claw
220f6e7369
PR Ready Gate / clear-labels (pull_request) Successful in 2s
CI / test (pull_request) Successful in 16s
CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (pull_request) Successful in 38s
CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (pull_request) Successful in 59s
CI / review (gpt-5, security, ., rodin/security-patterns, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 2m14s
Addresses findings from reviews #3655 (sonnet), #3657 (security), #3658 (gpt): - Add set -euo pipefail to both script steps for fail-fast behavior - Remove redundant newline check ([:space:] already covers it) - Simplify VERSION regex: remove non-portable \n\r in POSIX ERE - Add ACTION_TOKEN control character validation (defense-in-depth) - Anchor checksum grep to exact filename match (prevent substring collision) - Add ::notice:: when falling back to default ACTION_REPO - Translate Chinese comments to English for consistency - Add comment linking GITHUB_API_URL usage back to VCS detection