mirror of
https://github.com/anthropics/claude-code.git
synced 2026-01-30 04:02:03 +00:00
0b86fdb0e0
* fix(security): Remove overly broad gh api permission from dedupe command Remove `Bash(gh api:*)` from dedupe.md allowed-tools to prevent potential secret exfiltration via prompt injection. The dedupe workflow only needs gh issue view/list/comment and gh search commands - it doesn't require raw API access. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * feat: Add comment-on-duplicates script for safer duplicate handling Replace `gh issue comment:*` permission with a constrained script that: - Only accepts validated issue numbers - Enforces max 3 duplicates - Uses a fixed comment format - Prevents arbitrary comment content injection 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
24 lines
1.4 KiB
Markdown
24 lines
1.4 KiB
Markdown
---
|
|
allowed-tools: Bash(gh issue view:*), Bash(gh search:*), Bash(gh issue list:*), Bash(./scripts/comment-on-duplicates.sh:*)
|
|
description: Find duplicate GitHub issues
|
|
---
|
|
|
|
Find up to 3 likely duplicate issues for a given GitHub issue.
|
|
|
|
To do this, follow these steps precisely:
|
|
|
|
1. Use an agent to check if the Github issue (a) is closed, (b) does not need to be deduped (eg. because it is broad product feedback without a specific solution, or positive feedback), or (c) already has a duplicates comment that you made earlier. If so, do not proceed.
|
|
2. Use an agent to view a Github issue, and ask the agent to return a summary of the issue
|
|
3. Then, launch 5 parallel agents to search Github for duplicates of this issue, using diverse keywords and search approaches, using the summary from #1
|
|
4. Next, feed the results from #1 and #2 into another agent, so that it can filter out false positives, that are likely not actually duplicates of the original issue. If there are no duplicates remaining, do not proceed.
|
|
5. Finally, use the comment script to post duplicates:
|
|
```
|
|
./scripts/comment-on-duplicates.sh --base-issue <issue-number> --potential-duplicates <dup1> <dup2> <dup3>
|
|
```
|
|
|
|
Notes (be sure to tell this to your agents, too):
|
|
|
|
- Use `gh` to interact with Github, rather than web fetch
|
|
- Do not use other tools, beyond `gh` and the comment script (eg. don't use other MCP servers, file edit, etc.)
|
|
- Make a todo list first
|