From c0e78767b737824443f557e19546a7a806ef923a Mon Sep 17 00:00:00 2001
From: Christian Gunderman <gundermanc@google.com>
Date: Tue, 12 May 2026 14:01:19 -0700
Subject: [PATCH] feat(ci): improve mandate selection and add activate_skill to
 policy

---
 .github/workflows/gemini-cli-bot-brain.yml | 18 +++++++++++++++---
 tools/gemini-cli-bot/ci-policy.toml        |  2 +-
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/gemini-cli-bot-brain.yml b/.github/workflows/gemini-cli-bot-brain.yml
index 442c5f5e58..043c3827cb 100644
--- a/.github/workflows/gemini-cli-bot-brain.yml
+++ b/.github/workflows/gemini-cli-bot-brain.yml
@@ -137,26 +137,38 @@ jobs:
           TRIGGER_ISSUE_NUMBER: '${{ github.event.issue.number || github.event.inputs.issue_number }}'
           TRIGGER_COMMENT_ID: '${{ github.event.comment.id || github.event.inputs.comment_id }}'
         run: |
-          # Determine trigger and intent
+          # Determine intent and prompt
+          MANDATE_INPUT="${{ github.event.inputs.mandate || 'auto' }}"
+          
+          # Initialize defaults
           PROMPT_FILE="tools/gemini-cli-bot/brain/scheduled.md"
           MANDATE="Your specific mandate for this run: Implement surgical fixes for repository issues (issue-fixer skill)."
           
-          MANDATE_INPUT="${{ github.event.inputs.mandate || 'auto' }}"
-
+          # Resolve Mandate and Prompt File
           if [ "$MANDATE_INPUT" = "issue-fixer" ]; then
+             echo "Trigger: Manual Override (issue-fixer)"
              MANDATE="Your specific mandate for this run: Implement surgical fixes for repository issues (issue-fixer skill)."
           elif [ "$MANDATE_INPUT" = "metrics" ]; then
+             echo "Trigger: Manual Override (metrics)"
              MANDATE="Your specific mandate for this run: Analyze repository metrics to identify bottlenecks and self-evolve (metrics skill)."
           elif [ "$MANDATE_INPUT" = "interactive" ]; then
+             echo "Trigger: Manual Override (interactive)"
              PROMPT_FILE="tools/gemini-cli-bot/brain/interactive.md"
              MANDATE="Your specific mandate for this run: Respond to the user request in <untrusted_context>."
           elif [ "${{ github.event_name }}" = "issue_comment" ] || [ "${{ github.event.inputs.run_interactive }}" = "true" ]; then
+            echo "Trigger: Issue/PR Comment or Interactive Dispatch"
             PROMPT_FILE="tools/gemini-cli-bot/brain/interactive.md"
             MANDATE="Your specific mandate for this run: Respond to the user request in <untrusted_context>."
           elif [ "${{ github.event.schedule }}" = "0 0 * * *" ]; then
+            echo "Trigger: Nightly Schedule (Metrics)"
             MANDATE="Your specific mandate for this run: Analyze repository metrics to identify bottlenecks and self-evolve (metrics skill)."
+          else
+            echo "Trigger: Scheduled or Manual Dispatch (Default: Issue-Fixer)"
           fi
 
+          echo "Selected Prompt: $PROMPT_FILE"
+          echo "Selected Mandate: $MANDATE"
+
           # Prepare Context if available
           touch trigger_context.md
           if [ -n "$TRIGGER_ISSUE_NUMBER" ]; then
diff --git a/tools/gemini-cli-bot/ci-policy.toml b/tools/gemini-cli-bot/ci-policy.toml
index 6df5fb9e03..12f6d003cd 100644
--- a/tools/gemini-cli-bot/ci-policy.toml
+++ b/tools/gemini-cli-bot/ci-policy.toml
@@ -2,7 +2,7 @@
 # This policy guarantees permission for shell commands and file writing in the bot's CI environment.
 
 [[rule]]
-toolName = ["run_shell_command", "write_file", "replace"]
+toolName = ["run_shell_command", "write_file", "replace", "activate_skill"]
 decision = "allow"
 # Max priority to ensure it overrides all default and workspace rules.
 priority = 999