[refactoring] Extract PR Code Review base configuration into shared component

[github-actions]

Skill Overview

Seven workflows perform pull request code review using an identical or near-identical safe-outputs pattern (create-pull-request-review-comment + submit-pull-request-review) with shared tool requirements (cache-memory + GitHub PR tools). A shared component would consolidate this configuration, enforce consistency (e.g., always posting comments on the RIGHT side), and make it easier to add new PR review agents.

Current Usage

These workflows all use submit-pull-request-review: and inline the same tool/safe-output pattern:

• grumpy-reviewer.md – cache-memory: true, github: toolsets: [pull_requests, repos], review-comment + review-submit
• pr-nitpick-reviewer.md – cache-memory: true, github: toolsets: [pull_requests, repos], review-comment + review-submit
• security-review.md – cache-memory: true, review-comment + review-submit
• daily-safe-output-integrator.md – review-comment + review-submit
• smoke-copilot.md – review-comment + review-submit (smoke test)
• smoke-copilot-arm.md – review-comment + review-submit (smoke test)
• smoke-claude.md – review-comment + review-submit (smoke test)

Shared frontmatter across the 4 non-smoke review workflows:

# All include:
tools:
  cache-memory: true
  github:
    toolsets: [pull_requests, repos]
safe-outputs:
  create-pull-request-review-comment:
    max: 5-10      # varies
    side: "RIGHT"
  submit-pull-request-review:
    max: 1

Proposed Shared Component

File: .github/workflows/shared/pr-code-review-config.md

Configuration:

---
# Base configuration for AI-powered PR code review workflows
# Provides: cache-memory, GitHub PR tools, and review comment safe-outputs

tools:
  cache-memory: true
  github:
    toolsets: [pull_requests, repos]

safe-outputs:
  create-pull-request-review-comment:
    side: "RIGHT"
  submit-pull-request-review:
    max: 1
---

## PR Code Review Configuration

This shared component provides the standard tooling for AI pull request code review agents.

### Available Tools

- **`cache-memory`** — Persist review history across runs at `/tmp/gh-aw/cache-memory/`
  - Store previous review notes: `/tmp/gh-aw/cache-memory/pr-{number}.json`
  - Avoid repeating comments seen in previous reviews
- **GitHub PR tools** — Access PR diffs, file changes, review threads, and check runs

### Review Guidelines

1. **Check cache first** — Read `/tmp/gh-aw/cache-memory/pr-$\{\{ github.event.issue.number }}.json` to avoid re-stating previous comments
2. **Use `get_diff`** — Fetch the actual diff to review line-by-line changes
3. **Use `get_review_comments`** — Check existing review threads before adding new ones
4. **Submit as a unified review** — Batch comments and call `submit-pull-request-review` once with an overall assessment

### Safe Output Usage

- `create-pull-request-review-comment` — Post inline comments on specific lines
- `submit-pull-request-review` — Submit the overall review (APPROVE / REQUEST_CHANGES / COMMENT)

Usage Example:

# In a PR review workflow
imports:
  - shared/pr-code-review-config.md
  - shared/reporting.md
safe-outputs:
  create-pull-request-review-comment:
    max: 10   # Override default limit
  messages:
    footer: "> 🔍 *Reviewed by [{workflow_name}]({run_url})*{history_link}"

Impact

• Workflows affected: 4 active review workflows + 3 smoke tests = 7 total
• Lines saved: ~8–10 lines per workflow = ~56–70 lines direct savings
• Consistency benefit: Enforces side: "RIGHT", single submit-pull-request-review, and cache-memory usage across all review agents
• Onboarding benefit: New review agents get correct configuration by default

Implementation Plan

1. Create .github/workflows/shared/pr-code-review-config.md with the content above
2. Update grumpy-reviewer.md to import and remove duplicate config
3. Update pr-nitpick-reviewer.md similarly
4. Update security-review.md similarly
5. Update daily-safe-output-integrator.md similarly
6. Verify smoke tests (smoke-copilot.md, smoke-copilot-arm.md, smoke-claude.md) still compile correctly
7. Run make recompile to regenerate lock files

Related Analysis

This recommendation comes from the Workflow Skill Extractor analysis run on 2026-03-22.

See the full analysis report in discussions for context.

Generated by Workflow Skill Extractor · ◷

• expires on Mar 24, 2026, 4:26 PM UTC

[github-actions]

🍪 Issue Monster has assigned this to Copilot!

I've identified this issue as a good candidate for automated resolution and assigned it to the Copilot coding agent.

The Copilot coding agent will analyze the issue and create a pull request with the fix.

Om nom nom! 🍪

🍪 Om nom nom by Issue Monster · ◷

[github-actions]

🍪 Issue Monster has assigned this to Copilot!

I've identified this issue as a good candidate for automated resolution and assigned it to the Copilot coding agent.

The Copilot coding agent will analyze the issue and create a pull request with the fix.

Om nom nom! 🍪

🍪 Om nom nom by Issue Monster · ◷

[github-actions]

🍪 Issue Monster has assigned this to Copilot!

I've identified this issue as a good candidate for automated resolution and assigned it to the Copilot coding agent.

The Copilot coding agent will analyze the issue and create a pull request with the fix.

Om nom nom! 🍪

🍪 Om nom nom by Issue Monster · ◷

[github-actions]

🍪 Issue Monster has assigned this to Copilot!

I've identified this refactoring request as a strong candidate for Copilot coding agent work and assigned it so the shared PR review configuration can be extracted consistently.

Om nom nom! 🍪

🍪 Om nom nom by Issue Monster · ◷