Add Claude Code Review dispatcher

[adamsachs]

Summary

• Adds a thin dispatcher workflow that triggers automated code review in ethyca/talos via repository_dispatch
• Triggers on: PR opened, moved out of draft, reopened, or /code-review comment
• No Claude config or instructions in this repo — all review logic lives in talos

Required secrets

Secret	Scope	Purpose
TALOS_DISPATCH_TOKEN	contents:write on ethyca/talos	Send repository_dispatch events

Dependencies

• ethyca/talos — asachs/claude-code-review-action (must merge first)

Test plan

• Merge talos PR and configure secrets first
• Merge this PR
• Open a test PR and verify review is dispatched and posted

Generated with Claude Code

Summary by CodeRabbit

Release Notes

• New Features
  • Automated code review workflow now enabled, triggered on pull request events (open, ready for review, reopen) and manual commands via issue comments.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

2 Skipped Deployments

Project	Deployment	Actions	Updated (UTC)
fides-plus-nightly	Ignored		Mar 5, 2026 3:23pm
fides-privacy-center	Ignored		Mar 5, 2026 3:23pm

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds a GitHub Actions workflow that orchestrates automated code reviews by dispatching events to an external service (ethyca/talos). The workflow triggers on pull request state changes and issue comments containing "/code-review", fetches PR metadata when needed, and sends review requests with repository and commit details.

Changes

Cohort / File(s)	Summary
CI/CD Workflow Configuration .github/workflows/claude-code-review.yml	New workflow file for automated code review dispatch; triggers on PR open/ready_for_review/reopened or issue comments; fetches PR metadata via GitHub CLI and dispatches to ethyca/talos service with payload containing repository, PR number, refs, and sender information.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A workflow so clever, with automation bright,
Reviews dispatched swiftly, from morning to night,
Talos receives the call, with refs and details true,
Code quality dancing, in all that we do! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is incomplete against the template. It lacks a Ticket reference, Code Changes list, Steps to Confirm, and the Pre-Merge Checklist is absent.	Add issue ticket number, itemize code changes, provide reviewer confirmation steps, and complete the pre-merge checklist including CHANGELOG update and other required sections.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: adding a Claude Code Review dispatcher workflow.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch asachs/claude-code-review-action

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This PR adds a thin GitHub Actions dispatcher workflow (.github/workflows/claude-code-review.yml) that forwards PR lifecycle events and /code-review slash-command comments to ethyca/talos via repository_dispatch, where the actual Claude-powered review logic runs and posts results back to the originating PR.

Key issues found:

• Missing pull-requests: read permission — The Get PR details step (used by the issue_comment trigger path) calls the GitHub Pulls API with ${{ github.token }}, but the workflow's permissions block only grants contents: read. Without pull-requests: read, this step can fail in private/org repo contexts, resulting in empty head_ref, base_ref, and head_sha values being dispatched to talos.
• Unrestricted /code-review trigger — The issue_comment condition has no author_association guard, meaning any external user on a public repo (e.g., a non-collaborator) can trigger a dispatch to ethyca/talos by posting /code-review in any PR comment. Adding a check for OWNER, MEMBER, or COLLABORATOR author association would prevent abuse.

Confidence Score: 3/5

• Safe to merge after addressing the missing permission scope and the unrestricted comment trigger.
• The workflow is small and well-structured, with correct concurrency handling and sensible bot exclusions. However, the missing pull-requests: read permission is a functional bug in the comment-trigger path, and the lack of an author-association guard on the /code-review command is a security/cost concern for a public repository.
• .github/workflows/claude-code-review.yml — review the permissions block and the issue_comment condition before merging.

Important Files Changed

Filename

Overview

.github/workflows/claude-code-review.yml

New GitHub Actions dispatcher workflow that forwards PR events and /code-review comments to ethyca/talos via repository_dispatch. Two issues: the GITHUB_TOKEN permissions block is missing pull-requests: read (needed for the gh api PR-details step in the comment trigger path), and the /code-review comment trigger has no author-association guard, allowing any external user to dispatch unlimited review jobs.

_{Last reviewed commit: b433817}

[greptile-apps]

Missing pull-requests: read permission

The Get PR details (comment trigger) step calls gh api repos/.../pulls/${{ github.event.issue.number }} using ${{ github.token }}, but the workflow only declares contents: read. The Pulls API endpoint requires pull-requests: read scope for the GITHUB_TOKEN in private or organization repos. Without it, the step can fail with a 403 or empty response, causing the dispatched payload to carry empty head_ref, base_ref, and head_sha values.

Suggested change

	permissions:
	contents: read
	permissions:
	contents: read
	pull-requests: read

[greptile-apps]

No permission check on /code-review comment trigger

The condition only verifies that the comment is on a pull request and contains /code-review, but does not check whether the commenter has any write/maintain/admin access to the repository. On a public repo this means any external user can trigger an unlimited number of Claude reviews (and dispatch events to ethyca/talos) simply by posting that string in a comment. The cancel-in-progress: true concurrency group partially mitigates spam, but a bad actor can still rack up dispatches on different PRs simultaneously.

Consider adding an actor permission check, e.g.:

      || (
        github.event_name == 'issue_comment'
        && github.event.issue.pull_request
        && contains(github.event.comment.body, '/code-review')
        && (
          github.event.comment.author_association == 'OWNER'
          || github.event.comment.author_association == 'MEMBER'
          || github.event.comment.author_association == 'COLLABORATOR'
        )
      )

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

.github/workflows/claude-code-review.yml (1)

27-29: Add explicit pull-requests: read permission for PR metadata fetch.

Line 52-Line 56 call the Pull Requests API, but workflow permissions only declare contents: read. Make PR-read permission explicit so this path remains reliable under stricter token policies.

Suggested fix

 permissions:
   contents: read
+  pull-requests: read

Also applies to: 52-56

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/claude-code-review.yml around lines 27 - 29, Current
workflow permissions only include "contents: read" which is insufficient for
calls to the Pull Requests API; update the workflow's permissions block by
adding an explicit "pull-requests: read" entry alongside "contents: read" so the
GitHub Actions token can fetch PR metadata reliably. Locate the permissions YAML
block (the "permissions:" mapping containing "contents: read") and add
"pull-requests: read" at the same level.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/claude-code-review.yml:
- Around line 40-43: The workflow currently triggers on any PR comment
containing '/code-review' and then uses secrets.TALOS_DISPATCH_TOKEN; restrict
this by adding an additional condition that the commenter is trusted (e.g.,
check github.event.comment.author_association is one of
'OWNER','MEMBER','COLLABORATOR' or compare github.actor against an allowlist
stored in a secret/ENV like TRUSTED_USERS). Update the conditional block (the
expression that includes "github.event_name == 'issue_comment' &&
github.event.issue.pull_request && contains(github.event.comment.body,
'/code-review')") to also require the trusted-check, and ensure the dispatch
step that uses secrets.TALOS_DISPATCH_TOKEN only runs when that trusted
condition passes.
- Line 59: The workflow uses a mutable tag for the third-party action (uses:
peter-evans/repository-dispatch@v3); replace that tag with the action's full
commit SHA to pin the dependency. Locate the uses line referencing
peter-evans/repository-dispatch (the string "uses:
peter-evans/repository-dispatch@v3"), find the corresponding release/commit on
the peter-evans/repository-dispatch GitHub repo, and update the workflow to use
the immutable ref format (e.g., @<full-commit-sha>) instead of `@v3`.

---

Nitpick comments:
In @.github/workflows/claude-code-review.yml:
- Around line 27-29: Current workflow permissions only include "contents: read"
which is insufficient for calls to the Pull Requests API; update the workflow's
permissions block by adding an explicit "pull-requests: read" entry alongside
"contents: read" so the GitHub Actions token can fetch PR metadata reliably.
Locate the permissions YAML block (the "permissions:" mapping containing
"contents: read") and add "pull-requests: read" at the same level.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 6d8b38b0-7922-4dad-acac-54ee18784b04

📥 Commits

Reviewing files that changed from the base of the PR and between 8bb7361 and b433817.

📒 Files selected for processing (1)

• .github/workflows/claude-code-review.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

cat -n .github/workflows/claude-code-review.yml | head -80

Repository: ethyca/fides

Length of output: 3236

---

🌐 Web query:

GitHub Actions issue_comment context author_association field

💡 Result:

In a GitHub Actions workflow triggered by issue_comment, the comment author’s association is available at:

• ${{ github.event.comment.author_association }} (string) — taken directly from the issue_comment webhook payload’s comment.author_association field. [1][2]

Common values include: OWNER, MEMBER, COLLABORATOR, CONTRIBUTOR, FIRST_TIMER, FIRST_TIME_CONTRIBUTOR, MANNEQUIN, NONE. [3]

Example:

on:
  issue_comment:
    types: [created]

jobs:
  gate:
    if: ${{ github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'OWNER' }}
    runs-on: ubuntu-latest
    steps:
      - run: echo "Trusted commenter"

Sources: [1][2][3]

---

Restrict /code-review trigger to trusted commenters.

Lines 40-43 allow any PR commenter to trigger a dispatch that uses secrets.TALOS_DISPATCH_TOKEN. This creates a security and cost risk on public repos—external contributors (including first-time contributors) can trigger the token usage.

Suggested fix

       || (
         github.event_name == 'issue_comment'
         && github.event.issue.pull_request
         && contains(github.event.comment.body, '/code-review')
+        && contains(fromJson('["OWNER","MEMBER","COLLABORATOR"]'), github.event.comment.author_association)
       )

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/claude-code-review.yml around lines 40 - 43, The workflow
currently triggers on any PR comment containing '/code-review' and then uses
secrets.TALOS_DISPATCH_TOKEN; restrict this by adding an additional condition
that the commenter is trusted (e.g., check
github.event.comment.author_association is one of
'OWNER','MEMBER','COLLABORATOR' or compare github.actor against an allowlist
stored in a secret/ENV like TRUSTED_USERS). Update the conditional block (the
expression that includes "github.event_name == 'issue_comment' &&
github.event.issue.pull_request && contains(github.event.comment.body,
'/code-review')") to also require the trusted-check, and ensure the dispatch
step that uses secrets.TALOS_DISPATCH_TOKEN only runs when that trusted
condition passes.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

cat -n .github/workflows/claude-code-review.yml | grep -A 2 -B 2 "repository-dispatch"

Repository: ethyca/fides

Length of output: 251

---

🏁 Script executed:

# Check all action uses in the workflow
rg "uses:" .github/workflows/claude-code-review.yml

Repository: ethyca/fides

Length of output: 104

---

🏁 Script executed:

# Get the specific commit SHA for peter-evans/repository-dispatch@v3
# This requires checking GitHub - let's get the repo info
curl -s https://api.github.com/repos/peter-evans/repository-dispatch/git/refs/tags/v3 | jq -r '.object.sha // .object.url' 2>/dev/null

Repository: ethyca/fides

Length of output: 60

---

🌐 Web query:

peter-evans/repository-dispatch v3 commit sha github

💡 Result:

peter-evans/repository-dispatch@v3 (major tag) points to commit:

ff45666b9427631e3450c54a1bcbee4d9ff4d7c0. [1]

Source

1. (github.com)

Citations:

• 1: peter-evans/repository-dispatch@ff45666

---

🏁 Script executed:

cat .github/workflows/claude-code-review.yml | head -80

Repository: ethyca/fides

Length of output: 2732

---

Pin third-party action to a full commit SHA.

Line 59 uses a mutable major tag (@v3). Pinning to an immutable SHA improves supply-chain safety.

Suggested fix

-      - name: Dispatch code review to talos
-        uses: peter-evans/repository-dispatch@v3
+      - name: Dispatch code review to talos
+        uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	uses: peter-evans/repository-dispatch@v3
	uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/claude-code-review.yml at line 59, The workflow uses a
mutable tag for the third-party action (uses:
peter-evans/repository-dispatch@v3); replace that tag with the action's full
commit SHA to pin the dependency. Locate the uses line referencing
peter-evans/repository-dispatch (the string "uses:
peter-evans/repository-dispatch@v3"), find the corresponding release/commit on
the peter-evans/repository-dispatch GitHub repo, and update the workflow to use
the immutable ref format (e.g., @<full-commit-sha>) instead of `@v3`.