fix: followup cleanup for merged community PRs #93
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # AI-powered deep code review for the agent-governance-toolkit. | |
| # Analyzes PR diffs for security issues, policy engine correctness, | |
| # trust/identity flaws, sandbox escape vectors, and API compatibility. | |
| # Uses GitHub Models API (gpt-4o) via the ai-agent-runner composite action. | |
| name: AI Code Review | |
| # SECURITY: Uses pull_request_target for write access to post PR comments. | |
| # All checkouts pin to BASE ref (never HEAD) to prevent RCE via modified | |
| # composite actions in fork PRs. See MSRC Case 111178. | |
| on: | |
| pull_request_target: | |
| types: [opened, synchronize, reopened] | |
| branches: [main] | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| models: read | |
| jobs: | |
| ai-review: | |
| name: Deep AI Code Review | |
| runs-on: ubuntu-latest | |
| # Skip bots and draft PRs | |
| if: >- | |
| github.event.pull_request.draft == false && | |
| github.actor != 'dependabot[bot]' && | |
| github.actor != 'github-actions[bot]' | |
| continue-on-error: true | |
| steps: | |
| - name: Fork safety check | |
| if: github.event.pull_request.head.repo.full_name != github.repository | |
| run: echo "::notice::Running on fork PR — composite action resolved from base branch (safe)" | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| # SECURITY: pull_request_target defaults to base branch checkout (safe). | |
| # Do NOT add ref: head.sha — see MSRC Case 111178. | |
| persist-credentials: false | |
| fetch-depth: 1 | |
| - name: Run AI code review | |
| id: review | |
| uses: ./.github/actions/ai-agent-runner | |
| with: | |
| agent-type: code-reviewer | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| model: gpt-4o | |
| fallback-model: gpt-4o-mini | |
| max-tokens: "4000" | |
| context-mode: pr-diff | |
| output-mode: pr-review | |
| custom-instructions: | | |
| You are reviewing the microsoft/agent-governance-toolkit — a security-focused Python library. | |
| Stack: Python 3.9-3.12, monorepo with 8 packages under packages/, pytest, ruff. | |
| Focus areas: | |
| - Policy engine correctness (false negatives = security bypass) | |
| - Trust/identity: cryptographic operations, credential handling, SPIFFE/SVID | |
| - Sandbox escape vectors | |
| - Thread safety in concurrent agent execution | |
| - OWASP Agentic Top 10 compliance | |
| - Type safety and Pydantic model validation | |
| - Backward compatibility (public API changes) | |
| Provide actionable feedback. Flag security issues as 🔴 CRITICAL. | |
| Flag potential breaking changes as 🟡 WARNING. | |
| Suggest improvements as 💡 SUGGESTION. |