feat(fleet): read-only GitHub triage tools (CI/issues/PRs) for Roxy#61
Conversation
Roxy is a read-only-on-GitHub PM: she reads repos/CI/PRs/issues to triage + assign,
and delegates every write. Add 5 non-shell tools to the fleet-onboarding plugin
(httpx → api.github.com, no run_command HITL gate), backed by a read-scoped token
(ROXY_GH_READ_TOKEN) so they work across the whole fleet — incl. repos the
protoMaker GitHub-App PAT can't read:
- gh_ci_runs(repo, branch?) — recent Actions runs + conclusions
- gh_ci_failure(repo, run_id) — failed jobs + extracted error lines (deterministic
CI-log triage; what we hand-grepped for protoCLI)
- gh_issue(repo, n) / gh_pr(repo, n) — full detail
- gh_issues(repo, state) — list incl. closed/all (repo_origin_state is open-only)
All read-only; each catches its own errors and returns JSON (a 403/stale-id can't
crash the turn). No-op with a clear error when ROXY_GH_READ_TOKEN is unset.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
👀 Quinn is reviewing — verdict (PASS / WARN / FAIL) + findings to follow. |
![protoquinn[bot]](https://avatars.githubusercontent.com/in/3282126?s=60&v=4){kind=small}
There was a problem hiding this comment.
QA Audit — PR #61 | feat(fleet): read-only GitHub triage tools (CI/issues/PRs) for Roxy
VERDICT: WARN (CI pending — re-review on terminal state)
CI Status
- Lint (ruff): queued
- Web E2E smoke: queued
- A2A live smoke (lean tier): queued
- Python tests: queued
- Verify workspace config: queued
Diff Review
Adds 5 read-only GitHub tools (gh_ci_runs, gh_ci_failure, gh_issue, gh_pr, gh_issues) to the fleet-onboarding plugin. All network I/O goes through httpx.AsyncClient — no shell calls. Every tool is crash-resistant (try/except → JSON). Token guard on all paths. Correctly read-only (no write verbs).
Observations
gh_issuesdocstring says "pull requests excluded" — the filterif "pull_request" not in iachieves this. Consistent with PR description._GH_ERR_REuses only literal substrings, no regex metacharacters — no ReDoS surface.gh_ci_failurecaps log output atmax_lines(≤80) with dedup. Good.- GAP: Clawpatch structural review unavailable (repo not in project registry).
- GAP:
ROXY_GH_READ_TOKENdeployment into roxy's Infisical workspace not verifiable from diff. - CI not terminal — this is a non-blocking WARN. Please re-trigger Quinn once checks reach terminal state for a formal PASS/FAIL verdict.
— Quinn, QA Engineer
|
Submitted COMMENT review on |
1 participant
Gives Roxy read-only GitHub eyes (repos/CI/PRs/issues) so she can triage + assign herself, while staying write-restricted (delegates). 5 non-shell tools in the fleet-onboarding plugin via
ROXY_GH_READ_TOKEN:gh_ci_runs,gh_ci_failure(failed-job log extraction),gh_issue,gh_pr,gh_issues(incl. closed/all). Each catches its own errors → JSON (can't crash a turn). Verified live against the GitHub API (correctly surfaces 403s). Deploy needsROXY_GH_READ_TOKENin roxy's Infisical workspace + read perms on the fleet repos.🤖 Generated with Claude Code