diff --git a/.claude/skills/gh-aw-guide/SKILL.md b/.claude/skills/gh-aw-guide/SKILL.md index 7f0d616f9a..f5cf5d630b 100644 --- a/.claude/skills/gh-aw-guide/SKILL.md +++ b/.claude/skills/gh-aw-guide/SKILL.md @@ -276,7 +276,7 @@ tools: | `all` | `approved` | **Two-layer defense.** Any actor triggers, but agent only sees trusted content | | `all` | `none` | **Widest exposure.** Must pair with minimal `safe-outputs` — only remaining constraint | -> ⚠️ **Compiler bug (v0.62.2)**: Hardcoded `min-integrity` in source emits an incomplete guard policy (missing `repos` field) that crashes the MCP Gateway. Rely on the automatic `determine-automatic-lockdown` step instead, which applies `approved` for public repos by default. This may be fixed in newer compiler versions — test before hardcoding. +> ⚠️ **Compiler bug**: Hardcoded `min-integrity` in source emits an incomplete guard policy (missing `repos` field) that crashes the MCP Gateway (first observed in v0.62.2; unconfirmed whether fixed in later versions — test before hardcoding). Rely on the automatic `determine-automatic-lockdown` step instead, which applies `approved` for public repos by default. **4. CI triggering + protected file safety** for agent-created PRs — `GITHUB_TOKEN` pushes don't trigger CI; a PAT/App token is required. `protected-files` controls what happens when the agent modifies package manifests or `.github/`: diff --git a/.github/instructions/gh-aw-workflows.instructions.md b/.github/instructions/gh-aw-workflows.instructions.md index 2db9a11064..d7e8fe4b19 100644 --- a/.github/instructions/gh-aw-workflows.instructions.md +++ b/.github/instructions/gh-aw-workflows.instructions.md @@ -19,7 +19,7 @@ When working on gh-aw workflow files, use the **`gh-aw-guide`** skill for the co 7. **Always use `github-token-for-extra-empty-commit:`** (PAT/App token) on `create-pull-request` — `GITHUB_TOKEN` pushes do not trigger CI 8. **Set `protected-files: fallback-to-issue`** on `create-pull-request` when the agent may touch package manifests or `.github/` — prevents PR creation from failing silently 9. **Use `Checkout-GhAwPr.ps1`** for `workflow_dispatch` workflows that check out a PR — it verifies write access and restores trusted `.github/` from base branch -10. **Do NOT set `min-integrity` explicitly** — compiler v0.62.2 emits an incomplete guard policy that crashes the MCP Gateway. Rely on the automatic `determine-automatic-lockdown` runtime step instead, which applies appropriate integrity levels based on event type and actor trust. +10. **Do NOT set `min-integrity` explicitly** — a known compiler bug emits an incomplete guard policy (missing `repos` field) that crashes the MCP Gateway. Rely on the automatic `determine-automatic-lockdown` runtime step instead, which applies appropriate integrity levels based on event type and actor trust. (Bug was present as of v0.62.2; verify it is resolved before hardcoding in your compiler version.) ## Quick Anti-Pattern Check (Critical Subset) diff --git a/.github/instructions/gh-aw-workflows.sync.yaml b/.github/instructions/gh-aw-workflows.sync.yaml index 7039804576..6abebbb016 100644 --- a/.github/instructions/gh-aw-workflows.sync.yaml +++ b/.github/instructions/gh-aw-workflows.sync.yaml @@ -1,6 +1,7 @@ # Drift tracking manifest for gh-aw-guide skill # Used by the instruction-drift skill to detect when upstream sources change. # See .claude/skills/instruction-drift/SKILL.md for details. +# last_reviewed: 2026-04-24 (v0.71.0) target: ../skills/gh-aw-guide/SKILL.md secondary_targets: