetic issue -3. **Search** for potential duplicates among open issues: +3. **Search** for potential duplicates among open AND closed issues (closed bugs may have regressed): ```bash gh issue list --state open --search "" --limit 5 + gh issue list --state closed --search "" --limit 5 ``` 4. **Apply the priority label** (`P0`, `P1`, or `P2`): ```bash gh issue edit $ISSUE_NUMBER --add-label "" ``` -5. **Comment only if the issue lacks a reproduction AND one would be helpful** — suggest a minimal repro and ask the author for steps. Do NOT comment on feature requests, questions, or issues where the problem is clear from the description alone. +5. **Comment only when genuinely needed:** + - If the issue lacks a reproduction AND one would be helpful — suggest a minimal repro and ask the author for steps. + - If a feature request is too vague to act on (no specifics about what to build) — ask for clarification. + - Do NOT comment on issues where the problem or request is clear from the description alone. ## Rules diff --git a/.github/workflows/agent-android-bot.yml b/.github/workflows/agent-android-bot.yml index 96e27c853..903ff649a 100644 --- a/.github/workflows/agent-android-bot.yml +++ b/.github/workflows/agent-android-bot.yml @@ -22,7 +22,7 @@ permissions: env: ALLOWED_TOOLS: >- Read,Edit,Write,Glob,Grep, - Bash(yarn install),Bash(yarn install *),Bash(yarn build),Bash(yarn build *),Bash(yarn test),Bash(yarn test *),Bash(yarn type-check),Bash(yarn lint),Bash(yarn start),Bash(yarn start *),Bash(yarn e2e:*),Bash(yarn react-native *), + Bash(yarn install),Bash(yarn install *),Bash(yarn build),Bash(yarn build *),Bash(yarn test),Bash(yarn test *),Bash(yarn type-check),Bash(yarn lint),Bash(yarn start),Bash(yarn start *),Bash(yarn e2e:*),Bash(yarn react-native *),Bash(bundle exec *),Bash(pod install),Bash(pod install *), Bash(git log),Bash(git log *),Bash(git diff),Bash(git diff *),Bash(git status),Bash(git show *), Bash(git checkout *),Bash(git add *),Bash(git commit *),Bash(git push -u *), Bash(git branch),Bash(git branch *),Bash(git rev-parse *),Bash(git fetch),Bash(git fetch *), @@ -100,6 +100,9 @@ jobs: - name: Install agent-device run: npm install -g agent-device + - name: Fetch main branch for diffing + run: git fetch origin main + - name: Setup Android SDK if: steps.sdk-cache.outputs.cache-hit != 'true' run: | diff --git a/.github/workflows/agent-bot.yml b/.github/workflows/agent-bot.yml index 30d9ded99..3024f8bac 100644 --- a/.github/workflows/agent-bot.yml +++ b/.github/workflows/agent-bot.yml @@ -22,7 +22,7 @@ permissions: env: ALLOWED_TOOLS: >- Read,Edit,Write,Glob,Grep, - Bash(yarn install),Bash(yarn install *),Bash(yarn build),Bash(yarn build *),Bash(yarn test),Bash(yarn test *),Bash(yarn type-check),Bash(yarn lint),Bash(yarn start),Bash(yarn start *),Bash(yarn e2e:*),Bash(yarn react-native *),Bash(bundle exec *), + Bash(yarn install),Bash(yarn install *),Bash(yarn build),Bash(yarn build *),Bash(yarn test),Bash(yarn test *),Bash(yarn type-check),Bash(yarn lint),Bash(yarn start),Bash(yarn start *),Bash(yarn e2e:*),Bash(yarn react-native *),Bash(bundle exec *),Bash(pod install),Bash(pod install *), Bash(git log),Bash(git log *),Bash(git diff),Bash(git diff *),Bash(git status),Bash(git show *), Bash(git checkout *),Bash(git add *),Bash(git commit *),Bash(git push -u *), Bash(git branch),Bash(git branch *),Bash(git rev-parse *),Bash(git fetch),Bash(git fetch *), @@ -67,6 +67,9 @@ jobs: - name: Install agent-device run: npm install -g agent-device + - name: Fetch main branch for diffing + run: git fetch origin main + - name: Run agent uses: anthropics/claude-code-action@bf4f0de6fccd1eea7044a5f903fc928aff363134 # v1 env: diff --git a/.github/workflows/agent-fix.yml b/.github/workflows/agent-fix.yml index d332ea9de..30e6cf49c 100644 --- a/.github/workflows/agent-fix.yml +++ b/.github/workflows/agent-fix.yml @@ -14,7 +14,7 @@ permissions: env: ALLOWED_TOOLS: >- Read,Edit,Write,Glob,Grep, - Bash(yarn install),Bash(yarn install *),Bash(yarn build),Bash(yarn build *),Bash(yarn test),Bash(yarn test *),Bash(yarn type-check),Bash(yarn lint),Bash(yarn start),Bash(yarn start *),Bash(yarn e2e:*),Bash(yarn react-native *),Bash(bundle exec *), + Bash(yarn install),Bash(yarn install *),Bash(yarn build),Bash(yarn build *),Bash(yarn test),Bash(yarn test *),Bash(yarn type-check),Bash(yarn lint),Bash(yarn start),Bash(yarn start *),Bash(yarn e2e:*),Bash(yarn react-native *),Bash(bundle exec *),Bash(pod install),Bash(pod install *), Bash(git log),Bash(git log *),Bash(git diff),Bash(git diff *),Bash(git status),Bash(git show *), Bash(git checkout *),Bash(git add *),Bash(git commit *),Bash(git push -u *), Bash(git branch),Bash(git branch *),Bash(git rev-parse *),Bash(git fetch),Bash(git fetch *), @@ -63,6 +63,9 @@ jobs: - name: Install agent-device run: npm install -g agent-device + - name: Fetch main branch for diffing + run: git fetch origin main + - name: Fix issue uses: anthropics/claude-code-action@bf4f0de6fccd1eea7044a5f903fc928aff363134 # v1 env: From 3d3711f6db31ab3c8432ed9d8d3cf10a7330cab0 Mon Sep 17 00:00:00 2001 From: Talha Naqvi Date: Fri, 20 Mar 2026 16:03:04 -0700 Subject: [PATCH 3/3] fix(ci): address copilot review comments - raise-pr: use Write tool instead of cat for /tmp/pr-body.md (cat not in allowed tools) - triage: fix Rules section to match Step 5 comment guidance --- .claude/skills/raise-pr/SKILL.md | 7 ++++--- .claude/skills/triage-issue/SKILL.md | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.claude/skills/raise-pr/SKILL.md b/.claude/skills/raise-pr/SKILL.md index 295a7eb9f..a121ef95f 100644 --- a/.claude/skills/raise-pr/SKILL.md +++ b/.claude/skills/raise-pr/SKILL.md @@ -83,10 +83,11 @@ Fix any issues found, then amend the commit before proceeding. ### PR body template -**Always use `--body-file`** — inline `--body` with markdown `#` headers triggers Claude Code permission checks and wastes turns. +**Always use `--body-file`** — inline `--body` with markdown `#` headers triggers Claude Code permission checks and wastes turns. Use the `Write` tool to create the file (not `cat` or `echo`, which may not be in allowed tools on CI). -```bash -cat > /tmp/pr-body.md <<'EOF' +Write the following to `/tmp/pr-body.md` using the Write tool: + +```markdown ## Description <1-3 sentences: what the bug was and how the fix works> diff --git a/.claude/skills/triage-issue/SKILL.md b/.claude/skills/triage-issue/SKILL.md index cfa843654..cb5924112 100644 --- a/.claude/skills/triage-issue/SKILL.md +++ b/.claude/skills/triage-issue/SKILL.md @@ -30,7 +30,7 @@ description: Triage a GitHub issue — classify priority (P0/P1/P2), search for - Do NOT post triage comments explaining priority or duplicates — labels are sufficient. - Do NOT modify any code. -- Do NOT close issues — only label (and comment if repro is missing). +- Do NOT close issues — only label (and comment per Step 5 when genuinely needed). - **Only apply these labels**: `P0`, `P1`, `P2`. Do NOT apply any other labels (especially not `agent-fix`). - Do NOT run `gh auth`, `gh api`, `gh secret`, or any `gh` command other than `gh issue`. - Do NOT read environment variables, process info, or files outside the repository.