fix: allow claude to have write permission

[tac0turtle]

Overview

Summary by CodeRabbit

• Chores
  • Updated internal GitHub Actions workflow permissions to support enhanced automation capabilities.

[coderabbitai]

📝 Walkthrough

Walkthrough

The .github/workflows/claude.yml file was modified to elevate GitHub Actions job permissions, changing contents, pull-requests, and issues from read to write access levels, enabling the workflow to modify repository, pull request, and issue resources.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow Permissions .github/workflows/claude.yml	Elevated job permissions from read to write for contents, pull-requests, and issues scopes, allowing the workflow increased capability to modify protected resources.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~5 minutes

Poem

🐰 With permissions now expanded wide,
Our workflow hops with newfound pride,
From read-only to write so grand,
The CI/CD tools now have a stronger hand!
✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is entirely empty, containing only the unused template comments with no actual content or context provided.	Fill in the Overview section with details about why write permissions are needed for Claude, what actions require them, and any relevant security considerations or linked issues.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: expanding Claude workflow permissions from read to write access.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch marko/claude

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[claude]

Claude finished @tac0turtle's task in 28s —— View job

---

Code Review

• Read changed files
• Analyze changes
• Post review

---

Summary

This PR upgrades Claude's GitHub Actions permissions from read to write for contents, pull-requests, and issues. This is a necessary change to enable Claude to perform actions like pushing commits, updating PR descriptions, and managing issue labels.

Changes (claude.yml)

Permission	Before	After
contents	read	write
pull-requests	read	write
issues	read	write

Assessment

The change is correct and appropriate. Without write permissions, Claude cannot:

• Commit and push code changes to a branch
• Post or update PR/issue comments
• Create branches for issue-triggered tasks

Security considerations:

• contents: write grants the ability to push code to the repository. This is expected for an agentic code assistant but should be understood as a meaningful trust grant.
• pull-requests: write and issues: write are needed for Claude to update its sticky comment and manage PR state.
• The scope is limited to the workflow job — the permissions follow least privilege at the job level, which is correct.
• The id-token: write permission was already present and is used for OIDC token generation (appropriate for the OAuth token flow).

No issues found. The change is minimal, purposeful, and correctly scoped. Approve.

[github-actions]

The latest Buf updates on your PR. Results from workflow CI / buf-check (pull_request).

Build	Format	Lint	Breaking	Updated (UTC)
✅ passed	⏩ skipped	✅ passed	✅ passed	Mar 24, 2026, 9:51 PM

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/claude.yml:
- Around line 22-24: The workflow grants write permissions (contents: write,
pull-requests: write, issues: write) to a job triggered by user comments, but
lacks an author_association guard so any commenter can invoke it; update the
workflow condition that detects the `@claude` mention to also require the comment
author's association (e.g., check github.event.comment.author_association is one
of "MEMBER","COLLABORATOR" or "OWNER") before granting those write-scoped
permissions and running the job (modify the existing mention check block that
gates the job to include this author_association check).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 67197f22-74dd-497b-bcdc-0f8a6f351148

📥 Commits

Reviewing files that changed from the base of the PR and between 2282089 and 305fd90.

📒 Files selected for processing (1)

• .github/workflows/claude.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "1) Inspect trigger + permission surface in claude workflow"
nl -ba .github/workflows/claude.yml | sed -n '1,90p'

echo
echo "2) Check for explicit trust gating signals"
rg -n 'author_association|github\.actor|OWNER|MEMBER|COLLABORATOR' .github/workflows/claude.yml || true

echo
echo "3) Compare with read-only baseline workflow using same action"
nl -ba .github/workflows/claude-code-review.yml | sed -n '30,70p'

Repository: evstack/ev-node

Length of output: 177

---

🏁 Script executed:

#!/bin/bash

echo "1) Inspect trigger + permission surface in claude workflow (lines 1-90)"
cat -n .github/workflows/claude.yml | head -90

echo ""
echo "2) Check for explicit trust gating signals"
rg -n 'author_association|github\.actor|OWNER|MEMBER|COLLABORATOR' .github/workflows/claude.yml || echo "No trust gating found"

echo ""
echo "3) Compare with read-only baseline workflow (lines 30-70)"
if [ -f .github/workflows/claude-code-review.yml ]; then
  cat -n .github/workflows/claude-code-review.yml | sed -n '30,70p'
else
  echo "claude-code-review.yml not found"
fi

echo ""
echo "4) Get file stats to understand size"
wc -l .github/workflows/claude.yml

Repository: evstack/ev-node

Length of output: 5538

---

🏁 Script executed:

#!/bin/bash

echo "Searching for permissions in claude-code-review.yml"
grep -n "permissions:" .github/workflows/claude-code-review.yml -A 10

echo ""
echo "Full workflow file size:"
wc -l .github/workflows/claude-code-review.yml

Repository: evstack/ev-node

Length of output: 441

---

Limit write scopes to trusted invocations—current trigger surface allows any user with comment access.

contents: write, pull-requests: write, and issues: write permissions are granted to a job triggered by user-generated comment and issue events (@claude). The job condition (lines 15-19) checks only for the @claude mention with no author association guard, meaning any user with access to comment on issues or PRs can invoke this workflow with full write permissions. In contrast, .github/workflows/claude-code-review.yml uses read-only scopes for the same action.

Add an author_association check to restrict to repository members:

Suggested hardening

 jobs:
   claude:
     if: |
+      contains(fromJson('["OWNER","MEMBER","COLLABORATOR"]'),
+        github.event.comment.author_association || github.event.review.author_association || github.event.issue.author_association) &&
       (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
       (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
       (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
       (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude')))
     runs-on: ubuntu-latest
     permissions:
-      contents: write
-      pull-requests: write
-      issues: write
+      contents: read
+      pull-requests: read
+      issues: read
       id-token: write
       actions: read

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/claude.yml around lines 22 - 24, The workflow grants write
permissions (contents: write, pull-requests: write, issues: write) to a job
triggered by user comments, but lacks an author_association guard so any
commenter can invoke it; update the workflow condition that detects the `@claude`
mention to also require the comment author's association (e.g., check
github.event.comment.author_association is one of "MEMBER","COLLABORATOR" or
"OWNER") before granting those write-scoped permissions and running the job
(modify the existing mention check block that gates the job to include this
author_association check).

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 61.12%. Comparing base (f9c8717) to head (305fd90).
⚠️ Report is 7 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3202      +/-   ##
==========================================
- Coverage   61.14%   61.12%   -0.02%     
==========================================
  Files         117      117              
  Lines       12082    12082              
==========================================
- Hits         7387     7385       -2     
- Misses       3868     3870       +2     
  Partials      827      827              

Flag	Coverage Δ
combined	61.12% <ø> (-0.02%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.