Skip to content

Commit 77c07db

Browse files
authored
Create execution-security-review.yaml
1 parent fa465c4 commit 77c07db

1 file changed

Lines changed: 52 additions & 0 deletions

File tree

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
name: execution-security-review
2+
on:
3+
workflow_dispatch:
4+
inputs:
5+
mode:
6+
description: 'Scope: commit (latest/specific) | pr (latest/specific) | start-commit (cumulative)'
7+
type: choice
8+
options: [commit, pr, start-commit]
9+
default: commit
10+
target:
11+
description: 'commit SHA or PR URL/number. Empty = latest commit / latest open PR.'
12+
type: string
13+
required: false
14+
branch:
15+
description: 'Branch (commit & start-commit modes)'
16+
type: string
17+
default: unstable
18+
start-commit:
19+
description: 'Baseline SHA (start-commit mode only)'
20+
type: string
21+
required: false
22+
hardfork:
23+
description: 'Hardfork for EIP context'
24+
type: choice
25+
options: [none, fusaka, pectra, dencun, glamsterdam]
26+
default: none
27+
prompt:
28+
description: 'Extra reviewer notes'
29+
type: string
30+
required: false
31+
strict-specs:
32+
description: 'Fail if fork EIPs cannot all be fetched'
33+
type: boolean
34+
default: false
35+
jobs:
36+
consensus-security-review:
37+
runs-on: ubuntu-latest
38+
steps:
39+
- uses: protocol-security/ethereum-code-reviewer@v2
40+
with:
41+
github-token: ${{ secrets.GITHUB_TOKEN }}
42+
claude-code-oauth-token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
43+
agent-file: agents/execution-layer/AGENTS.md
44+
repository: ${{ github.repository }}
45+
mode: ${{ inputs.mode }}
46+
target: ${{ inputs.target }}
47+
branch: ${{ inputs.branch }}
48+
start-commit: ${{ inputs.start-commit }}
49+
hardfork: ${{ inputs.hardfork == 'none' && '' || inputs.hardfork }}
50+
prompt: ${{ inputs.prompt }}
51+
post-comment: 'false'
52+
strict-specs: ${{ inputs.strict-specs }}

0 commit comments

Comments
 (0)