Skip to content

feat: add time-based comment filtering to tag mode#512

Merged
ashwin-ant merged 1 commit into
mainfrom
ashwin/commenttime
Aug 29, 2025
Merged

feat: add time-based comment filtering to tag mode#512
ashwin-ant merged 1 commit into
mainfrom
ashwin/commenttime

Conversation

@ashwin-ant

@ashwin-ant ashwin-ant commented Aug 29, 2025

Copy link
Copy Markdown
Collaborator

Implement time-based filtering for GitHub comments and reviews to prevent malicious actors from editing existing comments after Claude is triggered to inject harmful content.

Changes:

  • Add updatedAt and lastEditedAt fields to GraphQL queries
  • Update GitHubComment and GitHubReview types with timestamp fields
  • Implement filterCommentsToTriggerTime() and filterReviewsToTriggerTime()
  • Add extractTriggerTimestamp() to extract trigger time from webhooks
  • Update tag and review modes to pass trigger timestamp to data fetcher

🤖 Generated with Claude Code

Implement time-based filtering for GitHub comments and reviews to prevent
malicious actors from editing existing comments after Claude is triggered
to inject harmful content.

Changes:
- Add updatedAt and lastEditedAt fields to GraphQL queries
- Update GitHubComment and GitHubReview types with timestamp fields
- Implement filterCommentsToTriggerTime() and filterReviewsToTriggerTime()
- Add extractTriggerTimestamp() to extract trigger time from webhooks
- Update tag and review modes to pass trigger timestamp to data fetcher

Security benefits:
- Prevents comment injection attacks via post-trigger edits
- Maintains chronological integrity of conversation context
- Ensures only comments in their final state before trigger are processed
- Backward compatible with graceful degradation

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
@ashwin-ant ashwin-ant marked this pull request as ready for review August 29, 2025 13:37
@ashwin-ant ashwin-ant merged commit a6888c0 into main Aug 29, 2025
14 checks passed
@ashwin-ant ashwin-ant deleted the ashwin/commenttime branch August 29, 2025 16:49
EffortlessSteven added a commit to EffortlessSteven/claude-code-action that referenced this pull request Jun 5, 2026
Issue/PR comments (anthropics#512) and the issue/PR body (anthropics#710) are filtered to the
trigger timestamp so content created or edited after an authorized trigger
cannot be injected into Claude's prompt (TOCTOU protection). Reviews and
inline review comments were not: fetchGitHubData returned reviewData filtered
by actor only, and formatReviewComments renders it into the prompt, so a
review submitted or edited after the trigger reached Claude verbatim.

filterReviewsToTriggerTime already existed (added alongside the comment filter
in anthropics#512) but was only wired to the image-download list, never to the returned
reviewData.

Apply filterReviewsToTriggerTime to reviewData.nodes and
filterCommentsToTriggerTime to each review's inline comments, alongside the
existing actor filter. Strengthen the two integration tests to assert that
post-trigger and edited-after reviews/comments are dropped.
EffortlessSteven added a commit to EffortlessSteven/claude-code-action that referenced this pull request Jun 5, 2026
Issue/PR comments (anthropics#512) and the issue/PR body (anthropics#710) are filtered to the
trigger timestamp so content created or edited after an authorized trigger
cannot be injected into Claude's prompt (TOCTOU protection). Reviews and
inline review comments were not: fetchGitHubData returned reviewData filtered
by actor only, and formatReviewComments renders it into the prompt, so a
review submitted or edited after the trigger reached Claude verbatim.

filterReviewsToTriggerTime already existed (added alongside the comment filter
in anthropics#512) but was only wired to the image-download list, never to the returned
reviewData.

Filter reviewData.nodes through filterReviewsToTriggerTime and each review's
inline comments through filterCommentsToTriggerTime, alongside the existing
actor filter, then build the review image-processing lists from those
already-filtered nodes (removing a now-redundant second filter pass).
Strengthen the two integration tests to assert post-trigger and edited-after
reviews/comments are dropped.
EffortlessSteven added a commit to EffortlessSteven/claude-code-action that referenced this pull request Jun 5, 2026
Issue/PR comments (anthropics#512) and the issue/PR body (anthropics#710) are filtered to the
trigger timestamp so content created or edited after an authorized trigger
cannot be injected into Claude's prompt (TOCTOU protection). Reviews and
inline review comments were not: fetchGitHubData returned reviewData filtered
by actor only, and formatReviewComments renders it into the prompt, so a
review submitted or edited after the trigger reached Claude verbatim.

filterReviewsToTriggerTime already existed (added alongside the comment filter
in anthropics#512) but was only wired to the image-download list, never to the returned
reviewData.

Filter reviewData.nodes through filterReviewsToTriggerTime and each review's
inline comments through filterCommentsToTriggerTime, alongside the existing
actor filter, then build the review image-processing lists from those
already-filtered nodes (removing a now-redundant second filter pass).
Strengthen the two integration tests to assert post-trigger and edited-after
reviews/comments are dropped.
ashwin-ant pushed a commit that referenced this pull request Jun 22, 2026
)

Issue/PR comments (#512) and the issue/PR body (#710) are filtered to the
trigger timestamp so content created or edited after an authorized trigger
cannot be injected into Claude's prompt (TOCTOU protection). Reviews and
inline review comments were not: fetchGitHubData returned reviewData filtered
by actor only, and formatReviewComments renders it into the prompt, so a
review submitted or edited after the trigger reached Claude verbatim.

filterReviewsToTriggerTime already existed (added alongside the comment filter
in #512) but was only wired to the image-download list, never to the returned
reviewData.

Filter reviewData.nodes through filterReviewsToTriggerTime and each review's
inline comments through filterCommentsToTriggerTime, alongside the existing
actor filter, then build the review image-processing lists from those
already-filtered nodes (removing a now-redundant second filter pass).
Strengthen the two integration tests to assert post-trigger and edited-after
reviews/comments are dropped.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants