shakacode · justin808 · Mar 2, 2026 · Mar 2, 2026 · claude · Mar 2, 2026
diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml
@@ -24,6 +24,8 @@ jobs:
       issues: read
       id-token: write
       actions: read # Required for Claude to read CI results on PRs
+      checks: read
+      statuses: read
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
@@ -34,11 +36,14 @@ jobs:
         id: claude
         uses: anthropics/claude-code-action@v1
         with:
+          github_token: ${{ github.token }}
           claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
 
           # This is an optional setting that allows Claude to read CI results on PRs
           additional_permissions: |
-          additional_permissions: |
+          # additional_permissions mirrors the job-level permissions so the action
+          # knows which GitHub API scopes it is allowed to use at runtime.
+          additional_permissions: |
+            actions: read
+            checks: read
+            statuses: read
-          additional_permissions: |
+          # additional_permissions mirrors the job-level permissions so the action
+          # knows which GitHub API scopes it is allowed to use at runtime.
+          additional_permissions: |
+            actions: read
+            checks: read
+            statuses: read
             actions: read
+            checks: read
+            statuses: read
 
           # Optional: Give a custom prompt to Claude. If this is not specified, Claude will perform the instructions specified in the comment that tagged it.
           # prompt: 'Update the pull request description to include a summary of changes.'