feat: add security triage gate for issue safety before agent processing (#734)

New issues are triaged by the security team before other workflows can act on them. The triage agent checks for prompt injection, social engineering, spam, and unsafe payloads — marking safe issues with `safe-to-work`, closing malicious ones, or flagging unclear ones for human review. Discovery and refactor workflows now require the `safe-to-work` label in addition to their existing label requirements. Co-authored-by: Sprite <noreply@sprites.dev> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-28 11:59:29 +00:00 · 2026-02-12 14:23:33 -08:00 · 2026-02-12 14:23:33 -08:00 · 4924a7d5db
commit 4924a7d5db
parent 4d175ae6c7
4 changed files with 114 additions and 15 deletions
--- a/.github/workflows/discovery.yml
+++ b/.github/workflows/discovery.yml
@ -4,7 +4,7 @@ on:
  schedule:
    - cron: '*/30 * * * *'
  issues:
-    types: [opened, reopened]
+    types: [opened, reopened, labeled]
  workflow_dispatch:

 concurrency:
@ -15,11 +15,12 @@ jobs:
  trigger:
    runs-on: ubuntu-latest
    timeout-minutes: 90
-    # Only trigger on cloud-request or agent-request issues (or schedule/manual)
+    # Only trigger on issues with safe-to-work AND (cloud-request or agent-request) labels, or schedule/manual
    if: >-
      github.event_name != 'issues' ||
-      contains(github.event.issue.labels.*.name, 'cloud-request') ||
-      contains(github.event.issue.labels.*.name, 'agent-request')
+      (contains(github.event.issue.labels.*.name, 'safe-to-work') &&
+       (contains(github.event.issue.labels.*.name, 'cloud-request') ||
+        contains(github.event.issue.labels.*.name, 'agent-request')))
    steps:
      - name: Trigger and stream discovery cycle
        env:
--- a/.github/workflows/refactor.yml
+++ b/.github/workflows/refactor.yml
@ -4,7 +4,7 @@ on:
  schedule:
    - cron: '*/5 * * * *'
  issues:
-    types: [opened, reopened]
+    types: [opened, reopened, labeled]
  workflow_dispatch:

 concurrency:
@ -15,11 +15,12 @@ jobs:
  trigger:
    runs-on: ubuntu-latest
    timeout-minutes: 90
-    # Only trigger on bug or cli issues (or schedule/manual)
+    # Only trigger on issues with safe-to-work AND (bug or cli) labels, or schedule/manual
    if: >-
      github.event_name != 'issues' ||
-      contains(github.event.issue.labels.*.name, 'bug') ||
-      contains(github.event.issue.labels.*.name, 'cli')
+      (contains(github.event.issue.labels.*.name, 'safe-to-work') &&
+       (contains(github.event.issue.labels.*.name, 'bug') ||
+        contains(github.event.issue.labels.*.name, 'cli')))
    steps:
      - name: Trigger and stream refactor cycle
        env:
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@ -33,10 +33,7 @@ jobs:
  review:
    runs-on: ubuntu-latest
    timeout-minutes: 30
-    # Only trigger on team-building issues (or PR/schedule/manual)
-    if: >-
-      github.event_name != 'issues' ||
-      contains(github.event.issue.labels.*.name, 'team-building')
+    # Trigger on ALL issues (triage or team-building) plus PR/schedule/manual
    steps:
      - name: Trigger security review
        env:
@ -53,8 +50,12 @@ jobs:
            REASON="pull_request"
            ISSUE_NUM="${{ github.event.pull_request.number }}"
          elif [ "${{ github.event_name }}" = "issues" ]; then
-            REASON="team_building"
            ISSUE_NUM="${{ github.event.issue.number }}"
+            if [ "${{ contains(github.event.issue.labels.*.name, 'team-building') }}" = "true" ]; then
+              REASON="team_building"
+            else
+              REASON="triage"
+            fi
          elif [ "${{ github.event_name }}" = "schedule" ]; then
            # Distinguish between cron schedules:
            # '0 6 * * *' = daily scan, '0 */6 * * *' = hygiene every 6h