From 06d978cbc8d240c35d607a809c94f04443fa9c33 Mon Sep 17 00:00:00 2001
From: Slyghtning <hieblmi@protonmail.com>
Date: Thu, 12 Mar 2026 10:41:52 +0100
Subject: [PATCH] .github: add low-risk label trigger for Claude review with
 approval

- Add pull_request_target trigger for fork secret access
- Use pull_request_target in claude-approve if-condition
- Replace CLAUDE.md references with AGENTS.md
- Replace simple approve/comment prompt with comprehensive
  risk-classification prompt (intrinsic PR risk + finding severity)
- Use --request-changes instead of comment when not approving
---
 .github/workflows/claude-code-review.yml | 78 +++++++++++++++++++++++-
 1 file changed, 76 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml
index c13649cf8..487f5987f 100644
--- a/.github/workflows/claude-code-review.yml
+++ b/.github/workflows/claude-code-review.yml
@@ -5,6 +5,8 @@ on:
     types: [created]
   pull_request:
     types: [labeled, synchronize]
+  pull_request_target:
+    types: [labeled, synchronize]
 
 jobs:
   claude-review:
@@ -46,10 +48,82 @@ jobs:
             - Security concerns
             - Test coverage
 
-            Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback.
+            Use the repository's AGENTS.md for guidance on style and conventions. Be constructive and helpful in your feedback.
 
             Use `gh pr comment` with your Bash tool to leave your review as a comment on the PR.
 
           # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
           # or https://docs.claude.com/en/docs/claude-code/cli-reference for available options
-          claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"'
\ No newline at end of file
+          claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"'
+
+  claude-approve:
+    if: |
+      github.event_name == 'pull_request_target' &&
+      contains(github.event.pull_request.labels.*.name, 'low-risk') &&
+      (github.event.action == 'labeled' || github.event.action == 'synchronize')
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+      issues: read
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - name: Run Claude Code Review and Approve
+        id: claude-approve
+        uses: anthropics/claude-code-action@v1
+        with:
+          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          prompt: |
+            REPO: ${{ github.repository }}
+            PR NUMBER: ${{ github.event.pull_request.number }}
+
+            Review this pull request thoroughly, checking for:
+            - Code quality and best practices
+            - Potential bugs or issues
+            - Performance considerations
+            - Security concerns
+            - Test coverage
+
+            Use the repository's AGENTS.md for guidance on style and conventions.
+
+            Classify the PR's intrinsic risk severity using one of:
+            - critical: must block merge
+            - high: large blast radius or very sensitive code paths
+            - medium: meaningful production or maintainability risk
+            - low: constrained blast radius and straightforward rollback
+
+            Intrinsic risk is about the impact and sensitivity of changed code,
+            even when no concrete bug is found.
+            Any changes touching fund movement, signing/sweeping, swap state
+            transitions, security/authz/authn logic, secrets handling, or DB
+            schema/migrations are at least medium risk.
+
+            Also classify each finding using one of:
+            - critical
+            - high
+            - medium
+            - low
+            - nit
+
+            Decision rule:
+            - Approve ONLY if intrinsic PR risk is low AND highest finding
+              severity is low or nit.
+            - If intrinsic PR risk is medium/high/critical, DO NOT approve and
+              submit a changes-requested review.
+            - If any finding is medium/high/critical, DO NOT approve and submit
+              a changes-requested review.
+            - If uncertain, treat as medium risk.
+
+            If approving:
+              gh pr review ${{ github.event.pull_request.number }} --approve --body "Claude review: intrinsic PR risk low and findings low/nit; safe for low-risk path."
+
+            If NOT approving:
+              gh pr review ${{ github.event.pull_request.number }} --request-changes --body "Claude review: not eligible for low-risk auto-approval. Include intrinsic PR risk and findings with severities."
+
+          claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*),Bash(gh pr review:*)"'