
Every GitHub Actions primitive is the automated substitute for a human's presence, so when nobody's at the keyboard you must declare a tight timeout-minutes (the default is a six-hour burn) and an explicit permissions block. We walk the full workflow anatomy, triggers, secrets, GITHUB_TOKEN scopes, and end-to-end AWS OIDC auth for a Claude Code run.
Wire every parallel Claude Code session, subagent, and headless run into one OpenTelemetry feed and watch per-agent token burn and dollar cost on a Grafana dashboard, with stall detection that catches a looping agent before it drains the budget. The one trap: the same opt-in log flags that give you attribution can ship raw prompts and pasted credentials to your observability backend, and one shared API key collapses every worktree's cost into a single lying bucket.
Apply one named label to an issue and Claude Code runs an unattended implement pass that pushes a branch and opens a PR. The label gates who can fire it, not who wrote the issue body, so the spec you splice into the prompt is still attacker-controllable and you must treat it as data.
Once a headless Claude run passes, the last rung is delivery: branch, commit, push, and open the PR with nobody at the keyboard. The trap that bites everyone is the PR whose own CI never runs, because GitHub won't trigger workflows for events made by the default token.
Prevention sometimes fails, so engineer the blast radius: layer scope limits on permissions, credentials, network, accounts, spend, and merge rights so one bad turn stays cheap. The trap is assuming "it only opens a PR" is safe, because a PR triggers CI that can hold your secrets.
Before you let Claude run unattended, you need three independent enforcement layers, because a prompt injection can change what the agent wants to do but never what the harness allows. This episode wires up the sandbox, the deny rules, and the audit trail into one locked-down headless run.
A code reviewer who wrote the code is the worst possible reviewer, so wire a cold-context critic against an Edit-capable fixer and an objective test gate. The one pitfall that breaks it: a fixer that games the gate by rewriting the tests instead of the bug.
Install the claude-code-action via /install-github-app, then @-mention Claude on any issue or PR to get a committed branch and a ready-to-click PR link. The biggest gotcha: fork PRs on public repos can't read your ANTHROPIC_API_KEY, so the workflow silently does nothing unless you use pull_request_target on the base branch or Workload Identity Federation.
Take Claude Code out of the terminal and into your scripts. Print mode and structured JSON, the Claude Agent SDK in TypeScript and Python, chaining sessions, and the permission-and-cost discipline that keeps an unattended run from deleting your repo or running up an API bill once the June 15 billing change lands.
Stop hand-wiring parallel sessions and let one Claude become the dispatcher: it spins up waves of subagents that work in parallel and report back. Your first session that runs a team instead of a task, plus how to keep the roughly fifteen-times token bill from running away with you.
The two highest-leverage habits in a single Claude Code session: make it interview you and plan the whole change in writing before it touches a file, then make it tear the diff apart, cold, before anything gets committed. Both are free, and they cover each other's blind spots.
One repo, several Claudes, zero stepped-on edits. Learn to give each Claude Code session its own git worktree, an isolated working directory on its own branch, plus the port, dependency, and database collisions to dodge, and the rule for when fanning out actually beats one focused session.
The two skills most Claude Code power users skip: keeping token spend and rate limits predictable, and regression-testing the prompts, skills, and commands you depend on so they can't quietly get worse. What the cost command actually measures, the model and caching levers that really move the bill, reading your usage with ccusage and OpenTelemetry, and a small eval suite built on headless print mode and promptfoo.
Two hours into a session, Claude starts re-reading files and forgetting the conventions you set at the start. That's a full context window, not a smarter assistant. Learn to read the /context meter, when to /compact versus /clear, how to push noisy work into a subagent, and how to structure a multi-file CLAUDE.md hierarchy so the right instructions load at the right depth instead of silently eating your token budget.
Wire external tools into Claude Code through the Model Context Protocol: a real browser, your Postgres database, your GitHub repos, your error tracker in production. We add a server from scratch, sort out the three config scopes and which file gets committed, and fix the mistake that quietly floods your context window and dulls the model.
A subagent is a fresh Claude instance that does a noisy, self-contained job in its own context window and hands back only the summary. Learn to delegate codebase searches and code reviews, restrict each agent's tools and model, and avoid the blank-context pitfall that produces confident wrong answers.
You keep pasting the same procedure into chat. Package it once as a skill, a folder with a SKILL.md, and Claude loads it on demand when the task matches, deep when you need it and nearly free when you don't. We build one from scratch, wire live shell output straight into it, and fix the number one reason a good skill silently never fires.
You've been using the slash commands Claude Code ships with. Now write your own, and wire the hooks that fire on their own. Bundle a repeatable workflow into a command you trigger with a slash, then back it with hooks that enforce the rules a command can only ask for: build a /commit command, auto-lint after every edit, block writes to your migrations folder, and force the tests to pass before a turn can end.
A tour of the commands that ship in the box, the four steering keys you will use every run, and the decision you make constantly: clear versus compact, plus how to spot when compaction silently drops the context you were relying on.
You can't automate a tool you don't trust. This episode is the control surface: where settings live and which file wins, how to write tight allow/ask/deny permission rules (the real fence, not CLAUDE.md), the permission modes and the Shift+Tab plan-to-act toggle, and the slash commands a power user reaches for first, including the /rewind safety net. Plus the one pitfall everyone hits: the overly broad Bash(*) allow rule.
How the gather-act-verify loop actually works and how to steer it without starting over. What belongs in your CLAUDE.md project memory and what to keep out, generating a first draft with /init, and resuming yesterday's session instead of re-explaining everything. Plus the pitfall every beginner hits, context going stale, and the habits that fix it.