Change this token name to make it more specific to its usage

derekmisler · derekmisler · commit b20130412535 · 2026-02-05T09:06:07.000-05:00
diff --git a/.github/workflows/review-pr.yml b/.github/workflows/review-pr.yml
@@ -55,7 +55,7 @@ on:
         type: string
         default: "docker"
     secrets:
-      ORG_MEMBERSHIP_TOKEN:
+      CAGENT_ORG_MEMBERSHIP_TOKEN:
         description: "PAT with read:org scope to check org membership for auto-reviews"
         required: false
       ANTHROPIC_API_KEY:
@@ -116,7 +116,7 @@ jobs:
         id: membership
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         with:
-          github-token: ${{ secrets.ORG_MEMBERSHIP_TOKEN }}
+          github-token: ${{ secrets.CAGENT_ORG_MEMBERSHIP_TOKEN }}
           script: |
             const org = '${{ inputs.auto-review-org }}';
             const username = context.payload.pull_request.user.login;
@@ -134,11 +134,11 @@ jobs:
                 console.log(`⏭️ ${username} is not a ${org} org member - skipping auto-review`);
               } else if (error.status === 401) {
                 core.setFailed(
-                  '❌ ORG_MEMBERSHIP_TOKEN secret is missing or invalid.\n\n' +
+                  '❌ CAGENT_ORG_MEMBERSHIP_TOKEN secret is missing or invalid.\n\n' +
                   `This secret is required to check ${org} org membership for auto-reviews.\n\n` +
                   'To fix this:\n' +
                   '1. Create a classic PAT with read:org scope at https://github.com/settings/tokens/new\n' +
-                  '2. Add it as an org secret named ORG_MEMBERSHIP_TOKEN'
+                  '2. Add it as an org secret named CAGENT_ORG_MEMBERSHIP_TOKEN'
                 );
               } else {
                 core.setFailed(`Failed to check org membership: ${error.message}`);
diff --git a/review-pr/README.md b/review-pr/README.md
@@ -71,11 +71,11 @@ With just an API key, you can use `/review` comments to trigger reviews manually
 | Secret | Description | Purpose |
 |--------|-------------|---------|
 | `ANTHROPIC_API_KEY` | API key for your LLM provider | Required |
-| `ORG_MEMBERSHIP_TOKEN` | PAT with `read:org` scope | Auto-review PRs from org members |
+| `CAGENT_ORG_MEMBERSHIP_TOKEN` | PAT with `read:org` scope | Auto-review PRs from org members |
 | `CAGENT_REVIEWER_APP_ID` | GitHub App ID | Reviews appear as your app (not github-actions[bot]) |
 | `CAGENT_REVIEWER_APP_PRIVATE_KEY` | GitHub App private key | Required with App ID |
 
-**Note:** Without `ORG_MEMBERSHIP_TOKEN`, only `/review` comments work (no auto-review on PR open).
+**Note:** Without `CAGENT_ORG_MEMBERSHIP_TOKEN`, only `/review` comments work (no auto-review on PR open).
 Without GitHub App secrets, reviews appear as "github-actions[bot]" which is fine for most teams.
 
 ---
