Conversation
… threat detection, integrity filtering, Agent Factory patterns, and Gemini engine support. Update copilot-instructions.md to v3.0 reflecting current project state. Agent-Logs-Url: https://github.com/Hack23/riksdagsmonitor/sessions/7bdf4edc-eb68-438b-942d-3da3d90fa48d Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
…e.js references across all agents Agent-Logs-Url: https://github.com/Hack23/riksdagsmonitor/sessions/7bdf4edc-eb68-438b-942d-3da3d90fa48d Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
🏷️ Automatic Labeling SummaryThis PR has been automatically labeled based on the files changed and PR metadata. Applied Labels: documentation,skill,size-xl,agent Label Categories
For more information, see |
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
There was a problem hiding this comment.
Pull request overview
Updates the repository’s GitHub Agentic Workflows (gh-aw) documentation and agent metadata to reflect gh-aw v0.45.5 capabilities, align the repo’s Copilot guidance with the current stack, and standardize agent frontmatter.
Changes:
- Bumped gh-aw skills (and umbrella skill) to v2.0.0 and added v0.45.5 concepts (five-layer security, integrity filtering, threat detection, tool scoping, Agent Factory patterns).
- Modernized
.github/copilot-instructions.md(stack versions, gh-aw section, agent/workflow counts, MCP servers). - Added missing
namefields to several agents and updated Node.js example versions (24 → 25).
Reviewed changes
Copilot reviewed 23 out of 23 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| .github/skills/github-agentic-workflows/SKILL.md | Updates umbrella skill metadata to v2.0.0 and gh-aw v0.45.5 positioning. |
| .github/skills/gh-aw-workflow-authoring/SKILL.md | Adds v0.45.5 features (engine selection, integrity filtering, threat detection, Agent Factory patterns) and updates references/version. |
| .github/skills/gh-aw-tools-ecosystem/SKILL.md | Adds v0.45.5 tool scoping + MCP routing section; updates references/version. |
| .github/skills/gh-aw-security-architecture/SKILL.md | Documents five-layer security model + integrity filtering; updates references/version. |
| .github/skills/gh-aw-safe-outputs/SKILL.md | Adds threat detection integration and safe output reference table; updates references/version. |
| .github/skills/gh-aw-README.md | Rewrites gh-aw skills collection overview/quick start and links; updates maintenance metadata. |
| .github/skills/gh-aw-mcp-gateway/SKILL.md | Bumps metadata to v2.0.0 / 2026-04-02. |
| .github/skills/gh-aw-mcp-configuration/SKILL.md | Adds v0.45.5 MCP-in-workflows section; bumps metadata. |
| .github/skills/gh-aw-logging-monitoring/SKILL.md | Bumps metadata to v2.0.0 / 2026-04-02. |
| .github/skills/gh-aw-github-actions-integration/SKILL.md | Bumps metadata to v2.0.0 / 2026-04-02. |
| .github/skills/gh-aw-firewall/SKILL.md | Adds AWF’s place in five-layer model + default domains and config snippet; bumps metadata. |
| .github/skills/gh-aw-continuous-ai-patterns/SKILL.md | Adds Agent Factory patterns section + updated references; bumps metadata. |
| .github/skills/gh-aw-containerization/SKILL.md | Bumps metadata to v2.0.0 / 2026-04-02. |
| .github/skills/gh-aw-authentication-credentials/SKILL.md | Bumps metadata to v2.0.0 / 2026-04-02. |
| .github/copilot-instructions.md | Compacts/modernizes repo instructions and adds gh-aw overview aligned to current stack + ops. |
| .github/agents/interactive-agent-designer.agent.md | Adds missing name in frontmatter. |
| .github/agents/developer.instructions.md | Updates “Last Updated” date. |
| .github/agents/deployment-specialist.md | Updates Node.js examples to 25. |
| .github/agents/custom-engine-implementation.agent.md | Adds missing name in frontmatter. |
| .github/agents/create-safe-output-type.agent.md | Adds missing name in frontmatter. |
| .github/agents/contribution-checker.agent.md | Adds missing name in frontmatter. |
| .github/agents/ci-cleaner.agent.md | Adds missing name in frontmatter. |
| .github/agents/agentic-workflows.agent.md | Adds missing name in frontmatter. |
| schedule: daily # Once per day | ||
| # schedule: "0 9 * * 1-5" # Weekdays at 9am | ||
| # schedule: "0 */6 * * *" # Every 6 hours |
There was a problem hiding this comment.
The scheduling example uses on: { schedule: daily }, but earlier in this same skill you use standard GitHub Actions cron syntax (on: schedule: - cron: ...). This inconsistency is likely to confuse readers, and schedule: daily doesn’t match the workflow syntax used elsewhere in this repo. Consider switching this snippet to cron syntax (or explicitly document that daily is a supported shorthand, if gh-aw supports it) and keep one consistent pattern throughout the skill.
| schedule: daily # Once per day | |
| # schedule: "0 9 * * 1-5" # Weekdays at 9am | |
| # schedule: "0 */6 * * *" # Every 6 hours | |
| schedule: | |
| - cron: "0 0 * * *" # Once per day | |
| # - cron: "0 9 * * 1-5" # Weekdays at 9am | |
| # - cron: "0 */6 * * *" # Every 6 hours |
| --- | ||
| on: | ||
| schedule: daily | ||
| permissions: | ||
| contents: read | ||
| issues: read | ||
| pull-requests: read | ||
| safe-outputs: |
There was a problem hiding this comment.
This example uses on: schedule: daily, but the actual gh-aw workflows in this repo (and even other examples in the skills) use cron entries under on.schedule. To avoid readers copying an invalid/inconsistent frontmatter block, switch this snippet to a cron-based schedule (or add a note explaining that daily is a supported shorthand, if applicable).
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
|
@copilot apply changes based on the comments in this thread |
…consistency Agent-Logs-Url: https://github.com/Hack23/riksdagsmonitor/sessions/b3047dc4-52fd-4c4c-855b-d3a28dd0c303 Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Fixed in |
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
.github/copilot-instructions.md
Outdated
| **Stack**: HTML5, CSS3, TypeScript 6.0.2, Vite 8.0.3, Vitest 4.1.2, Cypress 15.13.0 | ||
| **Runtime**: Node.js 25, ES2025 target, ESNext modules | ||
| **Deploy**: GitHub Pages + AWS S3 dual deployment | ||
| **Languages**: 14-language support (EN, SV, DA, NO, FI, DE, FR, ES, NL, AR, HE, JA, KO, ZH) |
There was a problem hiding this comment.
The language list uses "NO" for Norwegian, but later in this document you explicitly require BCP-47 nb (and note "nb not no"). To avoid contradictory guidance (and potential CI/SEO errors), update the language list to use nb/NB consistently (or remove the "NO" abbreviation).
| **Languages**: 14-language support (EN, SV, DA, NO, FI, DE, FR, ES, NL, AR, HE, JA, KO, ZH) | |
| **Languages**: 14-language support (EN, SV, DA, NB, FI, DE, FR, ES, NL, AR, HE, JA, KO, ZH) |
| - Use available agents and skills for specialized tasks | ||
| - Run checks and validations before committing | ||
|
|
||
| ### 2. Never Create New Markdown Files (Unless Explicitly Requested) |
There was a problem hiding this comment.
Section "### 2. Never Create New Markdown Files (Unless Explicitly Requested)" is now empty. This reads like an incomplete edit and removes the actionable guidance that the heading implies; consider adding back 1–2 concise bullets (or removing the heading if intentionally omitted).
| ### 2. Never Create New Markdown Files (Unless Explicitly Requested) | |
| ### 2. Never Create New Markdown Files (Unless Explicitly Requested) | |
| - Update and extend existing Markdown documentation instead of adding new `.md` files. | |
| - Only create a new Markdown file when the user explicitly requests it. |
|
@copilot apply changes based on the comments in this thread |
… section Agent-Logs-Url: https://github.com/Hack23/riksdagsmonitor/sessions/2591509c-fb31-47d1-b86f-c3a165ab3a38 Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
.github/copilot-instructions.md
Outdated
| /* Colors */ | ||
| --primary-cyan: #00d9ff; --primary-magenta: #ff006e; --primary-yellow: #ffbe0b; | ||
| --dark-bg: #0a0e27; --mid-bg: #1a1e3d; --light-text: #e0e0e0; | ||
| /* Typography */ | ||
| --font-primary: 'Inter', sans-serif; --font-heading: 'Orbitron', sans-serif; | ||
| /* Breakpoints: 320px (default) → 768px (tablet) → 1024px (desktop) → 1440px (large) */ |
There was a problem hiding this comment.
The CSS snippet lists custom properties without a selector (e.g., :root { ... }), so it isn't valid CSS as written and may confuse readers trying to copy/paste it. Consider wrapping these variables in a :root block (or explicitly label this as “CSS custom properties” rather than a runnable snippet).
| /* Colors */ | |
| --primary-cyan: #00d9ff; --primary-magenta: #ff006e; --primary-yellow: #ffbe0b; | |
| --dark-bg: #0a0e27; --mid-bg: #1a1e3d; --light-text: #e0e0e0; | |
| /* Typography */ | |
| --font-primary: 'Inter', sans-serif; --font-heading: 'Orbitron', sans-serif; | |
| /* Breakpoints: 320px (default) → 768px (tablet) → 1024px (desktop) → 1440px (large) */ | |
| :root { | |
| /* Colors */ | |
| --primary-cyan: #00d9ff; | |
| --primary-magenta: #ff006e; | |
| --primary-yellow: #ffbe0b; | |
| --dark-bg: #0a0e27; | |
| --mid-bg: #1a1e3d; | |
| --light-text: #e0e0e0; | |
| /* Typography */ | |
| --font-primary: 'Inter', sans-serif; | |
| --font-heading: 'Orbitron', sans-serif; | |
| /* Breakpoints: 320px (default) → 768px (tablet) → 1024px (desktop) → 1440px (large) */ | |
| } |
| --- | ||
| ``` | ||
|
|
||
| Available toolsets: `context`, `repos`, `issues`, `pull-requests`, `users`, `projects`, `actions`, `security`, `discussions`, `stars`, `notifications`, `gists` |
There was a problem hiding this comment.
The “Available toolsets” list omits the all value, but this repo’s agentic workflows use tools.github.toolsets: ['all'] (e.g. news workflows). Either include all in the list or clarify that it’s a supported shorthand for enabling every toolset.
| Available toolsets: `context`, `repos`, `issues`, `pull-requests`, `users`, `projects`, `actions`, `security`, `discussions`, `stars`, `notifications`, `gists` | |
| Available toolsets: `all`, `context`, `repos`, `issues`, `pull-requests`, `users`, `projects`, `actions`, `security`, `discussions`, `stars`, `notifications`, `gists` (`all` is a shorthand that enables every GitHub toolset) |
| ### Safe Output Types Reference | ||
|
|
||
| | Type | Frontmatter Key | What It Does | | ||
| |------|----------------|-------------| | ||
| | Issue | `create-issue` | Create/update GitHub issues | | ||
| | Pull Request | `create-pull-request` | Create PRs (including cross-repo) | | ||
| | Comment | `add-comment` | Add comments to issues/PRs | | ||
| | Label | `add-labels` | Add labels to issues/PRs | | ||
| | File | `create-or-update-file` | Modify repository files | | ||
| | Noop | *(default)* | Read-only, no writes | |
There was a problem hiding this comment.
The “Safe Output Types Reference” table appears to be presented as a complete reference, but it’s missing safe output types used in this repo (e.g. dispatch-workflow, plus config keys like allowed-domains). Either add the missing types/keys or explicitly note the table is non-exhaustive to avoid misleading workflow authors.
|
@copilot apply changes based on the comments in this thread |
…ed-domains to safe outputs (review feedback) Agent-Logs-Url: https://github.com/Hack23/riksdagsmonitor/sessions/16d648c9-e9d7-4d8c-82da-810f5eb75bb4 Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
All 3 items fixed in
|
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
| id: claude # Options: copilot, claude, codex, gemini | ||
| model: claude-3-5-sonnet # Engine-specific model identifier |
There was a problem hiding this comment.
The engine example uses engine.id: claude, but this repo’s agentic workflows consistently use engine.id: copilot while selecting Claude via the model field (e.g. .github/workflows/news-article-generator.md:113-115). To avoid confusing readers and to match repo conventions, update the example (or add a clarifying note) to reflect the id: copilot + Claude model pattern used here.
| id: claude # Options: copilot, claude, codex, gemini | |
| model: claude-3-5-sonnet # Engine-specific model identifier | |
| id: copilot # Repo convention: use Copilot engine, select Claude via `model` | |
| model: claude-3-5-sonnet # Engine-specific model identifier (Claude via Copilot) |
| firewall: | ||
| allow: |
There was a problem hiding this comment.
This workflow-frontmatter example uses firewall: allow: ..., but the repo’s gh-aw workflows configure outbound access via the network: allowed: key (see e.g. .github/workflows/news-article-generator.md:48-62) and safe-outputs uses allowed-domains:. Consider aligning this example with the network.allowed pattern used in this repository (or document both schemas explicitly) to prevent copy/paste misconfiguration.
| firewall: | |
| allow: | |
| network: | |
| allowed: |
|
@copilot apply changes based on the comments in this thread |
…lowed pattern (review feedback) Agent-Logs-Url: https://github.com/Hack23/riksdagsmonitor/sessions/96a76339-ded2-4932-821d-4a7c09a69e29 Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Both items fixed in
|
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
| ```markdown | ||
| --- | ||
| on: | ||
| schedule: daily # gh-aw shorthand for once per day | ||
| # Equivalent cron syntax: |
There was a problem hiding this comment.
The example recommends on: schedule: daily, but in this repository the workflow architecture tests enforce explicit cron: schedules for dedicated article-type workflows (and the multi-type generator is expected to avoid schedules entirely). To avoid contributors copying an example that would conflict with repo conventions/tests, consider either switching the example to explicit cron syntax or adding a repo-specific note that schedule: daily is a gh-aw feature but this repo uses cron: in workflow frontmatter.
.github/skills/gh-aw-README.md
Outdated
| ```markdown | ||
| --- | ||
| on: | ||
| schedule: daily # gh-aw shorthand (equivalent to cron: "0 0 * * *") |
There was a problem hiding this comment.
This repo’s CI expects explicit cron: schedules in agentic workflow frontmatter (and currently doesn’t use the schedule: daily shorthand). Using schedule: daily in the quick-start example may mislead contributors into adding workflows that don’t match repository conventions/tests; consider changing the snippet to a schedule: [{ cron: ... }] example or adding a note that this shorthand is not used in this repo.
| schedule: daily # gh-aw shorthand (equivalent to cron: "0 0 * * *") | |
| schedule: | |
| - cron: "0 0 * * *" # daily at 00:00 UTC (explicit cron as used in this repo's CI) |
.github/copilot-instructions.md
Outdated
| ### HTML: Semantic HTML5, ARIA, mobile-first, no div soup, no inline styles | ||
| ### CSS: Custom properties, Grid/Flexbox, cyberpunk theme, 4.5:1 contrast, no frameworks | ||
| ### TypeScript: ES2025 target, strict mode, ESLint with es2025 globals | ||
| ### Multi-Language: 14 files per page, RTL for AR/HE, hreflang SEO, BCP-47 `nb` for Norwegian |
There was a problem hiding this comment.
The instructions state Norwegian should use BCP-47 nb, but the generated site content still uses no broadly (e.g., many news pages use lang="no" / hreflang="no"). Either align the repo output to nb (including hreflang/lang + any filename conventions) or clarify in these instructions that the repo hasn’t fully migrated yet, to avoid inconsistent guidance.
| ### Multi-Language: 14 files per page, RTL for AR/HE, hreflang SEO, BCP-47 `nb` for Norwegian | |
| ### Multi-Language: 14 files per page, RTL for AR/HE, hreflang SEO, Norwegian uses BCP-47 `nb` (preferred) though some existing content still uses legacy `no`; keep instructions and site output in sync during migration. |
|
@copilot apply changes based on the comments in this thread |
… note (review feedback) Agent-Logs-Url: https://github.com/Hack23/riksdagsmonitor/sessions/c667cbd1-13b9-48be-8d6c-5bee572dc958 Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
All 3 items fixed in
|
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
schedule: dailyas gh-aw shorthand with cron equivalents (review feedback)id/modelobject form matching repo workflows (review feedback)mcp-servers:key matching repo pattern (review feedback)jobs:structure (review feedback):rootselector (review feedback)allshorthand to GitHub toolsets list (review feedback)dispatch-workflowandallowed-domainsto safe output types reference (review feedback)copilotmatching repo convention (review feedback)network: allowed:key matching repo pattern (review feedback)dailyshorthand to explicit cron syntax matching repo CI (review feedback)