docs: document HTTPS URL imports, network.allowed-input, allowed-repos: current, ignore-if-missing, and workflow_run.workflows validation (#33283)

Author: github-actions[bot]

docs/src/content/docs/reference/auth.mdx

@@ -269,6 +269,21 @@ For both tool authentication and safe outputs, you can scope the GitHub App toke
 - `repositories: ["*"]` - Org-wide access (all repos in the installation)
 - `repositories: ["repo1", "repo2"]` - Specific repositories only
 
+### Gracefully Skip Minting When Keys Are Missing (`ignore-if-missing:`)
+
+By default, jobs fail when `client-id` or `private-key` resolve to empty strings at runtime — for example, on fork pull requests where App secrets are unavailable. Set `ignore-if-missing: true` to skip the token mint step instead and fall back to the standard non-App token chain (`secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN`):
+
+```yaml wrap
+safe-outputs:
+  github-app:
+    client-id: ${{ vars.APP_ID }}
+    private-key: ${{ secrets.APP_PRIVATE_KEY }}
+    ignore-if-missing: true
+  create-issue:
+```
+
+The same field is accepted under `tools.github.github-app:` and applies consistently to all token mint paths (safe outputs, activation, pre-activation, and checkout). Default behavior (fail when keys are empty) is unchanged when the field is omitted or `false`.
+
 ---
 
 ## Related Documentation

docs/src/content/docs/reference/github-tools.md

@@ -65,14 +65,25 @@ The setting `tools.github.allowed-repos` specifies which repositories the agent
 
 - `"all"` — All repositories accessible by the configured token
 - `"public"` — Public repositories only
-- `"${{ github.repository }}"` — The repository where the workflow is running
+- `"current"` — The repository where the workflow is running (normalized to `${{ github.repository }}` in the emitted guard policy)
+- `"${{ github.repository }}"` — Equivalent to `"current"`, kept for backward compatibility
 - Array of patterns — Specific repositories and wildcards:
   - `"owner/repo"` — Exact repository match
   - `"owner/*"` — All repositories under an owner
   - `"owner/prefix*"` — Repositories with a name prefix under an owner
 
 This defaults to `"all"` when omitted. Patterns must be lowercase. Wildcards are only permitted at the end of the repository name component.
 
+Use `current` in reusable or generated workflows that need to express "this repository only" without hard-coding `owner/repo`:
+
+```yaml wrap
+tools:
+  github:
+    toolsets: [issues, pull_requests]
+    allowed-repos: current
+    min-integrity: approved
+```
+
 For example:
 
 ```yaml wrap

docs/src/content/docs/reference/network.md

@@ -292,6 +292,33 @@ network:
 
 When the firewall is disabled, network permissions still apply for content sanitization but the agent can make unrestricted network requests. Only disable during development or when AWF is incompatible with your workflow; keep it enabled in production.
 
+## Caller-Extensible Allowlist (`network.allowed-input`)
+
+Reusable workflows compiled to `.lock.yml` bake their `network.allowed` list into the lock file. By default a consumer repository cannot extend the allowlist without forking and recompiling the source. Set `network.allowed-input: true` to opt into a `workflow_call` input named `network_allowed` that callers can use to add domains or ecosystems at runtime.
+
+The source workflow's compiled `network.allowed` is preserved as the baseline, and the caller's value is unioned in before AWF starts. Ecosystem shorthands (for example `rust`) are expanded to their concrete domain sets before merging, and the result is deduplicated.
+
+```yaml wrap
+# source workflow (compiled to a reusable .lock.yml)
+on:
+  workflow_call:
+network:
+  allowed:
+    - defaults
+  allowed-input: true
+```
+
+```yaml wrap
+# consumer workflow
+jobs:
+  run:
+    uses: owner/repo/.github/workflows/worker.lock.yml@v1
+    with:
+      network_allowed: rust,github.com
+```
+
+The `network_allowed` input is a string accepting comma-separated ecosystem identifiers and/or domains. The behavior of the source workflow is unchanged when `allowed-input` is omitted or `false`.
+
 ## Wildcard Domain Patterns
 
 Use wildcard patterns (`*.example.com`) to match any subdomain of a domain. Wildcards provide explicit control when you need to allow a family of subdomains.

docs/src/content/docs/reference/triggers.md

@@ -274,6 +274,7 @@ on:
 
 Workflows with `workflow_run` triggers include automatic security protections:
 
+- **`workflows` is required:** `workflow_run` must include at least one non-empty entry in `workflows`. Missing, empty (`workflows: []`), or whitespace-only entries are rejected at compile time, since GitHub Actions silently disables `on.workflow_run` triggers that do not reference any workflows.
 - **Repository/fork validation:** The compiler injects repository ID and fork checks, rejecting cross-repository or fork-triggered runs.
 - **Branch restrictions required:** Include `branches` to limit triggering branches; without them the compiler warns (or errors in strict mode).
 

docs/src/content/docs/setup/cli.md

@@ -151,6 +151,7 @@ Add a workflow with interactive guided setup. Checks requirements, adds the mark
 ```bash wrap
 gh aw add-wizard githubnext/agentics/ci-doctor           # Interactive setup
 gh aw add-wizard https://github.com/org/repo/blob/main/workflows/my-workflow.md
+gh aw add-wizard https://example.com/workflows/my-workflow.json   # Arbitrary URL (JSON workflow)
 gh aw add-wizard githubnext/agentics/ci-doctor --skip-secret  # Skip secret prompt
 ```
 
@@ -165,12 +166,16 @@ gh aw add githubnext/agentics/ci-doctor           # Add single workflow
 gh aw add githubnext/agentics/ci-doctor@v1.0.0   # Add specific version
 gh aw add githubnext/agentics/ci-doctor --dir shared                  # Organize in subdirectory
 gh aw add githubnext/agentics/ci-doctor --create-pull-request        # Create PR instead of commit
+gh aw add https://example.com/workflows/my-workflow.md               # Arbitrary HTTPS URL (markdown)
+gh aw add https://example.com/workflows/my-workflow.json             # Arbitrary HTTPS URL (JSON workflow definition)
 ```
 
 **Options:** `--dir/-d`, `--create-pull-request`, `--no-gitattributes`, `--append`, `--disable-security-scanner`, `--engine/-e`, `--force/-f`, `--name/-n`, `--no-stop-after`, `--stop-after`
 
 Repository-level packages can declare an [`aw.yml` manifest](/gh-aw/reference/aw-yml-package-manifest/) at the repository root or in a nested package folder to define installable files, package `README.md`, schema compatibility, and minimum supported CLI versions.
 
+`add` and `add-wizard` also accept arbitrary `http(s)://` URLs. The fetched response is dispatched by `Content-Type`: `text/markdown` (and `text/x-markdown`) is installed as a raw gh-aw workflow, and `application/json` (or any `*+json` suffix) is converted to a workflow markdown file before installation. Unknown content types produce an actionable error listing the detected type. For non-GitHub hosts, no include/dispatch-workflow dependency resolution is performed, and no GitHub authentication token is sent to the remote server.
+
 #### `new`
 
 Create a workflow template in `.github/workflows/`. Opens for editing automatically.