Skip to content

feat: Add auto-triage GitHub Action for issues and PRs #5049

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
marius-kilocode wants to merge 1 commit into from
Closed

feat: Add auto-triage GitHub Action for issues and PRs #5049

marius-kilocode wants to merge 1 commit into from

Conversation

@marius-kilocode
Copy link
Collaborator

@marius-kilocode marius-kilocode commented Jan 14, 2026

Summary

Adds a GitHub Action that automatically triages new issues and pull requests by analyzing their content and applying appropriate labels using the Kilo Code CLI.

How It Works

  1. Triggers on new issues and PRs (excluding bot-created ones)
  2. Uses Kilo Code CLI in autonomous mode to analyze the content
  3. Applies relevant labels using gh issue edit or gh pr edit

Security Measures

  • Command Allowlist: Only gh issue edit and gh pr edit are permitted
  • Command Denylist: Blocks dangerous commands (rm, sudo, curl, wget, bash, etc.)
  • Input Sanitization: Shell metacharacters stripped from issue/PR body
  • Minimal Permissions: Only issues: write and pull-requests: write
  • Bot Skip: Ignores bot-created issues/PRs to prevent loops

Available Labels

The agent can apply labels from these categories:

  • Component: CLI, backend, frontend, jetbrains, MCP, checkpoints, teams, autocomplete, codebase indexing, native-tool-calls
  • Type: documentation, proposal, good first issue, help wanted, blocking
  • Platform: windows, marketplace
  • Provider: kilocode-api-provider, openrouter, local-llm, grok, new-provider
  • Accessibility: a11y

Setup Required

Add KILOCODE_TOKEN secret to the repository:

  • Settings → Secrets and variables → Actions → New repository secret

Testing

Tested locally with dummy issue data:

node cli/dist/index.js --auto "Triage this GitHub issue: ..."

The CLI correctly identified and applied labels (CLI, windows, MCP) for a test issue about "CLI crashes on Windows when using MCP servers".

@changeset-bot
Copy link

changeset-bot bot commented Jan 14, 2026

⚠️ No Changeset found

Latest commit: c80a5e2

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@marius-kilocode marius-kilocode deleted the can_you_think_about branch January 14, 2026 23:30
@kiloconnect
Copy link
Contributor

kiloconnect bot commented Jan 14, 2026

Code Review Summary

Status: No Issues Found | Recommendation: Merge

This PR adds a new GitHub Actions workflow for auto-triaging issues and pull requests. The implementation looks solid:

  • ✅ Proper bot filtering to avoid infinite loops
  • ✅ Appropriate permissions scoped to minimum required
  • ✅ Good security practices with explicit allow/deny lists for commands
  • ✅ Input sanitization for the body content
  • ✅ Clear prompt instructions with anti-injection warning
  • ✅ Telemetry disabled for CI environment
Files Reviewed (1 file)
  • .github/workflows/auto-triage.yml - New workflow file

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@marius-kilocode