Change optional skip claude target

[scottf]

No description provided.

[scottf]

@claude review

[synadia-claude-reviewer]

Claude finished @scottf's task in 52s —— View job

---

Code Review

• Gather context and read changed files
• Analyze the diff
• Post review feedback

---

Summary

The change updates .github/workflows/claude.yml to switch the PR trigger from pull_request → pull_request_target, and adds ready_for_review to the trigger types. The if: condition guard is updated in lockstep to reference the new event name.

---

Analysis

pull_request → pull_request_target

This is a meaningful security/access distinction:

	pull_request	pull_request_target
Runs in context of	PR branch	Base branch
Secrets available for fork PRs	No	Yes
Executes code from	Fork	Base repo

Switching to pull_request_target is the right call here because the workflow needs access to secrets (CLAUDE_OAUTH_TOKEN, CLAUDE_GH_APP_PRIVATE_KEY) to function on fork PRs. This also aligns with checkout_mode: base being passed to the reusable workflow — the action checks out the base branch's trusted code rather than the fork's code, which is the standard mitigation for the elevated-privilege risk of pull_request_target. The existing permissions block (contents: read, actions: read) further limits the blast radius. This looks correct and safe.

Adding ready_for_review

Good addition. Previously, draft PRs converted to ready-for-review would not trigger Claude. Now they will, which is the expected behavior.

if: condition

Updated correctly from pull_request → pull_request_target to match the renamed event. The logic is sound: skip the Claude job only when the triggering event is a pull_request_target event and [skip claude] is in the PR body.

---

Verdict

LGTM. The change is consistent and correct — both the trigger and the condition guard are updated together, the security posture with pull_request_target + checkout_mode: base is appropriate, and ready_for_review is a sensible addition.

No issues found.