The swarm reviewed PR #8 *through the reusable path itself* — proving
github.event context propagates into a workflow_call reusable workflow on
this act_runner (the one part the probes hadn't covered). Folded in the
warranted findings:
- review-reusable.yml: bump timeout_minutes default 30 -> 45 (a multi-
model/slow-lens review can exceed 30); map the generic GADFLY_API_KEY
secret (was missing); add an explicit permissions block; drop the dead
`specialist_suite` input.
- examples/reusable.yml: actor gate now also requires
github.event.issue.pull_request (so an issue-comment on a plain issue
doesn't waste a runner), and a note to pin @<ref> to a release tag.
Graded ~70 findings (heavy clustering): the real ones above + several
by-design/documented (inputs replace vars-overrides; only M1/M5 named
endpoints mapped) and many false positives (IS_DRAFT pattern, GITEA_TOKEN
via inherit, "empty specialists" misread — empty does default).
YAML validated; Go unchanged.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Centralizes the ~90-line consumer stub into a reusable Gitea workflow so a
repo can subscribe to Gadfly with a tiny caller. Feasibility was probe-
verified on this act_runner: workflow_call runs, secrets: inherit
delivers, and a fully-qualified owner/repo/path@ref resolves.
- .gitea/workflows/review-reusable.yml: `on: workflow_call` job holding
the image pin + all env plumbing. Inputs (models/specialists/provider/
concurrency/timeouts/allowed_users/…) default to "" so an empty value
falls back to the image's own default — caller overrides only what it
wants. Secrets via `secrets: inherit` (optional ones resolve empty).
- adversarial-review.yml: gadfly's own dogfood is now a thin CALLER of the
reusable (proves it end-to-end; advisory so safe to dogfood).
- examples/reusable.yml: the slim ~8-line consumer stub.
- README / examples/README / CLAUDE.md document the subscribe path.
Caveat: consumers with arbitrary GADFLY_ENDPOINT_<NAME>s still need the
full stub (a reusable workflow can't enumerate dynamic secret names).
YAML validated; Go unchanged (build + test green).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>