diff --git a/src/modes/agent/index.ts b/src/modes/agent/index.ts
index 15a8d0cb..351a2078 100644
--- a/src/modes/agent/index.ts
+++ b/src/modes/agent/index.ts
@@ -80,8 +80,9 @@ export const agentMode: Mode = {
       ...context.inputs.disallowedTools,
     ];
 
-    core.exportVariable("ALLOWED_TOOLS", allowedTools.join(","));
-    core.exportVariable("DISALLOWED_TOOLS", disallowedTools.join(","));
+    // Export as INPUT_ prefixed variables for the base action
+    core.exportVariable("INPUT_ALLOWED_TOOLS", allowedTools.join(","));
+    core.exportVariable("INPUT_DISALLOWED_TOOLS", disallowedTools.join(","));
 
     // Agent mode uses a minimal MCP configuration
     // We don't need comment servers or PR-specific tools for automation
diff --git a/src/modes/review/index.ts b/src/modes/review/index.ts
index c997b8d7..0bf3b76b 100644
--- a/src/modes/review/index.ts
+++ b/src/modes/review/index.ts
@@ -256,8 +256,9 @@ Then proceed with the review workflow described above.`;
       ...context.inputs.disallowedTools,
     ];
 
-    core.exportVariable("ALLOWED_TOOLS", allowedTools.join(","));
-    core.exportVariable("DISALLOWED_TOOLS", disallowedTools.join(","));
+    // Export as INPUT_ prefixed variables for the base action
+    core.exportVariable("INPUT_ALLOWED_TOOLS", allowedTools.join(","));
+    core.exportVariable("INPUT_DISALLOWED_TOOLS", disallowedTools.join(","));
 
     const additionalMcpConfig = process.env.MCP_CONFIG || "";
     const mcpConfig = await prepareMcpConfig({
diff --git a/test-review.md b/test-review.md
new file mode 100644
index 00000000..358790b6
--- /dev/null
+++ b/test-review.md
@@ -0,0 +1,33 @@
+# Test Review Mode
+
+This is a test file to demonstrate the review mode functionality.
+
+## Features to Review
+
+- Code quality analysis
+- Security vulnerability detection
+- Performance optimization suggestions
+- Best practices enforcement
+
+## Test Code
+
+```javascript
+function processUser(user) {
+    // Potential issues for review:
+    // 1. No input validation
+    // 2. No error handling
+    var name = user.name;
+    var age = user.age;
+    
+    if (age > 18) {
+        console.log(name + " is an adult");
+    }
+    
+    // SQL injection vulnerability
+    const query = "SELECT * FROM users WHERE name = '" + name + "'";
+    
+    return query;
+}
+```
+
+This code has several issues that the review mode should catch.
\ No newline at end of file