fix: reinforce no-script-execution constraint in devops-health-check#845
fix: reinforce no-script-execution constraint in devops-health-check#845AbhitejJohn wants to merge 2 commits into
Conversation
Skill Coverage Report
Uncovered:
|
There was a problem hiding this comment.
Pull request overview
This PR updates the DevOps Daily Health Check agent instructions to more explicitly avoid attempts at script execution (e.g., python3 -c ...) that are blocked by the bash allowlist/security policy. It also introduces Claude marketplace/plugin-manifest changes for the dotnet-msbuild plugin.
Changes:
- Strengthen
devops-health-checkguidance to state script interpreters (python/node) are not available and to usejqfor JSON parsing. - Add
plugins/dotnet-msbuild/.claude-plugin/plugin.jsonfor Claude-specific plugin metadata. - Extend
.claude-plugin/marketplace.jsonwith anmcpServersdefinition fordotnet-msbuild.
Show a summary per file
| File | Description |
|---|---|
plugins/dotnet-msbuild/.claude-plugin/plugin.json |
Adds a Claude plugin manifest for dotnet-msbuild (but currently uses likely-incorrect relative paths). |
.github/workflows/devops-health-check.md |
Clarifies that python/node interpreters are not in the bash allowlist and directs JSON processing to jq. |
.claude-plugin/marketplace.json |
Adds an mcpServers entry for dotnet-msbuild in the Claude marketplace manifest. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 3/3 changed files
- Comments generated: 2
The agent was hallucinating Python script creation (run_analysis2.py) and attempting to execute it, which was correctly blocked by the bash allowlist security policy. Strengthen the efficiency guideline to explicitly state that python/python3/node are NOT in the bash allowlist and will be blocked, directing the agent to use jq instead. Fixes #841 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
541c543 to
04abecd
Compare
04abecd to
45c6faf
Compare
|
👋 @AbhitejJohn — this PR has 3 unresolved review thread(s). When you're ready, please address the feedback and push an update; the triage bot will pick up the next state automatically. (Add the |
Addresses review feedback: 'any script interpreter' was too broad since jq/sed are technically interpreters but ARE in the allowlist. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
|
✅ Evaluation passed for |
|
✅ Evaluation passed for |
Summary
Strengthens the prompt in the DevOps Daily Health Check workflow to explicitly tell the agent that python, python3, and node are NOT in the bash allowlist and will be blocked by the security policy.
Problem
The Copilot agent was hallucinating Python script creation (python3 -c "import json,...") to process JSON data, which was correctly blocked by the bash tool's security policy. Despite existing instructions saying "don't create scripts," the agent interpreted inline python3 -c as a command rather than a script, and retried multiple times - burning token budget.
Failed run: https://github.com/dotnet/skills/actions/runs/28311460592
Fix
Made the efficiency guideline explicitly state that script interpreters are not available, directing the agent to use jq for all JSON processing.
Fixes #841