Add Australian programming joke to README

Added a light-hearted programming joke with an Australian twist to the README, referencing both coding bugs and drop bears for some local flavor. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
chore: bump Claude Code version to 2.0.9
2026-01-23 06:54:13 +08:00 · 2025-10-06 22:27:45 +00:00 · 2025-10-06 21:57:24 +00:00 · 2025-10-06 09:51:50 -07:00 · 2025-10-04 23:17:33 +00:00 · 2025-10-02 19:29:43 +00:00
4 changed files with 8 additions and 2 deletions
--- a/README.md
+++ b/README.md
@@ -2,6 +2,8 @@

 # Claude Code Action

+> *Why do Aussie programmers prefer dark mode? Because the light brings in drop bears and bugs, mate!* 🐨🐛
+
 A general-purpose [Claude Code](https://claude.ai/code) action for GitHub PRs and issues that can answer questions and implement code changes. This action intelligently detects when to activate based on your workflow context—whether responding to @claude mentions, issue assignments, or executing automation tasks with explicit prompts. It supports multiple authentication methods including Anthropic direct API, Amazon Bedrock, and Google Vertex AI.

 ## Features
--- a/action.yml
+++ b/action.yml
@@ -177,7 +177,7 @@ runs:
        # Install Claude Code if no custom executable is provided
        if [ -z "${{ inputs.path_to_claude_code_executable }}" ]; then
          echo "Installing Claude Code..."
-          curl -fsSL https://claude.ai/install.sh | bash -s 2.0.2
+          curl -fsSL https://claude.ai/install.sh | bash -s 2.0.9
          echo "$HOME/.local/bin" >> "$GITHUB_PATH"
        else
          echo "Using custom Claude Code executable: ${{ inputs.path_to_claude_code_executable }}"
--- a/base-action/action.yml
+++ b/base-action/action.yml
@@ -99,7 +99,7 @@ runs:
      run: |
        if [ -z "${{ inputs.path_to_claude_code_executable }}" ]; then
          echo "Installing Claude Code..."
-          curl -fsSL https://claude.ai/install.sh | bash -s 2.0.2
+          curl -fsSL https://claude.ai/install.sh | bash -s 2.0.9
        else
          echo "Using custom Claude Code executable: ${{ inputs.path_to_claude_code_executable }}"
          # Add the directory containing the custom executable to PATH
--- a/docs/security.md
+++ b/docs/security.md
@@ -13,6 +13,10 @@
 - **No Cross-Repository Access**: Each action invocation is limited to the repository where it was triggered
 - **Limited Scope**: The token cannot access other repositories or perform actions beyond the configured permissions

+## ⚠️ Prompt Injection Risks
+
+**Beware of potential hidden markdown when tagging Claude on untrusted content.** External contributors may include hidden instructions through HTML comments, invisible characters, hidden attributes, or other techniques. The action sanitizes content by stripping HTML comments, invisible characters, markdown image alt text, hidden HTML attributes, and HTML entities, but new bypass techniques may emerge. We recommend reviewing the raw content of all input coming from external contributors before allowing Claude to process it.
+
 ## GitHub App Permissions

 The [Claude Code GitHub app](https://github.com/apps/claude) requires these permissions:
Author	SHA1	Message	Date
Claude	9e388ead50	Add Australian programming joke to README Added a light-hearted programming joke with an Australian twist to the README, referencing both coding bugs and drop bears for some local flavor. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-06 22:27:45 +00:00
GitHub Actions	ac1a3207f3	chore: bump Claude Code version to 2.0.9	2025-10-06 21:57:24 +00:00
Ashwin Bhat	521d069da7	docs: add prompt injection security note (#604 ) * docs: add prompt injection security note Add warning about potential hidden markdown in untrusted content from external contributors. Documents existing sanitization measures while acknowledging new bypass techniques may emerge. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Update docs/security.md Co-authored-by: David Dworken <dworken@anthropic.com> * format --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: David Dworken <dworken@anthropic.com>	2025-10-06 09:51:50 -07:00
GitHub Actions	7e4b782d5f	chore: bump Claude Code version to 2.0.8	2025-10-04 23:17:33 +00:00
GitHub Actions	4fb0ef3be0	chore: bump Claude Code version to 2.0.5	2025-10-02 19:29:43 +00:00
GitHub Actions	14ac8aa20e	chore: bump Claude Code version to 2.0.1	2025-10-01 02:30:10 +00:00