d5fbc80b71
Pass MCP config and allowed tools through claude_args to ensure tools like mcp__github_comment__update_claude_comment are properly available to Claude CLI. Key changes: - Tag mode outputs claude_args with MCP config (as JSON string) and allowed tools - Fixed shell escaping vulnerability when JSON contains single quotes - Agent mode passes through user-provided claude_args unchanged - Re-added mcp_config input for users to provide custom MCP servers - Cleaned up misleading comments and unused file operations - Clarified test workflow is for fork testing Security fix: Properly escape single quotes in MCP config JSON to prevent shell injection vulnerabilities. Co-Authored-By: Claude <noreply@anthropic.com>
Claude Code Action
A general-purpose Claude Code action for GitHub PRs and issues that can answer questions and implement code changes. This action listens for a trigger phrase in comments and activates Claude act on the request. It supports multiple authentication methods including Anthropic direct API, Amazon Bedrock, and Google Vertex AI.
Features
- 🤖 Interactive Code Assistant: Claude can answer questions about code, architecture, and programming
- 🔍 Code Review: Analyzes PR changes and suggests improvements
- ✨ Code Implementation: Can implement simple fixes, refactoring, and even new features
- 💬 PR/Issue Integration: Works seamlessly with GitHub comments and PR reviews
- 🛠️ Flexible Tool Access: Access to GitHub APIs and file operations (additional tools can be enabled via configuration)
- 📋 Progress Tracking: Visual progress indicators with checkboxes that dynamically update as Claude completes tasks
- 🏃 Runs on Your Infrastructure: The action executes entirely on your own GitHub runner (Anthropic API calls go to your chosen provider)
Quickstart
The easiest way to set up this action is through Claude Code in the terminal. Just open claude and run /install-github-app.
This command will guide you through setting up the GitHub app and required secrets.
Note:
- You must be a repository admin to install the GitHub app and add secrets
- This quickstart method is only available for direct Anthropic API users. For AWS Bedrock or Google Vertex AI setup, see docs/cloud-providers.md.
Documentation
- Setup Guide - Manual setup, custom GitHub apps, and security best practices
- Usage Guide - Basic usage, workflow configuration, and input parameters
- Custom Automations - Examples of automated workflows and custom prompts
- Configuration - MCP servers, permissions, environment variables, and advanced settings
- Experimental Features - Execution modes and network restrictions
- Cloud Providers - AWS Bedrock and Google Vertex AI setup
- Capabilities & Limitations - What Claude can and cannot do
- Security - Access control, permissions, and commit signing
- FAQ - Common questions and troubleshooting
📚 FAQ
Having issues or questions? Check out our Frequently Asked Questions for solutions to common problems and detailed explanations of Claude's capabilities and limitations.
License
This project is licensed under the MIT License—see the LICENSE file for details.