From 9dd535fc322c7efe130137900e73c8d39acd0f8e Mon Sep 17 00:00:00 2001 From: Tom Riglar Date: Fri, 12 Jun 2026 21:43:56 +0100 Subject: [PATCH] ci: explicitly allow the review's posting tools via claude_args MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PR #9's review ran 40 turns, found issues, and hit 46 permission denials trying to post them — the plugin command's allowed-tools frontmatter doesn't reach the inline-comment MCP tool in the action's headless mode (the gh pr comment path worked on #7, inline comments never have). Pass the same tool list through --allowedTools, the mechanism the action's docs prescribe. Co-Authored-By: Claude Fable 5 --- .github/workflows/claude-code-review.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index 55661e9..d98797f 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -47,6 +47,12 @@ jobs: # runs and is discarded (the log doesn't even show it unless # show_full_output is enabled). prompt: '/code-review:code-review ${{ github.repository }}/pull/${{ github.event.pull_request.number }} --comment' + # Explicitly allow the posting tools (mirrors the plugin command's + # allowed-tools frontmatter). In headless mode the frontmatter grant + # doesn't reach the inline-comment MCP tool: PR #9's review hit 46 + # permission denials and posted nothing despite finding issues. + claude_args: | + --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)" # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md # or https://code.claude.com/docs/en/cli-reference for available options