Add scheduled workflow to prune merged and stale remote branches

[Copilot]

141 remote branches accumulated with no automated cleanup — 85 repo-assist/ branches (many chained retry suffixes), 13 already merged into master, 39 older than 60 days with no open PR.

Adds prune-branches.yml — a weekly scheduled workflow (workflow_dispatch-triggerable) that:

• Deletes merged branches — any branch whose compare status against master is identical or behind
• Deletes stale branches — unmerged branches with last commit >60 days ago and no open PR
• Protects master/main/release, GitHub-protected branches, and memory/* (repo-assist state)

Recommended follow-up

Enable "Automatically delete head branches" in repo Settings → General to prevent future post-merge accumulation.

[clawsweeper]

Codex review: needs real behavior proof before merge. Reviewed May 28, 2026, 7:38 PM ET / 23:38 UTC.

Summary
The PR adds a weekly and manually triggerable GitHub Actions workflow that deletes merged branches and stale branches with no open PR.

Reproducibility: not applicable. this is an administrative workflow PR, not a product bug with a current-main reproduction path. The relevant check is policy and live-branch dry-run proof rather than reproducing a failure.

Review metrics: 2 noteworthy metrics.

• Workflow surface: 1 workflow added. A new scheduled workflow can mutate remote refs, so the operational policy matters before merge.
• Ref deletion surface: 2 deleteRef paths, contents: write. The workflow has two deletion paths and write permissions that tests alone cannot validate safely.

Merge readiness
Overall: 🧂 unranked krab
Proof: 🧂 unranked krab
Patch quality: 🦪 silver shellfish
Result: blocked until real behavior proof is added.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• [P1] Add redacted real behavior proof, preferably a workflow_dispatch dry-run or log showing the candidate branches and skipped protected/open-PR branches.
• Pin actions/github-script to an audited full SHA or move this through the repository's locked workflow pattern.
• Start with manual or dry-run mode until maintainers approve the exact branch-prefix and stale-age policy.

Proof guidance:

• [P1] Needs real behavior proof before merge: No after-fix real behavior proof is posted; branch counts in the PR body are not a redacted workflow_dispatch dry-run log or deletion candidate output, so contributor action is needed before merge. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Risk before merge

• [P1] The workflow would delete remote refs on a weekly schedule with contents: write; an incorrect stale or merged classification could remove branch history before maintainers review the candidate set.
• [P1] The allowlist only hard-codes master, main, release, and memory/*; current branch inventory includes human and automation prefixes that become eligible when old and PR-less unless maintainers explicitly approve that policy.
• [P1] The write-capable job uses a mutable actions/github-script@v9 ref; pinning the action or following the repo's generated lock-file pattern would reduce supply-chain drift.
• [P1] The PR body gives branch counts, but does not include after-fix real behavior proof such as a redacted workflow_dispatch dry run or candidate deletion log.

Maintainer options:

1. Prove and gate deletion first (recommended)
   Start with workflow_dispatch or dry-run logging, publish the redacted candidate set, and enable the weekly schedule only after maintainers approve the branch policy.
2. Accept direct scheduled cleanup
   Maintainers can intentionally accept immediate scheduled deletion if they are comfortable with the current allowlist, stale threshold, and branch inventory impact.
3. Use repo settings for merged heads
   If the main goal is post-merge cleanup, close or pause this PR and enable GitHub's automatic head-branch deletion setting instead, with a separate policy discussion for stale unmerged branches.

Next step before merge

• [P1] This needs maintainer/admin approval and contributor-supplied real behavior proof; ClawSweeper should not auto-repair or merge a destructive repository cleanup policy.

Security
Needs attention: The diff introduces a write-token scheduled workflow that deletes refs and uses a mutable action reference, so supply-chain and repository-integrity review is needed before merge.

Review findings

• [P2] Pin the branch-pruning action before granting write access — .github/workflows/prune-branches.yml:17

Review details

Best possible solution:

Land branch cleanup only after maintainers approve the deletion policy, the write-capable action is pinned, and a dry-run or manual execution log proves the candidate set against the live branch inventory.

Do we have a high-confidence way to reproduce the issue?

Not applicable; this is an administrative workflow PR, not a product bug with a current-main reproduction path. The relevant check is policy and live-branch dry-run proof rather than reproducing a failure.

Is this the best way to solve the issue?

No, not as submitted; the safer solution is to pin the write-capable action and prove the deletion candidate set in dry-run/manual mode before enabling a weekly schedule.

Full review comments:

• [P2] Pin the branch-pruning action before granting write access — .github/workflows/prune-branches.yml:17
  This scheduled job gives the action contents: write and then deletes refs, but it runs actions/github-script@v9 through a mutable tag. Pin this write-capable action to an audited full SHA, or use the repository's generated lock-file pattern, before enabling scheduled branch deletion.
  Confidence: 0.78

Overall correctness: patch is incorrect
Overall confidence: 0.78

AGENTS.md: found, but no applicable review policy affected this item.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 281656fc017e.

Label changes

Label changes:

• add P2: This is a normal-priority repository automation improvement, but it has destructive branch-deletion impact if merged.
• add merge-risk: 🚨 security-boundary: The PR adds a scheduled write-token workflow running a mutable action that can delete repository refs.
• add merge-risk: 🚨 automation: Merging the workflow can delete branches used by repo or assistant workflows and changes repository automation behavior outside CI coverage.
• add rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🦪 silver shellfish.
• add status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: No after-fix real behavior proof is posted; branch counts in the PR body are not a redacted workflow_dispatch dry-run log or deletion candidate output, so contributor action is needed before merge. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Label justifications:

• P2: This is a normal-priority repository automation improvement, but it has destructive branch-deletion impact if merged.
• merge-risk: 🚨 automation: Merging the workflow can delete branches used by repo or assistant workflows and changes repository automation behavior outside CI coverage.
• merge-risk: 🚨 security-boundary: The PR adds a scheduled write-token workflow running a mutable action that can delete repository refs.
• rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🦪 silver shellfish.
• status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: No after-fix real behavior proof is posted; branch counts in the PR body are not a redacted workflow_dispatch dry-run log or deletion candidate output, so contributor action is needed before merge. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Evidence reviewed

Security concerns:

• [medium] Mutable action with ref-deletion permissions — .github/workflows/prune-branches.yml:17
actions/github-script@v9 is a moving tag while this job has contents: write and calls deleteRef; pinning the action reduces the chance that branch deletion behavior changes outside repository review.
  Confidence: 0.78
• [medium] Scheduled destructive ref cleanup needs policy proof — .github/workflows/prune-branches.yml:4
  The workflow runs weekly and deletes stale or merged remote branches without a dry-run gate, so maintainers need an audited candidate list before this becomes scheduled repository behavior.
  Confidence: 0.74

What I checked:

• PR diff adds destructive scheduled automation: The added workflow runs on a weekly schedule, grants contents: write, uses actions/github-script@v9, and calls deleteRef for merged and stale branches. (.github/workflows/prune-branches.yml:4, 5490cf0a9c97)
• Current main does not already implement this workflow: The current workflow inventory has CI, CodeQL, repo-assist, localization, stale, and LKG workflows, but no branch-pruning workflow. (281656fc017e)
• Repo-assist depends on broad branch visibility: The repo-assist source fetches all remote branches so it can work on PR branches; pruning policy can affect that automation surface and should be deliberate. (.github/workflows/repo-assist.md:37, 281656fc017e)
• Branch inventory confirms broad deletion scope: Unauthenticated GitHub API branch listing showed many non-default branch prefixes, including copilot/, repo-assist/, user/, shanselman/, feat/, and fix/, while the open PR head list was much smaller.
• Workflow ownership provenance: Git history shows recent workflow automation work came through stale/security workflows, repo-assist workflows, and the scheduled LKG update workflow. (.github/workflows/stale.yml:1, 760a4a615985)

Likely related people:

• Vincent Koc: Introduced the current stale and CodeQL workflow automation, including actions/github-script@v9 usage in repository automation. (role: recent workflow automation contributor; confidence: medium; commits: 760a4a615985, b906e1ba8f00, 2d1cfb7773d8; files: .github/workflows/stale.yml, .github/workflows/codeql.yml)
• Scott Hanselman: Introduced the repo-assist workflow files on current main history, and the PR timeline shows the Copilot work was started under this account. (role: recent automation merger and follow-up route; confidence: medium; commits: e67f5c2f6e1c, 281656fc017e; files: .github/workflows/repo-assist.md, .github/workflows/repo-assist.lock.yml)
• Ranjesh Jaganathan: Authored the scheduled Gateway LKG update workflow that already uses contents: write for repository automation. (role: adjacent scheduled workflow contributor; confidence: medium; commits: 45df0763e1ca; files: .github/workflows/gateway-lkg-update.yml)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.