Skip to content

Comments

Fix inconsistent and undocumented token configuration in create-issue-command.md#88

Draft
Copilot wants to merge 2 commits intomainfrom
copilot/document-gh-aw-agent-token
Draft

Fix inconsistent and undocumented token configuration in create-issue-command.md#88
Copilot wants to merge 2 commits intomainfrom
copilot/document-gh-aw-agent-token

Conversation

Copy link
Contributor

Copilot AI commented Feb 19, 2026

Summary

reply-to-pull-request-review-comment referenced secrets.GH_AW_AGENT_TOKEN — an undocumented secret not used anywhere else — while create-issue had no token configured. The custom token was also never compiled into the lock file (which already uses GH_AW_GITHUB_TOKEN || GITHUB_TOKEN), making the field both inconsistent and a no-op that could cause confusing runtime failures.

Changes:

  • .github/workflows/create-issue-command.md: Remove github-token: ${{ secrets.GH_AW_AGENT_TOKEN }} from reply-to-pull-request-review-comment; both safe-outputs now uniformly rely on the framework's default token resolution

No lock file update required — GH_AW_AGENT_TOKEN was never compiled into create-issue-command.lock.yml, and the safe_outputs job already has issues: write / pull-requests: write with GH_AW_GITHUB_TOKEN || GITHUB_TOKEN.

Testing

  • Not run (why?)
  • uv run poe check
  • Other: YAML-only change; code review and CodeQL scan passed (no applicable languages)

Checklist

  • Linked issue or task reference
  • Added/updated tests where relevant
  • Updated docs/README if needed
  • No secrets or sensitive data added
  • Considered backward compatibility and deployment impact

Additional context

Original prompt

This section details on the original issue you should resolve

<issue_title>create-issue-command.md: Undocumented GH_AW_AGENT_TOKEN and inconsistent token configuration across safe-outputs</issue_title>
<issue_description>## Summary

The safe-outputs.reply-to-pull-request-review-comment in .github/workflows/create-issue-command.md references secrets.GH_AW_AGENT_TOKEN, but this secret is not mentioned or documented elsewhere in the repository. Additionally, safe-outputs.create-issue does not specify the same matching token, creating an inconsistency that is likely to cause a confusing runtime failure (missing secret and/or insufficient permissions).

File and Location

  • File: .github/workflows/create-issue-command.md
  • Line: 22

Original Review Comment

safe-outputs.reply-to-pull-request-review-comment references secrets.GH_AW_AGENT_TOKEN, but this secret isn't mentioned elsewhere in the repo docs, and create-issue doesn't specify a matching token. This is likely to cause a confusing runtime failure (missing secret and/or insufficient permissions). Either remove the custom token field and rely on GITHUB_TOKEN with proper permissions, or consistently configure and document the required secret for all write safe-outputs.

View review comment

Recommended Fix

Choose one of the following approaches:

  1. Remove the custom token — rely on GITHUB_TOKEN with appropriate permissions (issues: write, pull-requests: write) for all safe-outputs.
  2. Consistently use GH_AW_AGENT_TOKEN — apply it to all write safe-outputs (create-issue, reply-to-pull-request-review-comment, etc.) and add documentation in the relevant README/DEVELOPMENT.md explaining what the secret is, what scopes it requires, and how to configure it.

Related PR

Related PR: #51

Generated by PR Review Comment — Create Issue for issue #51

Comments on the Issue (you are @copilot in this section)


💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Co-authored-by: pmalarme <686568+pmalarme@users.noreply.github.com>
Copilot AI changed the title [WIP] Document GH_AW_AGENT_TOKEN and unify token configuration Fix inconsistent and undocumented token configuration in create-issue-command.md Feb 19, 2026
Copilot AI requested a review from pmalarme February 19, 2026 22:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

create-issue-command.md: Undocumented GH_AW_AGENT_TOKEN and inconsistent token configuration across safe-outputs

2 participants