Bug
The letta-code-action@v0 CI job fails with a permissions error whenever an external contributor (read-only access) opens an issue. The action checks the issue author's permissions rather than authenticating with a repository-level token.
Reproduction
- Be a user with no write access to
letta-ai/letta-code
- Open an issue
- The
letta CI check fails
Observed logs
Auto-detected mode: agent for event: issues
Using provided github_token for authentication
Checking permissions for actor: marigold-mortician
Permission level retrieved: read
Warning: Actor has insufficient permissions: read
Error: Prepare step failed with error: Actor does not have write permissions to the repository
Error: Process completed with exit code 1.
Full run: https://github.com/letta-ai/letta-code/actions/runs/25765650938/job/75677395165
Root cause
The action's prepare step calls github_token for authentication but then checks the actor's permission level against the repository. For external contributors, this will always be read, causing the job to hard-fail before the agent can do anything.
This means the auto-triage agent that letta-code-action is meant to spin up cannot respond to issues filed by community contributors — only issues from maintainers with write access.
Expected behavior
The action should either:
- Use the
GITHUB_TOKEN with its own permissions (which has write scope within the action's context) rather than checking the actor's access level, or
- Skip the actor permission check for issue events where the agent is acting on behalf of the repository, not the filer, or
- Add an
if: condition so the job gracefully skips or degrades when the actor lacks write permissions, instead of red-X'ing the entire CI run
Impact
- Every issue opened by a non-maintainer shows a failing CI check, which is confusing for filers and adds noise for maintainers
- The Letta agent auto-triage functionality is unavailable for the majority of issues (those filed by the community)
Example
This was observed on issue #2233, opened by an external contributor.
Bug
The
letta-code-action@v0CI job fails with a permissions error whenever an external contributor (read-only access) opens an issue. The action checks the issue author's permissions rather than authenticating with a repository-level token.Reproduction
letta-ai/letta-codelettaCI check failsObserved logs
Full run: https://github.com/letta-ai/letta-code/actions/runs/25765650938/job/75677395165
Root cause
The action's prepare step calls
github_tokenfor authentication but then checks the actor's permission level against the repository. For external contributors, this will always beread, causing the job to hard-fail before the agent can do anything.This means the auto-triage agent that
letta-code-actionis meant to spin up cannot respond to issues filed by community contributors — only issues from maintainers with write access.Expected behavior
The action should either:
GITHUB_TOKENwith its own permissions (which has write scope within the action's context) rather than checking the actor's access level, orif:condition so the job gracefully skips or degrades when the actor lacks write permissions, instead of red-X'ing the entire CI runImpact
Example
This was observed on issue #2233, opened by an external contributor.