teamexpense/.github/workflows/claude-code-review.yml at 3c8ccf6b6d66380b0ccc307365fd9b08a2c69c32 · phase2/teamexpense · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
name: Claude Code Review

on:
  pull_request:
    types: [opened, synchronize, reopened]
  issue_comment:
    types: [created]

jobs:
  claude-review:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: write
      issues: write
      id-token: write  # ← was missing, required by the action
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Claude Code Review
        uses: anthropics/claude-code-action@beta
        with:
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          github_token: ${{ secrets.GITHUB_TOKEN }}  # ← was missing
          direct_prompt: |
            Please review this entire PR for bugs. Focus on SQL injection and auth vulnerabilities,
            logic errors, performance issues and memory leaks, and UI/UX accessibility violations.
            Flag every issue with file, line number, severity, and explanation.
          trigger_phrase: "@claude"
          custom_instructions: |
            You are reviewing a TypeScript expense tracker app (Node/Express + React + SQLite).
            Focus on:
            1. SQL injection and authentication vulnerabilities
            2. Logic errors and off-by-one bugs
            3. Performance issues and memory leaks
            4. UI/UX and accessibility violations
            Be thorough — flag every issue you find with file, line, severity, and explanation.