docs: add Copilot + @claude agent configuration#4
Conversation
Add GitHub Actions workflow for claude-code-action, copilot-instructions.md for Tier C agent governance, and CLAUDE.md for project context. Part of Chitin assembly line v2 rollout. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
There was a problem hiding this comment.
Pull request overview
Adds agent/automation configuration docs and a GitHub Actions workflow to support Claude Code + Copilot usage in the github.com/chitinhq/llmint repository.
Changes:
- Introduces
CLAUDE.mdwith project/agent context and suggested build commands. - Adds
.github/workflows/claude.ymlto runanthropics/claude-code-actionbased on comments/events. - Adds
.github/copilot-instructions.mddescribing Copilot’s intended operating mode and repo guidelines.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 8 comments.
| File | Description |
|---|---|
CLAUDE.md |
New agent context file (currently contains repo-layout and command mismatches). |
.github/workflows/claude.yml |
New workflow wiring for @claude integration (needs tighter security gating/permissions). |
.github/copilot-instructions.md |
New Copilot operating instructions (currently mismatched to repo layout and CI test commands). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| 1. **Role**: developer / reviewer / ops / security / planner | ||
| 2. **Driver**: human / claude-code / copilot / ci | ||
|
|
||
| Then run: `scripts/write-persona.sh <driver> <role>` |
There was a problem hiding this comment.
scripts/write-persona.sh is referenced as a required step, but there is no scripts/ directory in this repo. Either add the script (and ensure it’s used by the tooling) or update this doc to reference an existing setup step so agents don’t fail on first run.
| Then run: `scripts/write-persona.sh <driver> <role>` | |
| Then record the selected identity in the session and continue using `driver=<driver>` and `role=<role>` for the rest of the task. |
| - `cmd/llmint/` — binary entrypoint | ||
| - `internal/tracker/` — cost tracking per request/session | ||
| - `internal/budget/` — budget rules and enforcement (cost impact, careful) | ||
| - `internal/cascade/` — model cascading logic | ||
| - `llmint/` — Python package for analytics |
There was a problem hiding this comment.
The listed “Key Directories” (cmd/llmint/, internal/*, llmint/) don’t exist in this repository (current top-level dirs include cabi/, provider/, middleware/, python/, examples/). Please update this section to match the actual repo layout to avoid misleading agent guidance.
| - `cmd/llmint/` — binary entrypoint | |
| - `internal/tracker/` — cost tracking per request/session | |
| - `internal/budget/` — budget rules and enforcement (cost impact, careful) | |
| - `internal/cascade/` — model cascading logic | |
| - `llmint/` — Python package for analytics | |
| - `cabi/` — C ABI bindings and interoperability layer | |
| - `provider/` — provider integrations and related abstractions | |
| - `middleware/` — middleware for request handling, policy, and cost controls | |
| - `python/` — Python package and bindings | |
| - `examples/` — example integrations and usage samples |
| go build ./... | ||
| go test ./... | ||
| golangci-lint run | ||
| python -m pytest tests/ |
There was a problem hiding this comment.
The Python test command here (python -m pytest tests/) doesn’t match the repo’s Python layout; tests live under python/tests/ and CI runs them via cd python && pytest tests/ after installing python as an editable package. Updating this avoids giving agents a build command that fails from the repo root.
| python -m pytest tests/ | |
| cd python && pytest tests/ |
| ## Repository Structure | ||
|
|
||
| ``` | ||
| cmd/llmint/ # Go binary entrypoint | ||
| internal/ | ||
| ├── tracker/ # Cost tracking per request/session | ||
| ├── budget/ # Budget rules and enforcement | ||
| ├── cascade/ # Model cascading logic (Haiku → Sonnet → Opus) | ||
| └── config/ # Configuration | ||
| llmint/ # Python package (analytics, cost reporting) | ||
| ``` |
There was a problem hiding this comment.
The “Repository Structure” tree doesn’t match this repo (there’s no cmd/ or internal/; instead there are provider/, middleware/, cabi/, and python/). Please align this section with the actual directories so Copilot/agents don’t optimize for a non-existent layout.
| go test ./... | ||
| golangci-lint run | ||
|
|
||
| # Python |
There was a problem hiding this comment.
The Python test instructions (python -m pytest tests/) are inaccurate for this repo. CI runs Python tests from the python/ subdir (and installs the package first), so the documented commands should mirror that to prevent routine agent runs from failing.
| # Python | |
| # Python | |
| cd python | |
| python -m pip install -e . |
| - **NEVER pause to ask for clarification** — make your best judgment | ||
| - If the issue is ambiguous, label it `needs-spec` and stop | ||
| - Default to the **safest option** in every ambiguous situation |
There was a problem hiding this comment.
The “Autonomy Directive” is internally inconsistent: it says “NEVER pause to ask for clarification — make your best judgment” but then says “If the issue is ambiguous, label it needs-spec and stop.” Please reconcile these instructions (choose one behavior) to avoid unpredictable agent actions.
| - **NEVER pause to ask for clarification** — make your best judgment | |
| - If the issue is ambiguous, label it `needs-spec` and stop | |
| - Default to the **safest option** in every ambiguous situation | |
| - **Do not pause to ask for clarification during execution** — make your best judgment only when the issue is sufficiently specified | |
| - If the issue is ambiguous, label it `needs-spec` and stop | |
| - When multiple safe implementations fit a sufficiently specified issue, default to the **safest option** |
| (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || | ||
| (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || |
There was a problem hiding this comment.
This workflow can be triggered by any GitHub user commenting @claude, and it runs with secrets.ANTHROPIC_API_KEY. Please add a gate on the commenter’s trust level (e.g., github.event.comment.author_association in OWNER|MEMBER|COLLABORATOR) to prevent untrusted users from burning API quota / triggering paid runs.
| (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || | |
| (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || | |
| (github.event_name == 'issue_comment' && | |
| contains(github.event.comment.body, '@claude') && | |
| contains(fromJson('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association)) || | |
| (github.event_name == 'pull_request_review_comment' && | |
| contains(github.event.comment.body, '@claude') && | |
| contains(fromJson('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association)) || |
| name: Claude Code | ||
| on: | ||
| issue_comment: | ||
| types: [created] | ||
| pull_request_review_comment: | ||
| types: [created] | ||
| pull_request: | ||
| types: [opened, synchronize] | ||
| jobs: | ||
| claude: |
There was a problem hiding this comment.
Consider setting explicit permissions: for this workflow/job instead of relying on the repo default GITHUB_TOKEN permissions. Minimizing token scope (and only enabling the specific write permissions the action needs) reduces blast radius if the workflow is abused.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Summary
Context
Part of Chitin assembly line v2 rollout — expanding agent coverage from 2 repos to 7.
🤖 Generated with Claude Code