Skip to content

Merge pull request #499 from alirezarezvani/claude/audit-pr-498-workflow-Pa5Ku#500

Merged
alirezarezvani merged 3 commits intomainfrom
dev
Apr 8, 2026
Merged

Merge pull request #499 from alirezarezvani/claude/audit-pr-498-workflow-Pa5Ku#500
alirezarezvani merged 3 commits intomainfrom
dev

Conversation

@alirezarezvani
Copy link
Copy Markdown
Owner

@alirezarezvani alirezarezvani commented Apr 8, 2026

Summary

Checklist

  • Target branch is dev (not main — PRs to main will be auto-closed)
  • Skill has SKILL.md with valid YAML frontmatter (name, description, license)
  • Scripts (if any) run with --help without errors
  • No hardcoded API keys, tokens, or secrets
  • No vendor-locked dependencies without open-source fallback
  • Follows existing directory structure (domain/skill-name/SKILL.md)

Type of Change

  • New skill
  • Improvement to existing skill
  • Bug fix
  • Documentation
  • Infrastructure / CI

Testing

alirezarezvani and others added 3 commits April 7, 2026 12:21
@alirezarezvani @claude
feat(ci): add automated Tessl skill quality review on PRs
fdb0c12 
Closes #288

- Add .github/workflows/skill-quality-review.yml:
  - Triggers on PRs touching **/SKILL.md or **/scripts/*.py
  - Installs Tessl CLI via npm, runs tessl skill review --json
  - Runs internal validators (structure, scripts, security)
  - Posts combined quality report as PR comment
  - Fails merge if Tessl score < 70 or security CRITICAL/HIGH found

- Add scripts/review-new-skills.sh:
  - Local automation: review changed, specific, or all skills
  - Runs Tessl + structure validator + script tester + security auditor
  - Configurable threshold (default: 70)
  - Usage: ./scripts/review-new-skills.sh [--all] [--threshold N] [skill-dir]

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@claude
fix(ci): handle fork PRs in GitHub Actions workflows
ed2419b 
Fork-based PRs (like PR #498) caused all CI checks to fail due to:
- ci-quality-gate: checkout failed because fork branch names don't exist
  in the base repo. Now uses commit SHA for PR events.
- skill-security-audit: comment posting failed with read-only GITHUB_TOKEN.
  Now continues on error and writes results to job summary as fallback.
- claude-code-review: fallback comment step failed silently. Now continues
  on error and writes status to job summary.

https://claude.ai/code/session_01X1RKFAkEwxgg6gQvJG1KCa
@alirezarezvani
Merge pull request #499 from alirezarezvani/claude/audit-pr-498-workf…
44654d2 
…low-Pa5Ku
@alirezarezvani alirezarezvani merged commit a76bae1 into main Apr 8, 2026
3 of 4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alirezarezvani @claude