Fix PR Review Panel: emit advisory comment via add_comment tool, not a shell heredoc#1844
Draft
Copilot wants to merge 3 commits into
Draft
Fix PR Review Panel: emit advisory comment via add_comment tool, not a shell heredoc#1844Copilot wants to merge 3 commits into
Copilot wants to merge 3 commits into
Conversation
Co-authored-by: danielmeppiel <51440732+danielmeppiel@users.noreply.github.com>
…edoc Co-authored-by: danielmeppiel <51440732+danielmeppiel@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Fix workflow failure in PR review panel
Fix PR Review Panel: emit advisory comment via add_comment tool, not a shell heredoc
Jun 19, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
The
PR Review Panelworkflow's agent job terminated unexpectedly (run 27815857237, 33m / 144 turns, no comment posted).gh aw auditshows the CEO synthesizer produced a validneeds_reworkrecommendation, but the orchestrator then staged the rendered comment body in a temp file with a shell heredoc:The copilot engine's bash command-safety parser scans command text (heredoc bodies included) and read a word-wrapped line beginning with
killas a real command, refusing it: "Command not executed. The 'kill' command must specify at least one numeric PID." The comment never emitted and the run failed. Theadd_commentsafe-output tool already takes the body as a structured argument, so panel prose never needs to touch the shell.Changes (prose-only in the skill):
apm-review-panelSKILL step 7 — mandate emitting the single comment by passing the rendered markdown directly to theadd_commenttool'sbodyargument; forbid staging/piping it through the shell (cat <<EOF,printf,echo, temp.mdfiles), with thekill/rm/sudoparser hazard called out..agents/skills/apm-review-panel/SKILL.mdcopy (kept byte-identical).gh aw auditartifacts under.github/aw/logs/and gitignored that path.No workflow recompile needed — the workflow imports the skill from
microsoft/apm#mainat runtime, so.lock.ymlis unaffected.Type of change
Testing
Spec conformance (OpenAPM v0.1)
If this PR changes behaviour that an OpenAPM v0.1
req-XXXcovers,confirm the three-step ritual (see CONTRIBUTING.md "Adding or
changing a normative requirement"):
docs/src/content/docs/specs/openapm-v0.1.mdupdated(new/changed
<a id="req-XXX"></a>anchor + prose + Appendix Crow).
docs/src/content/docs/specs/manifests/openapm-v0.1.requirements.ymlupdated.
@pytest.mark.req("req-XXX")test undertests/spec_conformance/added or extended.CONFORMANCE.{md,json}regenerated viauv run --extra dev python -m tests.spec_conformance.gen_statementand committed.