Conversation
WalkthroughThis PR adds two new GitHub Actions workflows for Claude-powered code review and interactive assistance. The Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes 🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
was just curious about it. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 4
🤖 Fix all issues with AI agents
In @.github/workflows/claude-code-review.yml:
- Around line 22-26: The workflow's GitHub Actions permissions currently set
"pull-requests: read" prevent the Claude Code Action from posting review
comments; update the permissions block to grant write access by changing the
"pull-requests" permission from read to write so the action can create PR review
comments (ensure the "id-token" and other permissions remain unchanged).
- Around line 39-41: The workflow sets plugin_marketplaces to
'https://github.com/anthropics/claude-code.git' but the plugins entry uses the
wrong namespace; update the plugins value from 'code-review@claude-code-plugins'
to 'code-review@anthropics/claude-code' so the plugins key matches the
marketplace namespace (update the plugins line in the same block where
plugin_marketplaces and prompt are defined).
In @.github/workflows/claude.yml:
- Around line 21-26: The workflow's permissions block currently sets
pull-requests and issues to read, which prevents Claude from posting responses;
update the permissions map so that "pull-requests" and "issues" are set to write
(keep "contents: read", "id-token: write" and "actions: read" as-is) so the
interactive workflow can create comments and respond on PRs and issues.
- Around line 15-19: Update the workflow trigger if condition to explicitly
check the actor's author_association before allowing the job to run: for events
where the payload uses github.event.comment.author_association (issue_comment
and pull_request_review_comment) require OWNER/MEMBER/COLLABORATOR and
contains(github.event.comment.body, '@claude'); for pull_request_review use
github.event.review.author_association with the same OWNER/MEMBER/COLLABORATOR
check and contains(github.event.review.body, '@claude'); for issues use
github.event.issue.author_association and require OWNER/MEMBER/COLLABORATOR plus
contains(github.event.issue.body, '@claude') or
contains(github.event.issue.title, '@claude'); integrate these checks into the
existing if that currently inspects github.event_name and body/title contains to
prevent unauthorized triggers.
🧹 Nitpick comments (1)
.github/workflows/claude.yml (1)
39-41: Redundantadditional_permissionsdeclaration.The
actions: readpermission is already declared at the job level (line 26). Theadditional_permissionsinput appears to duplicate this. Unless the action specifically requires this input for a different purpose (e.g., passing to a subprocess), this may be unnecessary.♻️ Consider removing if redundant
- # This is an optional setting that allows Claude to read CI results on PRs - additional_permissions: | - actions: read
| permissions: | ||
| contents: read | ||
| pull-requests: read | ||
| issues: read | ||
| id-token: write |
There was a problem hiding this comment.
🧩 Analysis chain
🌐 Web query:
anthropics claude-code-action GitHub permissions requirements
💡 Result:
Short answer — required GitHub permissions for Anthropic's Claude Code Action:
-
To install/use the official GitHub App or a custom GitHub App (recommended): Repository permissions — Contents: Read & Write; Issues: Read & Write; Pull requests: Read & Write. You must be a repository admin to install the app. [1][2]
-
Authentication alternatives: the action can also run using the repository GITHUB_TOKEN or a GitHub App token (created via actions/create-github-app-token). The action requires an Anthropic API key stored in secrets (ANTHROPIC_API_KEY). [1][2][3]
Sources:
[1] Anthropic Docs — Claude Code GitHub Actions.
[2] anthropics/claude-code-action (GitHub repo).
[3] Claude Code Action — GitHub Marketplace.
Permissions insufficient for posting review comments.
The workflow has pull-requests: read, but the Claude Code Action requires pull-requests: write to post review comments on pull requests. With read-only access, the action cannot leave comments.
🔧 Suggested fix
permissions:
contents: read
- pull-requests: read
+ pull-requests: write
issues: read
id-token: write📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| permissions: | |
| contents: read | |
| pull-requests: read | |
| issues: read | |
| id-token: write | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| issues: read | |
| id-token: write |
🤖 Prompt for AI Agents
In @.github/workflows/claude-code-review.yml around lines 22 - 26, The
workflow's GitHub Actions permissions currently set "pull-requests: read"
prevent the Claude Code Action from posting review comments; update the
permissions block to grant write access by changing the "pull-requests"
permission from read to write so the action can create PR review comments
(ensure the "id-token" and other permissions remain unchanged).
| plugin_marketplaces: 'https://github.com/anthropics/claude-code.git' | ||
| plugins: 'code-review@claude-code-plugins' | ||
| prompt: '/code-review:code-review ${{ github.repository }}/pull/${{ github.event.pull_request.number }}' |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
# Search for plugin-related documentation in the repository
fd -t f \( -name "*.md" -o -name "*.yml" -o -name "*.yaml" \) | xargs grep -l -i "plugin\|claude-code-action" 2>/dev/null | head -20Repository: mostlygeek/llama-swap
Length of output: 295
🏁 Script executed:
# Read the workflow file to see the full context
cat -n .github/workflows/claude-code-review.ymlRepository: mostlygeek/llama-swap
Length of output: 1793
🏁 Script executed:
# Search for any other workflow files that might use similar configuration
fd -type f -path ".github/workflows/*.yml" -o -path ".github/workflows/*.yaml" | xargs cat -nRepository: mostlygeek/llama-swap
Length of output: 235
🏁 Script executed:
# Search for documentation files mentioning plugin configuration
find . -type f \( -name "*.md" -o -name "*.txt" \) -exec grep -l -i "plugin" {} \; 2>/dev/null | head -10Repository: mostlygeek/llama-swap
Length of output: 79
🌐 Web query:
anthropics/claude-code-action plugin configuration marketplace documentation
💡 Result:
Resources and quick pointers for Anthropic's claude-code-action, plugin configuration, and marketplaces:
- Official GitHub repo (action, examples, settings/config files). [1]
- Anthropic docs for Claude Code GitHub Actions (setup, inputs, examples). [2]
- Claude Code Action entry on GitHub Marketplace (usage, inputs). [3]
- Plugin & marketplace docs (how to publish a marketplace, marketplace.json format, repo-based marketplaces, commands to add/install plugins; repo-level config via .claude/settings.json). [4][5]
- Blog/announcements with quick how-to for marketplaces and marketplace examples. [6]
Key config notes:
- Repo-level settings: .claude/settings.json (or inline
settingsinput) controls model, env, permissions, hooks, allowed/disallowed tools. [1][4] - Marketplace hosting: provide a .claude-plugin/marketplace.json in a git/GitHub repo or URL. Install with
/plugin marketplace add user-or-org/repo-nameand/plugin install plugin-name@marketplace. [4][5] - GitHub Action inputs: use
promptandclaude_args(orsettings), and set ANTHROPIC_API_KEY or other provider secrets; examples in repo/docs. [2][3]
If you want, I can:
- open the repo and extract the exact schema for .claude-plugin/marketplace.json, or
- paste example .claude/settings.json and a sample workflow that installs a plugin.
Sources: [1] GitHub repo — anthropics/claude-code-action; [2] Anthropic docs — Claude Code GitHub Actions; [3] GitHub Marketplace action page; [4] Anthropic plugins documentation (marketplace & repo config); [5] Claude docs/plugins; [6] Claude blog on plugins/marketplaces.
🌐 Web query:
anthropics/claude-code-action@v1 action.yml inputs plugin_marketplaces plugins
💡 Result:
Yes — anthropics/claude-code-action@v1 supports two inputs for installing Claude Code plugins in workflows:
- plugin_marketplaces — newline-separated marketplace URLs or repo sources to add (used to register custom plugin marketplaces).
- plugins — newline-separated plugin identifiers to install (format like plugin-name@marketplace-name).
Example workflow snippet:
- uses: anthropics/claude-code-action@v1
with:
plugin_marketplaces: |
https://github.com/your-org/your-marketplace.git
plugins: |
your-plugin@your-marketplace
claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
Sources: Anthropic docs and the action repository (action.yml lists inputs including plugins and plugin_marketplaces) and community examples describing their usage. [1][2][3]
References
- Anthropic — Claude Code GitHub Actions (docs). [1]
- anthropics/claude-code-action repository (action.yml inputs list). [2]
- Community examples / writeups showing plugin_marketplaces + plugins usage. [3]
🌐 Web query:
site:github.com anthropics/claude-code-action action.yml
💡 Result:
I found the repository and its action.yml file on GitHub:
- Repository (contains action.yml at the repo root). [1]
- GitHub Marketplace listing for the action. [2]
References
- anthropics/claude-code-action — GitHub repository (action.yml in root). [https://github.com/anthropics/claude-code-action] [1]
- Claude Code Action — GitHub Marketplace listing. [https://github.com/marketplace/actions/claude-code-action] [2]
🌐 Web query:
anthropics/claude-code code-review@claude-code-plugins plugin marketplace
💡 Result:
Summary: "code-review" is an Anthropic plugin in the anthropics/claude-code marketplace that performs automated PR/code reviews using multiple specialized agents with confidence-based scoring (security, performance, maintainability, correctness). Install via the marketplace and use slash commands like /code-review, /review, /review-file. Sources: [1][2][3]
How to add & install
- Add the marketplace: /plugin marketplace add anthropics/claude-code. [2]
- Install the plugin: /plugin install code-review@anthropics/claude-code (or the marketplace-namespace shown in your Claude Code client). [2][1]
Key commands/features
- /code-review — comprehensive PR review. [1]
- /review — quick staged-changes review with confidence scoring. [1]
- /review-file — deep review of a specific file. [1]
- Confidence-based filtering to reduce false positives; multi-agent checks across security, performance, maintainability, correctness. [1][3]
Where to read source/docs
- Anthropic GitHub (claude-code repo / plugins dir). [3]
- Claude Code plugin directory/details page. [1]
- Marketplace listing for anthropics/claude-code (shows code-review entry). [2]
If you want, I can: add the marketplace/install command for you, or fetch the exact plugin manifest/README.
🌐 Web query:
site:github.com anthropics/claude-code-action plugin_marketplaces examples
💡 Result:
Found these GitHub results matching your query:
- anthropics/claude-code-action (main repo; contains examples, inputs like plugin_marketplaces). (github.com)
- Marketplace entry for a Claude Code Action (third‑party joesarre action example). (github.com)
- Official/alternative Claude Code Action listing with examples and plugin_marketplaces mention. (github.com)
- anthropics/claude-plugins-official (Anthropic‑maintained plugin marketplace and example plugins). (github.com)
- pleaseai/claude-code-plugins (example marketplace repo with marketplace.json and plugin examples). (github.com)
- community plugin hub (jeremylongshore) listing many plugin examples and notes about marketplaces. (github.com)
Do you want direct links or specific example files (e.g., .github/workflows examples, .claude-plugin/marketplace.json, or plugin examples) from any of these repos?
Citations:
- 1: https://github.com/anthropics/claude-code-action?utm_source=openai
- 2: https://github.com/marketplace/actions/claude-code-action?utm_source=openai
- 3: https://github.com/marketplace/actions/claude-code-action-official?utm_source=openai
- 4: https://github.com/anthropics/claude-plugins-official?utm_source=openai
- 5: https://github.com/pleaseai/claude-code-plugins?utm_source=openai
- 6: https://github.com/jeremylongshore/claude-code-plugins?utm_source=openai
Update the plugin specification to use the correct marketplace namespace.
The plugins value should be code-review@anthropics/claude-code to match the marketplace defined in plugin_marketplaces. The documentation for the code-review plugin shows the correct format as code-review@anthropics/claude-code, not code-review@claude-code-plugins. The marketplace namespace must correspond to the repository namespace of the marketplace being added.
plugins: 'code-review@anthropics/claude-code'
🤖 Prompt for AI Agents
In @.github/workflows/claude-code-review.yml around lines 39 - 41, The workflow
sets plugin_marketplaces to 'https://github.com/anthropics/claude-code.git' but
the plugins entry uses the wrong namespace; update the plugins value from
'code-review@claude-code-plugins' to 'code-review@anthropics/claude-code' so the
plugins key matches the marketplace namespace (update the plugins line in the
same block where plugin_marketplaces and prompt are defined).
| if: | | ||
| (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || | ||
| (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || | ||
| (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || | ||
| (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
cat -n .github/workflows/claude.ymlRepository: mostlygeek/llama-swap
Length of output: 2288
🌐 Web query:
anthropics claude-code-action documentation permissions
💡 Result:
Short summary of relevant documentation and permissions for Anthropic’s Claude Code GitHub Action:
-
Claude Code Action overview and setup (requires ANTHROPIC_API_KEY; can install Claude GitHub App; includes example workflow parameters like
prompt,claude_args,anthropic_api_key, optionalgithub_token). Repository admin is required to install the GitHub App; manual setup lists required app permissions and secrets. [1] -
GitHub App permissions and required repository scopes: Contents (Read & Write), Issues (Read & Write), Pull requests (Read & Write); instructions for creating the app, generating private key, and adding APP_ID / APP_PRIVATE_KEY to repo secrets are documented. [1]
-
Claude Code permission model: Claude Code is secure-by-default with strict read-only permissions; actions that modify files, run tests, or execute commands require explicit user approval (you can approve once or allow automatically). Permission configuration can be controlled via in-session prompts,
/permissionscommand,.claude/settings.json(or ~/.claude.json), CLI flags, and organization Identity & Access Management. [2][3] -
Console / IAM roles: Anthropic’s API Console uses role-based access (User, Claude Code User, Developer, Billing, Admin) with workspace-level permissions; admins can manage users and role assignments—useful when granting access to Claude Code features in teams. [4]
Sources:
- Claude Code GitHub Actions (Anthropic docs). [GitHub Action setup, required repo permissions and secrets]. [1]
- Security / Permission-based architecture (Anthropic Claude Code docs). [2]
- Identity & Access Management / Team access (Anthropic docs). [3]
- API Console Roles and Permissions (Anthropic Help Center). [4]
If you want, I can paste the exact config snippets (workflow example, required repo permissions) or fetch any specific line from those pages.
🌐 Web query:
GitHub Actions author_association workflow condition issue_comment pull_request_review
💡 Result:
Yes — you can check the commenter/reviewer association in workflow if: expressions.
Key facts
- issue_comment payload: author association is at github.event.comment.author_association. Use this for issue or PR comments (issue_comment event). [1][3]
- pull_request_review payload: author association is at github.event.review.author_association. Use this for pull request review events. [1][3]
- Possible values include OWNER, MEMBER, COLLABORATOR, CONTRIBUTOR, FIRST_TIME_CONTRIBUTOR, FIRST_TIMER, MANNEQUIN, NONE (etc.). [2]
Examples
-
Run a job only when an issue/PR comment is from the repo owner:
if: ${{ github.event.comment.author_association == 'OWNER' }} -
Run a step only when a PR review is from a collaborator:
if: ${{ github.event.review.author_association == 'COLLABORATOR' }} -
Combine checks (e.g., owner OR member):
if: ${{ github.event.comment.author_association == 'OWNER' || github.event.comment.author_association == 'MEMBER' }}
Notes
- Use issue_comment for comments on issues and PRs; use pull_request_review for review submissions/edits/dismissals. [1]
- Print the full github context (toJson(github)) in a run to inspect available fields for your event. [1][6]
Sources
- GitHub Actions events & payloads (events that trigger workflows / contexts). [1]
- Discussion/summary of author_association possible values. [2]
- Example webhook payloads showing comment/review author_association fields. [3]
🌐 Web query:
anthropics/claude-code-action trigger permissions enforcement security
💡 Result:
Summary — how Claude Code GitHub Action enforces trigger/permission security
- Triggering: action responds to comments (default “@claude”) and is intended to be triggered only by human users with repo write/admin privileges — installs/config docs require repository admin privileges. [1][2]
- GitHub App & tokens: setup uses the Claude GitHub App and repository secrets (ANTHROPIC_API_KEY); tokens are scoped to repository permissions and you should limit action permissions to the minimum required. [1][2]
- Human-actor & permission checks: the action’s security model validates permission level (write access) and treats GitHub Apps/bots differently to avoid automated escalations. [2]
- Tool and operation controls: runtime enforces an allowlist/denylist for tools (allowed_tools / disallowed_tools), prompts for permission before actions that modify files or run dangerous commands, and defaults to conservative blocking of potentially destructive operations. [3][2]
- Operational restrictions / repo safety: action is designed not to bypass branch-protection rules, cannot modify .github/workflows, and runs on GitHub runners (code stays on runners). Review suggestions before merging. [1][2]
- Best practices recommended: store API keys in GitHub Secrets, restrict action permissions, curate allowed_tools (session, settings, or CLI flags), and require human review for commits/PRs. [1][3]
Sources: Anthropic Claude Code GitHub Actions docs and security/best-practices pages. [1][2][3]
🌐 Web query:
GitHub Actions author_association issues event opened created
💡 Result:
Short answer:
-
author_association is a field on issue and comment payloads that shows the actor's relationship to the repository (examples: OWNER, MEMBER, COLLABORATOR, CONTRIBUTOR, FIRST_TIME_CONTRIBUTOR, FIRST_TIMER, NONE). [1]
-
For GitHub webhooks / Actions events:
- issues.action = "opened" is sent when an issue itself is opened (use the issues event / types: [opened]). [2][3]
- issue_comment.action = "created" is sent when a comment on an issue (or PR) is created. The issue_comment event uses action "created". [1][4]
References:
- Webhook events & payloads (issues / issue_comment) — GitHub Docs. [turn0search0].
- Actions event: issues (activity types include opened) — GitHub Actions docs. [turn0search1].
- Events that trigger workflows — GitHub Enterprise docs (issues opened, edited, etc.). [turn0search4].
- GitHub event types (IssueCommentEvent / IssuesEvent) — GitHub Docs. [turn0search6].
Add explicit permission checks to prevent unauthorized workflow triggers.
The workflow lacks actor permission validation at the trigger level. While anthropics/claude-code-action internally validates write access, this is a secondary control that runs after job execution, allowing unauthorized users to trigger job runs and consume API quota. The workflow triggers on four event types that have different payload structures for author_association:
issue_comment/pull_request_review_comment:github.event.comment.author_associationpull_request_review:github.event.review.author_associationissues:github.event.issue.author_association
Add explicit permission checks to the if condition to prevent unauthorized triggers:
Suggested permission check
if: |
(
(github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment') &&
(github.event.comment.author_association == 'OWNER' || github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'COLLABORATOR') &&
contains(github.event.comment.body, '@claude')
) ||
(
github.event_name == 'pull_request_review' &&
(github.event.review.author_association == 'OWNER' || github.event.review.author_association == 'MEMBER' || github.event.review.author_association == 'COLLABORATOR') &&
contains(github.event.review.body, '@claude')
) ||
(
github.event_name == 'issues' &&
(github.event.issue.author_association == 'OWNER' || github.event.issue.author_association == 'MEMBER' || github.event.issue.author_association == 'COLLABORATOR') &&
(contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))
)🤖 Prompt for AI Agents
In @.github/workflows/claude.yml around lines 15 - 19, Update the workflow
trigger if condition to explicitly check the actor's author_association before
allowing the job to run: for events where the payload uses
github.event.comment.author_association (issue_comment and
pull_request_review_comment) require OWNER/MEMBER/COLLABORATOR and
contains(github.event.comment.body, '@claude'); for pull_request_review use
github.event.review.author_association with the same OWNER/MEMBER/COLLABORATOR
check and contains(github.event.review.body, '@claude'); for issues use
github.event.issue.author_association and require OWNER/MEMBER/COLLABORATOR plus
contains(github.event.issue.body, '@claude') or
contains(github.event.issue.title, '@claude'); integrate these checks into the
existing if that currently inspects github.event_name and body/title contains to
prevent unauthorized triggers.
| permissions: | ||
| contents: read | ||
| pull-requests: read | ||
| issues: read | ||
| id-token: write | ||
| actions: read # Required for Claude to read CI results on PRs |
There was a problem hiding this comment.
Permissions likely insufficient for Claude to respond.
Similar to the code review workflow, this workflow grants only read permissions for pull-requests and issues. For Claude to post responses to comments (which is the primary use case for this interactive workflow), it needs write permissions.
🔧 Suggested fix
permissions:
contents: read
- pull-requests: read
- issues: read
+ pull-requests: write
+ issues: write
id-token: write
actions: read # Required for Claude to read CI results on PRs📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| permissions: | |
| contents: read | |
| pull-requests: read | |
| issues: read | |
| id-token: write | |
| actions: read # Required for Claude to read CI results on PRs | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| issues: write | |
| id-token: write | |
| actions: read # Required for Claude to read CI results on PRs |
🤖 Prompt for AI Agents
In @.github/workflows/claude.yml around lines 21 - 26, The workflow's
permissions block currently sets pull-requests and issues to read, which
prevents Claude from posting responses; update the permissions map so that
"pull-requests" and "issues" are set to write (keep "contents: read", "id-token:
write" and "actions: read" as-is) so the interactive workflow can create
comments and respond on PRs and issues.
1 participant
🤖 Installing Claude Code GitHub App
This PR adds a GitHub Actions workflow that enables Claude Code integration in our repository.
What is Claude Code?
Claude Code is an AI coding agent that can help with:
How it works
Once this PR is merged, we'll be able to interact with Claude by mentioning @claude in a pull request or issue comment.
Once the workflow is triggered, Claude will analyze the comment and surrounding context, and execute on the request in a GitHub action.
Important Notes
Security
There's more information in the Claude Code action repo.
After merging this PR, let's try mentioning @claude in a comment on any PR to get started!
Summary by CodeRabbit
✏️ Tip: You can customize this high-level summary in your review settings.