fix: remove GH_AW_AGENT_TOKEN from reply-to-pr-review-comment safe output in create-issue-command workflow

[Copilot]

The create-issue-command agentic workflow was failing because reply-to-pull-request-review-comment was configured with github-token: ${{ secrets.GH_AW_AGENT_TOKEN }}, a secret that isn't set in the repo. This caused two failures: the tool was excluded from the agent's available MCP tools (so no reply was ever sent), and the invalid token triggered a 401 on MCP gateway cleanup, failing the job.

Changes

• create-issue-command.md: Remove github-token: ${{ secrets.GH_AW_AGENT_TOKEN }} from reply-to-pull-request-review-comment. The safe_outputs job already has pull-requests: write and uses GH_AW_GITHUB_TOKEN || GITHUB_TOKEN — no custom token needed.

• create-issue-command.lock.yml:

  • Add reply_to_pull_request_review_comment: {max: 1} to the agent job's config.json so the MCP safe-outputs server exposes the tool to the agent.
  • Add validation rules for reply_to_pull_request_review_comment in validation.json (body, comment_id, pull_request_number).

Testing

• Not run (why?)
• uv run poe check
• Other: Traced failure through GH Actions job logs for run #22200538915; verified config.json mismatch between what compiler emitted and what the MCP gateway served to the agent.

Checklist

• Linked issue or task reference
• Added/updated tests where relevant
• Updated docs/README if needed
• No secrets or sensitive data added
• Considered backward compatibility and deployment impact

Additional context

The gh-aw compiler excludes a safe output from the agent-side config.json when a custom github-token is specified, while still including it in tools.json and the safe_outputs job's handler config — creating a silent mismatch where the tool appears compiled-in but is never reachable by the agent.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[agentics] PR Review Comment — Create Issue failed</issue_title>
<issue_description>### Workflow Failure

Workflow: PR Review Comment — Create Issue
Branch: 51/merge
Run URL: https://github.com/pmalarme/python-agent-template/actions/runs/22200538915

Action Required

Debug this workflow failure using the agentic-workflows agent:

/agent agentic-workflows debug the agentic workflow create-issue-command failure in https://github.com/pmalarme/python-agent-template/actions/runs/22200538915

Generated from PR Review Comment — Create Issue

• expires on Feb 26, 2026, 9:23 PM UTC

Comments on the Issue (you are @copilot in this section)

• Fixes [agentics] PR Review Comment — Create Issue failed #68

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.