ci: isolate dependency guard backfill label

[RomneyDa]

Summary

Isolate the temporary dependency-guard-backfill label so using it for old PR backfill only triggers Dependency Guard and does not accidentally wake broad PR automation.

• Skip dependency-guard-backfill label mutations in ClawSweeper Dispatch, Auto response, and Real behavior proof.
• Keep dependency-guard as the only workflow that intentionally runs from the temporary backfill label.
• Add workflow coverage so the temporary backfill exclusion stays paired with the dependency guard label trigger.

Backfill Plan

#87866 introduced the temporary label trigger that lets maintainers create the missing required dependency-guard check on old PR heads without contributor branch churn. This PR makes that safe to use at scale by ensuring the backfill label does not kick off unrelated label-driven automation.

With #87866 and this PR landed, maintainers can run the local batch labeler from the artifact bundle linked on #87866. The batch targets are the frozen audit set of old non-draft PRs that already have either a real failing non-dependency check or a local merge conflict, excluding the dependency guard check itself from the check-health decision. After the backfill run is complete, #87867 removes both the temporary trigger and these temporary exclusions.

Verification

• git diff --check
• Parsed dependency guard, auto-response, ClawSweeper dispatch, and real behavior proof workflow YAML files.
• Verified each excluded workflow job condition references dependency-guard-backfill.

Note: node scripts/run-vitest.mjs test/scripts/dependency-guard-workflow.test.ts was started but did not emit completion in this Codex worktree before I stopped it; the static YAML assertions above cover the changed workflow surface.

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed May 29, 2026, 12:20 AM ET / 04:20 UTC.

Summary
The PR adds dependency-guard-backfill label skip conditions to Auto response, ClawSweeper Dispatch, and Real behavior proof workflows, plus YAML coverage in the dependency guard workflow test.

PR surface: Tests +19, Config +24. Total +43 across 4 files.

Reproducibility: not applicable. this is a CI workflow isolation patch rather than a reported runtime bug. Source review shows the affected triggers and job conditions in the merge result.

Review metrics: 1 noteworthy metric.

• PR automation job gates: 2 added, 1 changed. The behavior change is entirely in workflow job conditions, so maintainers should notice exactly which automation gates now suppress the temporary label.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🌊 off-meta tidepool
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• Let the focused dependency guard workflow test or equivalent CI complete before landing.

Risk before merge

• [P1] This intentionally changes GitHub automation behavior: dependency-guard-backfill label and unlabel events will no longer wake Auto response, ClawSweeper Dispatch, or Real behavior proof.
• [P1] The PR body says the focused Vitest workflow test did not complete locally, so CI or equivalent owner validation should confirm the workflow-expression behavior before landing.

Maintainer options:

1. Accept the scoped automation skip (recommended)
   If maintainers agree dependency-guard-backfill is only a temporary dependency guard trigger, land after the focused workflow test or CI confirms the YAML assertions.
2. Require a live label dry run
   Before merging, a maintainer can apply and remove dependency-guard-backfill on a test PR and confirm only Dependency Guard wakes up.

Next step before merge

• [P2] Maintainer/owner review is the remaining step because this intentionally changes label-triggered CI automation and no mechanical repair is identified.

Security
Cleared: The diff touches pull_request_target automation but only adds job conditions; it does not broaden permissions, execute PR-controlled code, add actions, or change secrets handling.

Review details

Best possible solution:

Land the narrow workflow guard if secops/maintainer review accepts the temporary label policy and focused workflow validation completes.

Do we have a high-confidence way to reproduce the issue?

Not applicable; this is a CI workflow isolation patch rather than a reported runtime bug. Source review shows the affected triggers and job conditions in the merge result.

Is this the best way to solve the issue?

Yes, with validation caveat; job-level if guards are the narrowest maintainable way to keep dependency-guard-backfill from waking unrelated workflows while preserving Dependency Guard's own label trigger.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against f3cfd752d330.

Label changes

Label changes:

• add P3: This is a low-risk CI automation cleanup with limited blast radius and no user-facing runtime behavior change.
• add merge-risk: 🚨 automation: The diff changes GitHub workflow job conditions and intentionally suppresses label-triggered automation for dependency-guard-backfill events.
• add rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
• add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: This is a maintainer-authored workflow PR, so the external-contributor real behavior proof gate is not applicable; focused CI/workflow validation remains the landing proof.

Label justifications:

• P3: This is a low-risk CI automation cleanup with limited blast radius and no user-facing runtime behavior change.
• merge-risk: 🚨 automation: The diff changes GitHub workflow job conditions and intentionally suppresses label-triggered automation for dependency-guard-backfill events.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: This is a maintainer-authored workflow PR, so the external-contributor real behavior proof gate is not applicable; focused CI/workflow validation remains the landing proof.

Evidence reviewed

PR surface:

Tests +19, Config +24. Total +43 across 4 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	0	0	0	0
Tests	1	19	0	+19
Docs	0	0	0	0
Config	3	25	1	+24
Generated	0	0	0	0
Other	0	0	0	0
Total	4	44	1	+43

What I checked:

• Auto response guard: The merge result adds a job-level condition that skips Auto response only when a labeled or unlabeled event targets dependency-guard-backfill. (.github/workflows/auto-response.yml:22, 2194498b4a5e)
• Dispatch guard: The merge result preserves issue_comment dispatches and bot label filtering while adding the dependency-guard-backfill exclusion for label and unlabel events. (.github/workflows/clawsweeper-dispatch.yml:27, 2194498b4a5e)
• Real behavior proof guard: The merge result adds the same dependency-guard-backfill label and unlabel exclusion to the Real behavior proof job. (.github/workflows/real-behavior-proof.yml:19, 2194498b4a5e)
• Workflow coverage: The added test enumerates the three excluded workflows and asserts each job condition contains labeled, unlabeled, and dependency-guard-backfill checks. (test/scripts/dependency-guard-workflow.test.ts:69, 2194498b4a5e)
• Dependency guard remains the label owner: Current main already limits the Dependency Guard job's label-triggered execution to dependency-guard-backfill, which matches the PR's stated intent to keep that label for the guard only. (.github/workflows/dependency-guard.yml:18, f3cfd752d330)
• Security ownership: CODEOWNERS marks the dependency guard workflow, its workflow test, and guard script for openclaw-secops review, so this automation/security-sensitive surface has an explicit owner path. (.github/CODEOWNERS:14, f3cfd752d330)

Likely related people:

• RomneyDa: Authored the current-main backfill label trigger in the dependency guard workflow and adjacent workflow test before this PR. (role: recent area contributor; confidence: high; commits: 5a6472718da9; files: .github/workflows/dependency-guard.yml, test/scripts/dependency-guard-workflow.test.ts)
• steipete: Git history attributes the current workflow/test scaffolding to Peter Steinberger, and a later main commit touched the dependency guard workflow test formatting. (role: original workflow/test scaffold author and recent adjacent contributor; confidence: medium; commits: c8cc010e092c, 2209faef405f; files: .github/workflows/auto-response.yml, .github/workflows/clawsweeper-dispatch.yml, .github/workflows/real-behavior-proof.yml)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.