| ▲ | r2vcap 4 hours ago | |
I tested it a bit yesterday, and it looks good—at least from a structural perspective. Separating the LLM invocation from the apply step is a great idea. This isn’t meant to replace our previous deterministic GitHub Actions workflow; rather, it enables automation with broader possibilities while keeping LLM usage safer. Also, a reminder: if you run Codex/Claude Code/whatever directly inside a GitHub Action without strong guardrails , you risk leaking credentials or performing unsafe write actions. | ||
| ▲ | resquawk 2 hours ago | parent [-] | |
> Separating the LLM invocation from the apply step is a great idea Thanks, yes, this is crucial. | ||