From 0a38fbfb1b7bda2402c37401961846b4e1079dfa Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Wed, 13 May 2026 12:34:41 +0200 Subject: [PATCH 1/3] Make android reviewer skill offline-only Move GitHub publishing responsibility to the agentic workflow so local skill invocations only prepare findings while the /review workflow posts comments through safe outputs. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/aw/actions-lock.json | 15 ++++++ .github/skills/android-reviewer/SKILL.md | 32 ++++++++++-- .github/workflows/android-reviewer.lock.yml | 57 ++++++++++++++++----- .github/workflows/android-reviewer.md | 10 +++- 4 files changed, 93 insertions(+), 21 deletions(-) diff --git a/.github/aw/actions-lock.json b/.github/aw/actions-lock.json index 73df5e9d5f2..4fc6b9e763f 100644 --- a/.github/aw/actions-lock.json +++ b/.github/aw/actions-lock.json @@ -1,10 +1,25 @@ { "entries": { + "actions/checkout@v6.0.2": { + "repo": "actions/checkout", + "version": "v6.0.2", + "sha": "de0fac2e4500dabe0009e67214ff5f5447ce83dd" + }, + "actions/download-artifact@v8.0.1": { + "repo": "actions/download-artifact", + "version": "v8.0.1", + "sha": "3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c" + }, "actions/github-script@v9": { "repo": "actions/github-script", "version": "v9", "sha": "373c709c69115d41ff229c7e5df9f8788daa9553" }, + "actions/upload-artifact@v7.0.1": { + "repo": "actions/upload-artifact", + "version": "v7.0.1", + "sha": "043fb46d1a93c77aae656e7c1c64a875d1fc6a0a" + }, "github/gh-aw-actions/setup@v0.68.3": { "repo": "github/gh-aw-actions/setup", "version": "v0.68.3", diff --git a/.github/skills/android-reviewer/SKILL.md b/.github/skills/android-reviewer/SKILL.md index f56ab482738..481498e2e31 100644 --- a/.github/skills/android-reviewer/SKILL.md +++ b/.github/skills/android-reviewer/SKILL.md @@ -10,6 +10,8 @@ description: >- Review PRs against guidelines distilled from past reviews by senior maintainers of dotnet/android. +This skill is **offline-only**. It analyzes pull requests and prepares review findings, but it must not post GitHub comments, submit pull request reviews, or call write-capable GitHub tools directly. If an agentic workflow invokes this skill, the workflow is responsible for publishing the prepared findings through its configured safe-output tools. + ## Review Mindset Be polite but skeptical. Prioritize bugs, performance regressions, safety issues, and pattern violations over style nitpicks. **3 important comments > 15 nitpicks.** @@ -101,16 +103,36 @@ Constraints: - **Don't flag what CI catches.** Skip compiler errors, formatting the linter will catch, etc. - **Avoid false positives.** Verify the concern actually applies given the full context. If unsure, phrase it as a question rather than a firm claim. -### 7. Post the review +### 7. Prepare the review output -Post your findings directly: +Prepare findings for the caller to publish or inspect: -- **Inline comments** on specific lines of the diff with the severity, category, and explanation. +- **Inline findings** for specific lines of the diff with the severity, category, and explanation. - **Review summary** with the overall verdict (✅ LGTM, ⚠️ Needs Changes, or ❌ Reject), issue counts by severity, and positive callouts. -If no issues found **and CI is green**, submit with at most one or two 💡 suggestions and a positive summary. Truly trivial PRs (dependency bumps, 1-line typo fixes) may have no inline comments. +If no issues are found **and CI is green**, include at most one or two 💡 suggestions and a positive summary. Truly trivial PRs (dependency bumps, 1-line typo fixes) may have no inline findings. + +Return output in this shape so callers can either display it locally or publish it through their own mechanisms: + +```json +{ + "verdict": "LGTM | Needs Changes | Reject", + "summary": "Overall review summary with issue counts and positive callouts.", + "copilot_pr_summary_prefix_required": false, + "findings": [ + { + "path": "src/Example.cs", + "line": 42, + "side": "RIGHT", + "severity": "error | warning | suggestion", + "category": "Correctness", + "body": "🤖 ⚠️ **Correctness** — Explain the issue and what to do instead.\n\n_{Rule: Brief name (Postmortem `#N`)}_" + } + ] +} +``` -**Copilot-authored PRs:** If the PR author is `Copilot` (the GitHub Copilot coding agent) and the verdict is ⚠️ Needs Changes or ❌ Reject, prefix the review summary with `@copilot ` so the comment automatically triggers Copilot to address the feedback. Do NOT add the prefix for ✅ LGTM verdicts. +**Copilot-authored PRs:** If the PR author is `Copilot` (the GitHub Copilot coding agent) and the verdict is ⚠️ Needs Changes or ❌ Reject, set `copilot_pr_summary_prefix_required` to `true` so a publishing workflow can prefix the review summary with `@copilot `. Do NOT request that prefix for ✅ LGTM verdicts. ## Comment format diff --git a/.github/workflows/android-reviewer.lock.yml b/.github/workflows/android-reviewer.lock.yml index 991a336331c..9804faf632a 100644 --- a/.github/workflows/android-reviewer.lock.yml +++ b/.github/workflows/android-reviewer.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"3e10bbb78641f6b19ba032ce6936a3be58d632fd0fd1a6d225d41997e5ca967d","compiler_version":"v0.68.3","strict":true,"agent_id":"copilot","agent_model":"claude-opus-4.6"} +# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"185dd136cfdc881d97577d676c7c08b06d6adca319d9a82bfc8619c13fdcfc63","compiler_version":"v0.68.3","strict":true,"agent_id":"copilot","agent_model":"claude-opus-4.6"} # gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"373c709c69115d41ff229c7e5df9f8788daa9553","version":"v9"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"github/gh-aw-actions/setup","sha":"ba90f2186d7ad780ec640f364005fa24e797b360","version":"v0.68.3"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.20"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.20"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.20"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.2.19"},{"image":"ghcr.io/github/github-mcp-server:v0.32.0"},{"image":"node:lts-alpine"}]} # ___ _ _ # / _ \ | | (_) @@ -207,16 +207,16 @@ jobs: run: | bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh" { - cat << 'GH_AW_PROMPT_f31a5b44ece7243e_EOF' + cat << 'GH_AW_PROMPT_41bd3738fcd7a0c6_EOF' - GH_AW_PROMPT_f31a5b44ece7243e_EOF + GH_AW_PROMPT_41bd3738fcd7a0c6_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_f31a5b44ece7243e_EOF' + cat << 'GH_AW_PROMPT_41bd3738fcd7a0c6_EOF' - Tools: create_pull_request_review_comment(max:50), submit_pull_request_review, missing_tool, missing_data, noop + Tools: add_comment, create_pull_request_review_comment(max:50), submit_pull_request_review, missing_tool, missing_data, noop The following GitHub context information is available for this workflow: @@ -246,15 +246,15 @@ jobs: {{/if}} - GH_AW_PROMPT_f31a5b44ece7243e_EOF + GH_AW_PROMPT_41bd3738fcd7a0c6_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md" if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md" fi - cat << 'GH_AW_PROMPT_f31a5b44ece7243e_EOF' + cat << 'GH_AW_PROMPT_41bd3738fcd7a0c6_EOF' {{#runtime-import .github/workflows/android-reviewer.md}} - GH_AW_PROMPT_f31a5b44ece7243e_EOF + GH_AW_PROMPT_41bd3738fcd7a0c6_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@373c709c69115d41ff229c7e5df9f8788daa9553 # v9 @@ -425,14 +425,15 @@ jobs: mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs" mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_fe978e84b25bd06b_EOF' - {"create_pull_request_review_comment":{"max":50,"side":"RIGHT"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{},"submit_pull_request_review":{"allowed_events":["COMMENT","REQUEST_CHANGES"],"max":1}} - GH_AW_SAFE_OUTPUTS_CONFIG_fe978e84b25bd06b_EOF + cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_b0bae31ac7a6abc6_EOF' + {"add_comment":{"max":1},"create_pull_request_review_comment":{"max":50,"side":"RIGHT"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{},"submit_pull_request_review":{"allowed_events":["COMMENT","REQUEST_CHANGES"],"max":1}} + GH_AW_SAFE_OUTPUTS_CONFIG_b0bae31ac7a6abc6_EOF - name: Write Safe Outputs Tools env: GH_AW_TOOLS_META_JSON: | { "description_suffixes": { + "add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added. Supports reply_to_id for discussion threading.", "create_pull_request_review_comment": " CONSTRAINTS: Maximum 50 review comment(s) can be created. Comments will be on the RIGHT side of the diff.", "submit_pull_request_review": " CONSTRAINTS: Maximum 1 review(s) can be submitted." }, @@ -441,6 +442,28 @@ jobs: } GH_AW_VALIDATION_JSON: | { + "add_comment": { + "defaultMax": 1, + "fields": { + "body": { + "required": true, + "type": "string", + "sanitize": true, + "maxLength": 65000 + }, + "item_number": { + "issueOrPRNumber": true + }, + "reply_to_id": { + "type": "string", + "maxLength": 256 + }, + "repo": { + "type": "string", + "maxLength": 256 + } + } + }, "create_pull_request_review_comment": { "defaultMax": 1, "fields": { @@ -643,7 +666,7 @@ jobs: export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.19' mkdir -p /home/runner/.copilot - cat << GH_AW_MCP_CONFIG_74c2abb4758e4c28_EOF | bash "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh" + cat << GH_AW_MCP_CONFIG_6e54ab443270d453_EOF | bash "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh" { "mcpServers": { "github": { @@ -687,7 +710,7 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_74c2abb4758e4c28_EOF + GH_AW_MCP_CONFIG_6e54ab443270d453_EOF - name: Download activation artifact uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: @@ -890,6 +913,8 @@ jobs: runs-on: ubuntu-slim permissions: contents: read + discussions: write + issues: write pull-requests: write concurrency: group: "gh-aw-conclusion-android-reviewer" @@ -1235,6 +1260,8 @@ jobs: runs-on: ubuntu-slim permissions: contents: read + discussions: write + issues: write pull-requests: write timeout-minutes: 15 env: @@ -1249,6 +1276,8 @@ jobs: outputs: code_push_failure_count: ${{ steps.process_safe_outputs.outputs.code_push_failure_count }} code_push_failure_errors: ${{ steps.process_safe_outputs.outputs.code_push_failure_errors }} + comment_id: ${{ steps.process_safe_outputs.outputs.comment_id }} + comment_url: ${{ steps.process_safe_outputs.outputs.comment_url }} create_discussion_error_count: ${{ steps.process_safe_outputs.outputs.create_discussion_error_count }} create_discussion_errors: ${{ steps.process_safe_outputs.outputs.create_discussion_errors }} process_safe_outputs_processed_count: ${{ steps.process_safe_outputs.outputs.processed_count }} @@ -1292,7 +1321,7 @@ jobs: GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.google.com,*.googleapis.com,*.gradle-enterprise.cloud,*.gvt1.com,*.vsblob.vsassets.io,adoptium.net,aka.ms,api.adoptium.net,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.foojay.io,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.nuget.org,api.snapcraft.io,archive.apache.org,archive.ubuntu.com,azure.archive.ubuntu.com,azuresearch-usnc.nuget.org,azuresearch-ussc.nuget.org,builds.dotnet.microsoft.com,cdn.azul.com,central.sonatype.com,ci.dot.net,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,dc.services.visualstudio.com,dev.azure.com,develocity.apache.org,dist.nuget.org,dl.google.com,dlcdn.apache.org,docs.github.com,dot.net,dotnet.microsoft.com,dotnetcli.blob.core.windows.net,download.eclipse.org,download.java.net,download.oracle.com,downloads.gradle-dn.com,ge.spockframework.org,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,gradle.org,gstatic.com,host.docker.internal,httpbin.org,jcenter.bintray.com,jdk.java.net,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,maven-central.storage-download.googleapis.com,maven.apache.org,maven.google.com,maven.oracle.com,maven.pkg.github.com,microsoft.com,nuget.org,nuget.pkg.github.com,nugetregistryv2prod.blob.core.windows.net,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,oneocsp.microsoft.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,pkgs.dev.azure.com,plugins-artifacts.gradle.org,plugins.gradle.org,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,repo.gradle.org,repo.grails.org,repo.maven.apache.org,repo.spring.io,repo1.maven.org,repository.apache.org,s.symcb.com,s.symcd.com,scans-in.gradle.com,security.ubuntu.com,services.gradle.org,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,vsassets.io,www.googleapis.com,www.java.com,www.microsoft.com" GITHUB_SERVER_URL: ${{ github.server_url }} GITHUB_API_URL: ${{ github.api_url }} - GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_pull_request_review_comment\":{\"max\":50,\"side\":\"RIGHT\"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{},\"submit_pull_request_review\":{\"allowed_events\":[\"COMMENT\",\"REQUEST_CHANGES\"],\"max\":1}}" + GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"add_comment\":{\"max\":1},\"create_pull_request_review_comment\":{\"max\":50,\"side\":\"RIGHT\"},\"create_report_incomplete_issue\":{},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"},\"report_incomplete\":{},\"submit_pull_request_review\":{\"allowed_events\":[\"COMMENT\",\"REQUEST_CHANGES\"],\"max\":1}}" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/android-reviewer.md b/.github/workflows/android-reviewer.md index b5e5eaae11d..505e487a9e2 100644 --- a/.github/workflows/android-reviewer.md +++ b/.github/workflows/android-reviewer.md @@ -30,6 +30,8 @@ tools: # The /review command is gated to maintainers, so only trusted users can trigger it. min-integrity: none safe-outputs: + add-comment: + max: 1 create-pull-request-review-comment: max: 50 submit-pull-request-review: @@ -43,7 +45,7 @@ A maintainer commented `/review` on this pull request. Perform a thorough code r ## Instructions -1. Read the review methodology from `.github/skills/android-reviewer/SKILL.md` — this defines the review workflow, mindset, severity levels, comment format, and which rule files to load based on changed file types. +1. Read the review methodology from `.github/skills/android-reviewer/SKILL.md` — this defines the offline review workflow, mindset, severity levels, comment format, and which rule files to load based on changed file types. The skill prepares findings only; this agentic workflow is responsible for publishing them. 2. Follow the skill's workflow to analyze the pull request: - Gather context: read the diff and changed files - For each changed file, read the **full source file** to understand surrounding context @@ -51,7 +53,10 @@ A maintainer commented `/review` on this pull request. Perform a thorough code r - Read the PR title and description — treat claims as things to verify - Check CI status - Analyze the diff against the review rules -3. Post your findings as inline review comments and a review summary. +3. Publish the prepared findings through safe-output tools: + - Use `add_comment` once to post a PR conversation comment stating that the `/review` run completed and summarizing the verdict. + - Use `create_pull_request_review_comment` for each inline finding. + - Use `submit_pull_request_review` once with the overall review summary. Use `COMMENT` for clean or informational reviews and `REQUEST_CHANGES` when blocking issues are found. ## Constraints @@ -62,3 +67,4 @@ A maintainer commented `/review` on this pull request. Perform a thorough code r - Avoid false positives — verify concerns given the full file context. - **Never submit an APPROVE event.** Use COMMENT for clean PRs and REQUEST_CHANGES when issues are found. - Prioritize: bugs > safety > performance > missing tests > duplication > consistency > documentation. +- Do not use direct GitHub write APIs or write-capable MCP tools. Publish only through the configured safe-output tools. From 1135e3f9e8fe97d44586ab8ed9efc18706ba04cc Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Wed, 13 May 2026 13:17:11 +0200 Subject: [PATCH 2/3] Clarify review workflow status comment Keep the PR conversation comment terse so the submitted review remains the single detailed verdict summary. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/workflows/android-reviewer.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/android-reviewer.md b/.github/workflows/android-reviewer.md index 505e487a9e2..6b2cf3e04db 100644 --- a/.github/workflows/android-reviewer.md +++ b/.github/workflows/android-reviewer.md @@ -54,7 +54,7 @@ A maintainer commented `/review` on this pull request. Perform a thorough code r - Check CI status - Analyze the diff against the review rules 3. Publish the prepared findings through safe-output tools: - - Use `add_comment` once to post a PR conversation comment stating that the `/review` run completed and summarizing the verdict. + - Use `add_comment` once to post a terse PR conversation comment stating that the `/review` run completed and that detailed findings are in the submitted review. - Use `create_pull_request_review_comment` for each inline finding. - Use `submit_pull_request_review` once with the overall review summary. Use `COMMENT` for clean or informational reviews and `REQUEST_CHANGES` when blocking issues are found. From 4f072e6455de8c59ef6fc697b59b6883be85e8ac Mon Sep 17 00:00:00 2001 From: Simon Rozsival Date: Wed, 13 May 2026 13:33:00 +0200 Subject: [PATCH 3/3] Format interactive reviewer skill output as Markdown Keep structured JSON available for automation while making CLI/chat invocations readable by default. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/skills/android-reviewer/SKILL.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/.github/skills/android-reviewer/SKILL.md b/.github/skills/android-reviewer/SKILL.md index 481498e2e31..731083e5468 100644 --- a/.github/skills/android-reviewer/SKILL.md +++ b/.github/skills/android-reviewer/SKILL.md @@ -112,7 +112,18 @@ Prepare findings for the caller to publish or inspect: If no issues are found **and CI is green**, include at most one or two 💡 suggestions and a positive summary. Truly trivial PRs (dependency bumps, 1-line typo fixes) may have no inline findings. -Return output in this shape so callers can either display it locally or publish it through their own mechanisms: +For interactive CLI/chat use, present the review in readable Markdown: + +```markdown +**Verdict:** ⚠️ Needs Changes + +Brief summary of the review, including issue counts, positive callouts, and CI status. + +**Findings:** +- `path/to/file.cs:42` — 🤖 ⚠️ **Category** — Explain the issue and what to do instead. +``` + +If an agentic workflow or other automation needs machine-readable output, return the same information in this shape so the caller can publish it through its configured mechanisms: ```json {