From 82f414cac12522bb256ced4efa8fe97590b06531 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 10 Feb 2026 15:29:55 +0000 Subject: [PATCH 1/4] Initial plan From a434adfd19fe145334b697d3b1b2c044e9f0ebb1 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 10 Feb 2026 15:39:47 +0000 Subject: [PATCH 2/4] Add disable-agentic-editing frontmatter field support to Astro docs - Extended docsSchema with disable-agentic-editing boolean field - Added comprehensive documentation in reference/documentation-protection.md - Created example protected page demonstrating the feature - Includes schema validation and description for tooling introspection Co-authored-by: mnkiefer <8320933+mnkiefer@users.noreply.github.com> --- docs/package-lock.json | 19 ++- docs/src/content.config.ts | 16 +- .../docs/examples/protected-page-example.md | 69 ++++++++ .../reference/documentation-protection.md | 149 ++++++++++++++++++ 4 files changed, 250 insertions(+), 3 deletions(-) create mode 100644 docs/src/content/docs/examples/protected-page-example.md create mode 100644 docs/src/content/docs/reference/documentation-protection.md diff --git a/docs/package-lock.json b/docs/package-lock.json index 442b8a5153..bc36aa98f7 100644 --- a/docs/package-lock.json +++ b/docs/package-lock.json @@ -165,6 +165,7 @@ "resolved": "https://registry.npmjs.org/@astrojs/starlight/-/starlight-0.37.6.tgz", "integrity": "sha512-wQrKwH431q+8FsLBnNQeG+R36TMtEGxTQ2AuiVpcx9APcazvL3n7wVW8mMmYyxX0POjTnxlcWPkdMGR3Yj1L+w==", "license": "MIT", + "peer": true, "dependencies": { "@astrojs/markdown-remark": "^6.3.1", "@astrojs/mdx": "^4.2.3", @@ -400,6 +401,7 @@ "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "cssesc": "^3.0.0", "util-deprecate": "^1.0.2" @@ -1235,6 +1237,7 @@ "integrity": "sha512-DNCbwkAKugzCtiHJg/7DciIRwnKwAI2QH3VWWC1cVxoBBQTPnH5D9HcWqpDdduUqnCuW2PY78afVo+QlaInDdQ==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "@csstools/postcss-is-pseudo-class": "^5.0.3", "cssesc": "^3.0.0", @@ -2258,6 +2261,7 @@ "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz", "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", "license": "MIT", + "peer": true, "bin": { "acorn": "bin/acorn" }, @@ -2456,6 +2460,7 @@ "resolved": "https://registry.npmjs.org/astro/-/astro-5.17.1.tgz", "integrity": "sha512-oD3tlxTaVWGq/Wfbqk6gxzVRz98xa/rYlpe+gU2jXJMSD01k6sEDL01ZlT8mVSYB/rMgnvIOfiQQ3BbLdN237A==", "license": "MIT", + "peer": true, "dependencies": { "@astrojs/compiler": "^2.13.0", "@astrojs/internal-helpers": "0.7.5", @@ -2979,6 +2984,7 @@ "resolved": "https://registry.npmjs.org/chevrotain/-/chevrotain-11.0.3.tgz", "integrity": "sha512-ci2iJH6LeIkvP9eJW6gpueU8cnZhv85ELY8w8WiFtNjMHA5ad6pQLaJo9mEly/9qUyCpvqX8/POVUTf18/HFdw==", "license": "Apache-2.0", + "peer": true, "dependencies": { "@chevrotain/cst-dts-gen": "11.0.3", "@chevrotain/gast": "11.0.3", @@ -3409,6 +3415,7 @@ "resolved": "https://registry.npmjs.org/cytoscape/-/cytoscape-3.33.1.tgz", "integrity": "sha512-iJc4TwyANnOGR1OmWhsS9ayRS3s+XQ185FmuHObThD+5AeJCakAAbWv8KimMTt08xCCLNgneQwFp+JRJOr9qGQ==", "license": "MIT", + "peer": true, "engines": { "node": ">=0.10" } @@ -3809,6 +3816,7 @@ "resolved": "https://registry.npmjs.org/d3-selection/-/d3-selection-3.0.0.tgz", "integrity": "sha512-fmTRWbNMmsmWq6xJV8D19U/gw/bwrHfNXxrIN+HfZgnzqTHp9jOmKMhsTUjXOJnZOdZY9Q28y4yebKzqDKlxlQ==", "license": "ISC", + "peer": true, "engines": { "node": ">=12" } @@ -4049,7 +4057,8 @@ "resolved": "https://registry.npmjs.org/devtools-protocol/-/devtools-protocol-0.0.1534754.tgz", "integrity": "sha512-26T91cV5dbOYnXdJi5qQHoTtUoNEqwkHcAyu/IKtjIAxiEqPMrDiRkDOPWVsGfNZGmlQVHQbZRSjD8sxagWVsQ==", "dev": true, - "license": "BSD-3-Clause" + "license": "BSD-3-Clause", + "peer": true }, "node_modules/diff": { "version": "8.0.3", @@ -6020,6 +6029,7 @@ "resolved": "https://registry.npmjs.org/marked/-/marked-16.4.2.tgz", "integrity": "sha512-TI3V8YYWvkVf3KJe1dRkpnjs68JUPyEa5vjKrp1XEEJUAOaQc+Qj+L1qWbPd0SJuAdQkFU0h73sXXqwDYxsiDA==", "license": "MIT", + "peer": true, "bin": { "marked": "bin/marked.js" }, @@ -6422,6 +6432,7 @@ "resolved": "https://registry.npmjs.org/mermaid/-/mermaid-11.12.2.tgz", "integrity": "sha512-n34QPDPEKmaeCG4WDMGy0OT6PSyxKCfy2pJgShP+Qow2KLrvWjclwbc3yXfSIf4BanqWEhQEpngWwNp/XhZt6w==", "license": "MIT", + "peer": true, "dependencies": { "@braintree/sanitize-url": "^7.1.1", "@iconify/utils": "^3.0.1", @@ -7833,6 +7844,7 @@ } ], "license": "MIT", + "peer": true, "dependencies": { "nanoid": "^3.3.11", "picocolors": "^1.1.1", @@ -7947,6 +7959,7 @@ "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "cssesc": "^3.0.0", "util-deprecate": "^1.0.2" @@ -8579,6 +8592,7 @@ "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.50.1.tgz", "integrity": "sha512-78E9voJHwnXQMiQdiqswVLZwJIzdBKJ1GdI5Zx6XwoFKUIk09/sSrr+05QFzvYb8q6Y9pPV45zzDuYa3907TZA==", "license": "MIT", + "peer": true, "dependencies": { "@types/estree": "1.0.8" }, @@ -10157,6 +10171,7 @@ "resolved": "https://registry.npmjs.org/vite/-/vite-6.4.1.tgz", "integrity": "sha512-+Oxm7q9hDoLMyJOYfUYBuHQo+dkAloi33apOPP56pzj+vsdJDzr+j1NISE5pyaAuKL4A3UD34qd0lx5+kfKp2g==", "license": "MIT", + "peer": true, "dependencies": { "esbuild": "^0.25.0", "fdir": "^6.4.4", @@ -10447,6 +10462,7 @@ "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.8.2.tgz", "integrity": "sha512-mplynKqc1C2hTVYxd0PU2xQAc22TI1vShAYGksCCfxbn/dFwnHTNi1bvYsBTkhdUNtGIf5xNOg938rrSSYvS9A==", "license": "ISC", + "peer": true, "bin": { "yaml": "bin.mjs" }, @@ -10585,6 +10601,7 @@ "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz", "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==", "license": "MIT", + "peer": true, "funding": { "url": "https://github.com/sponsors/colinhacks" } diff --git a/docs/src/content.config.ts b/docs/src/content.config.ts index 168643462d..69f9ac8df2 100644 --- a/docs/src/content.config.ts +++ b/docs/src/content.config.ts @@ -1,4 +1,4 @@ -import { defineCollection } from 'astro:content'; +import { defineCollection, z } from 'astro:content'; import { docsLoader } from '@astrojs/starlight/loaders'; import { docsSchema } from '@astrojs/starlight/schema'; import { blogSchema } from 'starlight-blog/schema'; @@ -8,7 +8,19 @@ export const collections = { docs: defineCollection({ loader: docsLoader(), schema: docsSchema({ - extend: (context) => blogSchema(context) + extend: (ctx) => { + const blogExtension = blogSchema(ctx); + return blogExtension.extend({ + // Agent protection flag: when set to true, instructs AI agents + // to treat this documentation page as read-only and skip any + // automated editing, generation, or modification operations. + // This is useful for auto-generated content, release notes, + // or documentation pages that should only be manually curated. + 'disable-agentic-editing': z.boolean().optional().describe( + 'Prevents AI agents from making automated edits to this page' + ), + }); + } }) }), // changelogs: defineCollection({ diff --git a/docs/src/content/docs/examples/protected-page-example.md b/docs/src/content/docs/examples/protected-page-example.md new file mode 100644 index 0000000000..911dac8c3f --- /dev/null +++ b/docs/src/content/docs/examples/protected-page-example.md @@ -0,0 +1,69 @@ +--- +title: Example Protected Page +description: This is an example page demonstrating the disable-agentic-editing frontmatter field +disable-agentic-editing: true +sidebar: + badge: { text: 'Protected', variant: 'caution' } +--- + +:::caution[Protected Content] +This page has `disable-agentic-editing: true` set in its frontmatter, which signals to AI agents that automated modifications should be avoided. +::: + +## Purpose + +This page serves as a live example of the documentation protection feature. When AI agents or automated workflows process this documentation site, they should detect the `disable-agentic-editing` field and skip any modification attempts. + +## What This Means + +### For AI Agents +- **Read-only access**: Agents can reference and cite this content +- **No automated edits**: Content should not be modified by automation +- **Report constraints**: Agents should inform users when protection prevents actions + +### For Maintainers +- **Manual updates only**: Changes require direct human intervention +- **Intentional curation**: Content structure and wording are deliberately maintained +- **Quality control**: All modifications go through standard review processes + +## Example Use Cases Demonstrated Here + +This page might represent: + +1. **Release announcements** that need to remain as originally published +2. **Legal disclaimers** requiring careful human oversight for changes +3. **Curated showcases** where selection and ordering are intentional +4. **Generated content** that shouldn't conflict with regeneration + +## Technical Implementation + +The frontmatter for this page looks like: + +```yaml +--- +title: Example Protected Page +description: This is an example page demonstrating the disable-agentic-editing frontmatter field +disable-agentic-editing: true +sidebar: + badge: { text: 'Protected', variant: 'caution' } +--- +``` + +The `disable-agentic-editing: true` field is: +- Validated by the Astro content schema defined in `src/content.config.ts` +- Optional (defaults to `false` if not specified) +- Boolean-typed for clear true/false semantics +- Accompanied by schema description for tooling introspection + +## Verification + +You can verify this field is working by: + +1. Inspecting the page metadata through Astro's content collections API +2. Building the documentation site (should succeed without errors) +3. Testing agent behavior when attempting to modify this file + +## Learn More + +For complete documentation about this feature, see: +- [Documentation Protection Reference](/gh-aw/reference/documentation-protection/) diff --git a/docs/src/content/docs/reference/documentation-protection.md b/docs/src/content/docs/reference/documentation-protection.md new file mode 100644 index 0000000000..b96633c3a7 --- /dev/null +++ b/docs/src/content/docs/reference/documentation-protection.md @@ -0,0 +1,149 @@ +--- +title: Documentation Page Protection +description: Learn how to protect specific documentation pages from automated agent modifications using the disable-agentic-editing frontmatter field. +sidebar: + order: 999 +--- + +## Overview + +The `disable-agentic-editing` frontmatter field provides a mechanism to mark documentation pages as protected from automated agent modifications. When this field is set to `true` in a page's frontmatter, it signals to AI agents and automated workflows that the content should remain untouched. + +## Usage + +Add the `disable-agentic-editing` field to the frontmatter section of any documentation page: + +```markdown +--- +title: My Protected Page +description: This page should not be automatically edited +disable-agentic-editing: true +--- + +Your carefully curated content here... +``` + +## When to Use This Field + +Consider enabling this protection for: + +### Auto-Generated Content +Pages that are programmatically generated from external sources should be protected to prevent conflicts between manual agent edits and regeneration processes. + +```markdown +--- +title: API Reference (Auto-Generated) +disable-agentic-editing: true +--- + + +``` + +### Release Notes and Changelogs +Historical records that document specific releases should remain immutable once published. + +```markdown +--- +title: Release 1.0.0 Notes +disable-agentic-editing: true +date: 2024-01-15 +--- + +Official release notes for version 1.0.0... +``` + +### Manually Curated Lists +Curated collections where ordering, selection, or specific wording is intentionally maintained. + +```markdown +--- +title: Community Showcase +disable-agentic-editing: true +--- + +Handpicked examples from the community... +``` + +### Legal and Compliance Content +Documentation with legal implications that requires careful human review for any changes. + +```markdown +--- +title: Terms of Service +disable-agentic-editing: true +--- + +Legal terms and conditions... +``` + +## How Agents Should Respect This Field + +When an AI agent encounters a page with `disable-agentic-editing: true`: + +1. **Skip automated edits** - Do not modify the content of the page +2. **Report the limitation** - Inform users that the page is protected +3. **Suggest alternatives** - Recommend creating new pages or manual review +4. **Read-only access** - The agent may still read and reference the content + +## Example: Protected Documentation Workflow + +Here's how this field integrates with automated documentation workflows: + +```markdown +--- +title: Architecture Diagram +disable-agentic-editing: true +--- + + + +![Architecture](./architecture.svg) + +The architecture consists of... +``` + +## Checking Protection Status + +Agents and tooling can query the frontmatter to check if a page is protected: + +```typescript +import { getEntry } from 'astro:content'; + +const page = await getEntry('docs', 'reference/protected-page'); + +if (page.data['disable-agentic-editing']) { + console.log('This page is protected from automated edits'); + // Skip modification logic +} +``` + +## Best Practices + +### Be Selective +Only protect pages that truly need it. Over-protection can limit the benefits of automated documentation improvements. + +### Document the Reason +Add comments explaining why a page is protected to help future maintainers understand the decision. + +```markdown +--- +title: Special Configuration +disable-agentic-editing: true +# Protected: This page contains manually optimized examples that have been +# reviewed by the security team. Changes must go through formal review. +--- +``` + +### Review Periodically +Regularly audit protected pages to determine if protection is still necessary as documentation practices evolve. + +### Combine with Other Protections +Use alongside other safeguards like branch protection rules and required reviewers for comprehensive protection. + +## Related + +- [Frontmatter Reference](/gh-aw/reference/frontmatter/) - All available frontmatter fields +- [Custom Agents](/gh-aw/reference/copilot-custom-agents/) - How agents interact with documentation From 67705f00e9b0e4375d4fcf419e2d94b994fb90c1 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 10 Feb 2026 15:50:12 +0000 Subject: [PATCH 3/4] Address PR feedback: delete docs and update unbloater workflow - Delete protected-page-example.md as requested - Delete documentation-protection.md as requested - Update unbloat-docs.md to skip files with disable-agentic-editing: true - Add frontmatter check in sections 2, 3, and 4 of unbloater workflow Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .github/workflows/unbloat-docs.md | 20 ++- .../docs/examples/protected-page-example.md | 69 -------- .../reference/documentation-protection.md | 149 ------------------ 3 files changed, 19 insertions(+), 219 deletions(-) delete mode 100644 docs/src/content/docs/examples/protected-page-example.md delete mode 100644 docs/src/content/docs/reference/documentation-protection.md diff --git a/.github/workflows/unbloat-docs.md b/.github/workflows/unbloat-docs.md index da7509e45d..afc3a6527c 100644 --- a/.github/workflows/unbloat-docs.md +++ b/.github/workflows/unbloat-docs.md @@ -158,6 +158,7 @@ find docs/src/content/docs -path 'docs/src/content/docs/blog' -prune -o -name '* **IMPORTANT**: Exclude these directories and files: - `docs/src/content/docs/blog/` - Blog posts have a different writing style and purpose - `frontmatter-full.md` - Automatically generated from the JSON schema by `scripts/generate-schema-docs.js` and should not be manually edited +- **Files with `disable-agentic-editing: true` in frontmatter** - These files are protected from automated editing Focus on files that were recently modified or are in the `docs/src/content/docs/` directory (excluding blog). @@ -178,6 +179,14 @@ Focus on markdown files in the `docs/` directory that appear in the PR's changed **NEVER select these directories or code-generated files**: - `docs/src/content/docs/blog/` - Blog posts have a different writing style and should not be unbloated - `docs/src/content/docs/reference/frontmatter-full.md` - Auto-generated from JSON schema +- **Files with `disable-agentic-editing: true` in frontmatter** - These files are explicitly protected from automated editing + +Before selecting a file, check its frontmatter to ensure it doesn't have `disable-agentic-editing: true`: +```bash +# Check if a file has disable-agentic-editing set to true +head -20 | grep -A1 "^---" | grep "disable-agentic-editing: true" +# If this returns a match, SKIP this file - it's protected +``` Choose the file most in need of improvement based on: - Recent modification date @@ -185,10 +194,19 @@ Choose the file most in need of improvement based on: - Number of bullet points or repetitive patterns - **Files NOT in the cleaned-files.txt cache** (avoid duplicating recent work) - **Files NOT in the exclusion list above** (avoid editing generated files) +- **Files WITHOUT `disable-agentic-editing: true` in frontmatter** (respect protection flag) ### 4. Analyze the File -Read the selected file and identify bloat: +**First, verify the file is editable**: +```bash +# Check frontmatter for disable-agentic-editing flag +head -20 | grep -A1 "^---" | grep "disable-agentic-editing: true" +``` + +If this command returns a match, **STOP** - the file is protected. Select a different file. + +Once you've confirmed the file is editable, read it and identify bloat: - Count bullet points - are there excessive lists? - Look for duplicate information - Check for repetitive "What it does" / "Why it's valuable" patterns diff --git a/docs/src/content/docs/examples/protected-page-example.md b/docs/src/content/docs/examples/protected-page-example.md deleted file mode 100644 index 911dac8c3f..0000000000 --- a/docs/src/content/docs/examples/protected-page-example.md +++ /dev/null @@ -1,69 +0,0 @@ ---- -title: Example Protected Page -description: This is an example page demonstrating the disable-agentic-editing frontmatter field -disable-agentic-editing: true -sidebar: - badge: { text: 'Protected', variant: 'caution' } ---- - -:::caution[Protected Content] -This page has `disable-agentic-editing: true` set in its frontmatter, which signals to AI agents that automated modifications should be avoided. -::: - -## Purpose - -This page serves as a live example of the documentation protection feature. When AI agents or automated workflows process this documentation site, they should detect the `disable-agentic-editing` field and skip any modification attempts. - -## What This Means - -### For AI Agents -- **Read-only access**: Agents can reference and cite this content -- **No automated edits**: Content should not be modified by automation -- **Report constraints**: Agents should inform users when protection prevents actions - -### For Maintainers -- **Manual updates only**: Changes require direct human intervention -- **Intentional curation**: Content structure and wording are deliberately maintained -- **Quality control**: All modifications go through standard review processes - -## Example Use Cases Demonstrated Here - -This page might represent: - -1. **Release announcements** that need to remain as originally published -2. **Legal disclaimers** requiring careful human oversight for changes -3. **Curated showcases** where selection and ordering are intentional -4. **Generated content** that shouldn't conflict with regeneration - -## Technical Implementation - -The frontmatter for this page looks like: - -```yaml ---- -title: Example Protected Page -description: This is an example page demonstrating the disable-agentic-editing frontmatter field -disable-agentic-editing: true -sidebar: - badge: { text: 'Protected', variant: 'caution' } ---- -``` - -The `disable-agentic-editing: true` field is: -- Validated by the Astro content schema defined in `src/content.config.ts` -- Optional (defaults to `false` if not specified) -- Boolean-typed for clear true/false semantics -- Accompanied by schema description for tooling introspection - -## Verification - -You can verify this field is working by: - -1. Inspecting the page metadata through Astro's content collections API -2. Building the documentation site (should succeed without errors) -3. Testing agent behavior when attempting to modify this file - -## Learn More - -For complete documentation about this feature, see: -- [Documentation Protection Reference](/gh-aw/reference/documentation-protection/) diff --git a/docs/src/content/docs/reference/documentation-protection.md b/docs/src/content/docs/reference/documentation-protection.md deleted file mode 100644 index b96633c3a7..0000000000 --- a/docs/src/content/docs/reference/documentation-protection.md +++ /dev/null @@ -1,149 +0,0 @@ ---- -title: Documentation Page Protection -description: Learn how to protect specific documentation pages from automated agent modifications using the disable-agentic-editing frontmatter field. -sidebar: - order: 999 ---- - -## Overview - -The `disable-agentic-editing` frontmatter field provides a mechanism to mark documentation pages as protected from automated agent modifications. When this field is set to `true` in a page's frontmatter, it signals to AI agents and automated workflows that the content should remain untouched. - -## Usage - -Add the `disable-agentic-editing` field to the frontmatter section of any documentation page: - -```markdown ---- -title: My Protected Page -description: This page should not be automatically edited -disable-agentic-editing: true ---- - -Your carefully curated content here... -``` - -## When to Use This Field - -Consider enabling this protection for: - -### Auto-Generated Content -Pages that are programmatically generated from external sources should be protected to prevent conflicts between manual agent edits and regeneration processes. - -```markdown ---- -title: API Reference (Auto-Generated) -disable-agentic-editing: true ---- - - -``` - -### Release Notes and Changelogs -Historical records that document specific releases should remain immutable once published. - -```markdown ---- -title: Release 1.0.0 Notes -disable-agentic-editing: true -date: 2024-01-15 ---- - -Official release notes for version 1.0.0... -``` - -### Manually Curated Lists -Curated collections where ordering, selection, or specific wording is intentionally maintained. - -```markdown ---- -title: Community Showcase -disable-agentic-editing: true ---- - -Handpicked examples from the community... -``` - -### Legal and Compliance Content -Documentation with legal implications that requires careful human review for any changes. - -```markdown ---- -title: Terms of Service -disable-agentic-editing: true ---- - -Legal terms and conditions... -``` - -## How Agents Should Respect This Field - -When an AI agent encounters a page with `disable-agentic-editing: true`: - -1. **Skip automated edits** - Do not modify the content of the page -2. **Report the limitation** - Inform users that the page is protected -3. **Suggest alternatives** - Recommend creating new pages or manual review -4. **Read-only access** - The agent may still read and reference the content - -## Example: Protected Documentation Workflow - -Here's how this field integrates with automated documentation workflows: - -```markdown ---- -title: Architecture Diagram -disable-agentic-editing: true ---- - - - -![Architecture](./architecture.svg) - -The architecture consists of... -``` - -## Checking Protection Status - -Agents and tooling can query the frontmatter to check if a page is protected: - -```typescript -import { getEntry } from 'astro:content'; - -const page = await getEntry('docs', 'reference/protected-page'); - -if (page.data['disable-agentic-editing']) { - console.log('This page is protected from automated edits'); - // Skip modification logic -} -``` - -## Best Practices - -### Be Selective -Only protect pages that truly need it. Over-protection can limit the benefits of automated documentation improvements. - -### Document the Reason -Add comments explaining why a page is protected to help future maintainers understand the decision. - -```markdown ---- -title: Special Configuration -disable-agentic-editing: true -# Protected: This page contains manually optimized examples that have been -# reviewed by the security team. Changes must go through formal review. ---- -``` - -### Review Periodically -Regularly audit protected pages to determine if protection is still necessary as documentation practices evolve. - -### Combine with Other Protections -Use alongside other safeguards like branch protection rules and required reviewers for comprehensive protection. - -## Related - -- [Frontmatter Reference](/gh-aw/reference/frontmatter/) - All available frontmatter fields -- [Custom Agents](/gh-aw/reference/copilot-custom-agents/) - How agents interact with documentation From 9188dc7b5281c222b32681709ae4b9f1423c4018 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 10 Feb 2026 16:01:06 +0000 Subject: [PATCH 4/4] Protect security and token docs from agentic editing - Add disable-agentic-editing: true to architecture.mdx - Add disable-agentic-editing: true to tokens.md - Add disable-agentic-editing: true to sandbox.md - Add disable-agentic-editing: true to threat-detection.md Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- docs/src/content/docs/introduction/architecture.mdx | 1 + docs/src/content/docs/reference/sandbox.md | 1 + docs/src/content/docs/reference/threat-detection.md | 1 + docs/src/content/docs/reference/tokens.md | 1 + 4 files changed, 4 insertions(+) diff --git a/docs/src/content/docs/introduction/architecture.mdx b/docs/src/content/docs/introduction/architecture.mdx index 2c45504cb6..29b6c52a0e 100644 --- a/docs/src/content/docs/introduction/architecture.mdx +++ b/docs/src/content/docs/introduction/architecture.mdx @@ -3,6 +3,7 @@ title: Security Architecture description: Comprehensive security architecture overview for GitHub Agentic Workflows, including defense-in-depth mechanisms against rogue MCP servers and malicious agents. sidebar: order: 3 +disable-agentic-editing: true --- import { Aside } from '@astrojs/starlight/components'; diff --git a/docs/src/content/docs/reference/sandbox.md b/docs/src/content/docs/reference/sandbox.md index f35e8568d6..de106c37f4 100644 --- a/docs/src/content/docs/reference/sandbox.md +++ b/docs/src/content/docs/reference/sandbox.md @@ -3,6 +3,7 @@ title: Sandbox Configuration description: Configure sandbox environments for AI engines including AWF agent container, mounted tools, runtime environments, and MCP Gateway sidebar: order: 1350 +disable-agentic-editing: true --- The `sandbox` field configures sandbox environments for AI engines, providing two main capabilities: diff --git a/docs/src/content/docs/reference/threat-detection.md b/docs/src/content/docs/reference/threat-detection.md index a13788f5a4..ed56712048 100644 --- a/docs/src/content/docs/reference/threat-detection.md +++ b/docs/src/content/docs/reference/threat-detection.md @@ -3,6 +3,7 @@ title: Threat Detection description: Configure automated threat detection to analyze agent output and code changes for security issues before they are applied. sidebar: order: 40 +disable-agentic-editing: true --- GitHub Agentic Workflows includes automatic threat detection to analyze agent output and code changes for potential security issues before they are applied. When safe outputs are configured, a threat detection job automatically runs to identify prompt injection attempts, secret leaks, and malicious code patches. diff --git a/docs/src/content/docs/reference/tokens.md b/docs/src/content/docs/reference/tokens.md index 227e3cebd8..2cf6f04d19 100644 --- a/docs/src/content/docs/reference/tokens.md +++ b/docs/src/content/docs/reference/tokens.md @@ -3,6 +3,7 @@ title: GitHub Tokens description: Comprehensive reference for all GitHub tokens used in gh-aw, including authentication, token precedence, and security best practices sidebar: order: 650 +disable-agentic-editing: true --- GitHub Agentic Workflows authenticate using multiple tokens depending on the operation. This reference explains which token to use, when it's required, and how precedence works across different operations.