chore(workflows): adopt centralized stubs from petry-projects/.github

[don-petry]

Summary

Replaces inline copies of standardized workflows with the canonical thin caller stubs from petry-projects/.github/standards/workflows/. Each stub delegates to the org-level reusable workflow at petry-projects/.github/.github/workflows/<name>-reusable.yml@v1.

Why

Future updates to the standard propagate automatically without per-repo PRs, and drift is caught by the org-wide compliance audit (petry-projects/.github#89).

See petry-projects/.github#87 (build reusables), petry-projects/.github#88 (pin to v1, document tier model), petry-projects/.github#89 (audit drift detection).

Test plan

• actionlint clean
• CI on this branch — workflows should run via the reusables exactly as before

🤖 Generated with Claude Code

[coderabbitai]

Warning

Rate limit exceeded

@don-petry has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 13 minutes and 33 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 13 minutes and 33 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: d88858eb-dd11-4dd2-bc4e-b20f4585887b

📥 Commits

Reviewing files that changed from the base of the PR and between 8aca587 and d5bcc73.

📒 Files selected for processing (6)

• .github/workflows/agent-shield.yml
• .github/workflows/claude.yml
• .github/workflows/dependabot-automerge.yml
• .github/workflows/dependabot-rebase.yml
• .github/workflows/dependency-audit.yml
• .github/workflows/feature-ideation.yml

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/adopt-centralized-workflow-stubs

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate failed

Failed conditions
8 Security Hotspots

See analysis details on SonarQube Cloud

[Copilot]

Pull request overview

Adopts the organization’s standardized “thin caller stub” GitHub Actions workflows so this repo delegates CI logic to the reusable workflows in petry-projects/.github (pinned at @v1), reducing per-repo drift and centralizing updates.

Changes:

• Replaced inline workflow implementations with uses: petry-projects/.github/.github/workflows/*-reusable.yml@v1 callers.
• Added standardized “SOURCE OF TRUTH / AGENTS” header blocks describing allowed edits and invariants.
• Updated the Feature Ideation workflow stub configuration and comments to match the centralized template.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
.github/workflows/feature-ideation.yml	Converts to a thin caller stub for the centralized feature ideation reusable workflow.
.github/workflows/dependency-audit.yml	Replaces local ecosystem detection/audit jobs with the centralized dependency audit reusable.
.github/workflows/dependabot-rebase.yml	Switches to the centralized Dependabot rebase/serialization reusable workflow.
.github/workflows/dependabot-automerge.yml	Switches to the centralized Dependabot auto-merge reusable workflow.
.github/workflows/claude.yml	Switches to the centralized Claude Code reusable workflow and standardizes header guidance.
.github/workflows/agent-shield.yml	Replaces local AgentShield scan + structural checks with the centralized AgentShield reusable.

Comments suppressed due to low confidence (2)

.github/workflows/dependency-audit.yml:34

• This stub removed the explicit job name (previously "Detect ecosystems"), so the check run name will change (defaulting to the job id dependency-audit). That conflicts with the guidance above about adding "dependency-audit / Detect ecosystems" as a required status check and can break existing branch protection rules. Consider adding an explicit name: Detect ecosystems to the job (or update the documented required check name to match the new check).

jobs:
  dependency-audit:
    uses: petry-projects/.github/.github/workflows/dependency-audit-reusable.yml@v1

.github/workflows/agent-shield.yml:34

• This stub removed the explicit job display name (previously "AgentShield"), which changes the status check name (defaulting to the job id agent-shield). Since this workflow is commonly used as a required status check, this can break branch protection expectations. Add an explicit name: AgentShield under the job to keep the check name stable (or update required checks accordingly).

jobs:
  agent-shield:
    uses: petry-projects/.github/.github/workflows/agent-shield-reusable.yml@v1

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

project_context was previously populated with TalkTerm-specific context, but is now a TODO placeholder. This will materially degrade the ideation output for this repo (and may cause the reusable workflow to post low-quality/irrelevant discussions). Please restore a real project_context for TalkTerm rather than committing the template text.

Suggested change

	TODO: Replace this with a description of the project and its market.
	Example: "ProjectX is a [type of product] for [target user]. Competitors
	include A, B, C. Key emerging trends in this space: X, Y, Z."
	TalkTerm is a terminal-first conversational tool for developers and other power users who want chat-style interaction, assistance, and workflow support without leaving the command line. It targets engineers who prefer keyboard-driven tooling, fast iteration, and lightweight interfaces that fit naturally into local development and shell-based workflows. Competitors and adjacent products to research include Warp, Fig, GitHub Copilot CLI, Claude Code, and other AI-assisted terminal or developer-agent experiences. Key trends to evaluate include shell-native UX, trustworthy command generation and execution, privacy and local-first expectations, and differentiation through speed, portability, and seamless integration with existing developer environments.

[Copilot]

The "Standard:" reference URL/path looks truncated (...dependency-auditym), which makes the pointer to the canonical standard ambiguous/broken. Please fix the reference so it resolves to the intended dependency-audit.yml section in the standards doc.

Suggested change

	# Standard: petry-projects/.github/standards/ci-standards.md#5-dependency-audit-dependency-auditym
	# Standard: petry-projects/.github/standards/ci-standards.md#5-dependency-audit-dependency-audityml