What happened
PR fullsend-ai/experiments#28 added a host-side API server PoC to the experiments repo. The review bot ran 3 passes (2026-05-20, 2026-05-29, 2026-06-01), each issuing CHANGES_REQUESTED for security findings including command injection and credential handling. The author posted a detailed response table accepting 4 findings as out-of-scope for experiment code and fixing 6 others. A human reviewer approved ("LGTM"). The bot's third pass still flagged the same accepted findings. The PR was merged over the bot's objection. This is expected behavior for an experiments repo — production security standards don't apply to throwaway PoC code — but the review agent has no mechanism to know this.
What could go better
The review agent applies the same severity thresholds regardless of repo purpose. In an experiments repo, critical/high security findings in PoC code are informational, not blocking. The author had to manually override the bot's verdict, which is friction that will recur on every experiment PR with security-adjacent code.
Existing issues address related but distinct problems: #1273 (PR description context), #1551 (human-authored PR severity), #1500/#1583 (re-flagging resolved findings). None address the repo-level dimension — that some repositories are inherently experimental and should have different default severity thresholds for all PRs.
Confidence: Medium-high. This PR is a clear example, but the experiments repo may be an outlier. The proposal is most valuable if other experiment/PoC repos exist or will exist.
Proposed change
Add support for a repo-level review profile configuration (e.g., in .github/fullsend.json or equivalent) that lets repo owners declare a review mode. For example:
{
"review": {
"profile": "experimental",
"severity_floor": "info"
}
}When profile is experimental, the review agent should:
- Downgrade all security findings to informational severity (still reported, not blocking)
- Never issue CHANGES_REQUESTED — use COMMENT verdict instead
- Include a note in the review summary that experimental profile is active
This affects the review agent definition (likely agents/review.md or the review skill) and the harness config schema. The review dispatch workflow would need to read the repo-level config and pass it as context to the agent.
Validation criteria
After implementation, the next 3 PRs to fullsend-ai/experiments (or any repo with experimental profile configured) should receive COMMENT verdicts instead of CHANGES_REQUESTED for security findings in PoC code. Security findings should still appear in the review summary (for awareness) but should not block merge or trigger fix agent dispatches.
Generated by retro agent from fullsend-ai/experiments#28
What happened
PR fullsend-ai/experiments#28 added a host-side API server PoC to the experiments repo. The review bot ran 3 passes (2026-05-20, 2026-05-29, 2026-06-01), each issuing CHANGES_REQUESTED for security findings including command injection and credential handling. The author posted a detailed response table accepting 4 findings as out-of-scope for experiment code and fixing 6 others. A human reviewer approved ("LGTM"). The bot's third pass still flagged the same accepted findings. The PR was merged over the bot's objection. This is expected behavior for an experiments repo — production security standards don't apply to throwaway PoC code — but the review agent has no mechanism to know this.
What could go better
The review agent applies the same severity thresholds regardless of repo purpose. In an experiments repo, critical/high security findings in PoC code are informational, not blocking. The author had to manually override the bot's verdict, which is friction that will recur on every experiment PR with security-adjacent code.
Existing issues address related but distinct problems: #1273 (PR description context), #1551 (human-authored PR severity), #1500/#1583 (re-flagging resolved findings). None address the repo-level dimension — that some repositories are inherently experimental and should have different default severity thresholds for all PRs.
Confidence: Medium-high. This PR is a clear example, but the experiments repo may be an outlier. The proposal is most valuable if other experiment/PoC repos exist or will exist.
Proposed change
Add support for a repo-level review profile configuration (e.g., in
.github/fullsend.jsonor equivalent) that lets repo owners declare a review mode. For example:{ "review": { "profile": "experimental", "severity_floor": "info" } }When
profileisexperimental, the review agent should:This affects the review agent definition (likely
agents/review.mdor the review skill) and the harness config schema. The review dispatch workflow would need to read the repo-level config and pass it as context to the agent.Validation criteria
After implementation, the next 3 PRs to
fullsend-ai/experiments(or any repo with experimental profile configured) should receive COMMENT verdicts instead of CHANGES_REQUESTED for security findings in PoC code. Security findings should still appear in the review summary (for awareness) but should not block merge or trigger fix agent dispatches.Generated by retro agent from fullsend-ai/experiments#28