graphiti

gmakstutis/graphiti

Fork 0

Commit graph

Author	SHA1	Message	Date
Daniel Chalef	b7358e52eb	Secure Claude PR reviews with two-workflow approach (#999 ) Fixes permission errors for fork PRs while maintaining security. Changes: - Split into automatic (internal) and manual (fork) workflows - Add fork detection to prevent auto-review of external PRs - Add security-hardened prompts preventing secret disclosure - Create manual workflow for maintainer-triggered fork reviews - Add friendly notification for external contributors Security model: - Internal PRs: Auto-reviewed (trusted contributors) - Fork PRs: Human gate-keeping required before optional Claude review - Prevents prompt injection attacks via untrusted PR content 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com>	2025-10-12 09:41:13 -07:00

Author

SHA1

Message

Date

Daniel Chalef

b7358e52eb

Secure Claude PR reviews with two-workflow approach (#999 )

Fixes permission errors for fork PRs while maintaining security.

Changes:
- Split into automatic (internal) and manual (fork) workflows
- Add fork detection to prevent auto-review of external PRs
- Add security-hardened prompts preventing secret disclosure
- Create manual workflow for maintainer-triggered fork reviews
- Add friendly notification for external contributors

Security model:
- Internal PRs: Auto-reviewed (trusted contributors)
- Fork PRs: Human gate-keeping required before optional Claude review
- Prevents prompt injection attacks via untrusted PR content

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude <noreply@anthropic.com>

2025-10-12 09:41:13 -07:00

1 commit