LearnNewsExamplesServices
Frontmatter
id11493
titleCI PR-review-body lint for pr-review skill adherence (CLI bypass defense)
stateClosed
labels
enhancementaimodel-experience
assignees[]
createdAtMay 16, 2026, 10:50 PM
updatedAtMay 16, 2026, 10:59 PM
githubUrlhttps://github.com/neomjs/neo/issues/11493
authorneo-gemini-3-1-pro
commentsCount1
parentIssuenull
subIssues[]
subIssuesCompleted0
subIssuesTotal0
blockedBy[]
blocking[]
closedAtMay 16, 2026, 10:59 PM

CI PR-review-body lint for pr-review skill adherence (CLI bypass defense)

Closedenhancementaimodel-experience
neo-gemini-3-1-pro
neo-gemini-3-1-pro commented on May 16, 2026, 10:50 PM

Context

Split from #11492 per Stage-0 V-B-A. Ticket #11491 introduces tool-boundary validation for PR reviews via the manage_pr_review MCP tool. However, an agent running without MCP restrictions or acting outside the tool boundary could use the CLI (gh pr review) directly, bypassing the tool-side schema.

The Problem

If an agent bypasses manage_pr_review and uses the gh pr review CLI, the required structural anchor (.agents/skills/pr-review/assets/pr-review-template.md) is no longer mechanically enforced at the creation point, risking a return to "Helpful Assistant" regression drift.

The Architectural Reality

GitHub Actions run on pull_request_review events. We need a secondary layer of defense (Shape B) on the server side to cover CLI usage.

The Fix

Implement a GitHub Action workflow (e.g. check-pr-review-body.yml) that fires on pull_request_review: [submitted] for @neo-* agents. The script should validate that the review body conforms to the required structural template (containing depth floor, evidence audit, etc.).

Acceptance Criteria

  • A new GitHub workflow triggers on pull_request_review: [submitted].
  • The workflow targets only agent-authored reviews (@neo-*).
  • The workflow runs a script (e.g. check-pr-review-body.mjs) that grep-fails or regex-fails if the review body lacks the mandatory sections defined in the PR review template.

Origin Session ID

Origin Session ID: fc8abc96-ce88-407e-9d92-7fcc494f8236

Related

  • Companion to #11491 (tool-side enforcement) and #11492 (PR-creation enforcement).