fix: move critical outputs to immediately after prepare step

Previously, outputs like GITHUB_TOKEN and branch_name were set after Claude execution completed. This caused issues if Claude failed, as downstream cleanup steps wouldn't have access to these outputs.

Now outputs are set immediately after prepare() completes, ensuring they're available even if Claude execution fails.

.github/workflows/claude.yml

@@ -36,4 +36,4 @@ jobs:
           anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
           allowed_tools: "Bash(bun install),Bash(bun test:*),Bash(bun run format),Bash(bun typecheck)"
           custom_instructions: "You have also been granted tools for editing files and running bun commands (install, run, test, typecheck) for testing your changes: bun install, bun test, bun run format, bun typecheck."
-          model: "claude-opus-4-1-20250805"
+          model: "claude-opus-4-20250514"

README.md

@@ -14,19 +14,6 @@ A general-purpose [Claude Code](https://claude.ai/code) action for GitHub PRs an
 - 📋 **Progress Tracking**: Visual progress indicators with checkboxes that dynamically update as Claude completes tasks
 - 🏃 **Runs on Your Infrastructure**: The action executes entirely on your own GitHub runner (Anthropic API calls go to your chosen provider)
 
-## ⚠️ **BREAKING CHANGES COMING IN v1.0** ⚠️
-
-**We're planning a major update that will significantly change how this action works.** The new version will:
-
-- ✨ Automatically select the appropriate mode (no more `mode` input)
-- 🔧 Simplify configuration with unified `prompt` and `claude_args`
-- 🚀 Align more closely with the Claude Code SDK capabilities
-- 💥 Remove multiple inputs like `direct_prompt`, `custom_instructions`, and others
-
-**[→ Read the full v1.0 roadmap and provide feedback](https://github.com/anthropics/claude-code-action/discussions/428)**
-
----
-
 ## Quickstart
 
 The easiest way to set up this action is through [Claude Code](https://claude.ai/code) in the terminal. Just open `claude` and run `/install-github-app`.

ROADMAP.md

@@ -10,7 +10,7 @@ Thank you for trying out the beta of our GitHub Action! This document outlines o
 - **Support for workflow_dispatch and repository_dispatch events** - Dispatch Claude on events triggered via API from other workflows or from other services
 - **Ability to disable commit signing** - Option to turn off GPG signing for environments where it's not required. This will enable Claude to use normal `git` bash commands for committing. This will likely become the default behavior once added.
 - **Better code review behavior** - Support inline comments on specific lines, provide higher quality reviews with more actionable feedback
-- ~**Support triggering @claude from bot users** - Allow automation and bot accounts to invoke Claude~
+- **Support triggering @claude from bot users** - Allow automation and bot accounts to invoke Claude
 - **Customizable base prompts** - Full control over Claude's initial context with template variables like `$PR_COMMENTS`, `$PR_FILES`, etc. Users can replace our default prompt entirely while still accessing key contextual data
 
 ---

action.yml

@@ -23,10 +23,6 @@ inputs:
     description: "The prefix to use for Claude branches (defaults to 'claude/', use 'claude-' for dash format)"
     required: false
     default: "claude/"
-  allowed_bots:
-    description: "Comma-separated list of allowed bot usernames, or '*' to allow all bots. Empty string (default) allows no bots."
-    required: false
-    default: ""
 
   # Mode configuration
   mode:
@@ -122,10 +118,10 @@ inputs:
 outputs:
   execution_file:
     description: "Path to the Claude Code execution output file"
-    value: ${{ steps.claude-code.outputs.execution_file }}
+    value: ${{ steps.claude.outputs.execution_file }}
   branch_name:
     description: "The branch created by Claude Code for this execution"
-    value: ${{ steps.prepare.outputs.CLAUDE_BRANCH }}
+    value: ${{ steps.claude.outputs.CLAUDE_BRANCH }}
 
 runs:
   using: "composite"
@@ -141,82 +137,61 @@ runs:
         cd ${GITHUB_ACTION_PATH}
         bun install
 
-    - name: Prepare action
-      id: prepare
+    - name: Run Claude
+      id: claude
       shell: bash
       run: |
-        bun run ${GITHUB_ACTION_PATH}/src/entrypoints/prepare.ts
+        # Install base-action dependencies
+        echo "Installing base-action dependencies..."
+        cd ${GITHUB_ACTION_PATH}/base-action
+        bun install
+        echo "Base-action dependencies installed"
+        cd -
+
+        # Install Claude Code globally
+        bun install -g @anthropic-ai/claude-code@1.0.67
+
+        # Setup network restrictions if needed
+        if [[ "${{ inputs.experimental_allowed_domains }}" != "" ]]; then
+          chmod +x ${GITHUB_ACTION_PATH}/scripts/setup-network-restrictions.sh
+          ${GITHUB_ACTION_PATH}/scripts/setup-network-restrictions.sh
+        fi
+
+        # Run the unified entrypoint
+        bun run ${GITHUB_ACTION_PATH}/src/entrypoints/run.ts
       env:
+        # Mode and trigger configuration
         MODE: ${{ inputs.mode }}
         TRIGGER_PHRASE: ${{ inputs.trigger_phrase }}
         ASSIGNEE_TRIGGER: ${{ inputs.assignee_trigger }}
         LABEL_TRIGGER: ${{ inputs.label_trigger }}
         BASE_BRANCH: ${{ inputs.base_branch }}
         BRANCH_PREFIX: ${{ inputs.branch_prefix }}
-        ALLOWED_TOOLS: ${{ inputs.allowed_tools }}
-        DISALLOWED_TOOLS: ${{ inputs.disallowed_tools }}
         CUSTOM_INSTRUCTIONS: ${{ inputs.custom_instructions }}
         DIRECT_PROMPT: ${{ inputs.direct_prompt }}
         OVERRIDE_PROMPT: ${{ inputs.override_prompt }}
         MCP_CONFIG: ${{ inputs.mcp_config }}
         OVERRIDE_GITHUB_TOKEN: ${{ inputs.github_token }}
-        ALLOWED_BOTS: ${{ inputs.allowed_bots }}
         GITHUB_RUN_ID: ${{ github.run_id }}
         USE_STICKY_COMMENT: ${{ inputs.use_sticky_comment }}
         DEFAULT_WORKFLOW_TOKEN: ${{ github.token }}
         ADDITIONAL_PERMISSIONS: ${{ inputs.additional_permissions }}
         USE_COMMIT_SIGNING: ${{ inputs.use_commit_signing }}
-
-    - name: Install Base Action Dependencies
-      if: steps.prepare.outputs.contains_trigger == 'true'
-      shell: bash
-      run: |
-        echo "Installing base-action dependencies..."
-        cd ${GITHUB_ACTION_PATH}/base-action
-        bun install
-        echo "Base-action dependencies installed"
-        cd -
-        # Install Claude Code globally
-        bun install -g @anthropic-ai/claude-code@1.0.81
-
-    - name: Setup Network Restrictions
-      if: steps.prepare.outputs.contains_trigger == 'true' && inputs.experimental_allowed_domains != ''
-      shell: bash
-      run: |
-        chmod +x ${GITHUB_ACTION_PATH}/scripts/setup-network-restrictions.sh
-        ${GITHUB_ACTION_PATH}/scripts/setup-network-restrictions.sh
-      env:
         EXPERIMENTAL_ALLOWED_DOMAINS: ${{ inputs.experimental_allowed_domains }}
 
-    - name: Run Claude Code
-      id: claude-code
-      if: steps.prepare.outputs.contains_trigger == 'true'
-      shell: bash
-      run: |
-
-        # Run the base-action
-        bun run ${GITHUB_ACTION_PATH}/base-action/src/index.ts
-      env:
-        # Base-action inputs
-        CLAUDE_CODE_ACTION: "1"
-        INPUT_PROMPT_FILE: ${{ runner.temp }}/claude-prompts/claude-prompt.txt
-        INPUT_ALLOWED_TOOLS: ${{ env.ALLOWED_TOOLS }}
-        INPUT_DISALLOWED_TOOLS: ${{ env.DISALLOWED_TOOLS }}
-        INPUT_MAX_TURNS: ${{ inputs.max_turns }}
-        INPUT_MCP_CONFIG: ${{ steps.prepare.outputs.mcp_config }}
-        INPUT_SETTINGS: ${{ inputs.settings }}
-        INPUT_SYSTEM_PROMPT: ""
-        INPUT_APPEND_SYSTEM_PROMPT: ${{ env.APPEND_SYSTEM_PROMPT }}
-        INPUT_TIMEOUT_MINUTES: ${{ inputs.timeout_minutes }}
-        INPUT_CLAUDE_ENV: ${{ inputs.claude_env }}
-        INPUT_FALLBACK_MODEL: ${{ inputs.fallback_model }}
+        # Claude configuration
+        ALLOWED_TOOLS: ${{ inputs.allowed_tools }}
+        DISALLOWED_TOOLS: ${{ inputs.disallowed_tools }}
+        MAX_TURNS: ${{ inputs.max_turns }}
+        SETTINGS: ${{ inputs.settings }}
+        TIMEOUT_MINUTES: ${{ inputs.timeout_minutes }}
+        CLAUDE_ENV: ${{ inputs.claude_env }}
+        FALLBACK_MODEL: ${{ inputs.fallback_model }}
         INPUT_EXPERIMENTAL_SLASH_COMMANDS_DIR: ${{ github.action_path }}/slash-commands
 
         # Model configuration
+        MODEL: ${{ inputs.model }}
         ANTHROPIC_MODEL: ${{ inputs.model || inputs.anthropic_model }}
-        GITHUB_TOKEN: ${{ steps.prepare.outputs.GITHUB_TOKEN }}
-        NODE_VERSION: ${{ env.NODE_VERSION }}
-        DETAILED_PERMISSION_MESSAGES: "1"
 
         # Provider configuration
         ANTHROPIC_API_KEY: ${{ inputs.anthropic_api_key }}
@@ -244,35 +219,35 @@ runs:
         VERTEX_REGION_CLAUDE_3_7_SONNET: ${{ env.VERTEX_REGION_CLAUDE_3_7_SONNET }}
 
     - name: Update comment with job link
-      if: steps.prepare.outputs.contains_trigger == 'true' && steps.prepare.outputs.claude_comment_id && always()
+      if: steps.claude.outputs.contains_trigger == 'true' && steps.claude.outputs.claude_comment_id && always()
       shell: bash
       run: |
         bun run ${GITHUB_ACTION_PATH}/src/entrypoints/update-comment-link.ts
       env:
         REPOSITORY: ${{ github.repository }}
         PR_NUMBER: ${{ github.event.issue.number || github.event.pull_request.number }}
-        CLAUDE_COMMENT_ID: ${{ steps.prepare.outputs.claude_comment_id }}
+        CLAUDE_COMMENT_ID: ${{ steps.claude.outputs.claude_comment_id }}
         GITHUB_RUN_ID: ${{ github.run_id }}
-        GITHUB_TOKEN: ${{ steps.prepare.outputs.GITHUB_TOKEN }}
+        GITHUB_TOKEN: ${{ steps.claude.outputs.GITHUB_TOKEN }}
         GITHUB_EVENT_NAME: ${{ github.event_name }}
         TRIGGER_COMMENT_ID: ${{ github.event.comment.id }}
-        CLAUDE_BRANCH: ${{ steps.prepare.outputs.CLAUDE_BRANCH }}
+        CLAUDE_BRANCH: ${{ steps.claude.outputs.CLAUDE_BRANCH }}
         IS_PR: ${{ github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' }}
-        BASE_BRANCH: ${{ steps.prepare.outputs.BASE_BRANCH }}
-        CLAUDE_SUCCESS: ${{ steps.claude-code.outputs.conclusion == 'success' }}
-        OUTPUT_FILE: ${{ steps.claude-code.outputs.execution_file || '' }}
+        BASE_BRANCH: ${{ steps.claude.outputs.BASE_BRANCH }}
+        CLAUDE_SUCCESS: ${{ steps.claude.outputs.conclusion == 'success' }}
+        OUTPUT_FILE: ${{ steps.claude.outputs.execution_file || '' }}
         TRIGGER_USERNAME: ${{ github.event.comment.user.login || github.event.issue.user.login || github.event.pull_request.user.login || github.event.sender.login || github.triggering_actor || github.actor || '' }}
-        PREPARE_SUCCESS: ${{ steps.prepare.outcome == 'success' }}
-        PREPARE_ERROR: ${{ steps.prepare.outputs.prepare_error || '' }}
+        PREPARE_SUCCESS: ${{ steps.claude.outcome == 'success' }}
+        PREPARE_ERROR: ${{ steps.claude.outputs.prepare_error || '' }}
         USE_STICKY_COMMENT: ${{ inputs.use_sticky_comment }}
         USE_COMMIT_SIGNING: ${{ inputs.use_commit_signing }}
 
     - name: Display Claude Code Report
-      if: steps.prepare.outputs.contains_trigger == 'true' && steps.claude-code.outputs.execution_file != ''
+      if: steps.claude.outputs.contains_trigger == 'true' && steps.claude.outputs.execution_file != ''
       shell: bash
       run: |
         # Try to format the turns, but if it fails, dump the raw JSON
-        if bun run ${{ github.action_path }}/src/entrypoints/format-turns.ts "${{ steps.claude-code.outputs.execution_file }}" >> $GITHUB_STEP_SUMMARY 2>/dev/null; then
+        if bun run ${{ github.action_path }}/src/entrypoints/format-turns.ts "${{ steps.claude.outputs.execution_file }}" >> $GITHUB_STEP_SUMMARY 2>/dev/null; then
           echo "Successfully formatted Claude Code report"
         else
           echo "## Claude Code Report (Raw Output)" >> $GITHUB_STEP_SUMMARY
@@ -280,7 +255,7 @@ runs:
           echo "Failed to format output (please report). Here's the raw JSON:" >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
           echo '```json' >> $GITHUB_STEP_SUMMARY
-          cat "${{ steps.claude-code.outputs.execution_file }}" >> $GITHUB_STEP_SUMMARY
+          cat "${{ steps.claude.outputs.execution_file }}" >> $GITHUB_STEP_SUMMARY
           echo '```' >> $GITHUB_STEP_SUMMARY
         fi
 
@@ -291,6 +266,6 @@ runs:
         curl -L \
           -X DELETE \
           -H "Accept: application/vnd.github+json" \
-          -H "Authorization: Bearer ${{ steps.prepare.outputs.GITHUB_TOKEN }}" \
+          -H "Authorization: Bearer ${{ steps.claude.outputs.GITHUB_TOKEN }}" \
           -H "X-GitHub-Api-Version: 2022-11-28" \
           ${GITHUB_API_URL:-https://api.github.com}/installation/token

base-action/README.md

@@ -69,7 +69,7 @@ Add the following to your workflow file:
   uses: anthropics/claude-code-base-action@beta
   with:
     prompt: "Review and fix TypeScript errors"
-    model: "claude-opus-4-1-20250805"
+    model: "claude-opus-4-20250514"
     fallback_model: "claude-sonnet-4-20250514"
     allowed_tools: "Bash(git:*),View,GlobTool,GrepTool,BatchTool"
     anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
@@ -217,7 +217,7 @@ Provide the settings configuration directly as a JSON string:
     prompt: "Your prompt here"
     settings: |
       {
-        "model": "claude-opus-4-1-20250805",
+        "model": "claude-opus-4-20250514",
         "env": {
           "DEBUG": "true",
           "API_URL": "https://api.example.com"

base-action/action.yml

@@ -118,7 +118,7 @@ runs:
 
     - name: Install Claude Code
       shell: bash
-      run: bun install -g @anthropic-ai/claude-code@1.0.81
+      run: bun install -g @anthropic-ai/claude-code@1.0.69
 
     - name: Run Claude Code Action
       shell: bash

base-action/src/index.ts

@@ -2,7 +2,7 @@
 
 import * as core from "@actions/core";
 import { preparePrompt } from "./prepare-prompt";
-import { runClaude } from "./run-claude";
+import { runClaudeCore } from "./run-claude-core";
 import { setupClaudeCodeSettings } from "./setup-claude-code-settings";
 import { validateEnvironmentVariables } from "./validate-env";
 
@@ -21,7 +21,9 @@ async function run() {
       promptFile: process.env.INPUT_PROMPT_FILE || "",
     });
 
-    await runClaude(promptConfig.path, {
+    await runClaudeCore({
+      promptFile: promptConfig.path,
+      settings: process.env.INPUT_SETTINGS,
       allowedTools: process.env.INPUT_ALLOWED_TOOLS,
       disallowedTools: process.env.INPUT_DISALLOWED_TOOLS,
       maxTurns: process.env.INPUT_MAX_TURNS,
@@ -31,6 +33,7 @@ async function run() {
       claudeEnv: process.env.INPUT_CLAUDE_ENV,
       fallbackModel: process.env.INPUT_FALLBACK_MODEL,
       model: process.env.ANTHROPIC_MODEL,
+      timeoutMinutes: process.env.INPUT_TIMEOUT_MINUTES,
     });
   } catch (error) {
     core.setFailed(`Action failed with error: ${error}`);

base-action/src/run-claude-core.ts

@@ -0,0 +1,366 @@
+#!/usr/bin/env bun
+
+import * as core from "@actions/core";
+import { exec } from "child_process";
+import { promisify } from "util";
+import { unlink, writeFile, stat } from "fs/promises";
+import { createWriteStream } from "fs";
+import { spawn } from "child_process";
+
+const execAsync = promisify(exec);
+
+const PIPE_PATH = `${process.env.RUNNER_TEMP}/claude_prompt_pipe`;
+const EXECUTION_FILE = `${process.env.RUNNER_TEMP}/claude-execution-output.json`;
+const BASE_ARGS = ["-p", "--verbose", "--output-format", "stream-json"];
+
+export type ClaudeOptions = {
+  allowedTools?: string;
+  disallowedTools?: string;
+  maxTurns?: string;
+  mcpConfig?: string;
+  systemPrompt?: string;
+  appendSystemPrompt?: string;
+  claudeEnv?: string;
+  fallbackModel?: string;
+  model?: string;
+  timeoutMinutes?: string;
+};
+
+export type RunClaudeConfig = {
+  promptFile: string;
+  settings?: string;
+  allowedTools?: string;
+  disallowedTools?: string;
+  maxTurns?: string;
+  mcpConfig?: string;
+  systemPrompt?: string;
+  appendSystemPrompt?: string;
+  claudeEnv?: string;
+  fallbackModel?: string;
+  model?: string;
+  timeoutMinutes?: string;
+  env?: Record<string, string>;
+};
+
+function parseCustomEnvVars(claudeEnv?: string): Record<string, string> {
+  if (!claudeEnv || claudeEnv.trim() === "") {
+    return {};
+  }
+
+  const customEnv: Record<string, string> = {};
+
+  // Split by lines and parse each line as KEY: VALUE
+  const lines = claudeEnv.split("\n");
+
+  for (const line of lines) {
+    const trimmedLine = line.trim();
+    if (trimmedLine === "" || trimmedLine.startsWith("#")) {
+      continue; // Skip empty lines and comments
+    }
+
+    const colonIndex = trimmedLine.indexOf(":");
+    if (colonIndex === -1) {
+      continue; // Skip lines without colons
+    }
+
+    const key = trimmedLine.substring(0, colonIndex).trim();
+    const value = trimmedLine.substring(colonIndex + 1).trim();
+
+    if (key) {
+      customEnv[key] = value;
+    }
+  }
+
+  return customEnv;
+}
+
+function prepareClaudeArgs(config: RunClaudeConfig): string[] {
+  const claudeArgs = [...BASE_ARGS];
+
+  if (config.allowedTools) {
+    claudeArgs.push("--allowedTools", config.allowedTools);
+  }
+  if (config.disallowedTools) {
+    claudeArgs.push("--disallowedTools", config.disallowedTools);
+  }
+  if (config.maxTurns) {
+    const maxTurnsNum = parseInt(config.maxTurns, 10);
+    if (isNaN(maxTurnsNum) || maxTurnsNum <= 0) {
+      throw new Error(
+        `maxTurns must be a positive number, got: ${config.maxTurns}`,
+      );
+    }
+    claudeArgs.push("--max-turns", config.maxTurns);
+  }
+  if (config.mcpConfig) {
+    claudeArgs.push("--mcp-config", config.mcpConfig);
+  }
+  if (config.systemPrompt) {
+    claudeArgs.push("--system-prompt", config.systemPrompt);
+  }
+  if (config.appendSystemPrompt) {
+    claudeArgs.push("--append-system-prompt", config.appendSystemPrompt);
+  }
+  if (config.fallbackModel) {
+    claudeArgs.push("--fallback-model", config.fallbackModel);
+  }
+  if (config.model) {
+    claudeArgs.push("--model", config.model);
+  }
+  if (config.timeoutMinutes) {
+    const timeoutMinutesNum = parseInt(config.timeoutMinutes, 10);
+    if (isNaN(timeoutMinutesNum) || timeoutMinutesNum <= 0) {
+      throw new Error(
+        `timeoutMinutes must be a positive number, got: ${config.timeoutMinutes}`,
+      );
+    }
+  }
+
+  return claudeArgs;
+}
+
+export function prepareRunConfig(
+  promptPath: string,
+  options: ClaudeOptions,
+): { claudeArgs: string[]; promptPath: string; env: Record<string, string> } {
+  const config: RunClaudeConfig = {
+    promptFile: promptPath,
+    ...options,
+  };
+
+  const claudeArgs = prepareClaudeArgs(config);
+  const customEnv = parseCustomEnvVars(config.claudeEnv);
+  const mergedEnv = {
+    ...customEnv,
+    ...(config.env || {}),
+  };
+
+  return {
+    claudeArgs,
+    promptPath,
+    env: mergedEnv,
+  };
+}
+
+export async function runClaudeCore(config: RunClaudeConfig) {
+  const claudeArgs = prepareClaudeArgs(config);
+
+  // Parse custom environment variables from claudeEnv
+  const customEnv = parseCustomEnvVars(config.claudeEnv);
+
+  // Merge with additional env vars passed in config
+  const mergedEnv = {
+    ...customEnv,
+    ...(config.env || {}),
+  };
+
+  // Create a named pipe
+  try {
+    await unlink(PIPE_PATH);
+  } catch (e) {
+    // Ignore if file doesn't exist
+  }
+
+  // Create the named pipe
+  await execAsync(`mkfifo "${PIPE_PATH}"`);
+
+  // Log prompt file size
+  let promptSize = "unknown";
+  try {
+    const stats = await stat(config.promptFile);
+    promptSize = stats.size.toString();
+  } catch (e) {
+    // Ignore error
+  }
+
+  console.log(`Prompt file size: ${promptSize} bytes`);
+
+  // Log custom environment variables if any
+  const totalEnvVars = Object.keys(mergedEnv).length;
+  if (totalEnvVars > 0) {
+    const envKeys = Object.keys(mergedEnv).join(", ");
+    console.log(`Custom environment variables (${totalEnvVars}): ${envKeys}`);
+  }
+
+  // Output to console
+  console.log(`Running Claude with prompt from file: ${config.promptFile}`);
+
+  // Start sending prompt to pipe in background
+  const catProcess = spawn("cat", [config.promptFile], {
+    stdio: ["ignore", "pipe", "inherit"],
+  });
+  const pipeStream = createWriteStream(PIPE_PATH);
+  catProcess.stdout.pipe(pipeStream);
+
+  catProcess.on("error", (error) => {
+    console.error("Error reading prompt file:", error);
+    pipeStream.destroy();
+  });
+
+  const claudeProcess = spawn("claude", claudeArgs, {
+    stdio: ["pipe", "pipe", "inherit"],
+    env: {
+      ...process.env,
+      ...mergedEnv,
+    },
+  });
+
+  // Handle Claude process errors
+  claudeProcess.on("error", (error) => {
+    console.error("Error spawning Claude process:", error);
+    pipeStream.destroy();
+  });
+
+  // Capture output for parsing execution metrics
+  let output = "";
+  claudeProcess.stdout.on("data", (data) => {
+    const text = data.toString();
+
+    // Try to parse as JSON and pretty print if it's on a single line
+    const lines = text.split("\n");
+    lines.forEach((line: string, index: number) => {
+      if (line.trim() === "") return;
+
+      try {
+        // Check if this line is a JSON object
+        const parsed = JSON.parse(line);
+        const prettyJson = JSON.stringify(parsed, null, 2);
+        process.stdout.write(prettyJson);
+        if (index < lines.length - 1 || text.endsWith("\n")) {
+          process.stdout.write("\n");
+        }
+      } catch (e) {
+        // Not a JSON object, print as is
+        process.stdout.write(line);
+        if (index < lines.length - 1 || text.endsWith("\n")) {
+          process.stdout.write("\n");
+        }
+      }
+    });
+
+    output += text;
+  });
+
+  // Handle stdout errors
+  claudeProcess.stdout.on("error", (error) => {
+    console.error("Error reading Claude stdout:", error);
+  });
+
+  // Pipe from named pipe to Claude
+  const pipeProcess = spawn("cat", [PIPE_PATH]);
+  pipeProcess.stdout.pipe(claudeProcess.stdin);
+
+  // Handle pipe process errors
+  pipeProcess.on("error", (error) => {
+    console.error("Error reading from named pipe:", error);
+    claudeProcess.kill("SIGTERM");
+  });
+
+  // Wait for Claude to finish with timeout
+  let timeoutMs = 10 * 60 * 1000; // Default 10 minutes
+  if (config.timeoutMinutes) {
+    timeoutMs = parseInt(config.timeoutMinutes, 10) * 60 * 1000;
+  } else if (process.env.INPUT_TIMEOUT_MINUTES) {
+    const envTimeout = parseInt(process.env.INPUT_TIMEOUT_MINUTES, 10);
+    if (isNaN(envTimeout) || envTimeout <= 0) {
+      throw new Error(
+        `INPUT_TIMEOUT_MINUTES must be a positive number, got: ${process.env.INPUT_TIMEOUT_MINUTES}`,
+      );
+    }
+    timeoutMs = envTimeout * 60 * 1000;
+  }
+  const exitCode = await new Promise<number>((resolve) => {
+    let resolved = false;
+
+    // Set a timeout for the process
+    const timeoutId = setTimeout(() => {
+      if (!resolved) {
+        console.error(
+          `Claude process timed out after ${timeoutMs / 1000} seconds`,
+        );
+        claudeProcess.kill("SIGTERM");
+        // Give it 5 seconds to terminate gracefully, then force kill
+        setTimeout(() => {
+          try {
+            claudeProcess.kill("SIGKILL");
+          } catch (e) {
+            // Process may already be dead
+          }
+        }, 5000);
+        resolved = true;
+        resolve(124); // Standard timeout exit code
+      }
+    }, timeoutMs);
+
+    claudeProcess.on("close", (code) => {
+      if (!resolved) {
+        clearTimeout(timeoutId);
+        resolved = true;
+        resolve(code || 0);
+      }
+    });
+
+    claudeProcess.on("error", (error) => {
+      if (!resolved) {
+        console.error("Claude process error:", error);
+        clearTimeout(timeoutId);
+        resolved = true;
+        resolve(1);
+      }
+    });
+  });
+
+  // Clean up processes
+  try {
+    catProcess.kill("SIGTERM");
+  } catch (e) {
+    // Process may already be dead
+  }
+  try {
+    pipeProcess.kill("SIGTERM");
+  } catch (e) {
+    // Process may already be dead
+  }
+
+  // Clean up pipe file
+  try {
+    await unlink(PIPE_PATH);
+  } catch (e) {
+    // Ignore errors during cleanup
+  }
+
+  // Set conclusion based on exit code
+  if (exitCode === 0) {
+    // Try to process the output and save execution metrics
+    try {
+      await writeFile("output.txt", output);
+
+      // Process output.txt into JSON and save to execution file
+      const { stdout: jsonOutput } = await execAsync("jq -s '.' output.txt");
+      await writeFile(EXECUTION_FILE, jsonOutput);
+
+      console.log(`Log saved to ${EXECUTION_FILE}`);
+    } catch (e) {
+      core.warning(`Failed to process output for execution metrics: ${e}`);
+    }
+
+    core.setOutput("conclusion", "success");
+    core.setOutput("execution_file", EXECUTION_FILE);
+  } else {
+    core.setOutput("conclusion", "failure");
+
+    // Still try to save execution file if we have output
+    if (output) {
+      try {
+        await writeFile("output.txt", output);
+        const { stdout: jsonOutput } = await execAsync("jq -s '.' output.txt");
+        await writeFile(EXECUTION_FILE, jsonOutput);
+        core.setOutput("execution_file", EXECUTION_FILE);
+      } catch (e) {
+        // Ignore errors when processing output during failure
+      }
+    }
+
+    process.exit(exitCode);
+  }
+}

base-action/src/run-claude.ts

@@ -1,331 +1,44 @@
+#!/usr/bin/env bun
+
 import * as core from "@actions/core";
-import { exec } from "child_process";
-import { promisify } from "util";
-import { unlink, writeFile, stat } from "fs/promises";
-import { createWriteStream } from "fs";
-import { spawn } from "child_process";
+import { preparePrompt } from "./prepare-prompt";
+import { runClaudeCore } from "./run-claude-core";
+export { prepareRunConfig, type ClaudeOptions } from "./run-claude-core";
+import { setupClaudeCodeSettings } from "./setup-claude-code-settings";
+import { validateEnvironmentVariables } from "./validate-env";
 
-const execAsync = promisify(exec);
-
-const PIPE_PATH = `${process.env.RUNNER_TEMP}/claude_prompt_pipe`;
-const EXECUTION_FILE = `${process.env.RUNNER_TEMP}/claude-execution-output.json`;
-const BASE_ARGS = ["-p", "--verbose", "--output-format", "stream-json"];
-
-export type ClaudeOptions = {
-  allowedTools?: string;
-  disallowedTools?: string;
-  maxTurns?: string;
-  mcpConfig?: string;
-  systemPrompt?: string;
-  appendSystemPrompt?: string;
-  claudeEnv?: string;
-  fallbackModel?: string;
-  timeoutMinutes?: string;
-  model?: string;
-};
-
-type PreparedConfig = {
-  claudeArgs: string[];
-  promptPath: string;
-  env: Record<string, string>;
-};
-
-function parseCustomEnvVars(claudeEnv?: string): Record<string, string> {
-  if (!claudeEnv || claudeEnv.trim() === "") {
-    return {};
-  }
-
-  const customEnv: Record<string, string> = {};
-
-  // Split by lines and parse each line as KEY: VALUE
-  const lines = claudeEnv.split("\n");
-
-  for (const line of lines) {
-    const trimmedLine = line.trim();
-    if (trimmedLine === "" || trimmedLine.startsWith("#")) {
-      continue; // Skip empty lines and comments
-    }
-
-    const colonIndex = trimmedLine.indexOf(":");
-    if (colonIndex === -1) {
-      continue; // Skip lines without colons
-    }
-
-    const key = trimmedLine.substring(0, colonIndex).trim();
-    const value = trimmedLine.substring(colonIndex + 1).trim();
-
-    if (key) {
-      customEnv[key] = value;
-    }
-  }
-
-  return customEnv;
-}
-
-export function prepareRunConfig(
-  promptPath: string,
-  options: ClaudeOptions,
-): PreparedConfig {
-  const claudeArgs = [...BASE_ARGS];
-
-  if (options.allowedTools) {
-    claudeArgs.push("--allowedTools", options.allowedTools);
-  }
-  if (options.disallowedTools) {
-    claudeArgs.push("--disallowedTools", options.disallowedTools);
-  }
-  if (options.maxTurns) {
-    const maxTurnsNum = parseInt(options.maxTurns, 10);
-    if (isNaN(maxTurnsNum) || maxTurnsNum <= 0) {
-      throw new Error(
-        `maxTurns must be a positive number, got: ${options.maxTurns}`,
-      );
-    }
-    claudeArgs.push("--max-turns", options.maxTurns);
-  }
-  if (options.mcpConfig) {
-    claudeArgs.push("--mcp-config", options.mcpConfig);
-  }
-  if (options.systemPrompt) {
-    claudeArgs.push("--system-prompt", options.systemPrompt);
-  }
-  if (options.appendSystemPrompt) {
-    claudeArgs.push("--append-system-prompt", options.appendSystemPrompt);
-  }
-  if (options.fallbackModel) {
-    claudeArgs.push("--fallback-model", options.fallbackModel);
-  }
-  if (options.model) {
-    claudeArgs.push("--model", options.model);
-  }
-  if (options.timeoutMinutes) {
-    const timeoutMinutesNum = parseInt(options.timeoutMinutes, 10);
-    if (isNaN(timeoutMinutesNum) || timeoutMinutesNum <= 0) {
-      throw new Error(
-        `timeoutMinutes must be a positive number, got: ${options.timeoutMinutes}`,
-      );
-    }
-  }
-
-  // Parse custom environment variables
-  const customEnv = parseCustomEnvVars(options.claudeEnv);
-
-  return {
-    claudeArgs,
-    promptPath,
-    env: customEnv,
-  };
-}
-
-export async function runClaude(promptPath: string, options: ClaudeOptions) {
-  const config = prepareRunConfig(promptPath, options);
-
-  // Create a named pipe
+async function run() {
   try {
-    await unlink(PIPE_PATH);
-  } catch (e) {
-    // Ignore if file doesn't exist
-  }
+    validateEnvironmentVariables();
 
-  // Create the named pipe
-  await execAsync(`mkfifo "${PIPE_PATH}"`);
+    await setupClaudeCodeSettings(process.env.INPUT_SETTINGS);
 
-  // Log prompt file size
-  let promptSize = "unknown";
-  try {
-    const stats = await stat(config.promptPath);
-    promptSize = stats.size.toString();
-  } catch (e) {
-    // Ignore error
-  }
-
-  console.log(`Prompt file size: ${promptSize} bytes`);
-
-  // Log custom environment variables if any
-  if (Object.keys(config.env).length > 0) {
-    const envKeys = Object.keys(config.env).join(", ");
-    console.log(`Custom environment variables: ${envKeys}`);
-  }
-
-  // Output to console
-  console.log(`Running Claude with prompt from file: ${config.promptPath}`);
-
-  // Start sending prompt to pipe in background
-  const catProcess = spawn("cat", [config.promptPath], {
-    stdio: ["ignore", "pipe", "inherit"],
-  });
-  const pipeStream = createWriteStream(PIPE_PATH);
-  catProcess.stdout.pipe(pipeStream);
-
-  catProcess.on("error", (error) => {
-    console.error("Error reading prompt file:", error);
-    pipeStream.destroy();
-  });
-
-  const claudeProcess = spawn("claude", config.claudeArgs, {
-    stdio: ["pipe", "pipe", "inherit"],
-    env: {
-      ...process.env,
-      ...config.env,
-    },
-  });
-
-  // Handle Claude process errors
-  claudeProcess.on("error", (error) => {
-    console.error("Error spawning Claude process:", error);
-    pipeStream.destroy();
-  });
-
-  // Capture output for parsing execution metrics
-  let output = "";
-  claudeProcess.stdout.on("data", (data) => {
-    const text = data.toString();
-
-    // Try to parse as JSON and pretty print if it's on a single line
-    const lines = text.split("\n");
-    lines.forEach((line: string, index: number) => {
-      if (line.trim() === "") return;
-
-      try {
-        // Check if this line is a JSON object
-        const parsed = JSON.parse(line);
-        const prettyJson = JSON.stringify(parsed, null, 2);
-        process.stdout.write(prettyJson);
-        if (index < lines.length - 1 || text.endsWith("\n")) {
-          process.stdout.write("\n");
-        }
-      } catch (e) {
-        // Not a JSON object, print as is
-        process.stdout.write(line);
-        if (index < lines.length - 1 || text.endsWith("\n")) {
-          process.stdout.write("\n");
-        }
-      }
+    const promptConfig = await preparePrompt({
+      prompt: process.env.INPUT_PROMPT || "",
+      promptFile: process.env.INPUT_PROMPT_FILE || "",
     });
 
-    output += text;
-  });
-
-  // Handle stdout errors
-  claudeProcess.stdout.on("error", (error) => {
-    console.error("Error reading Claude stdout:", error);
-  });
-
-  // Pipe from named pipe to Claude
-  const pipeProcess = spawn("cat", [PIPE_PATH]);
-  pipeProcess.stdout.pipe(claudeProcess.stdin);
-
-  // Handle pipe process errors
-  pipeProcess.on("error", (error) => {
-    console.error("Error reading from named pipe:", error);
-    claudeProcess.kill("SIGTERM");
-  });
-
-  // Wait for Claude to finish with timeout
-  let timeoutMs = 10 * 60 * 1000; // Default 10 minutes
-  if (options.timeoutMinutes) {
-    timeoutMs = parseInt(options.timeoutMinutes, 10) * 60 * 1000;
-  } else if (process.env.INPUT_TIMEOUT_MINUTES) {
-    const envTimeout = parseInt(process.env.INPUT_TIMEOUT_MINUTES, 10);
-    if (isNaN(envTimeout) || envTimeout <= 0) {
-      throw new Error(
-        `INPUT_TIMEOUT_MINUTES must be a positive number, got: ${process.env.INPUT_TIMEOUT_MINUTES}`,
-      );
-    }
-    timeoutMs = envTimeout * 60 * 1000;
-  }
-  const exitCode = await new Promise<number>((resolve) => {
-    let resolved = false;
-
-    // Set a timeout for the process
-    const timeoutId = setTimeout(() => {
-      if (!resolved) {
-        console.error(
-          `Claude process timed out after ${timeoutMs / 1000} seconds`,
-        );
-        claudeProcess.kill("SIGTERM");
-        // Give it 5 seconds to terminate gracefully, then force kill
-        setTimeout(() => {
-          try {
-            claudeProcess.kill("SIGKILL");
-          } catch (e) {
-            // Process may already be dead
-          }
-        }, 5000);
-        resolved = true;
-        resolve(124); // Standard timeout exit code
-      }
-    }, timeoutMs);
-
-    claudeProcess.on("close", (code) => {
-      if (!resolved) {
-        clearTimeout(timeoutId);
-        resolved = true;
-        resolve(code || 0);
-      }
+    await runClaudeCore({
+      promptFile: promptConfig.path,
+      settings: process.env.INPUT_SETTINGS,
+      allowedTools: process.env.INPUT_ALLOWED_TOOLS,
+      disallowedTools: process.env.INPUT_DISALLOWED_TOOLS,
+      maxTurns: process.env.INPUT_MAX_TURNS,
+      mcpConfig: process.env.INPUT_MCP_CONFIG,
+      systemPrompt: process.env.INPUT_SYSTEM_PROMPT,
+      appendSystemPrompt: process.env.INPUT_APPEND_SYSTEM_PROMPT,
+      claudeEnv: process.env.INPUT_CLAUDE_ENV,
+      fallbackModel: process.env.INPUT_FALLBACK_MODEL,
+      model: process.env.ANTHROPIC_MODEL,
+      timeoutMinutes: process.env.INPUT_TIMEOUT_MINUTES,
     });
-
-    claudeProcess.on("error", (error) => {
-      if (!resolved) {
-        console.error("Claude process error:", error);
-        clearTimeout(timeoutId);
-        resolved = true;
-        resolve(1);
-      }
-    });
-  });
-
-  // Clean up processes
-  try {
-    catProcess.kill("SIGTERM");
-  } catch (e) {
-    // Process may already be dead
-  }
-  try {
-    pipeProcess.kill("SIGTERM");
-  } catch (e) {
-    // Process may already be dead
-  }
-
-  // Clean up pipe file
-  try {
-    await unlink(PIPE_PATH);
-  } catch (e) {
-    // Ignore errors during cleanup
-  }
-
-  // Set conclusion based on exit code
-  if (exitCode === 0) {
-    // Try to process the output and save execution metrics
-    try {
-      await writeFile("output.txt", output);
-
-      // Process output.txt into JSON and save to execution file
-      const { stdout: jsonOutput } = await execAsync("jq -s '.' output.txt");
-      await writeFile(EXECUTION_FILE, jsonOutput);
-
-      console.log(`Log saved to ${EXECUTION_FILE}`);
-    } catch (e) {
-      core.warning(`Failed to process output for execution metrics: ${e}`);
-    }
-
-    core.setOutput("conclusion", "success");
-    core.setOutput("execution_file", EXECUTION_FILE);
-  } else {
+  } catch (error) {
+    core.setFailed(`Action failed with error: ${error}`);
     core.setOutput("conclusion", "failure");
-
-    // Still try to save execution file if we have output
-    if (output) {
-      try {
-        await writeFile("output.txt", output);
-        const { stdout: jsonOutput } = await execAsync("jq -s '.' output.txt");
-        await writeFile(EXECUTION_FILE, jsonOutput);
-        core.setOutput("execution_file", EXECUTION_FILE);
-      } catch (e) {
-        // Ignore errors when processing output during failure
-      }
-    }
-
-    process.exit(exitCode);
+    process.exit(1);
   }
 }
+
+if (import.meta.main) {
+  run();
+}

base-action/test/setup-claude-code-settings.test.ts

@@ -134,7 +134,7 @@ describe("setupClaudeCodeSettings", () => {
     // Then, add new settings
     const newSettings = JSON.stringify({
       newKey: "newValue",
-      model: "claude-opus-4-1-20250805",
+      model: "claude-opus-4-20250514",
     });
 
     await setupClaudeCodeSettings(newSettings, testHomeDir);
@@ -145,7 +145,7 @@ describe("setupClaudeCodeSettings", () => {
     expect(settings.enableAllProjectMcpServers).toBe(true);
     expect(settings.existingKey).toBe("existingValue");
     expect(settings.newKey).toBe("newValue");
-    expect(settings.model).toBe("claude-opus-4-1-20250805");
+    expect(settings.model).toBe("claude-opus-4-20250514");
   });
 
   test("should copy slash commands to .claude directory when path provided", async () => {

docs/configuration.md

@@ -207,8 +207,15 @@ Claude does **not** have access to execute arbitrary Bash commands by default. I
 ```yaml
 - uses: anthropics/claude-code-action@beta
   with:
-    allowed_tools: "Bash(npm install),Bash(npm run test),Edit,Replace,NotebookEditCell"
-    disallowed_tools: "TaskOutput,KillTask"
+    allowed_tools: |
+      Bash(npm install)
+      Bash(npm run test)
+      Edit
+      Replace
+      NotebookEditCell
+    disallowed_tools: |
+      TaskOutput
+      KillTask
     # ... other inputs
 ```
 
@@ -245,7 +252,7 @@ You can provide Claude Code settings to customize behavior such as model selecti
   with:
     settings: |
       {
-        "model": "claude-opus-4-1-20250805",
+        "model": "claude-opus-4-20250514",
         "env": {
           "DEBUG": "true",
           "API_URL": "https://api.example.com"

docs/security.md

@@ -3,7 +3,7 @@
 ## Access Control
 
 - **Repository Access**: The action can only be triggered by users with write access to the repository
-- **Bot User Control**: By default, GitHub Apps and bots cannot trigger this action for security reasons. Use the `allowed_bots` parameter to enable specific bots or all bots
+- **No Bot Triggers**: GitHub Apps and bots cannot trigger this action
 - **Token Permissions**: The GitHub app receives only a short-lived token scoped specifically to the repository it's operating in
 - **No Cross-Repository Access**: Each action invocation is limited to the repository where it was triggered
 - **Limited Scope**: The token cannot access other repositories or perform actions beyond the configured permissions

docs/usage.md

@@ -42,8 +42,6 @@ jobs:
           # Optional: grant additional permissions (requires corresponding GitHub token permissions)
           # additional_permissions: |
           #   actions: read
-          # Optional: allow bot users to trigger the action
-          # allowed_bots: "dependabot[bot],renovate[bot]"
 ```
 
 ## Inputs
@@ -78,7 +76,6 @@ jobs:
 | `additional_permissions`       | Additional permissions to enable. Currently supports 'actions: read' for viewing workflow results                                     | No       | ""        |
 | `experimental_allowed_domains` | Restrict network access to these domains only (newline-separated).                                                                    | No       | ""        |
 | `use_commit_signing`           | Enable commit signing using GitHub's commit signature verification. When false, Claude uses standard git commands                     | No       | `false`   |
-| `allowed_bots`                 | Comma-separated list of allowed bot usernames, or '\*' to allow all bots. Empty string (default) allows no bots                       | No       | ""        |
 
 \*Required when using direct Anthropic API (default and when not using Bedrock or Vertex)
 

src/create-prompt/index.ts

@@ -811,12 +811,18 @@ f. If you are unable to complete certain steps, such as running a linter or test
   return promptContent;
 }
 
+export type CreatePromptResult = {
+  promptFile: string;
+  allowedTools: string;
+  disallowedTools: string;
+};
+
 export async function createPrompt(
   mode: Mode,
   modeContext: ModeContext,
   githubData: FetchDataResult,
   context: ParsedGitHubContext,
-) {
+): Promise<CreatePromptResult> {
   try {
     // Prepare the context for prompt generation
     let claudeCommentId: string = "";
@@ -888,8 +894,17 @@ export async function createPrompt(
       combinedAllowedTools,
     );
 
+    // TODO: Remove these environment variable exports once modes are updated to use return values
     core.exportVariable("ALLOWED_TOOLS", allAllowedTools);
     core.exportVariable("DISALLOWED_TOOLS", allDisallowedTools);
+
+    const promptFile = `${process.env.RUNNER_TEMP}/claude-prompts/claude-prompt.txt`;
+
+    return {
+      promptFile,
+      allowedTools: allAllowedTools,
+      disallowedTools: allDisallowedTools,
+    };
   } catch (error) {
     core.setFailed(`Create prompt failed with error: ${error}`);
     process.exit(1);

src/entrypoints/run.ts

@@ -0,0 +1,145 @@
+#!/usr/bin/env bun
+
+/**
+ * Unified entrypoint that combines prepare and run-claude steps
+ */
+
+import * as core from "@actions/core";
+import { setupGitHubToken } from "../github/token";
+import { checkWritePermissions } from "../github/validation/permissions";
+import { createOctokit } from "../github/api/client";
+import { parseGitHubContext, isEntityContext } from "../github/context";
+import { getMode, isValidMode, DEFAULT_MODE } from "../modes/registry";
+import type { ModeName } from "../modes/types";
+import { prepare } from "../prepare";
+import { runClaudeCore } from "../../base-action/src/run-claude-core";
+import { validateEnvironmentVariables } from "../../base-action/src/validate-env";
+import { setupClaudeCodeSettings } from "../../base-action/src/setup-claude-code-settings";
+
+async function run() {
+  try {
+    // Step 1: Get mode first to determine authentication method
+    const modeInput = process.env.MODE || DEFAULT_MODE;
+
+    // Validate mode input
+    if (!isValidMode(modeInput)) {
+      throw new Error(`Invalid mode: ${modeInput}`);
+    }
+    const validatedMode: ModeName = modeInput;
+
+    // Step 2: Setup GitHub token based on mode
+    let githubToken: string;
+    if (validatedMode === "experimental-review") {
+      // For experimental-review mode, use the default GitHub Action token
+      githubToken = process.env.DEFAULT_WORKFLOW_TOKEN || "";
+      if (!githubToken) {
+        throw new Error(
+          "DEFAULT_WORKFLOW_TOKEN not found for experimental-review mode",
+        );
+      }
+      console.log("Using default GitHub Action token for review mode");
+    } else {
+      // For other modes, use the existing token exchange
+      githubToken = await setupGitHubToken();
+    }
+    const octokit = createOctokit(githubToken);
+
+    // Step 3: Parse GitHub context (once for all operations)
+    const context = parseGitHubContext();
+
+    // Step 4: Check write permissions (only for entity contexts)
+    if (isEntityContext(context)) {
+      const hasWritePermissions = await checkWritePermissions(
+        octokit.rest,
+        context,
+      );
+      if (!hasWritePermissions) {
+        throw new Error(
+          "Actor does not have write permissions to the repository",
+        );
+      }
+    }
+
+    // Step 5: Get mode and check trigger conditions
+    const mode = getMode(validatedMode, context);
+    const containsTrigger = mode.shouldTrigger(context);
+
+    // Set output for action.yml to check (in case it's still needed)
+    core.setOutput("contains_trigger", containsTrigger.toString());
+
+    if (!containsTrigger) {
+      console.log("No trigger found, skipping remaining steps");
+      return;
+    }
+
+    // Step 6: Use the modular prepare function
+    const prepareResult = await prepare({
+      context,
+      octokit,
+      mode,
+      githubToken,
+    });
+
+    // Set critical outputs immediately after prepare completes
+    // This ensures they're available for cleanup even if Claude fails
+    core.setOutput("GITHUB_TOKEN", githubToken);
+    core.setOutput("mcp_config", prepareResult.mcpConfig);
+    if (prepareResult.branchInfo.claudeBranch) {
+      core.setOutput("branch_name", prepareResult.branchInfo.claudeBranch);
+      core.setOutput("CLAUDE_BRANCH", prepareResult.branchInfo.claudeBranch);
+    }
+    core.setOutput("BASE_BRANCH", prepareResult.branchInfo.baseBranch);
+    if (prepareResult.commentId) {
+      core.setOutput("claude_comment_id", prepareResult.commentId.toString());
+    }
+
+    // Step 7: The mode.prepare() call already created the prompt and set up tools
+    // We need to get the allowed/disallowed tools from environment variables
+    // TODO: Update Mode interface to return tools from prepare() instead of relying on env vars
+    const allowedTools = process.env.ALLOWED_TOOLS || "";
+    const disallowedTools = process.env.DISALLOWED_TOOLS || "";
+    const promptFile = `${process.env.RUNNER_TEMP}/claude-prompts/claude-prompt.txt`;
+
+    // Step 8: Validate environment and setup Claude settings
+    validateEnvironmentVariables();
+    await setupClaudeCodeSettings(process.env.SETTINGS);
+
+    // Step 9: Run Claude Code
+    console.log("Running Claude Code...");
+
+    // Build environment object to pass to Claude
+    const claudeEnvObject: Record<string, string> = {
+      GITHUB_TOKEN: githubToken,
+      NODE_VERSION: process.env.NODE_VERSION || "18.x",
+      DETAILED_PERMISSION_MESSAGES: "1",
+      CLAUDE_CODE_ACTION: "1",
+    };
+
+    await runClaudeCore({
+      promptFile,
+      settings: process.env.SETTINGS,
+      allowedTools,
+      disallowedTools,
+      maxTurns: process.env.MAX_TURNS,
+      mcpConfig: prepareResult.mcpConfig,
+      systemPrompt: "",
+      appendSystemPrompt: "",
+      claudeEnv: process.env.CLAUDE_ENV,
+      fallbackModel: process.env.FALLBACK_MODEL,
+      model: process.env.ANTHROPIC_MODEL || process.env.MODEL,
+      timeoutMinutes: process.env.TIMEOUT_MINUTES || "30",
+      env: claudeEnvObject,
+    });
+  } catch (error) {
+    const errorMessage = error instanceof Error ? error.message : String(error);
+    core.setFailed(`Action failed with error: ${errorMessage}`);
+    // Also output the clean error message for the action to capture
+    core.setOutput("prepare_error", errorMessage);
+    core.setOutput("conclusion", "failure");
+    process.exit(1);
+  }
+}
+
+if (import.meta.main) {
+  run();
+}

src/github/context.ts

@@ -77,7 +77,6 @@ type BaseContext = {
     useStickyComment: boolean;
     additionalPermissions: Map<string, string>;
     useCommitSigning: boolean;
-    allowedBots: string;
   };
 };
 
@@ -137,7 +136,6 @@ export function parseGitHubContext(): GitHubContext {
         process.env.ADDITIONAL_PERMISSIONS ?? "",
       ),
       useCommitSigning: process.env.USE_COMMIT_SIGNING === "true",
-      allowedBots: process.env.ALLOWED_BOTS ?? "",
     },
   };
 

src/github/token.ts

@@ -78,7 +78,7 @@ export async function setupGitHubToken(): Promise<string> {
     return appToken;
   } catch (error) {
     core.setFailed(
-      `Failed to setup GitHub token: ${error}\n\nIf you instead wish to use this action with a custom GitHub token or custom GitHub app, provide a \`github_token\` in the \`uses\` section of the app in your workflow yml file.`,
+      `Failed to setup GitHub token: ${error}.\n\nIf you instead wish to use this action with a custom GitHub token or custom GitHub app, provide a \`github_token\` in the \`uses\` section of the app in your workflow yml file.`,
     );
     process.exit(1);
   }

src/github/validation/actor.ts

@@ -21,42 +21,9 @@ export async function checkHumanActor(
 
   console.log(`Actor type: ${actorType}`);
 
-  // Check bot permissions if actor is not a User
   if (actorType !== "User") {
-    const allowedBots = githubContext.inputs.allowedBots;
-
-    // Check if all bots are allowed
-    if (allowedBots.trim() === "*") {
-      console.log(
-        `All bots are allowed, skipping human actor check for: ${githubContext.actor}`,
-      );
-      return;
-    }
-
-    // Parse allowed bots list
-    const allowedBotsList = allowedBots
-      .split(",")
-      .map((bot) =>
-        bot
-          .trim()
-          .toLowerCase()
-          .replace(/\[bot\]$/, ""),
-      )
-      .filter((bot) => bot.length > 0);
-
-    const botName = githubContext.actor.toLowerCase().replace(/\[bot\]$/, "");
-
-    // Check if specific bot is allowed
-    if (allowedBotsList.includes(botName)) {
-      console.log(
-        `Bot ${botName} is in allowed list, skipping human actor check`,
-      );
-      return;
-    }
-
-    // Bot not allowed
     throw new Error(
-      `Workflow initiated by non-human actor: ${botName} (type: ${actorType}). Add bot to allowed_bots list or use '*' to allow all bots.`,
+      `Workflow initiated by non-human actor: ${githubContext.actor} (type: ${actorType}).`,
     );
   }
 

src/github/validation/permissions.ts

@@ -17,12 +17,6 @@ export async function checkWritePermissions(
   try {
     core.info(`Checking permissions for actor: ${actor}`);
 
-    // Check if the actor is a GitHub App (bot user)
-    if (actor.endsWith("[bot]")) {
-      core.info(`Actor is a GitHub App: ${actor}`);
-      return true;
-    }
-
     // Check permissions directly using the permission endpoint
     const response = await octokit.repos.getCollaboratorPermissionLevel({
       owner: repository.owner,

src/mcp/github-inline-comment-server.ts

@@ -41,14 +41,12 @@ server.tool(
       ),
     line: z
       .number()
-      .nonnegative()
       .optional()
       .describe(
         "Line number for single-line comments (required if startLine is not provided)",
       ),
     startLine: z
       .number()
-      .nonnegative()
       .optional()
       .describe(
         "Start line for multi-line comments (use with line parameter for the end line)",

src/modes/agent/index.ts

@@ -80,8 +80,9 @@ export const agentMode: Mode = {
       ...context.inputs.disallowedTools,
     ];
 
-    core.exportVariable("ALLOWED_TOOLS", allowedTools.join(","));
-    core.exportVariable("DISALLOWED_TOOLS", disallowedTools.join(","));
+    // Export as INPUT_ prefixed variables for the base action
+    core.exportVariable("INPUT_ALLOWED_TOOLS", allowedTools.join(","));
+    core.exportVariable("INPUT_DISALLOWED_TOOLS", disallowedTools.join(","));
 
     // Agent mode uses a minimal MCP configuration
     // We don't need comment servers or PR-specific tools for automation

src/modes/review/index.ts

@@ -103,9 +103,6 @@ export const reviewMode: Mode = {
       ? formatBody(contextData.body, imageUrlMap)
       : "No description provided";
 
-    // Using a variable for code blocks to avoid escaping backticks in the template string
-    const codeBlock = "```";
-
     return `You are Claude, an AI assistant specialized in code reviews for GitHub pull requests. You are operating in REVIEW MODE, which means you should focus on providing thorough code review feedback using GitHub MCP tools for inline comments and suggestions.
 
 <formatted_context>
@@ -158,46 +155,17 @@ REVIEW MODE WORKFLOW:
    - This provides the full context and latest state of the code
    - Look at the changed_files section above to see which files were modified
 
-2. Create review comments using GitHub MCP tools:
-   - Use Bash(gh issue comment:*) for general PR-level comments
-   - Use mcp__github_inline_comment__create_inline_comment for line-specific feedback (strongly preferred)
+2. Add comments:
+   - use Bash(gh issue comment:*) to add top-level comments
+   - Use mcp__github_inline_comment__create_inline_comment to add inline comments (prefer this where possible)
+   - Parameters:
+     * path: The file path (e.g., "src/index.js")
+     * line: Line number for single-line comments
+     * startLine & line: For multi-line comments (startLine is the first line, line is the last)
+     * side: "LEFT" (old code) or "RIGHT" (new code)
+     * subjectType: "line" for line-level comments
+     * body: Your comment text
    
-3. When creating inline comments with suggestions:
-   CRITICAL: GitHub's suggestion blocks REPLACE the ENTIRE line range you select
-   - For single-line comments: Use 'line' parameter only
-   - For multi-line comments: Use both 'startLine' and 'line' parameters
-   - The 'body' parameter should contain your comment and/or suggestion block
-   
-   How to write code suggestions correctly:
-   a) To remove a line (e.g., removing console.log on line 22):
-      - Set line: 22
-      - Body: ${codeBlock}suggestion
-      ${codeBlock}
-      (Empty suggestion block removes the line)
-   
-   b) To modify a single line (e.g., fixing line 22):
-      - Set line: 22  
-      - Body: ${codeBlock}suggestion
-      await this.emailInput.fill(email);
-      ${codeBlock}
-   
-   c) To replace multiple lines (e.g., lines 21-23):
-      - Set startLine: 21, line: 23
-      - Body must include ALL lines being replaced:
-      ${codeBlock}suggestion
-      async typeEmail(email: string): Promise<void> {
-          await this.emailInput.fill(email);
-      }
-      ${codeBlock}
-   
-   COMMON MISTAKE TO AVOID:
-   Never duplicate code in suggestions. For example, DON'T do this:
-   ${codeBlock}suggestion
-   async typeEmail(email: string): Promise<void> {
-   async typeEmail(email: string): Promise<void> {  // WRONG: Duplicate signature!
-       await this.emailInput.fill(email);
-   }
-   ${codeBlock}
 
 REVIEW GUIDELINES:
 
@@ -211,11 +179,13 @@ REVIEW GUIDELINES:
 
 - Provide:
   * Specific, actionable feedback
-  * Code suggestions using the exact format described above
-  * Clear explanations of issues found
-  * Constructive criticism with solutions
+  * Code suggestions when possible (following GitHub's format exactly)
+  * Clear explanations of issues
+  * Constructive criticism
   * Recognition of good practices
-  * For complex changes: Create separate inline comments for each logical change
+  * For complex changes that require multiple modifications:
+    - Create separate comments for each logical change
+    - Or explain the full solution in text without a suggestion block
 
 - Communication:
   * All feedback goes through GitHub's review system
@@ -272,6 +242,7 @@ This ensures users get value from the review even before checking individual inl
       claudeBranch: branchInfo.claudeBranch,
     });
 
+    // TODO: Capture and return the allowed/disallowed tools from createPrompt
     await createPrompt(reviewMode, modeContext, githubData, context);
 
     // Export tool environment variables for review mode
@@ -297,8 +268,9 @@ This ensures users get value from the review even before checking individual inl
       ...context.inputs.disallowedTools,
     ];
 
-    core.exportVariable("ALLOWED_TOOLS", allowedTools.join(","));
-    core.exportVariable("DISALLOWED_TOOLS", disallowedTools.join(","));
+    // Export as INPUT_ prefixed variables for the base action
+    core.exportVariable("INPUT_ALLOWED_TOOLS", allowedTools.join(","));
+    core.exportVariable("INPUT_DISALLOWED_TOOLS", disallowedTools.join(","));
 
     const additionalMcpConfig = process.env.MCP_CONFIG || "";
     const mcpConfig = await prepareMcpConfig({

src/modes/tag/index.ts

@@ -98,6 +98,7 @@ export const tagMode: Mode = {
       claudeBranch: branchInfo.claudeBranch,
     });
 
+    // TODO: Capture and return the allowed/disallowed tools from createPrompt
     await createPrompt(tagMode, modeContext, githubData, context);
 
     // Get MCP configuration

src/prepare/types.ts

@@ -10,6 +10,7 @@ export type PrepareResult = {
     currentBranch: string;
   };
   mcpConfig: string;
+  // TODO: Add allowedTools and disallowedTools here once modes are updated
 };
 
 export type PrepareOptions = {

test/actor.test.ts

@@ -1,96 +0,0 @@
-#!/usr/bin/env bun
-
-import { describe, test, expect } from "bun:test";
-import { checkHumanActor } from "../src/github/validation/actor";
-import type { Octokit } from "@octokit/rest";
-import { createMockContext } from "./mockContext";
-
-function createMockOctokit(userType: string): Octokit {
-  return {
-    users: {
-      getByUsername: async () => ({
-        data: {
-          type: userType,
-        },
-      }),
-    },
-  } as unknown as Octokit;
-}
-
-describe("checkHumanActor", () => {
-  test("should pass for human actor", async () => {
-    const mockOctokit = createMockOctokit("User");
-    const context = createMockContext();
-    context.actor = "human-user";
-
-    await expect(
-      checkHumanActor(mockOctokit, context),
-    ).resolves.toBeUndefined();
-  });
-
-  test("should throw error for bot actor when not allowed", async () => {
-    const mockOctokit = createMockOctokit("Bot");
-    const context = createMockContext();
-    context.actor = "test-bot[bot]";
-    context.inputs.allowedBots = "";
-
-    await expect(checkHumanActor(mockOctokit, context)).rejects.toThrow(
-      "Workflow initiated by non-human actor: test-bot (type: Bot). Add bot to allowed_bots list or use '*' to allow all bots.",
-    );
-  });
-
-  test("should pass for bot actor when all bots allowed", async () => {
-    const mockOctokit = createMockOctokit("Bot");
-    const context = createMockContext();
-    context.actor = "test-bot[bot]";
-    context.inputs.allowedBots = "*";
-
-    await expect(
-      checkHumanActor(mockOctokit, context),
-    ).resolves.toBeUndefined();
-  });
-
-  test("should pass for specific bot when in allowed list", async () => {
-    const mockOctokit = createMockOctokit("Bot");
-    const context = createMockContext();
-    context.actor = "dependabot[bot]";
-    context.inputs.allowedBots = "dependabot[bot],renovate[bot]";
-
-    await expect(
-      checkHumanActor(mockOctokit, context),
-    ).resolves.toBeUndefined();
-  });
-
-  test("should pass for specific bot when in allowed list (without [bot])", async () => {
-    const mockOctokit = createMockOctokit("Bot");
-    const context = createMockContext();
-    context.actor = "dependabot[bot]";
-    context.inputs.allowedBots = "dependabot,renovate";
-
-    await expect(
-      checkHumanActor(mockOctokit, context),
-    ).resolves.toBeUndefined();
-  });
-
-  test("should throw error for bot not in allowed list", async () => {
-    const mockOctokit = createMockOctokit("Bot");
-    const context = createMockContext();
-    context.actor = "other-bot[bot]";
-    context.inputs.allowedBots = "dependabot[bot],renovate[bot]";
-
-    await expect(checkHumanActor(mockOctokit, context)).rejects.toThrow(
-      "Workflow initiated by non-human actor: other-bot (type: Bot). Add bot to allowed_bots list or use '*' to allow all bots.",
-    );
-  });
-
-  test("should throw error for bot not in allowed list (without [bot])", async () => {
-    const mockOctokit = createMockOctokit("Bot");
-    const context = createMockContext();
-    context.actor = "other-bot[bot]";
-    context.inputs.allowedBots = "dependabot,renovate";
-
-    await expect(checkHumanActor(mockOctokit, context)).rejects.toThrow(
-      "Workflow initiated by non-human actor: other-bot (type: Bot). Add bot to allowed_bots list or use '*' to allow all bots.",
-    );
-  });
-});

test/install-mcp-server.test.ts

@@ -37,7 +37,6 @@ describe("prepareMcpConfig", () => {
       useStickyComment: false,
       additionalPermissions: new Map(),
       useCommitSigning: false,
-      allowedBots: "",
     },
   };
 

test/mockContext.ts

@@ -28,7 +28,6 @@ const defaultInputs = {
   useStickyComment: false,
   additionalPermissions: new Map<string, string>(),
   useCommitSigning: false,
-  allowedBots: "",
 };
 
 const defaultRepository = {

test/modes/agent.test.ts

@@ -1,29 +1,15 @@
-import { describe, test, expect, beforeEach, afterEach, spyOn } from "bun:test";
+import { describe, test, expect, beforeEach } from "bun:test";
 import { agentMode } from "../../src/modes/agent";
 import type { GitHubContext } from "../../src/github/context";
 import { createMockContext, createMockAutomationContext } from "../mockContext";
-import * as core from "@actions/core";
 
 describe("Agent Mode", () => {
   let mockContext: GitHubContext;
-  let exportVariableSpy: any;
-  let setOutputSpy: any;
 
   beforeEach(() => {
     mockContext = createMockAutomationContext({
       eventName: "workflow_dispatch",
     });
-    exportVariableSpy = spyOn(core, "exportVariable").mockImplementation(
-      () => {},
-    );
-    setOutputSpy = spyOn(core, "setOutput").mockImplementation(() => {});
-  });
-
-  afterEach(() => {
-    exportVariableSpy?.mockClear();
-    setOutputSpy?.mockClear();
-    exportVariableSpy?.mockRestore();
-    setOutputSpy?.mockRestore();
   });
 
   test("agent mode has correct properties", () => {
@@ -70,67 +56,4 @@ describe("Agent Mode", () => {
       expect(agentMode.shouldTrigger(context)).toBe(false);
     });
   });
-
-  test("prepare method sets up tools environment variables correctly", async () => {
-    // Clear any previous calls before this test
-    exportVariableSpy.mockClear();
-    setOutputSpy.mockClear();
-
-    const contextWithCustomTools = createMockAutomationContext({
-      eventName: "workflow_dispatch",
-    });
-    contextWithCustomTools.inputs.allowedTools = ["CustomTool1", "CustomTool2"];
-    contextWithCustomTools.inputs.disallowedTools = ["BadTool"];
-
-    const mockOctokit = {} as any;
-    const result = await agentMode.prepare({
-      context: contextWithCustomTools,
-      octokit: mockOctokit,
-      githubToken: "test-token",
-    });
-
-    // Verify that both ALLOWED_TOOLS and DISALLOWED_TOOLS are set
-    expect(exportVariableSpy).toHaveBeenCalledWith(
-      "ALLOWED_TOOLS",
-      "Edit,MultiEdit,Glob,Grep,LS,Read,Write,CustomTool1,CustomTool2",
-    );
-    expect(exportVariableSpy).toHaveBeenCalledWith(
-      "DISALLOWED_TOOLS",
-      "WebSearch,WebFetch,BadTool",
-    );
-
-    // Verify MCP config is set
-    expect(setOutputSpy).toHaveBeenCalledWith("mcp_config", expect.any(String));
-
-    // Verify return structure
-    expect(result).toEqual({
-      commentId: undefined,
-      branchInfo: {
-        baseBranch: "",
-        currentBranch: "",
-        claudeBranch: undefined,
-      },
-      mcpConfig: expect.any(String),
-    });
-  });
-
-  test("prepare method creates prompt file with correct content", async () => {
-    const contextWithPrompts = createMockAutomationContext({
-      eventName: "workflow_dispatch",
-    });
-    contextWithPrompts.inputs.overridePrompt = "Custom override prompt";
-    contextWithPrompts.inputs.directPrompt =
-      "Direct prompt (should be ignored)";
-
-    const mockOctokit = {} as any;
-    await agentMode.prepare({
-      context: contextWithPrompts,
-      octokit: mockOctokit,
-      githubToken: "test-token",
-    });
-
-    // Note: We can't easily test file creation in this unit test,
-    // but we can verify the method completes without errors
-    expect(setOutputSpy).toHaveBeenCalledWith("mcp_config", expect.any(String));
-  });
 });

test/permissions.test.ts

@@ -73,7 +73,6 @@ describe("checkWritePermissions", () => {
       useStickyComment: false,
       additionalPermissions: new Map(),
       useCommitSigning: false,
-      allowedBots: "",
     },
   });
 
@@ -127,16 +126,6 @@ describe("checkWritePermissions", () => {
     );
   });
 
-  test("should return true for bot user", async () => {
-    const mockOctokit = createMockOctokit("none");
-    const context = createContext();
-    context.actor = "test-bot[bot]";
-
-    const result = await checkWritePermissions(mockOctokit, context);
-
-    expect(result).toBe(true);
-  });
-
   test("should throw error when permission check fails", async () => {
     const error = new Error("API error");
     const mockOctokit = {

test/trigger-validation.test.ts

@@ -41,7 +41,6 @@ describe("checkContainsTrigger", () => {
           useStickyComment: false,
           additionalPermissions: new Map(),
           useCommitSigning: false,
-          allowedBots: "",
         },
       });
       expect(checkContainsTrigger(context)).toBe(true);
@@ -75,7 +74,6 @@ describe("checkContainsTrigger", () => {
           useStickyComment: false,
           additionalPermissions: new Map(),
           useCommitSigning: false,
-          allowedBots: "",
         },
       });
       expect(checkContainsTrigger(context)).toBe(false);
@@ -293,7 +291,6 @@ describe("checkContainsTrigger", () => {
           useStickyComment: false,
           additionalPermissions: new Map(),
           useCommitSigning: false,
-          allowedBots: "",
         },
       });
       expect(checkContainsTrigger(context)).toBe(true);
@@ -328,7 +325,6 @@ describe("checkContainsTrigger", () => {
           useStickyComment: false,
           additionalPermissions: new Map(),
           useCommitSigning: false,
-          allowedBots: "",
         },
       });
       expect(checkContainsTrigger(context)).toBe(true);
@@ -363,7 +359,6 @@ describe("checkContainsTrigger", () => {
           useStickyComment: false,
           additionalPermissions: new Map(),
           useCommitSigning: false,
-          allowedBots: "",
         },
       });
       expect(checkContainsTrigger(context)).toBe(false);