Document and vendor creating cloud persona references#73
Conversation
|
Your free trial PR review limit of 300 PRs has been reached. Please upgrade your plan to continue using CodeAnt AI. |
|
Warning Review limit reached
More reviews will be available in 49 minutes and 28 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (56)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
Your free trial PR review limit of 300 PRs has been reached. Please upgrade your plan to continue using CodeAnt AI. |
|
✅ pr-reviewer applied fixes — committed and pushed pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates the creating-cloud-persona skill by adding a comprehensive set of vendored reference agents, Workforce examples, and packages under its references/ directory to make the skill self-contained. It also documents the new 'Team member' agent trigger pattern. The review identified several critical and high-severity issues in the vendored code: executing shell commands on the host instead of inside the isolated sandbox in the review agent, failing to check the exit code of git clone in the linear-shipper example, passing absolute paths with root prefixes to ctx.files.read in the granola agent, unsafe property access on potentially undefined external_urls in the spotify-releases agent, and potential runtime crashes from unhandled RangeErrors when calling .toISOString() on invalid dates in the repo-hygiene and weekly-digest agents.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
| const { stdout } = await execFileAsync('gh', [ | ||
| 'pr', | ||
| 'view', | ||
| String(pr.number), | ||
| '--repo', | ||
| `${pr.owner}/${pr.repo}`, | ||
| '--json', | ||
| 'state,mergeable,mergeStateStatus,reviewDecision,statusCheckRollup,headRefOid', | ||
| ], { cwd: ctx.sandbox.cwd, encoding: 'utf8', maxBuffer: 1024 * 1024 }); | ||
| const state = parsePrReadyState(stdout); |
There was a problem hiding this comment.
Using execFileAsync from node:child_process directly runs the gh command on the host process of the agent runtime rather than inside the isolated sandbox. In a remote or containerized environment, the host may not have the gh CLI installed, will not have the GitHub credentials configured, and the directory ctx.sandbox.cwd will not exist on the host, causing a runtime crash (ENOENT). Use ctx.sandbox.exec to run the command inside the sandbox instead.
const res = await ctx.sandbox.exec(`gh pr view ${pr.number} --repo '${pr.owner}/${pr.repo}' --json state,mergeable,mergeStateStatus,reviewDecision,statusCheckRollup,headRefOid`, { cwd: ctx.sandbox.cwd });
if (res.exitCode !== 0) {
throw new Error(`gh pr view failed: ${res.output}`);
}
const state = parsePrReadyState(res.output);| const repo = safeRepoDirName(inputDefault(ctx, 'GITHUB_REPO')); | ||
| const repoDir = `${ctx.sandbox.cwd}/${repo}`; | ||
|
|
||
| await ctx.sandbox.exec(`git clone ${shellQuote(repoUrl)} ${shellQuote(repoDir)}`); |
There was a problem hiding this comment.
The ctx.sandbox.exec call for git clone is executed without checking the exitCode. If the clone fails, the handler will proceed to run the harness with a non-existent or empty repoDir, leading to failures downstream. Check the exitCode and handle or throw an error if it is non-zero.
const cloneResult = await ctx.sandbox.exec(`git clone ${shellQuote(repoUrl)} ${shellQuote(repoDir)}`);
if (cloneResult.exitCode !== 0) {
throw new Error(`Failed to clone repository: ${cloneResult.output}`);
}| const teams: Array<{ id: string; name: string }> = []; | ||
| for (const file of output.split('\n').map((l) => l.trim()).filter(Boolean)) { | ||
| try { | ||
| const t = JSON.parse(await ctx.files.read(file)) as { id?: string; name?: string }; |
There was a problem hiding this comment.
The ctx.files.read helper expects a path relative to the VFS mount root, but file here is an absolute path returned by find that includes the root prefix (e.g., /relayfile/linear/teams/team1.json). This will cause ctx.files.read to fail. Strip the root prefix from the path before reading the file.
| const t = JSON.parse(await ctx.files.read(file)) as { id?: string; name?: string }; | |
| const relativePath = root ? file.replace(root, '') : file; | |
| const t = JSON.parse(await ctx.files.read(relativePath)) as { id?: string; name?: string }; |
| name: a.name, | ||
| artist: artist.name, | ||
| date: a.release_date, | ||
| url: a.external_urls.spotify |
There was a problem hiding this comment.
Accessing a.external_urls.spotify directly is unsafe because external_urls can be undefined if the API response is malformed or missing the field. Use optional chaining to prevent potential runtime crashes.
| url: a.external_urls.spotify | |
| url: a.external_urls?.spotify ?? '' |
| const databaseId = input(ctx, 'NOTION_DATABASE_ID'); | ||
| if (!databaseId) throw new Error('NOTION_DATABASE_ID is required'); | ||
|
|
||
| const title = `${pr.owner}/${pr.repo}#${pr.number} hygiene - ${new Date(event.occurredAt).toISOString().slice(0, 10)}`; |
There was a problem hiding this comment.
If event.occurredAt is missing or malformed, new Date(event.occurredAt) will result in an Invalid Date object. Calling .toISOString() on an Invalid Date throws a RangeError and will crash the entire agent handler. Use a fallback or validate the date before calling .toISOString().
const occurredDate = event.occurredAt ? new Date(event.occurredAt) : new Date();
const dateStr = Number.isNaN(occurredDate.getTime()) ? new Date().toISOString() : occurredDate.toISOString();
const title = `${pr.owner}/${pr.repo}#${pr.number} hygiene - ${dateStr.slice(0, 10)}`;| const lines: string[] = []; | ||
| lines.push(`# Weekly digest — ${args.week}`); | ||
| lines.push(''); | ||
| lines.push(`Fetched at ${args.fetchedAt.toISOString()}.`); |
There was a problem hiding this comment.
If event.occurredAt is missing or malformed, args.fetchedAt will be an Invalid Date object. Calling .toISOString() on it will throw a RangeError and crash the handler. Ensure the date is valid before calling .toISOString().
| lines.push(`Fetched at ${args.fetchedAt.toISOString()}.`); | |
| const fetchedAtStr = Number.isNaN(args.fetchedAt.getTime()) ? new Date().toISOString() : args.fetchedAt.toISOString(); | |
| lines.push(`Fetched at ${fetchedAtStr}.`); |
khaliqgant
force-pushed
the
add-creating-cloud-persona-readme-vendor-refs
branch
from
6a82465 to
7a4bc2a
Compare
|
Your free trial PR review limit of 300 PRs has been reached. Please upgrade your plan to continue using CodeAnt AI. |
khaliqgant
force-pushed
the
add-creating-cloud-persona-readme-vendor-refs
branch
from
7a4bc2a to
56779e7
Compare
|
Your free trial PR review limit of 300 PRs has been reached. Please upgrade your plan to continue using CodeAnt AI. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
Your free trial PR review limit of 300 PRs has been reached. Please upgrade your plan to continue using CodeAnt AI. |
|
✅ pr-reviewer applied fixes — committed and pushed pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
Your free trial PR review limit of 300 PRs has been reached. Please upgrade your plan to continue using CodeAnt AI. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
1 similar comment
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
Your free trial PR review limit of 300 PRs has been reached. Please upgrade your plan to continue using CodeAnt AI. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
✅ pr-reviewer applied fixes — committed and pushed pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
Your free trial PR review limit of 300 PRs has been reached. Please upgrade your plan to continue using CodeAnt AI. |
|
✅ pr-reviewer applied fixes — committed and pushed pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
|
Your free trial PR review limit of 300 PRs has been reached. Please upgrade your plan to continue using CodeAnt AI. |
|
✅ pr-reviewer applied fixes — committed and pushed pr-reviewer could not complete review for #73 in AgentWorkforce/skills. |
…olidated skill
A Slack trigger mirrors the display-labelled path read-only and never covers the
bare-id writeback path, so a Slack WRITE always needs a scope — a trigger is not
enough. Surfaced by the linear-slack silent-drop bug (2026-06; orphaned draft
recovered from the live sandbox).
- starter persona.json: scope slack to /slack/channels/** instead of "slack": {}
(the example previously shipped the footgun and contradicted the real review
agent it models).
- scope warning: rewrite — a Slack trigger does NOT cover a Slack write; explain
the labelled-mirror vs bare-id path mismatch.
- §1: add the labelled-mirror sub-trap, correct the "trigger or scope" rule to
carve out Slack, and add the make-delivery-loud rule (empty ts ⇒ throw).
Refs AgentWorkforce/agents#53, AgentWorkforce/cloud#2029.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
Your free trial PR review limit of 300 PRs has been reached. Please upgrade your plan to continue using CodeAnt AI. |
1 participant
Summary
creating-cloud-personaskillwriting-agent-personasskill from README andprpm.jsoncreating-cloud-persona, including integration scope mounting, sandbox mode, inputs, teams, handler patterns, delegation, relay-helper writebacks, and pre-merge checks../agentsand Workforce examples/runtime references underskills/creating-cloud-persona/references--on-exists update, integration connect prompts, deployment listing, and destroyagent-workforce-skillsto1.1.3,creating-cloud-personato1.0.4, andsetting-up-relayfileto1.1.1for its updated cross-referenceSelf-review
writing-agent-personasafter consolidationcreating-cloud-personais now the single package for cloud/persona authoring and reviewValidation
prpm.jsonand verified the consolidated package versionscreating-cloud-personapackage files exist../workforce/../agentsorwriting-agent-personasreferences remain in authored guidancenode_modules,.workforce,.DS_Store, or PNG artifactsgit diff --check