diff --git a/.github/workflows/duplicate-issues.yml b/.github/workflows/duplicate-issues.yml index 865cd312..30a15a62 100644 --- a/.github/workflows/duplicate-issues.yml +++ b/.github/workflows/duplicate-issues.yml @@ -23,8 +23,9 @@ jobs: env: ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + OPENCODE_PERMISSION: { "bash": { "gh*": "allow", "*": "deny" } } run: | - opencode run --agent github -m anthropic/claude-sonnet-4-20250514 "A new issue has been created: '${{ github.event.issue.title }}' + opencode run -m anthropic/claude-sonnet-4-20250514 "A new issue has been created: '${{ github.event.issue.title }}' Issue body: ${{ github.event.issue.body }} diff --git a/.github/workflows/guidelines-check.yml b/.github/workflows/guidelines-check.yml index 454f4816..18a36830 100644 --- a/.github/workflows/guidelines-check.yml +++ b/.github/workflows/guidelines-check.yml @@ -23,8 +23,9 @@ jobs: env: ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + OPENCODE_PERMISSION: { "bash": { "gh*": "allow", "*": "deny" } } run: | - opencode run --agent github -m anthropic/claude-sonnet-4-20250514 "A new pull request has been created: '${{ github.event.pull_request.title }}' + opencode run -m anthropic/claude-sonnet-4-20250514 "A new pull request has been created: '${{ github.event.pull_request.title }}' PR description: ${{ github.event.pull_request.body }} diff --git a/.opencode/agent/github.md b/.opencode/agent/github.md deleted file mode 100644 index da3aa451..00000000 --- a/.opencode/agent/github.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -permission: - bash: - "*": "deny" - "gh*": "allow" -mode: subagent ---- - -You are running in github actions, typically to evaluate a PR. Do not do -anything that is outside the scope of that. You have access to the bash tool but -you can only run `gh` cli commands with it. - -Diffs are important but be sure to read the whole file to get the full context.