ENGINEERING
Grade dependency-bump PRs by changelog breaking-change signals
When a dependency-bump PR opens, fetches the package's changelog for the version range, uses an LLM to score breaking-change risk, labels the PR low/medium/high.
How it runs
The automated pipeline, trigger to output.
- TriggerPR opened touching a dependency manifestGitHub
- ActionFetch changelog for old→new version rangeGitHub
- ActionLLM grades breaking-change risk + rationaleOpenAI
- LogicMap verdict to low/medium/high
- ActionApply risk label to the PRGitHub
- OutputPost grade and rationale to SlackSlack
What it does
Every time a bot or contributor opens a dependency-bump pull request, this workflow pulls the changelog entries between the old and new version, asks an LLM to flag breaking-change signals (removed APIs, behavior changes, peer-dep bumps, major version jumps), assigns a risk grade, applies a GitHub label, and notifies the team.
When to use it
Use it when Dependabot or Renovate volume is too high to review by hand and you want a fast triage signal before anyone spends time on a PR. It separates the rubber-stamp `low` bumps from the `high` ones that need a human and a test run.
How it works
- 1A PR-opened webhook fires on PRs that touch a manifest file (package.json, go.mod, etc.).
- 2The flow parses the package name plus old and new versions from the PR title and diff.
- 3It fetches the changelog/release notes for that version range from GitHub.
- 4An LLM classifies the notes into low/medium/high risk with a one-line rationale.
- 5The matching `risk:low|medium|high` label is applied to the PR.
- 6A Slack message summarizes the grade, rationale, and PR link for the eng channel.
Set it up
What you configure once, before turning it on.
- 1Connect GitHubRepos, issues, pull requests, actions.
- 2Connect OpenAIModels, embeddings, files.
- 3Connect SlackChannels, DMs, threads, mentions.
- 4Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
- 5Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
- 6Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.
More Engineering workflows
Gate breaking API PRs behind downstream consumer acknowledgement
When a PR introduces a breaking contract change, comments the impact summary back on the PR, applies a blocking label.
Publish a versioned API changelog to Confluence on each release tag
On a new semver release tag, gathers the contract changes since the last release and writes a clean.
Agent reviews model-license fit and suggests compliant swaps on the PR
When a PR adds a Hugging Face model, an agent reads the model card and license, judges fit against your commercial-use policy.
Upgrade Impact Router to Module Code Owners
Maps a dependency-bump PR's affected modules to their CODEOWNERS, then DMs each owner on Slack with only the changelog slice that touches code they own.
Re-Voice IVR Prompts on Phone-Tree Config Merge
When a phone-tree config change merges in GitHub, regenerates the ElevenLabs audio for any prompt whose script changed in the diff and opens a follow-up PR adding the new audio…
Upstream Release to Notion Upgrade Brief
When a watched package publishes a new release, fetches the release notes, maps them to the internal modules that depend on it.
Run it inside a business
This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.
Run this workflow in your colony.
14-day trial. No DevOps. No Sales call. Provisioned in under a minute.