ci(docs): Add agentic workflows for codebase documentation #5649
2 issues
High
MCP Gateway step references non-existent step outputs, causing empty credentials - `.github/workflows/docs-codebase-refresh.lock.yml:647-648`
Lines 647-648 reference steps.safe-outputs-start.outputs.api_key and steps.safe-outputs-start.outputs.port, but the safe-outputs-start step (line 624) doesn't produce any outputs. The correct references should be steps.safe-outputs-config.outputs.safe_outputs_api_key and steps.safe-outputs-config.outputs.safe_outputs_port from the earlier step that generates these values. This will cause the MCP Gateway to receive empty API key and port values, likely breaking authentication.
Also found at:
.github/workflows/docs-codebase-update.lock.yml:647-648
MCP Gateway receives empty API key and port due to referencing non-existent step outputs - `.github/workflows/docs-codebase-refresh.lock.yml:647-648`
The start-mcp-gateway step (lines 647-648) references steps.safe-outputs-start.outputs.api_key and steps.safe-outputs-start.outputs.port, but the safe-outputs-start step does not set any outputs via GITHUB_OUTPUT. The actual outputs are set in safe-outputs-config step with names safe_outputs_api_key and safe_outputs_port. This causes GH_AW_SAFE_OUTPUTS_API_KEY and GH_AW_SAFE_OUTPUTS_PORT environment variables to be empty strings when passed to the Docker container, leading to authentication/connection failures with the Safe Outputs MCP server.
Also found at:
.github/workflows/docs-codebase-update.lock.yml:647-648
4 skills analyzed
| Skill | Findings | Duration | Cost |
|---|---|---|---|
| code-review | 1 | 9m | $0.89 |
| find-bugs | 1 | 4m 28s | $8.15 |
| skill-scanner | 0 | 8m 27s | $3.57 |
| security-review | 0 | 6m 35s | $6.10 |
Duration: 28m 29s · Tokens: 7.6M in / 87.2k out · Cost: $18.74 (+extraction: $0.00, +merge: $0.00, +fix_gate: $0.01, +dedup: $0.02)