Skip to content

fix: prevent unauthorized message for non-command comments #262

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
chambridge merged 1 commit into from
Jan 16, 2026
Merged

fix: prevent unauthorized message for non-command comments #262

chambridge merged 1 commit into from
Jan 16, 2026
+5 −0

Conversation

@kami619
Copy link
Contributor

@kami619 kami619 commented Jan 15, 2026

Description

The unauthorized job was incorrectly triggered for any comment from ACL-listed users that didn't contain '/agentready assess'. This fix adds a 'command_invoked' output to distinguish between:

  • Command not present in comment (do nothing)
  • Command present but user unauthorized (show message)

The unauthorized job now only runs when command_invoked=true AND is_authorized=false.

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update
  • Refactoring (no functional changes)
  • Performance improvement
  • Test coverage improvement

Related Issues

#249

Changes Made

.github/workflows/agentready-assessment.yml

  1. Added new output to job
outputs:
  is_authorized: ${{ steps.check-agentready-acl.outputs.is_authorized }}
+ command_invoked: ${{ steps.check-agentready-acl.outputs.command_invoked }}
  1. Set command_invoked flag in script
if ! echo "$COMMENT_BODY" | grep -qi "/agentready assess"; then
+ echo "command_invoked=false" >> "$GITHUB_OUTPUT"
  echo "is_authorized=false" >> "$GITHUB_OUTPUT"
  exit 0
fi
+ echo "command_invoked=true" >> "$GITHUB_OUTPUT"
  1. Updated unauthorized job condition
if: |
+ needs.check-agentready-acl.outputs.command_invoked == 'true' &&
  needs.check-agentready-acl.outputs.is_authorized == 'false' &&
  (github.event_name == 'issue_comment' || ...)

Testing

Test Issue with test comments :
kami619#4

Working Runs:

Checklist

  • My code follows the project's code style
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published

@kami619
fix: prevent unauthorized message for non-command comments
d0d4e34 
The unauthorized job was incorrectly triggered for any comment from
ACL-listed users that didn't contain '/agentready assess'. This fix
adds a 'command_invoked' output to distinguish between:
- Command not present in comment (do nothing)
- Command present but user unauthorized (show message)

The unauthorized job now only runs when command_invoked=true AND
is_authorized=false.
@github-actions
Copy link
Contributor

github-actions bot commented Jan 15, 2026

📈 Test Coverage Report

Branch Coverage
This PR 62.3%
Main 62.3%
Diff ✅ +0%

Coverage calculated from unit tests only

chambridge
chambridge approved these changes Jan 16, 2026
View reviewed changes
Copy link
Collaborator

@chambridge chambridge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@chambridge chambridge merged commit 84c6f69 into ambient-code:main Jan 16, 2026
11 checks passed
github-actions bot pushed a commit that referenced this pull request Jan 16, 2026
@semantic-release-bot
chore(release): 2.22.3 [skip ci]
2ff4de9 
## [2.22.3](v2.22.2...v2.22.3) (2026-01-16)

### Bug Fixes

* prevent unauthorized message for non-command comments ([#262](#262)) ([84c6f69](84c6f69))
@github-actions
Copy link
Contributor

github-actions bot commented Jan 16, 2026

🎉 This PR is included in version 2.22.3 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

github-actions bot pushed a commit to chambridge/agentready that referenced this pull request Jan 16, 2026
@semantic-release-bot
chore(release): 1.0.0 [skip ci]
f929b84 
# 1.0.0 (2026-01-16)

### Bug Fixes

* add bounded retry logic for LLM rate limit handling ([ambient-code#205](https://github.com/chambridge/agentready/issues/205)) ([6ecb786](6ecb786)), closes [ambient-code#104](https://github.com/chambridge/agentready/issues/104)
* Add comprehensive subprocess security guardrails (fixes [ambient-code#57](https://github.com/chambridge/agentready/issues/57)) ([ambient-code#66](https://github.com/chambridge/agentready/issues/66)) ([454b80e](454b80e))
* Add comprehensive YAML validation to prevent attacks (fixes [ambient-code#56](https://github.com/chambridge/agentready/issues/56)) ([ambient-code#63](https://github.com/chambridge/agentready/issues/63)) ([31ecb3a](31ecb3a))
* add repository checkout step to Claude Code Action workflow ([17aa0cf](17aa0cf))
* add uv.lock to recognized lockfiles ([ambient-code#143](https://github.com/chambridge/agentready/issues/143)) ([a98dc87](a98dc87)), closes [ambient-code#137](https://github.com/chambridge/agentready/issues/137)
* address P1 code quality issues from code review ([ambient-code#36](https://github.com/chambridge/agentready/issues/36)) ([5976332](5976332))
* address P1 code quality issues from code review ([ambient-code#37](https://github.com/chambridge/agentready/issues/37)) ([4be1d5e](4be1d5e))
* address P1 code quality issues from code review ([ambient-code#38](https://github.com/chambridge/agentready/issues/38)) ([77f2300](77f2300))
* **assessors:** FileSizeLimitsAssessor now respects .gitignore ([ambient-code#248](https://github.com/chambridge/agentready/issues/248)) ([eaaecc2](eaaecc2)), closes [ambient-code#245](https://github.com/chambridge/agentready/issues/245)
* **assessors:** search recursively for OpenAPI specification files ([ambient-code#127](https://github.com/chambridge/agentready/issues/127)) ([e2a5778](e2a5778))
* **ci:** use gh pr view for fork PR number lookup in coverage comment ([ambient-code#253](https://github.com/chambridge/agentready/issues/253)) ([1688362](1688362))
* correct Assessment field name in demo command ([ambient-code#41](https://github.com/chambridge/agentready/issues/41)) ([b48622d](b48622d)), closes [ambient-code#12](https://github.com/chambridge/agentready/issues/12)
* Correct datetime import pattern in RepomixService ([ambient-code#65](https://github.com/chambridge/agentready/issues/65)) ([517aa6e](517aa6e))
* correct GitHub repository link in site navigation ([5492278](5492278))
* correct Liquid syntax in developer-guide (elif -> elsif) ([75f3b1d](75f3b1d))
* Create shared test fixtures and fix Assessment schema issues ([ambient-code#114](https://github.com/chambridge/agentready/issues/114)) ([46baa13](46baa13))
* disable attestations for Test PyPI to avoid conflict ([ambient-code#155](https://github.com/chambridge/agentready/issues/155)) ([a33e3cd](a33e3cd)), closes [pypa/#action-pypi-publish](https://github.com/chambridge/agentready/issues/action-pypi-publish)
* downgrade docker/metadata-action to v5 and fix shellcheck warnings ([12f5509](12f5509))
* enable Harbor task filtering for smoketest support ([ambient-code#222](https://github.com/chambridge/agentready/issues/222)) ([f780188](f780188))
* exclude DEPLOYMENT.md and SETUP_SUMMARY.md from Jekyll build ([9611207](9611207))
* Improve report metadata display with clean table format ([ca361a4](ca361a4))
* leaderboard workflow and SSH URL support ([ambient-code#147](https://github.com/chambridge/agentready/issues/147)) ([de28cd0](de28cd0))
* make E2E test timeouts configurable and add sensitive directory test ([ambient-code#206](https://github.com/chambridge/agentready/issues/206)) ([27e87e5](27e87e5)), closes [ambient-code#104](https://github.com/chambridge/agentready/issues/104) [ambient-code#192](https://github.com/chambridge/agentready/issues/192)
* P0 security and logic bugs from code review ([2af2346](2af2346))
* Prevent API key exposure in environment and logs (fixes [ambient-code#55](https://github.com/chambridge/agentready/issues/55)) ([ambient-code#64](https://github.com/chambridge/agentready/issues/64)) ([4d1d001](4d1d001))
* Prevent command injection in CommandFix.apply() (fixes [ambient-code#52](https://github.com/chambridge/agentready/issues/52)) ([ambient-code#60](https://github.com/chambridge/agentready/issues/60)) ([49be28e](49be28e))
* Prevent path traversal in LLM cache (fixes [ambient-code#53](https://github.com/chambridge/agentready/issues/53)) ([ambient-code#61](https://github.com/chambridge/agentready/issues/61)) ([2bf052d](2bf052d))
* prevent unauthorized message for non-command comments ([ambient-code#262](https://github.com/chambridge/agentready/issues/262)) ([84c6f69](84c6f69))
* Prevent XSS in HTML reports (fixes [ambient-code#54](https://github.com/chambridge/agentready/issues/54)) ([ambient-code#62](https://github.com/chambridge/agentready/issues/62)) ([7c60c69](7c60c69))
* rename research report in data directory ([b8ddfdc](b8ddfdc))
* replace all remaining elif with elsif in developer-guide ([73f16fc](73f16fc))
* Resolve 35 pytest failures through model validation and path sanitization improvements ([ambient-code#115](https://github.com/chambridge/agentready/issues/115)) ([4fbfee0](4fbfee0))
* resolve all test suite failures - achieve zero failures ([ambient-code#180](https://github.com/chambridge/agentready/issues/180)) ([990fa2d](990fa2d)), closes [ambient-code#148](https://github.com/chambridge/agentready/issues/148) [ambient-code#147](https://github.com/chambridge/agentready/issues/147) [ambient-code#145](https://github.com/chambridge/agentready/issues/145)
* resolve broken links and workflow failures ([ambient-code#160](https://github.com/chambridge/agentready/issues/160)) ([fbf5cf7](fbf5cf7))
* Resolve merge conflicts in CLI main module ([ambient-code#59](https://github.com/chambridge/agentready/issues/59)) ([9e0bf2d](9e0bf2d))
* resolve YAML syntax error in continuous-learning workflow ([ambient-code#172](https://github.com/chambridge/agentready/issues/172)) ([3d40fcc](3d40fcc))
* resolve YAML syntax error in update-docs workflow and add actionlint ([ambient-code#173](https://github.com/chambridge/agentready/issues/173)) ([97b06af](97b06af))
* Sanitize sensitive data in HTML reports (fixes [ambient-code#58](https://github.com/chambridge/agentready/issues/58)) ([ambient-code#67](https://github.com/chambridge/agentready/issues/67)) ([6fbac76](6fbac76))
* set correct baseurl for GitHub Pages subdirectory deployment ([c4db765](c4db765))
* skip PR comments for external forks to prevent permission errors ([ambient-code#163](https://github.com/chambridge/agentready/issues/163)) ([2a29fb8](2a29fb8))
* update --version flag to show correct version and research report date ([ambient-code#221](https://github.com/chambridge/agentready/issues/221)) ([5a85abb](5a85abb))
* Update Claude workflow to trigger on [@claude](https://github.com/claude) mentions ([ambient-code#35](https://github.com/chambridge/agentready/issues/35)) ([a8a3fab](a8a3fab))
* **workflows:** ensure post-comment step runs after Claude Code Action ([b087e5c](b087e5c))
* **workflows:** handle all event types in agentready-dev workflow ([9b942bf](9b942bf))
* **workflows:** improve error handling and logging for comment posting ([9ea1e6b](9ea1e6b))
* **workflows:** improve issue number extraction and add debug step ([ecd896b](ecd896b))
* **workflows:** remove if:always() to test step execution ([ff0bb12](ff0bb12))
* **workflows:** simplify post-comment step condition ([1bbf40a](1bbf40a))

### Features

* add agentready-dev Claude agent specification ([ambient-code#44](https://github.com/chambridge/agentready/issues/44)) ([0f61f5c](0f61f5c))
* add ambient-code/agentready to leaderboard ([ambient-code#148](https://github.com/chambridge/agentready/issues/148)) ([621152e](621152e))
* Add automated demo command for AgentReady ([ambient-code#24](https://github.com/chambridge/agentready/issues/24)) ([f4e89d9](f4e89d9)), closes [ambient-code#1](https://github.com/chambridge/agentready/issues/1) [ambient-code#25](https://github.com/chambridge/agentready/issues/25) [hi#quality](https://github.com/hi/issues/quality) [hi#scoring](https://github.com/hi/issues/scoring)
* add Claude Code GitHub Action for [@claude](https://github.com/claude) mentions ([3e7224d](3e7224d))
* Add comprehensive unit tests for utility modules (privacy.py and subprocess_utils.py) ([ambient-code#111](https://github.com/chambridge/agentready/issues/111)) ([9d3dece](9d3dece))
* Add customizable HTML report themes with runtime switching ([ambient-code#46](https://github.com/chambridge/agentready/issues/46)) ([7eeaf84](7eeaf84)), closes [hi#contrast](https://github.com/hi/issues/contrast) [ambient-code#10](https://github.com/chambridge/agentready/issues/10)
* Add Doubleagent - specialized AgentReady development agent ([ambient-code#30](https://github.com/chambridge/agentready/issues/30)) ([0ab54cb](0ab54cb))
* add GitHub organization scanning to assess-batch command ([ambient-code#118](https://github.com/chambridge/agentready/issues/118)) ([e306314](e306314))
* add Harbor Terminal-Bench comparison for agent effectiveness ([ambient-code#199](https://github.com/chambridge/agentready/issues/199)) ([a56e318](a56e318))
* Add Interactive Dashboard backlog item ([adfc4c8](adfc4c8))
* add interactive heatmap visualization for batch assessments ([ambient-code#136](https://github.com/chambridge/agentready/issues/136)) ([4d44fc3](4d44fc3))
* Add interactive HTML report generation ([18664ea](18664ea))
* add Memory MCP server allow list to repository settings ([ambient-code#203](https://github.com/chambridge/agentready/issues/203)) ([41d87bb](41d87bb))
* add quay/quay to leaderboard ([ambient-code#162](https://github.com/chambridge/agentready/issues/162)) ([d6e8df0](d6e8df0))
* add release pipeline coldstart prompt ([ambient-code#19](https://github.com/chambridge/agentready/issues/19)) ([9a3880c](9a3880c)), closes [ambient-code#18](https://github.com/chambridge/agentready/issues/18)
* Add Repomix integration for AI-friendly repository context generation ([ambient-code#29](https://github.com/chambridge/agentready/issues/29)) ([92bdde1](92bdde1)), closes [ambient-code#24](https://github.com/chambridge/agentready/issues/24) [ambient-code#1](https://github.com/chambridge/agentready/issues/1) [ambient-code#25](https://github.com/chambridge/agentready/issues/25) [hi#quality](https://github.com/hi/issues/quality) [hi#scoring](https://github.com/hi/issues/scoring)
* add report header with repository metadata ([ambient-code#28](https://github.com/chambridge/agentready/issues/28)) ([7a8b34a](7a8b34a))
* Add research report management CLI commands ([ambient-code#45](https://github.com/chambridge/agentready/issues/45)) ([e1be488](e1be488)), closes [ambient-code#7](https://github.com/chambridge/agentready/issues/7)
* Add security & quality improvements from code review ([ambient-code#40](https://github.com/chambridge/agentready/issues/40)) ([13cd3ca](13cd3ca))
* Add security & quality improvements from code review ([ambient-code#49](https://github.com/chambridge/agentready/issues/49)) ([889d6ed](889d6ed))
* Add SWE-bench experiment system for validating AgentReady impact ([ambient-code#124](https://github.com/chambridge/agentready/issues/124)) ([15edbba](15edbba))
* Add weekly research update skill and automation ([ambient-code#145](https://github.com/chambridge/agentready/issues/145)) ([7ba17a6](7ba17a6))
* **assessors:** implement File Size Limits assessor (Tier 2) ([ambient-code#141](https://github.com/chambridge/agentready/issues/141)) ([248467f](248467f))
* Auto-sync CLAUDE.md during semantic-release ([ambient-code#101](https://github.com/chambridge/agentready/issues/101)) ([36b48cb](36b48cb))
* automate PyPI publishing with trusted publishing (OIDC) ([ambient-code#154](https://github.com/chambridge/agentready/issues/154)) ([71f4632](71f4632)), closes [pypa/#action-pypi-publish](https://github.com/chambridge/agentready/issues/action-pypi-publish)
* Batch Report Enhancements + Bootstrap Template Inheritance (Phase 2 Task 5) ([ambient-code#133](https://github.com/chambridge/agentready/issues/133)) ([7762b23](7762b23))
* Community Leaderboard for AgentReady Scores ([ambient-code#146](https://github.com/chambridge/agentready/issues/146)) ([fea0b3e](fea0b3e))
* Complete Phases 5-7 - Markdown reports, testing, and polish ([7659623](7659623))
* consolidate GitHub Actions workflows by purpose ([ambient-code#217](https://github.com/chambridge/agentready/issues/217)) ([717ca6b](717ca6b)), closes [ambient-code#221](https://github.com/chambridge/agentready/issues/221)
* container support ([ambient-code#171](https://github.com/chambridge/agentready/issues/171)) ([c6874ea](c6874ea))
* convert AgentReady assessment to on-demand workflow ([ambient-code#213](https://github.com/chambridge/agentready/issues/213)) ([b5a1ce0](b5a1ce0)), closes [ambient-code#191](https://github.com/chambridge/agentready/issues/191)
* enhance assessors with multi-language support and security ([ambient-code#200](https://github.com/chambridge/agentready/issues/200)) ([85712f2](85712f2)), closes [ambient-code#10](https://github.com/chambridge/agentready/issues/10)
* Harbor framework integration for Terminal-Bench evaluations ([ambient-code#202](https://github.com/chambridge/agentready/issues/202)) ([d73a8c8](d73a8c8)), closes [ambient-code#4](https://github.com/chambridge/agentready/issues/4) [ambient-code#178](https://github.com/chambridge/agentready/issues/178) [ambient-code#178](https://github.com/chambridge/agentready/issues/178)
* Implement AgentReady MVP with scoring engine ([54a96cb](54a96cb))
* Implement align subcommand for automated remediation (Issue [ambient-code#14](https://github.com/chambridge/agentready/issues/14)) ([ambient-code#34](https://github.com/chambridge/agentready/issues/34)) ([06f04dc](06f04dc))
* Implement ArchitectureDecisionsAssessor (fixes [ambient-code#81](https://github.com/chambridge/agentready/issues/81)) ([ambient-code#89](https://github.com/chambridge/agentready/issues/89)) ([9e782e5](9e782e5))
* implement automated semantic release pipeline ([ambient-code#20](https://github.com/chambridge/agentready/issues/20)) ([b579235](b579235))
* implement bootstrap command for GitHub infrastructure ([0af06c4](0af06c4)), closes [ambient-code#2](https://github.com/chambridge/agentready/issues/2)
* Implement BranchProtectionAssessor stub (fixes [ambient-code#86](https://github.com/chambridge/agentready/issues/86)) ([ambient-code#98](https://github.com/chambridge/agentready/issues/98)) ([44c4b17](44c4b17))
* Implement CICDPipelineVisibilityAssessor (fixes [ambient-code#85](https://github.com/chambridge/agentready/issues/85)) ([ambient-code#91](https://github.com/chambridge/agentready/issues/91)) ([e68285c](e68285c))
* Implement CodeSmellsAssessor stub (fixes [ambient-code#87](https://github.com/chambridge/agentready/issues/87)) ([ambient-code#99](https://github.com/chambridge/agentready/issues/99)) ([f06b2a8](f06b2a8))
* Implement ConciseDocumentationAssessor (fixes [ambient-code#76](https://github.com/chambridge/agentready/issues/76)) ([ambient-code#93](https://github.com/chambridge/agentready/issues/93)) ([c356cd5](c356cd5))
* Implement InlineDocumentationAssessor (fixes [ambient-code#77](https://github.com/chambridge/agentready/issues/77)) ([ambient-code#94](https://github.com/chambridge/agentready/issues/94)) ([e56e570](e56e570))
* Implement IssuePRTemplatesAssessor (fixes [ambient-code#84](https://github.com/chambridge/agentready/issues/84)) ([ambient-code#90](https://github.com/chambridge/agentready/issues/90)) ([819d7b7](819d7b7))
* Implement multi-repository batch assessment (Phase 1 of issue [ambient-code#68](https://github.com/chambridge/agentready/issues/68)) ([ambient-code#74](https://github.com/chambridge/agentready/issues/74)) ([befc0d5](befc0d5))
* Implement OneCommandSetupAssessor (fixes [ambient-code#75](https://github.com/chambridge/agentready/issues/75)) ([ambient-code#88](https://github.com/chambridge/agentready/issues/88)) ([668ba1b](668ba1b))
* Implement OpenAPISpecsAssessor (fixes [ambient-code#80](https://github.com/chambridge/agentready/issues/80)) ([ambient-code#97](https://github.com/chambridge/agentready/issues/97)) ([45ae36e](45ae36e))
* implement Phase 2 multi-repository assessment reporting ([ambient-code#117](https://github.com/chambridge/agentready/issues/117)) ([8da56c2](8da56c2)), closes [ambient-code#69](https://github.com/chambridge/agentready/issues/69)
* implement report schema versioning ([ambient-code#43](https://github.com/chambridge/agentready/issues/43)) ([4c4752c](4c4752c))
* Implement SemanticNamingAssessor (fixes [ambient-code#82](https://github.com/chambridge/agentready/issues/82)) ([ambient-code#95](https://github.com/chambridge/agentready/issues/95)) ([d87a280](d87a280))
* Implement SeparationOfConcernsAssessor (fixes [ambient-code#78](https://github.com/chambridge/agentready/issues/78)) ([ambient-code#92](https://github.com/chambridge/agentready/issues/92)) ([99bfe28](99bfe28))
* Implement StructuredLoggingAssessor (fixes [ambient-code#79](https://github.com/chambridge/agentready/issues/79)) ([ambient-code#96](https://github.com/chambridge/agentready/issues/96)) ([2b87ca7](2b87ca7))
* Phase 1 Task 1 - Consolidate Security Validation Patterns ([ambient-code#129](https://github.com/chambridge/agentready/issues/129)) ([8580c45](8580c45)), closes [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122)
* Phase 1 Tasks 2-3 - Consolidate Reporter Base & Assessor Factory ([ambient-code#131](https://github.com/chambridge/agentready/issues/131)) ([8e12bf9](8e12bf9)), closes [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122) [ambient-code#122](https://github.com/chambridge/agentready/issues/122)
* Phase 2 Task 4 - Replace manual config validation with Pydantic ([ambient-code#134](https://github.com/chambridge/agentready/issues/134)) ([d83cf58](d83cf58))
* Redesign homepage features with two-column layout and research links ([ambient-code#189](https://github.com/chambridge/agentready/issues/189)) ([570087d](570087d)), closes [ambient-code#187](https://github.com/chambridge/agentready/issues/187)
* redesign HTML report with dark theme and larger fonts ([ambient-code#39](https://github.com/chambridge/agentready/issues/39)) ([59f6702](59f6702)), closes [#8b5cf6](https://github.com/chambridge/agentready/issues/8b5cf6) [#XX](https://github.com/chambridge/agentready/issues/XX)
* Rename 'learn' command to 'extract-skills' for clarity ([ambient-code#125](https://github.com/chambridge/agentready/issues/125)) ([64d6563](64d6563)), closes [hi#scoring](https://github.com/hi/issues/scoring) [ambient-code#123](https://github.com/chambridge/agentready/issues/123)
* replace markdown-link-check with lychee for link validation ([ambient-code#177](https://github.com/chambridge/agentready/issues/177)) ([f1a4545](f1a4545))
* Standardize on Python 3.12+ with forward compatibility for 3.13 ([ambient-code#132](https://github.com/chambridge/agentready/issues/132)) ([84f2c46](84f2c46))
* Terminal-Bench eval harness (MVP Phase 1) ([ambient-code#178](https://github.com/chambridge/agentready/issues/178)) ([d06bab4](d06bab4)), closes [ambient-code#171](https://github.com/chambridge/agentready/issues/171)
* **workflows:** add comment posting for [@agentready-dev](https://github.com/agentready-dev) agent ([5dff614](5dff614))

### Performance Improvements

* implement lazy loading for heavy CLI commands ([ambient-code#151](https://github.com/chambridge/agentready/issues/151)) ([6a7cd4e](6a7cd4e))

### BREAKING CHANGES

* Users must update scripts from 'agentready learn'
to 'agentready extract-skills'. All flags and options remain identical.
@kami619 kami619 deleted the fix/acl-authorization-logic branch January 16, 2026 15:19
github-actions bot pushed a commit to kami619/agentready that referenced this pull request Jan 16, 2026
@semantic-release-bot
chore(release): 2.14.0 [skip ci]
cece9a9 
# [2.14.0](v2.13.0...v2.14.0) (2026-01-16)

### Bug Fixes

* add bounded retry logic for LLM rate limit handling ([ambient-code#205](https://github.com/kami619/agentready/issues/205)) ([6ecb786](6ecb786)), closes [ambient-code#104](https://github.com/kami619/agentready/issues/104)
* **assessors:** FileSizeLimitsAssessor now respects .gitignore ([ambient-code#248](https://github.com/kami619/agentready/issues/248)) ([eaaecc2](eaaecc2)), closes [ambient-code#245](https://github.com/kami619/agentready/issues/245)
* **ci:** use gh pr view for fork PR number lookup in coverage comment ([ambient-code#253](https://github.com/kami619/agentready/issues/253)) ([1688362](1688362))
* downgrade docker/metadata-action to v5 and fix shellcheck warnings ([12f5509](12f5509))
* enable Harbor task filtering for smoketest support ([ambient-code#222](https://github.com/kami619/agentready/issues/222)) ([f780188](f780188))
* make E2E test timeouts configurable and add sensitive directory test ([ambient-code#206](https://github.com/kami619/agentready/issues/206)) ([27e87e5](27e87e5)), closes [ambient-code#104](https://github.com/kami619/agentready/issues/104) [ambient-code#192](https://github.com/kami619/agentready/issues/192)
* prevent unauthorized message for non-command comments ([ambient-code#262](https://github.com/kami619/agentready/issues/262)) ([84c6f69](84c6f69))
* rename research report in data directory ([b8ddfdc](b8ddfdc))
* resolve all test suite failures - achieve zero failures ([ambient-code#180](https://github.com/kami619/agentready/issues/180)) ([990fa2d](990fa2d)), closes [ambient-code#148](https://github.com/kami619/agentready/issues/148) [ambient-code#147](https://github.com/kami619/agentready/issues/147) [ambient-code#145](https://github.com/kami619/agentready/issues/145)
* resolve YAML syntax error in continuous-learning workflow ([ambient-code#172](https://github.com/kami619/agentready/issues/172)) ([3d40fcc](3d40fcc))
* resolve YAML syntax error in update-docs workflow and add actionlint ([ambient-code#173](https://github.com/kami619/agentready/issues/173)) ([97b06af](97b06af))
* update --version flag to show correct version and research report date ([ambient-code#221](https://github.com/kami619/agentready/issues/221)) ([5a85abb](5a85abb))
* **workflows:** ensure post-comment step runs after Claude Code Action ([b087e5c](b087e5c))
* **workflows:** handle all event types in agentready-dev workflow ([9b942bf](9b942bf))
* **workflows:** improve error handling and logging for comment posting ([9ea1e6b](9ea1e6b))
* **workflows:** improve issue number extraction and add debug step ([ecd896b](ecd896b))
* **workflows:** remove if:always() to test step execution ([ff0bb12](ff0bb12))
* **workflows:** simplify post-comment step condition ([1bbf40a](1bbf40a))

### Features

* add Harbor Terminal-Bench comparison for agent effectiveness ([ambient-code#199](https://github.com/kami619/agentready/issues/199)) ([a56e318](a56e318))
* add Memory MCP server allow list to repository settings ([ambient-code#203](https://github.com/kami619/agentready/issues/203)) ([41d87bb](41d87bb))
* consolidate GitHub Actions workflows by purpose ([ambient-code#217](https://github.com/kami619/agentready/issues/217)) ([717ca6b](717ca6b)), closes [ambient-code#221](https://github.com/kami619/agentready/issues/221)
* container support ([ambient-code#171](https://github.com/kami619/agentready/issues/171)) ([c6874ea](c6874ea))
* convert AgentReady assessment to on-demand workflow ([ambient-code#213](https://github.com/kami619/agentready/issues/213)) ([b5a1ce0](b5a1ce0)), closes [ambient-code#191](https://github.com/kami619/agentready/issues/191)
* enhance assessors with multi-language support and security ([ambient-code#200](https://github.com/kami619/agentready/issues/200)) ([85712f2](85712f2)), closes [ambient-code#10](https://github.com/kami619/agentready/issues/10)
* Harbor framework integration for Terminal-Bench evaluations ([ambient-code#202](https://github.com/kami619/agentready/issues/202)) ([d73a8c8](d73a8c8)), closes [#4](#4) [ambient-code#178](https://github.com/kami619/agentready/issues/178) [ambient-code#178](https://github.com/kami619/agentready/issues/178)
* Redesign homepage features with two-column layout and research links ([ambient-code#189](https://github.com/kami619/agentready/issues/189)) ([570087d](570087d)), closes [ambient-code#187](https://github.com/kami619/agentready/issues/187)
* replace markdown-link-check with lychee for link validation ([ambient-code#177](https://github.com/kami619/agentready/issues/177)) ([f1a4545](f1a4545))
* Terminal-Bench eval harness (MVP Phase 1) ([ambient-code#178](https://github.com/kami619/agentready/issues/178)) ([d06bab4](d06bab4)), closes [ambient-code#171](https://github.com/kami619/agentready/issues/171)
* **workflows:** add comment posting for [@agentready-dev](https://github.com/agentready-dev) agent ([5dff614](5dff614))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chambridge chambridge chambridge approved these changes

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kami619 @chambridge