From fe43e60d2f7b2235826ebd4385ee8c1c4082e859 Mon Sep 17 00:00:00 2001
From: Dimitrios Vasilas <dimitrios.vasilas@scality.com>
Date: Wed, 4 Mar 2026 16:41:34 +0200
Subject: [PATCH] feat: Add Read tool to review workflow allowed-tools

The review-pr skill instructs the reviewer to read changed files for
full context, but the workflow's allowedTools list was missing Read,
limiting the reviewer to diff hunks only.
---
 .github/workflows/claude-code-review.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml
index bb2e585..6967186 100644
--- a/.github/workflows/claude-code-review.yml
+++ b/.github/workflows/claude-code-review.yml
@@ -44,7 +44,7 @@ jobs:
           use_vertex: "true"
           prompt: "/review-pr REPO: ${{ github.repository }} PR_NUMBER: ${{ github.event.pull_request.number }}"
           claude_args: |
-            --allowedTools "Bash(git diff *)" "Bash(git log *)" "Bash(git show *)" "Bash(gh repo view *)" "Bash(gh pr view *)" "Bash(gh pr diff *)" "Bash(gh pr comment *)" "Bash(gh api *)"
+            --allowedTools "Read" "Bash(git diff *)" "Bash(git log *)" "Bash(git show *)" "Bash(gh repo view *)" "Bash(gh pr view *)" "Bash(gh pr diff *)" "Bash(gh pr comment *)" "Bash(gh api *)"
             --model "claude-opus-4-6"
         env:
           ANTHROPIC_VERTEX_PROJECT_ID: ${{ secrets.ANTHROPIC_VERTEX_PROJECT_ID }}