Problem
The system prompt in src/create-prompt/index.ts (line 849) unconditionally tells Claude:
You CANNOT modify files in the .github/workflows directory (GitHub App permissions do not allow workflow modifications)
This restriction makes sense when using Anthropic's hosted GitHub App, which does not request workflows:write. However, organizations using their own GitHub App tokens (via github_token input) may have explicitly granted workflows:write to their app.
In our case (Doctolib), we use a custom GitHub App with workflows:write permission granted via Vault. We added this permission specifically so Claude agents can fix CI workflow issues autonomously. The permission is real and working at the API level, but Claude refuses to use it because the prompt tells it not to.
Current behavior
The restriction is hardcoded in generateDefaultPrompt() with no flag to disable it. The only workaround is:
- Appending a contradicting override instruction via
prompt (unreliable since it fights the earlier system prompt)
USE_SIMPLE_PROMPT=true removes the restriction but also drops most useful default instructions (~180 lines → ~70 lines: no 5-step workflow, no analysis thinking, no capabilities section, no comment tool examples). Agent mode bypasses the default prompt entirely but is auto-detected based on event type — it's not a user-selectable option.
Proposed solution
Add an optional boolean input, e.g. allow_workflow_modifications:
inputs:
allow_workflow_modifications:
description: "Allow Claude to modify .github/workflows/ files. Set to true if your github_token has workflows:write permission."
default: "false"When true, omit the workflow restriction line from the generated prompt (or replace it with a positive instruction).
This is low-risk since:
- It defaults to
false (no behavior change)
- The restriction is prompt-based only (no tool-level block exists today)
- Organizations opting in have already made the security decision by granting
workflows:write
Context
Problem
The system prompt in
src/create-prompt/index.ts(line 849) unconditionally tells Claude:This restriction makes sense when using Anthropic's hosted GitHub App, which does not request
workflows:write. However, organizations using their own GitHub App tokens (viagithub_tokeninput) may have explicitly grantedworkflows:writeto their app.In our case (Doctolib), we use a custom GitHub App with
workflows:writepermission granted via Vault. We added this permission specifically so Claude agents can fix CI workflow issues autonomously. The permission is real and working at the API level, but Claude refuses to use it because the prompt tells it not to.Current behavior
The restriction is hardcoded in
generateDefaultPrompt()with no flag to disable it. The only workaround is:prompt(unreliable since it fights the earlier system prompt)USE_SIMPLE_PROMPT=trueremoves the restriction but also drops most useful default instructions (~180 lines → ~70 lines: no 5-step workflow, no analysis thinking, no capabilities section, no comment tool examples). Agent mode bypasses the default prompt entirely but is auto-detected based on event type — it's not a user-selectable option.Proposed solution
Add an optional boolean input, e.g.
allow_workflow_modifications:When
true, omit the workflow restriction line from the generated prompt (or replace it with a positive instruction).This is low-risk since:
false(no behavior change)workflows:writeContext