release: v3.27.8 - prompt-based GitHub Actions code review workflow

New examples/github-actions/claude-code-review.yml with externalized prompt, anti-hallucination protocol, /claude-review on-demand trigger. Templates 116→161. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-19 14:23:15 +01:00 · 2026-02-19 14:23:15 +01:00 · 9b75b5125e
commit 9b75b5125e
parent 373b50cf77
9 changed files with 278 additions and 25 deletions
--- a/examples/github-actions/claude-code-review.yml
+++ b/examples/github-actions/claude-code-review.yml
@ -0,0 +1,76 @@
+name: Claude Code Review (Prompt-Based)
+
+# Pattern: externalized prompt + anti-hallucination protocol
+# Prompt file: .github/prompts/code-review.md
+# Copy it alongside this workflow: examples/github-actions/prompts/code-review.md
+
+on:
+  pull_request:
+    types: [opened, synchronize, ready_for_review]
+  issue_comment:
+    types: [created]
+
+permissions:
+  contents: read
+  pull-requests: write
+  issues: write
+
+jobs:
+  claude-review:
+    # Run on PR events (non-draft) OR on /claude-review comment
+    if: |
+      (github.event_name == 'pull_request' && github.event.pull_request.draft == false) ||
+      (github.event_name == 'issue_comment' &&
+       github.event.issue.pull_request != null &&
+       contains(github.event.comment.body, '/claude-review'))
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Claude Code Review
+        uses: anthropics/claude-code-action@v1
+        with:
+          # OAuth token via Claude GitHub App (no API key needed)
+          # Install: https://github.com/apps/claude
+          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+
+          # Or use API key directly:
+          # anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+
+          model: claude-sonnet-4-6
+
+          # Load prompt from external file — edit that file to customize review criteria
+          prompt_file: .github/prompts/code-review.md
+
+          # Read-only tools: Claude can inspect the codebase but cannot modify it
+          allowed_tools: >-
+            Read,
+            Glob,
+            Grep,
+            mcp__github__get_pull_request,
+            mcp__github__get_pull_request_diff,
+            mcp__github__create_pending_pull_request_review,
+            mcp__github__add_comment_to_pending_review,
+            mcp__github__submit_pending_pull_request_review,
+            mcp__github__list_pull_request_files,
+            mcp__github__list_commits
+
+      - name: Handle review failure
+        if: failure()
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const prNumber = context.payload.pull_request?.number ?? context.payload.issue?.number;
+            if (prNumber) {
+              github.rest.issues.createComment({
+                issue_number: prNumber,
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                body: '⚠️ **Claude review failed** — Check the Actions log for details. A human reviewer should cover this PR.'
+              });
+            }