Fix Claude workflow scope for pushing workflow files

[jonathanpopham]

Adds github_token: ${{ secrets.BOT_TOKEN }} to claude-code-action so Claude can push .github/workflows/ files. The default App token lacks workflow scope which blocks issues #8 and #9.

Summary by CodeRabbit

• Chores
  • Updated internal workflow configuration.

[coderabbitai]

Walkthrough

A GitHub Actions workflow is updated to pass the BOT_TOKEN secret as a github_token input parameter to the claude-code-action step. This enables the action to use the bot token for authentication.

Changes

Cohort / File(s)	Summary
Workflow Configuration .github/workflows/claude.yml	Added github_token input parameter to the claude-code-action step, passing the BOT_TOKEN secret for bot authentication.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🤖 A token flows through the workflow's veins,
One simple line unlocks the gains,
The bot now speaks with proper auth,
No barriers stand upon its path. ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding github_token to enable Claude workflow action to push files in .github/workflows/, which aligns with the PR's core objective.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/claude-workflow-scope

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/claude.yml:
- Line 38: Add a job-level trust check so the workflow only runs for trusted
commenters instead of any user; update the job that uses the
BOT_TOKEN/github_token to include an if: condition checking the event
commenter’s author_association (e.g., use
contains('OWNER,CONTRIBUTOR,COLLABORATOR,MEMBER',
github.event.comment.author_association) or equivalent) so only those
associations can trigger the job, and keep the existing github_token: ${{
secrets.BOT_TOKEN }} usage unchanged.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 862a89e and 94b5ea7.

📒 Files selected for processing (1)

• .github/workflows/claude.yml

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

cat -n .github/workflows/claude.yml | head -80

Repository: supermodeltools/supermodeltools.github.io

Length of output: 2034

---

🏁 Script executed:

grep -A 20 "^jobs:" .github/workflows/claude.yml | head -30

Repository: supermodeltools/supermodeltools.github.io

Length of output: 864

---

Gate this workflow to trusted authors—anyone can trigger it right now.

Your workflow runs on user comments (issue_comment, pull_request_review_comment, etc.), and right now any random person can write @claude in an issue to trigger it. The job then runs with write permissions and passes your BOT_TOKEN secret to the Claude action. That's risky.

Think of it like this: you're telling a stranger "Hey, anytime you write a magic word, my bot will show up and do stuff with full write access to my repo."

The fix is simple—add a trust check to the job condition. GitHub gives us the author_association field for exactly this purpose. It tells us if the commenter is the owner, a team member, a collaborator, or a random public person.

Add author trust check to the job condition

 jobs:
   claude:
     if: |
-      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
-      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
-      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
-      (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
+      (github.event_name == 'issue_comment' &&
+       contains(github.event.comment.body, '@claude') &&
+       contains(fromJSON('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association)) ||
+      (github.event_name == 'pull_request_review_comment' &&
+       contains(github.event.comment.body, '@claude') &&
+       contains(fromJSON('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association)) ||
+      (github.event_name == 'pull_request_review' &&
+       contains(github.event.review.body, '@claude') &&
+       contains(fromJSON('["OWNER","MEMBER","COLLABORATOR"]'), github.event.review.author_association)) ||
+      (github.event_name == 'issues' &&
+       (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')) &&
+       contains(fromJSON('["OWNER","MEMBER","COLLABORATOR"]'), github.event.issue.author_association))

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/claude.yml at line 38, Add a job-level trust check so the
workflow only runs for trusted commenters instead of any user; update the job
that uses the BOT_TOKEN/github_token to include an if: condition checking the
event commenter’s author_association (e.g., use
contains('OWNER,CONTRIBUTOR,COLLABORATOR,MEMBER',
github.event.comment.author_association) or equivalent) so only those
associations can trigger the job, and keep the existing github_token: ${{
secrets.BOT_TOKEN }} usage unchanged.