Add CLAUDE.md and initial .deepreview rule suite

[nhorton]

Summary

• Adds CLAUDE.md with end-to-end flow documentation, the three state files crossing process boundaries (action.yml ↔ prompts/review.txt ↔ post-review-comments.py), the self-trigger guard, and how to test changes — so future Claude Code instances ramp up fast in this repo.
• Adds .deepreview with four review rules so this repo dogfoods the action it ships:
  • prompt_best_practices — reviews CLAUDE.md and prompts/review.txt against Anthropic prompt-engineering best practices.
  • update_action_surface_docs — keeps README.md and CLAUDE.md in sync with action.yml, prompts/review.txt, scripts/post-review-comments.py, and .github/workflows/example.yml. Instructions enumerate 12 concrete drift points rather than vague "look for inaccuracies".
  • python_code_review — reviews Python files against .deepwork/review/python_conventions.md (extracted from post-review-comments.py's observable patterns), with required DRY and comment-accuracy checks.
  • suggest_new_reviews — meta-rule that proposes new review rules per changeset.
• Gitignores .deepwork/tmp/ (restored from GitHub Actions cache at runtime, regenerated by every /review run — not source).

Design notes

• README and CLAUDE.md share an identical 4-file dependency surface, so they're covered by one combined doc-update rule rather than two parallel rules with the same triggers (avoids spawning two reviewer agents on every change).
• The Python rule was added per request even though there's only one Python file in the repo — python_conventions.md reflects patterns observable in the existing code rather than a generic style guide.

Known issue surfaced

The DeepSchema PostToolUse hook for **/.deepreview reports File is not valid JSON: Expecting value: line 1 column 1 (char 0) on every Write/Edit. The file is valid YAML and conforms to deepreview_schema.json — the validator appears to be calling json.loads() on a YAML file. False positive, file lands on disk correctly. Reported separately.

Test plan

• Open this PR and confirm the action runs against itself
• Verify update_action_surface_docs triggers on changes to any of its 6 match patterns
• Verify python_code_review triggers on scripts/post-review-comments.py changes
• Confirm suggest_new_reviews produces an empty (or near-empty) suggestion list on this initial run
• Confirm .deepwork/tmp/ is correctly excluded from the commit history going forward

🤖 Generated with Claude Code

[github-actions]

🤖 DeepWork automated review applied changes to 5 file(s).

Review the inline comments below for details on each change.

[github-actions]

🤖 DeepWork automated review applied changes to 9 file(s).

Review the inline comments below for details on each change.

[github-actions]

Claude encountered an error —— View job

---

DeepWork Review

• Gather context and read changed files
• Run /review with .deepreview rules (3 review agents dispatched)
• Apply review findings (6 findings in prompts/review.txt, peripheral fixes in python_conventions.md, .gitignore, CLAUDE.md)
• Re-run review to verify clean
• Post summary

Changes applied:

1. prompts/review.txt — Added false-positive escape valve to rule 2; added two-cycle convergence limit to rule 3; added rule 5 prohibiting git write commands; strengthened "Commits and pushes" section with prohibitive language; added clarifying note about COMMIT MESSAGE FOR AUTO-FIXES header; added example inline comment format
2. CLAUDE.md — Updated prompt contract section to reflect strengthened rules
3. .deepwork/review/python_conventions.md — Removed stale references to deleted scripts/post-review-comments.py
4. .gitignore — Generalized scripts/__pycache__/ → __pycache__/

[github-actions]

Claude finished @nhorton's task in 8m 55s —— View job

---

DeepWork Review

• Gather context and read changed files
• Run /review with .deepreview rules (4 review agents dispatched)
• Apply review findings (12abc1f — 5 files, 41 insertions, 30 deletions)
• Re-run review to verify clean (cycle 2: 1 new issue found and fixed in a914139)
• Post summary

---

Changes applied across 2 commits:

File	Changes
prompts/review.txt	Added false-positive escape valve to rule 2; added 2-cycle convergence limit to rule 3; added rule 5 prohibiting git write commands; added example inline comment format; strengthened commits/pushes section with back-reference to rule 5
CLAUDE.md	Documented --dangerously-skip-permissions in end-to-end flow (drift point 8); updated prompt contract from 4 → 5 guarantees to reflect strengthened rules
.deepwork/review/python_conventions.md	Removed all stale references to deleted scripts/post-review-comments.py and its functions
.deepreview	Fixed stale "change-tracking JSON contract" reference → "inline-comment posting instructions"; added tool-unavailable fallback to suggest_new_reviews; updated drift check #12 from 4 → 5 guarantees with new check (e)
.gitignore	Generalized scripts/__pycache__/ → __pycache__/ (scripts dir was deleted)

Review results by rule:

• prompt_best_practices — 3 High, 5 Medium, 3 Low findings. All High/Medium applied; Low findings (output channel ambiguity, priority signaling, tool fallback) addressed where actionable.
• update_action_surface_docs — 11/12 drift points PASS on first run. 1 FAIL (CLAUDE.md missing --dangerously-skip-permissions) fixed. Clean on re-run.
• python_code_review — No Python files in repo. Stale python_conventions.md references cleaned up.
• suggest_new_reviews — No new rules warranted. Existing 4 rules provide sufficient coverage.

[github-actions]

Claude finished @nhorton's task in 7m 50s —— View job

---

DeepWork Review

• Gather context and read changed files
• Run /review with .deepreview rules (3 review agents dispatched)
• Apply review findings (5 changes to prompts/review.txt, 1 to CLAUDE.md)
• Re-run review to verify clean (cycle 2: all PASS)
• Post summary

---

Changes applied:

File	Changes
prompts/review.txt	Tightened false-positive exception to closed enumeration (bug/test failure or contradicting finding only); clarified "cycle" = one review pass + applying fixes, capped at 2; expanded git deny-list with 6 additional commands (rebase, merge, cherry-pick, clean, stash, rm, mv); added tool-name fallback for inline comment MCP tool; added "When the review is done" terminal instruction section
CLAUDE.md	Documented show_full_output: true and classify_inline_comments: false debug flags in end-to-end flow section

Review results by rule:

• prompt_best_practices — 1 High, 3 Medium, 3 Low findings in prompts/review.txt. All High/Medium applied. Low findings: bare /review line (informational, no change needed), "Commits and pushes" redundancy (acceptable reinforcement), terminal output format (applied). python_conventions.md PASS. Clean on cycle 2.
• update_action_surface_docs — 11/12 drift points PASS on cycle 1. 1 FAIL (CLAUDE.md missing debug flag docs) fixed. All 12 PASS on cycle 2.
• suggest_new_reviews — No new rules warranted. Existing 4 rules provide sufficient coverage.

[github-actions]

DeepWork Review

• Gather context and read changed files
• Run /review with .deepreview rules (4 review agents dispatched)
• Apply review findings (fixing stale mcp__github_inline_comment__create_inline_comment references in CLAUDE.md, adding push-script fallback and summary template to review.txt)
• Re-run review to verify clean (cycle 2)
• Post summary

View job run

[github-actions]

Claude Code is working…

I'll analyze this and get back to you.

View job run

[nhorton]

Parking this PR as draft — blocked on upstream MCP issues

The action ran end-to-end successfully in cycles 4 and 5 of this PR (commit 12abc1f produced real autofix commits via claude-code-action@v1), but full investigation has surfaced a blocking upstream issue: the DeepWork plugin's MCP server fails to start inside anthropics/claude-code-action@v1's GitHub Actions runner. Until that's fixed upstream, this action only delivers a degraded review (slash-command-only, no MCP-backed quality gates), so the PR is going back into draft.

Symptom

anthropics/claude-code-action@v1 installs the plugin successfully:

✔ Successfully installed plugin: deepwork@deepwork-plugins (scope: user)
✓ Successfully installed: deepwork@deepwork-plugins

…but the Claude Code session init payload reports the plugin's MCP server as failed, while the two GitHub MCPs that ship with claude-code-action connect fine:

```json
"mcp_servers": [
{ "name": "plugin:deepwork:deepwork", "status": "failed" },
{ "name": "github_comment", "status": "connected" },
{ "name": "github_ci", "status": "connected" }
]
```

Silent failure — no stack trace, no `command not found`, no `could not start`. The same plugin works fine outside CI.

What still works vs what's missing

/review is implemented as a skill file (prompt-style, no MCP needed) so reviews still run and produce file edits — that's why we got real autofix commits earlier. What's missing in CI is everything that depends on actual MCP tool calls:

• mcp__plugin_deepwork_deepwork__get_configured_reviews
• mcp__plugin_deepwork_deepwork__get_named_schemas
• mcp__plugin_deepwork_deepwork__start_workflow
• mcp__plugin_deepwork_deepwork__mark_review_as_passed
• mcp__plugin_deepwork_deepwork__register_session_job
• DeepSchema validation tools
• The workflow state machine and per-step quality reviewers

So the CI reviews running today are a degraded form: file-edit-based, no quality gates, no DeepSchema validation, no orchestrated workflow. They produce useful autofixes but skip all the structural-integrity guarantees that are the whole point of DeepWork.

Root-cause hypotheses (ranked by probability)

#	Hypothesis	Probability
1	PR file restoration wipes plugin MCP registration. `claude-code-action`'s `pull_request` security path restores `.claude/`, `.mcp.json`, `.claude.json`, `.gitmodules`, `.ripgreprc`, `CLAUDE.md`, `CLAUDE.local.md`, `.husky` from `origin/main` before Claude initializes. The plugin install runs first and writes its MCP registry entry; the restoration step then erases it. The init reports `status: failed` because the entry is gone, not because the MCP itself crashed. Silent because there's no entry to report against.	70%
2	No automatic plugin → session MCP merge path. Plugin packages are installed but their MCP server definitions aren't merged into the MCP config the Claude CLI subprocess reads. Built-in `github_*` MCPs work because `claude-code-action` wires them up explicitly; third-party plugin MCPs have no documented integration path in CI.	60%
3	`MCP_TIMEOUT`/`MCP_TOOL_TIMEOUT` empty env vars. The runner sets both to empty strings rather than to a numeric value or leaving them unset. Empty might be interpreted as `0` (instant timeout) instead of "use default".	30%

Open upstream issues that match exactly

• anthropics/claude-code-action#813 — "Connection to MCPs fails without any logs"
• anthropics/claude-code-action#1004 — "--mcp-config file path in claude_args is silently dropped when action's inline JSON config is present"
• anthropics/claude-code-action#95 — "Add mcp_config input that merges with existing mcp server"

Other findings worth knowing about

• The upstream `claude-code-action@v1` system prompt explicitly forbids creating new PR comments on `pull_request` events: "Never create new comments. Only update the existing comment using mcp__github_comment__update_claude_comment." The `mcp__github_inline_comment__create_inline_comment` MCP server isn't even loaded in this action's context. So the per-line-inline-comment story is dead with this upstream action — everything goes through the `track_progress: true` tracking comment instead. This is a feature, not a bug, and the rewrite in this PR leans into it.
• Earlier rule-5 footgun: an earlier draft of `prompts/review.txt` told Claude "NEVER run git write commands — the wrapping action handles all VCS operations", under the (wrong) assumption that `claude-code-action` auto-commits. It does not — it pre-allows `git add`/`git commit`/`git-push.sh` and expects Claude to commit itself. The wrong rule made Claude obediently edit files and then never persist them, while the tracking comment proudly reported "applied". Reversed in commit `ec695df`. Docs in `CLAUDE.md` updated.
• Speculative pre-positioned fix: the rule-5 reversal commit also added `.claude/settings.json` with `enabledPlugins.deepwork@deepwork-plugins: true`. Theory: the plugin installs at user scope but Claude only loads its MCP if the project enables it. The file can only take effect on PRs opened after it lands on `main` (because the PR file restoration pulls `.claude/` from `origin/main`), so it's pre-positioning, not a fix for this PR.

Status

PR converted to draft until at least one of the upstream issues is resolved (or until we run the diagnostic experiment described in `CLAUDE.md` and submit a targeted upstream PR). Two cancelled runs (`24168751413`, `24168943402`) are because they would have hit the same MCP failure — no point burning more cycles until there's a fix to test.

Full investigation details, the diagnostic experiment, and the rationale for the speculative fix are in the Known issues section of CLAUDE.md.