[workflow-style] Normalize report formatting for security-guard #13643
Description
Workflow to Update
Workflow File: .github/workflows/security-guard.md
Issue: This workflow reviews PRs for security concerns and adds comments, but doesn't include markdown style guidelines.
Required Changes
Update the workflow prompt to include these formatting guidelines:
1. Header Levels
Add instruction: "Use h3 (###) or lower for all headers in your PR comment to maintain proper document hierarchy."
Example:
### Security Posture Analysis
#### Permission Changes Detected2. Progressive Disclosure
Add instruction: "Wrap detailed evidence and code diffs in <details><summary><b>Section Name</b></summary> tags to improve readability."
Example:
<details>
<summary><b>Full Permission Diff</b></summary>
[Complete before/after comparison...]
</details>3. Report Structure
Suggest a structure like:
- Summary (always visible): Security impact score, number of concerns
- Critical Concerns (always visible): High-priority security issues
- Detailed Evidence (in
<details>tags): Full diffs, configuration changes - Recommendations (always visible): Required actions before merge
Design Principles (Airbnb-Inspired)
The updated workflow should create comments that:
- Build trust through clarity: Critical security concerns immediately visible
- Exceed expectations: Add helpful context like security best practices, alternative approaches
- Create delight: Use progressive disclosure to hide verbose diffs
- Maintain consistency: Follow the same patterns as other review workflows
Example Reference
See workflows like audit-workflows that import shared/reporting.md for good examples of structured reporting.
Agent Task
- Update
.github/workflows/security-guard.mdto include an import:- shared/reporting.mdin the frontmatter imports section - Reference the style guidelines in the workflow instructions
- Test the updated workflow to ensure it produces well-formatted security analysis comments
AI generated by Workflow Normalizer
- expires on Feb 11, 2026, 3:23 AM UTC