gmakstutis/graphiti
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
graphiti/.github
History
Daniel Chalef b7358e52eb
Secure Claude PR reviews with two-workflow approach (#999) 
Fixes permission errors for fork PRs while maintaining security.

Changes:
- Split into automatic (internal) and manual (fork) workflows
- Add fork detection to prevent auto-review of external PRs
- Add security-hardened prompts preventing secret disclosure
- Create manual workflow for maintainer-triggered fork reviews
- Add friendly notification for external contributors

Security model:
- Internal PRs: Auto-reviewed (trusted contributors)
- Fork PRs: Human gate-keeping required before optional Claude review
- Prevents prompt injection attacks via untrusted PR content

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude <noreply@anthropic.com>
2025-10-12 09:41:13 -07:00
..
ISSUE_TEMPLATE feat: add issue and pull request templates with compliance workflow (#689) 2025-07-08 23:21:26 -07:00
workflows Secure Claude PR reviews with two-workflow approach (#999) 2025-10-12 09:41:13 -07:00
dependabot.yml migrate to uv (#634) 2025-06-27 12:12:49 -07:00
pull_request_template.md feat: add issue and pull request templates with compliance workflow (#689) 2025-07-08 23:21:26 -07:00
secret_scanning.yml feat: add telemetry with PostHog and update Docker configurations (#633) 2025-06-27 12:23:30 -07:00