From 05e111aa42fce08a70b0b69abae7c014896a6088 Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Sat, 11 Apr 2026 18:06:40 +0200
Subject: [PATCH] github: prevent Claude from making commits during PR review

The workflow already uses contents: read which prevents GitHub from
accepting any push. The --disallowedTools setting adds a second layer
by stopping Claude from even attempting git write operations.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Link: https://github.com/openwrt/openwrt/pull/22897
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
---
 .github/workflows/claude-code-review.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml
index 3d7957420ab..6115d33428e 100644
--- a/.github/workflows/claude-code-review.yml
+++ b/.github/workflows/claude-code-review.yml
@@ -33,3 +33,4 @@ jobs:
           trigger_phrase: "/claude"
           claude_args: >-
             --allowedTools "mcp__github_inline_comment__create_inline_comment"
+            --disallowedTools "Bash(git add:*),Bash(git commit:*),Bash(git rm:*),Bash(git push:*)"