ci: Two claude-review fixes

- Use persist-credentials: false for actions/checkout, so we don't
  leak the github token credentials to subsequent jobs.
- Remove one / from the Edit/Write permissions. Currently, with the
  absolute path from github.workspace, we expand to three slashes while
  we only need two.

diff --git a/.github/workflows/claude-review.yml b/.github/workflows/claude-review.yml
index bf20e7d51e9b9b949ae82f40fdca91f4620dd0da..3829313cf97d8c5a73566d0694b94fcf7daa7cf7 100644 (file)
--- a/.github/workflows/claude-review.yml
+++ b/.github/workflows/claude-review.yml
@@ -150,6 +150,7 @@ jobs:
         with:
           # Need full history for git worktree add to work on all PR commits.
           fetch-depth: 0
+          persist-credentials: false
 
       - name: Download PR context
         uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c
@@ -200,8 +201,8 @@ jobs:
               "allow": [
                 "Bash",
                 "Read",
-                "Edit(//${{ github.workspace }}/**)",
-                "Write(//${{ github.workspace }}/**)",
+                "Edit(/${{ github.workspace }}/**)",
+                "Write(/${{ github.workspace }}/**)",
                 "Grep",
                 "Glob",
                 "Agent",