{"id":50968103,"url":"https://github.com/karancode/kiro-action","last_synced_at":"2026-06-18T22:32:59.702Z","repository":{"id":358096006,"uuid":"1226738317","full_name":"karancode/kiro-action","owner":"karancode","description":"Official GitHub Action for Kiro","archived":false,"fork":false,"pushed_at":"2026-05-15T17:31:09.000Z","size":793,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-15T19:55:14.127Z","etag":null,"topics":["actions","kiro","kiro-cli"],"latest_commit_sha":null,"homepage":"https://kiro.dev","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/karancode.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-01T19:20:46.000Z","updated_at":"2026-05-15T17:28:27.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/karancode/kiro-action","commit_stats":null,"previous_names":["karancode/kiro-action"],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/karancode/kiro-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/karancode%2Fkiro-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/karancode%2Fkiro-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/karancode%2Fkiro-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/karancode%2Fkiro-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/karancode","download_url":"https://codeload.github.com/karancode/kiro-action/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/karancode%2Fkiro-action/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34510286,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-18T02:00:06.871Z","response_time":128,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actions","kiro","kiro-cli"],"created_at":"2026-06-18T22:32:59.542Z","updated_at":"2026-06-18T22:32:59.688Z","avatar_url":"https://github.com/karancode.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# kiro-action\n\n![Kiro Action](assets/kiro_action_asset.png)\n\n[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-kiro--action-blue?logo=github)](https://github.com/marketplace/actions/kiro-action)\n[![Release](https://img.shields.io/github/v/release/karancode/kiro-action?logo=github)](https://github.com/karancode/kiro-action/releases)\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)\n[![CI](https://github.com/karancode/kiro-action/actions/workflows/ci.yml/badge.svg)](https://github.com/karancode/kiro-action/actions/workflows/ci.yml)\n\nA GitHub Action that runs [Kiro](https://kiro.dev) — AWS's agentic IDE and command-line interface — on your pull requests, issues, and schedules. Mention `/kiro` in a comment, label an issue with `kiro`, or run it from a workflow with an explicit prompt. Kiro reads the context, writes the code, and opens a pull request.\n\nIt's [headless mode](https://kiro.dev/docs/cli/headless), wired up to GitHub.\n\n## What you can do with it\n\n- **Comment on a PR or issue** — `/kiro fix the null deref in src/auth/login.ts` and Kiro pushes a fix\n- **Label an issue with `kiro`** — Kiro reads the body, implements it, opens a PR. No bot user needed.\n- **Run on a schedule** — weekly dependency upgrades, drift checks, doc sync, whatever you wire up\n- **Wrap it in a custom prompt** — security review on every PR, auto-fix CI failures, triage new issues\n\nThe [`examples/`](examples/) directory has nine ready-to-drop-in workflows.\n\n## Quickstart\n\n**1.** Add `KIRO_API_KEY` as a repo secret (Settings → Secrets and variables → Actions).\n\n**2.** Drop a workflow file into `.github/workflows/`:\n\n```yaml\nname: Kiro\n\non:\n  issue_comment:\n    types: [created]\n  pull_request_review_comment:\n    types: [created]\n  issues:\n    types: [labeled, assigned]\n  pull_request:\n    types: [labeled, assigned]\n\njobs:\n  kiro:\n    runs-on: ubuntu-latest\n    permissions:\n      contents: write\n      issues: write\n      pull-requests: write\n    steps:\n      - uses: actions/checkout@v4\n        with:\n          fetch-depth: 0\n      - uses: karancode/kiro-action@v0\n        with:\n          kiro_api_key: ${{ secrets.KIRO_API_KEY }}\n```\n\n**3.** Comment `/kiro \u003canything\u003e` on an issue or PR.\n\nThat's it. For other patterns, copy a file from [`examples/`](examples/).\n\n## Examples\n\n| File | What it does |\n|---|---|\n| [`kiro.yml`](examples/kiro.yml) | The default — `/kiro` mentions, `kiro` labels, and assignments |\n| [`pr-review.yml`](examples/pr-review.yml) | Comprehensive review on every PR |\n| [`security-review.yml`](examples/security-review.yml) | OWASP-style review on sensitive paths only |\n| [`external-contributor-review.yml`](examples/external-contributor-review.yml) | Strict review for non-team PRs |\n| [`issue-triage.yml`](examples/issue-triage.yml) | Auto-label new issues, request missing info |\n| [`docs-sync.yml`](examples/docs-sync.yml) | Keep docs in sync with code changes |\n| [`dependency-audit.yml`](examples/dependency-audit.yml) | Weekly dependency upgrade PR |\n| [`ci-failure-fix.yml`](examples/ci-failure-fix.yml) | Auto-fix failing CI on PR branches |\n| [`code-reviewer-agent.yml`](examples/code-reviewer-agent.yml) | Use a custom Kiro agent for review |\n\n## Inputs\n\n| Input | Required | Default | Description |\n|---|---|---|---|\n| `kiro_api_key` | yes | — | Kiro API key. Pass via secret. |\n| `github_token` | no | `github.token` | Token used for GitHub API calls. |\n| `prompt` | no | — | Explicit prompt for scheduled / push triggers. |\n| `trigger_phrase` | no | `/kiro` | Phrase that activates Kiro from comments. |\n| `label_trigger` | no | `kiro` | Label whose addition to an issue or PR activates Kiro. |\n| `assignee_trigger` | no | `kirocli` | GitHub username whose assignment activates Kiro. |\n| `branch_prefix` | no | `kiro/` | Prefix for branches Kiro creates. |\n| `kiro_args` | no | `--trust-all-tools` | Extra flags passed through to `kiro-cli chat` (see below). |\n\n### Passing Kiro CLI flags\n\n`kiro_args` forwards arguments straight to `kiro-cli chat`, so any current CLI flag works without an action update. Useful ones:\n\n```yaml\n# Control reasoning depth (low | medium | high | xhigh | max)\nkiro_args: '--trust-all-tools --effort high'\n\n# Restrict tool access instead of trusting everything\nkiro_args: '--trust-tools=read,grep,write'\n\n# Run a repo-defined agent (.kiro/agents/\u003cname\u003e.json)\nkiro_args: '--agent code-reviewer'\n\n# Fail fast if an MCP server can't start\nkiro_args: '--trust-all-tools --require-mcp-startup'\n```\n\nThe action installs the latest stable Kiro CLI on each run, so new flags are available as soon as they ship. See [`kiro-cli chat --help`](https://kiro.dev/docs/cli/headless) for the full list.\n\n## Outputs\n\n| Output | Description |\n|---|---|\n| `branch_name` | Branch Kiro pushed to (when changes were made). |\n| `pr_url` | URL of the PR Kiro opened (when one was opened). |\n| `kiro_output` | Cleaned output from the Kiro CLI. |\n\n## Permissions\n\nComment and assign modes need write access to commit and open PRs:\n\n```yaml\npermissions:\n  contents: write       # push branches\n  issues: write         # post / update progress comments\n  pull-requests: write  # open PRs\n```\n\nFor pure review or triage workflows (no commits), `contents: read` is enough — see the individual examples for the minimal permission set each one needs.\n\n## How triggers work\n\n| Mode | Activates on | When to use |\n|---|---|---|\n| **comment** | `/kiro \u003cinstruction\u003e` on any issue or PR | Ad-hoc requests with a specific instruction |\n| **label** | `kiro` label added to an issue or PR | \"This issue describes the work — go do it.\" Fits the way teams already triage. |\n| **auto** | Workflow with `prompt:` input set | Scheduled runs, PR review automation, anything event-driven |\n| **assign** | Assigning an issue or PR to the `kirocli` user | Less common — requires a real GitHub user. Most teams use **label** instead. |\n\nDetection priority: `auto` \u003e `comment` \u003e `label` \u003e `assign`. A repo can use any combination — they don't conflict.\n\n`comment` and `label` triggers both check that the user has write access to the repo before running. `assign` is implicitly gated by GitHub's own permission model.\n\n## Authentication\n\nSet `KIRO_API_KEY` to a Kiro API key from your account at [kiro.dev](https://kiro.dev) (requires a Pro/Pro+/Power subscription). The action passes it to `kiro-cli` via environment variable — it's never logged or exposed to the prompt.\n\n`KIRO_API_KEY` is currently the only headless auth method. AWS IAM / SigV4 authentication via the credential chain is requested upstream ([kirodotdev/kiro#8431](https://github.com/kirodotdev/kiro/issues/8431)) but not yet available.\n\n## Development\n\n```bash\nbun install        # deps\nbun run typecheck  # tsc --noEmit\nbun test           # unit tests\nbun run build      # bundle to dist/index.js\n```\n\nThe bundled `dist/index.js` is committed and is what GitHub runs. Source lives in `src/`. See [CLAUDE.md](CLAUDE.md) for the architecture.\n\n## License\n\nMIT.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkarancode%2Fkiro-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkarancode%2Fkiro-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkarancode%2Fkiro-action/lists"}