docs: document add-labels safe-output capability in create-agentic-workflow.md

[Copilot]

add-labels safe-output was undocumented in the workflow creation guide, leaving engineers to guess whether to use update-issue with a labels array or direct gh issue edit --add-label in bash — both wrong approaches.

Changes

• Security best practices list — added add-labels alongside create-issue, add-comment, etc.; added explicit anti-pattern callout for gh issue edit --add-label (bypasses allow-lists, rate limiting, audit trails)
• Step 2 Safe Outputs quick-reference — new add-labels entry clarifying it's the dedicated tool (not update-issue with labels), with a minimal working example:

safe-outputs:
  add-labels:
    allowed: [bug, enhancement, needs-triage]  # restrict to safe labels
    max: 3

The entry notes that the safe-output job executes with issues: write / pull-requests: write permissions, separate from the read-only agent job.

[Copilot]

Pull request overview

Updates the workflow creation guide to document the add-labels safe-output capability and discourage unsafe labeling approaches outside the safe-output system.

Changes:

• Adds add-labels to the security best-practices list of preferred safe-outputs.
• Adds an explicit anti-pattern warning against applying labels via gh CLI mutations in bash.
• Extends the “Safe Outputs” quick reference with an add-labels entry and minimal YAML example.

Show a summary per file

File	Description
.github/aw/create-agentic-workflow.md	Documents safe-outputs: add-labels usage and adds guidance discouraging direct label mutations via gh CLI.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comments suppressed due to low confidence (1)

.github/aw/create-agentic-workflow.md:830

• The doc says to avoid using update-issue with a labels array because it “bypasses allow-list enforcement and audit trails,” but update-issue is itself a safe-outputs type (and the reference explicitly notes it can update labels). If the intent is “prefer add-labels because it supports an allowed: label allow-list (which update-issue lacks)”, please reword to avoid implying update-issue bypasses safe-output controls.

   - **Applying labels** → `safe-outputs: add-labels:` — use a dedicated `add-labels` safe output, **not** `update-issue` with a `labels` array and **not** `gh issue edit --add-label` in bash (both bypass allow-list enforcement and audit trails). Example:
     ```yaml

• Files reviewed: 1/1 changed files
• Comments generated: 1

[Copilot]

“Do NOT use gh ... or gh label CLI commands directly in bash” is overly broad: gh label includes read-only operations like gh label list that don’t bypass safe-outputs. Consider narrowing this to the specific write commands/subcommands (e.g., gh issue edit --add-label, gh label create/delete/edit) or explicitly saying “label mutations via gh CLI”.

This issue also appears on line 829 of the same file.

Suggested change

	- ❌ **Anti-pattern**: Do NOT use `gh issue edit --add-label` or `gh label` CLI commands directly in bash — these bypass safe-output controls (rate limiting, audit trails, allow-lists). Use `safe-outputs: add-labels:` instead.
	- ❌ **Anti-pattern**: Do NOT use `gh issue edit --add-label` or label mutation commands such as `gh label create`, `gh label edit`, or `gh label delete` directly in bash — these bypass safe-output controls (rate limiting, audit trails, allow-lists). Use `safe-outputs: add-labels:` instead.