Add Claude Code GitHub Workflow

[thomhurst]

🤖 Installing Claude Code GitHub App

This PR adds a GitHub Actions workflow that enables Claude Code integration in our repository.

What is Claude Code?

Claude Code is an AI coding agent that can help with:

• Bug fixes and improvements
• Documentation updates
• Implementing new features
• Code reviews and suggestions
• Writing tests
• And more!

How it works

Once this PR is merged, we'll be able to interact with Claude by mentioning @claude in a pull request or issue comment.
Once the workflow is triggered, Claude will analyze the comment and surrounding context, and execute on the request in a GitHub action.

Important Notes

• This workflow won't take effect until this PR is merged
• @claude mentions won't work until after the merge is complete
• The workflow runs automatically whenever Claude is mentioned in PR or issue comments
• Claude gets access to the entire PR or issue context including files, diffs, and previous comments

Security

• Our Anthropic API key is securely stored as a GitHub Actions secret
• Only users with write access to the repository can trigger the workflow
• All Claude runs are stored in the GitHub Actions run history
• Claude's default tools are limited to reading/writing files and interacting with our repo by creating comments, branches, and commits.
• We can add more allowed tools by adding them to the workflow file like:

allowed_tools: Bash(npm install),Bash(npm run build),Bash(npm run lint),Bash(npm run test)

There's more information in the Claude Code action repo.

After merging this PR, let's try mentioning @claude in a comment on any PR to get started!

[Copilot]

Pull request overview

This PR adds two GitHub Actions workflows to enable Claude Code integration in the repository. The workflows allow users to interact with Claude AI for code reviews and general assistance via @claude mentions in comments.

Key changes:

• Modified .github/workflows/claude.yml to update action versions and simplify configuration
• Modified .github/workflows/claude-code-review.yml to change trigger behavior and add custom prompts for automated PR reviews

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 5 comments.

File	Description
.github/workflows/claude.yml	Updated action versions (@v4 checkout, @v1 claude-code-action) and simplified configuration by removing commented-out options
.github/workflows/claude-code-review.yml	Changed trigger from pull_request_target to pull_request, updated action versions, replaced direct_prompt with prompt parameter, and added claude_args for tool permissions

[Copilot]

The actions/checkout action is downgraded to @v4 while other workflows in this repository use @v6. This inconsistency should be avoided. Consider updating to @v6 to match the rest of the repository's workflows (e.g., .github/workflows/codeql.yml, .github/workflows/dotnet.yml, etc.).

Suggested change

	uses: actions/checkout@v4
	uses: actions/checkout@v6

[Copilot]

The actions/checkout action is downgraded to @v4 while other workflows in this repository use @v6. This inconsistency should be avoided. Consider updating to @v6 to match the rest of the repository's workflows (e.g., .github/workflows/codeql.yml, .github/workflows/dotnet.yml, etc.).

Suggested change

	uses: actions/checkout@v4
	uses: actions/checkout@v6

[Copilot]

Changing the trigger from pull_request_target to pull_request has significant security implications. With pull_request, the workflow runs in the context of the PR branch (including code from potentially untrusted contributors), giving it access to secrets like CLAUDE_CODE_OAUTH_TOKEN. This could allow malicious actors to exfiltrate secrets by modifying the workflow file or repository code in their PR.

pull_request_target is the safer choice for workflows that need secrets and run on PRs from forks, as it executes in the context of the base repository. If you need to use pull_request, ensure you have strict controls on who can open PRs or consider removing access to sensitive secrets.

Suggested change

	pull_request:
	pull_request_target:

[Copilot]

The claude_args grants Claude access to various gh CLI commands including gh pr comment. Combined with the pull_request trigger (line 4), this could allow a malicious PR to execute these commands with the workflow's permissions. Consider either:

1. Reverting to pull_request_target trigger for better security
2. Adding strict conditions to limit when this workflow runs (e.g., filtering by author or requiring approval)
3. Reducing the allowed tools to read-only operations only

[Copilot]

The workflow has id-token: write permission but uses pull_request trigger which runs untrusted code. The id-token permission allows generating OIDC tokens that can be used to authenticate with cloud providers. This is a significant security risk if malicious code can access these tokens. Consider:

1. Removing id-token: write if not strictly necessary
2. Using pull_request_target trigger to run in the trusted context
3. Adding explicit checks to prevent execution on PRs from untrusted sources

Suggested change

id-token: write