[WIP] Add explicit permissions to seven workflows

[Copilot]

Plan: Add Explicit Permissions to 7 Workflows

Based on the issue, I need to add explicit permissions: declarations to 7 workflow files that currently lack them:

Workflows to Update

Smoke Workflows (5 files) - Pattern: Read-only main job + safe-outputs

• smoke-copilot.md - Add permissions: { contents: read, actions: read }
• smoke-claude.md - Add permissions: { contents: read, actions: read }
• smoke-codex.md - Add permissions: { contents: read, actions: read }
• smoke-opencode.md - Add permissions: { contents: read, actions: read }
• smoke-copilot.firewall.md - Add permissions: { contents: read, actions: read }

Daily News Workflow - Pattern: Read + discussions write (non-strict mode)

• daily-news.md - Add permissions: { contents: read, discussions: write, actions: read }

Notion Issue Summary - Pattern: Read-only

• notion-issue-summary.md - Add permissions: { contents: read, issues: read, actions: read }

Validation Steps

• Compile all modified workflows with gh aw compile
• Run unit tests to ensure no regressions
• Review generated .lock.yml files

Key Points

• Smoke workflows use strict: true with safe-outputs.create-issue, so main job gets read-only permissions
• Daily news uses safe-outputs.create-discussion but NOT in strict mode, so requires explicit write permission
• Notion workflow is read-only, no safe-outputs

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[q] Add explicit permissions to 7 workflows</issue_title>
<issue_description># Q Workflow Optimization Report

Investigation Summary

This PR is the result of a /q investigate permissions command investigation into workflow permissions across the gh-aw repository, analyzing live workflow run data from the past 7 days.

Issues Found (from live data)

Missing Explicit Permissions

Problem: 7 workflows lacked explicit permissions: declarations, relying on GitHub Actions default permissions.

Evidence from Live Runs:

• Run githubnext/gh-aw#18840321667 (Smoke Copilot): 9 warnings - "Permission denied and could not request permission from user"
• Pattern: copilot-permission-denied
• Root Cause: Missing explicit permission declarations led to reliance on defaults
• Data Sources: Analyzed 15 workflow runs over 7 days (2M+ tokens, $1.64 cost)

Workflows Without Explicit Permissions

1. smoke-copilot.md
2. smoke-claude.md
3. smoke-codex.md
4. smoke-opencode.md
5. smoke-copilot.firewall.md
6. daily-news.md
7. notion-issue-summary.md

Changes Made

Added Explicit Permissions

All 7 workflows now have explicit permissions: declarations following the principle of least privilege:

Smoke Workflows (5 files)

Pattern: Read-only main job + safe-outputs for write operations

permissions:
  contents: read    # For reading repository code
  actions: read     # For workflow metadata

Files modified:

• smoke-copilot.md
• smoke-claude.md
• smoke-codex.md
• smoke-opencode.md
• smoke-copilot.firewall.md

Key Point: These workflows use safe-outputs.create-issue with strict: true, so write permissions are handled by separate safe-outputs jobs.

Daily News Workflow

permissions:
  contents: read      # For reading repository code
  discussions: write  # Required for safe-outputs create-discussion job
  actions: read       # For workflow metadata

Note: Uses safe-outputs.create-discussion but NOT in strict mode, so requires explicit write permission.

Notion Issue Summary Workflow

permissions:
  contents: read    # For reading repository code
  issues: read      # For reading issue content
  actions: read     # For workflow metadata

Note: Read-only workflow, no safe-outputs used.

Validation

All modified workflows compiled successfully using gh-aw compile:

• ✅ smoke-copilot.md (202.8 KB)
• ✅ smoke-claude.md (177.7 KB)
• ✅ smoke-codex.md (160.1 KB)
• ✅ smoke-opencode.md (136.9 KB)
• ✅ smoke-copilot.firewall.md (202.9 KB)
• ✅ daily-news.md (210.3 KB)
• ✅ notion-issue-summary.md (163.1 KB)

Expected Improvements

Security

• Explicit permission model: No longer relies on implicit GitHub Actions defaults
• Reduced attack surface: Main AI jobs run with minimal read-only permissions
• Compliance: Follows principle of least privilege

Reliability

• Protection from default changes: Workflows won't break if GitHub changes default permissions
• Clear documentation: Each workflow explicitly declares what it can access
• Safe-outputs pattern: Write operations isolated in separate jobs

Maintainability

• Self-documenting: Permissions field shows exactly what each workflow can do
• Easier auditing: Clear view of permission requirements
• Consistent pattern: All workflows follow same permission model

Key Learnings

1. Strict Mode Behavior: Workflows with strict: true cannot have write permissions in main job
2. Safe-Outputs Architecture: Issue/discussion creation happens in separate jobs with appropriate permissions
3. Explicit > Implicit: All workflows should declare permissions explicitly
4. Read-Only Default: Main AI jobs should have minimal read permissions

Investigation Details

Data Sources (all from live workflow runs - no fabricated data):

• Workflow Runs Analyzed: 15 runs
• Time Period: Last 7 days (2025-10-20 to 2025-10-27)
• Total Duration: 40.4 minutes
• Total Tokens: 2,053,997
• Total Cost: $1.64
• Run IDs: 18840301682, 18840299097, 18821713918, 18821735224, and 11 others
• Logs Location: /tmp/gh-aw/aw-mcp/logs/

References

• Investigation triggered by: Daily Firewall Report - 2025-10-27 #2594 (discussion comment)
• Log analysis tool: gh aw logs MCP server
• Compilation validation: gh aw compile MCP server

---

Note: This PR modifies only .md workflow files. Lock files (.lock.yml) will be regenerated automatically after merge.

AI generated by Q

---

[!NOTE]
This was originally intended as a pull request, but the git push operation failed.

Workflow Run: View run details and download patch artifact

The patch file is available as an artifact (aw.patch) in the work...

• Fixes [q] Add explicit permissions to 7 workflows #2605

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.