Severity: Major — common for workflows that need to update project documentation
Reproduction: The agent modifies AGENTS.md (e.g., updating build instructions as part of a CI fix) and calls push_to_pull_request_branch or create_pull_request.
Expected: The push/PR succeeds because AGENTS.md is a documentation file, not a security-sensitive config.
Actual: The push fails with: Cannot push to pull request branch: patch modifies protected files (AGENTS.md). The compiler hardcodes AGENTS.md into the protected_files list alongside lockfiles and package manifests.
Impact: Any issue that touches AGENTS.md (which is common — it's the project's own documentation) will fail.
Workaround: Remove ,"AGENTS.md" from the protected_files list in the lock file's GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG JSON. Must be reapplied after every recompile.
Suggestion: Either remove AGENTS.md from the default protected_files list, or provide a frontmatter option like protected-files: { exclude: ["AGENTS.md"] } to override it.
Severity: Major — common for workflows that need to update project documentation
Reproduction: The agent modifies
AGENTS.md(e.g., updating build instructions as part of a CI fix) and callspush_to_pull_request_branchorcreate_pull_request.Expected: The push/PR succeeds because
AGENTS.mdis a documentation file, not a security-sensitive config.Actual: The push fails with:
Cannot push to pull request branch: patch modifies protected files (AGENTS.md). The compiler hardcodesAGENTS.mdinto theprotected_fileslist alongside lockfiles and package manifests.Impact: Any issue that touches
AGENTS.md(which is common — it's the project's own documentation) will fail.Workaround: Remove
,"AGENTS.md"from theprotected_fileslist in the lock file'sGH_AW_SAFE_OUTPUTS_HANDLER_CONFIGJSON. Must be reapplied after every recompile.Suggestion: Either remove
AGENTS.mdfrom the defaultprotected_fileslist, or provide a frontmatter option likeprotected-files: { exclude: ["AGENTS.md"] }to override it.