Revert "test: intentional ci break for chack agent workflow validation"

This reverts commit fbbf31f020.

.github/workflows/chack-agent-pr-triage.yml

@@ -1,4 +1,4 @@
-name: Codex PR Triage
+name: Chack-Agent PR Triage
 
 on:
   workflow_run:
@@ -6,12 +6,14 @@ on:
     types: [completed]
 
 jobs:
-  codex_triage:
+  chack_agent_triage:
     if: ${{ github.event.workflow_run.conclusion == 'success' }}
     runs-on: ubuntu-latest
     permissions:
       contents: write
       pull-requests: write
+    env:
+      CHACK_LOGS_HTTP_URL: ${{ secrets.CHACK_LOGS_HTTP_URL }}
     outputs:
       should_run: ${{ steps.gate.outputs.should_run }}
       pr_number: ${{ steps.gate.outputs.pr_number }}
@@ -80,110 +82,70 @@ jobs:
             ${{ steps.gate.outputs.base_ref }} \
             +refs/pull/${{ steps.gate.outputs.pr_number }}/head
 
-      - name: Set up Python
-        if: ${{ steps.gate.outputs.should_run == 'true' }}
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-
-      - name: Install chack-agent
-        if: ${{ steps.gate.outputs.should_run == 'true' }}
-        run: |
-          python -m pip install --upgrade pip
-          python -m pip install -e chack-agent
-
       - name: Run Chack Agent
-        id: run_codex
+        id: run_chack
         if: ${{ steps.gate.outputs.should_run == 'true' }}
-        env:
-          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
-          INPUT_PROVIDER: openai
-          INPUT_MODEL_PRIMARY: gpt-5.2-codex
-          INPUT_SYSTEM_PROMPT: You are an advanced research agent.
-        run: |
-          cat <<'EOF' > chack_prompt.txt
-          You are reviewing PR #${{ steps.gate.outputs.pr_number }} for ${{ github.repository }}.
+        uses: carlospolop/chack-agent@master
+        with:
+          provider: openrouter
+          model_primary: CHEAP_BUT_QUALITY
+          main_action: peass-ng
+          sub_action: Chack-Agent PR Triage
+          system_prompt: |
+            You are Chack Agent, an elite PR reviewer for PEASS-ng.
+            Be conservative: merge only if changes are simple, safe, and valuable accoding to the uers give guidelines.
+            If in doubt, comment with clear questions or concerns.
+            Remember taht you are an autonomouts agent, use the exec tool to run the needed commands to list, read, analyze, modify, test...
+          tools_config_json: "{\"exec_enabled\": true}"
+          session_config_json: "{\"long_term_memory_enabled\": false}"
+          agent_config_json: "{\"self_critique_enabled\": false, \"require_task_list_init_first\": true}"
+          output_schema_file: .github/chack-agent/pr-merge-schema.json
+          user_prompt: |
+            You are reviewing PR #${{ steps.gate.outputs.pr_number }} for ${{ github.repository }}.
 
-          Decide whether to merge or comment. Merge only if all of the following are true:
-          - Changes are simple and safe (no DoS, no long operations, no backdoors).
-          - Changes follow common PEASS syntax and style without breaking anything and add useful checks or value.
-          - Changes simplify code or add new useful checks without breaking anything.
+            Decide whether to merge or comment. Merge only if all of the following are true:
+            - Changes are simple and safe (no DoS, no long operations, no backdoors).
+            - Changes follow common PEASS syntax and style without breaking anything and add useful checks or value.
+            - Changes simplify code or add new useful checks without breaking anything.
 
-          If you don't have any doubts, and all the previous conditions are met, decide to merge.
-          If you have serious doubts, choose "comment" and include your doubts or questions.
-          If you decide to merge, include a short rationale.
+            If you don't have any doubts, and all the previous conditions are met, decide to merge.
+            If you have serious doubts, choose "comment" and include your doubts or questions.
+            If you decide to merge, include a short rationale.
 
-          Pull request title and body:
-          ----
-          ${{ steps.gate.outputs.pr_title }}
-          ${{ steps.gate.outputs.pr_body }}
+            Pull request title and body:
+            ----
+            ${{ steps.gate.outputs.pr_title }}
+            ${{ steps.gate.outputs.pr_body }}
 
-          Review ONLY the changes introduced by the PR:
-            git log --oneline ${{ steps.gate.outputs.base_sha }}...${{ steps.gate.outputs.head_sha }}
+            Review ONLY the changes introduced by the PR:
+              git log --oneline ${{ steps.gate.outputs.base_sha }}...${{ steps.gate.outputs.head_sha }}
 
-          Output JSON only, following the provided schema:
-          .github/codex/pr-merge-schema.json
-          EOF
+            Output JSON only, following the provided schema:
+            .github/chack-agent/pr-merge-schema.json
+          openrouter_api_key: ${{ secrets.OPENROUTER_API_KEY }}
 
-          python - <<'PY' > chack_output.txt
-          import os
-          from chack_agent import (
-              Chack,
-              ChackConfig,
-              ModelConfig,
-              AgentConfig,
-              SessionConfig,
-              ToolsConfig,
-              CredentialsConfig,
-              LoggingConfig,
-          )
-
-          with open("chack_prompt.txt", "r", encoding="utf-8") as handle:
-              user_prompt = handle.read()
-
-          config = ChackConfig(
-              model=ModelConfig(
-                  primary=os.environ.get("INPUT_MODEL_PRIMARY", "gpt-5.2-codex"),
-                  provider=os.environ.get("INPUT_PROVIDER", "openai"),
-              ),
-              agent=AgentConfig(
-                  main_action="github_action",
-                  sub_action="run",
-              ),
-              session=SessionConfig(),
-              tools=ToolsConfig(exec_enabled=True),
-              credentials=CredentialsConfig(
-                  openai_api_key=os.environ.get("OPENAI_API_KEY", ""),
-              ),
-              logging=LoggingConfig(level="INFO"),
-              system_prompt=os.environ.get("INPUT_SYSTEM_PROMPT", "You are an advanced research agent."),
-              env={},
-          )
-
-          agent = Chack(config)
-          result = agent.run(session_id="github-action", text=user_prompt)
-          print(result.output)
-          PY
-
-          {
-            echo "final-message<<EOF"
-            cat chack_output.txt
-            echo "EOF"
-          } >> "$GITHUB_OUTPUT"
-
-      - name: Parse Codex decision
+      - name: Parse Chack Agent decision
         id: parse
         if: ${{ steps.gate.outputs.should_run == 'true' }}
         env:
-          CODEX_MESSAGE: ${{ steps.run_codex.outputs.final-message }}
+          CHACK_MESSAGE: ${{ steps.run_chack.outputs.final-message }}
         run: |
           python3 - <<'PY'
           import json
           import os
 
-          data = json.loads(os.environ.get('CODEX_MESSAGE', '') or '{}')
-          decision = data.get('decision', 'comment')
-          message = data.get('message', '').strip() or 'Codex did not provide details.'
+          raw = (os.environ.get('CHACK_MESSAGE', '') or '').strip()
+          decision = 'comment'
+          message = 'Chack Agent did not provide details.'
+          try:
+            data = json.loads(raw or '{}')
+            if isinstance(data, dict):
+              decision = data.get('decision', 'comment')
+              message = data.get('message', '').strip() or message
+            else:
+              message = raw or message
+          except Exception:
+            message = raw or message
           with open(os.environ['GITHUB_OUTPUT'], 'a') as handle:
             handle.write(f"decision={decision}\n")
             handle.write("message<<EOF\n")
@@ -193,31 +155,31 @@ jobs:
 
   merge_or_comment:
     runs-on: ubuntu-latest
-    needs: codex_triage
-    if: ${{ github.event.workflow_run.conclusion == 'success' && needs.codex_triage.outputs.should_run == 'true' && needs.codex_triage.outputs.decision != '' }}
+    needs: chack_agent_triage
+    if: ${{ github.event.workflow_run.conclusion == 'success' && needs.chack_agent_triage.outputs.should_run == 'true' && needs.chack_agent_triage.outputs.decision != '' }}
     permissions:
       contents: write
       pull-requests: write
     steps:
       - name: Merge PR when approved
-        if: ${{ needs.codex_triage.outputs.decision == 'merge' }}
+        if: ${{ needs.chack_agent_triage.outputs.decision == 'merge' }}
         env:
           GH_TOKEN: ${{ github.token }}
-          PR_NUMBER: ${{ needs.codex_triage.outputs.pr_number }}
+          PR_NUMBER: ${{ needs.chack_agent_triage.outputs.pr_number }}
         run: |
           gh api \
             -X PUT \
             -H "Accept: application/vnd.github+json" \
             /repos/${{ github.repository }}/pulls/${PR_NUMBER}/merge \
             -f merge_method=squash \
-            -f commit_title="Auto-merge PR #${PR_NUMBER} (Codex)"
+            -f commit_title="Auto-merge PR #${PR_NUMBER} (Chack Agent)"
 
       - name: Comment with doubts
-        if: ${{ needs.codex_triage.outputs.decision == 'comment' }}
+        if: ${{ needs.chack_agent_triage.outputs.decision == 'comment' }}
         uses: actions/github-script@v7
         env:
-          PR_NUMBER: ${{ needs.codex_triage.outputs.pr_number }}
-          CODEX_MESSAGE: ${{ needs.codex_triage.outputs.message }}
+          PR_NUMBER: ${{ needs.chack_agent_triage.outputs.pr_number }}
+          CHACK_MESSAGE: ${{ needs.chack_agent_triage.outputs.message }}
         with:
           github-token: ${{ github.token }}
           script: |
@@ -225,5 +187,5 @@ jobs:
               owner: context.repo.owner,
               repo: context.repo.repo,
               issue_number: Number(process.env.PR_NUMBER),
-              body: process.env.CODEX_MESSAGE,
+              body: process.env.CHACK_MESSAGE,
             });

.github/workflows/ci-master-failure-chack-agent-pr.yml

@@ -1,4 +1,4 @@
-name: CI-master Failure Codex PR
+name: CI-master Failure Chack-Agent PR
 
 on:
   workflow_run:
@@ -6,7 +6,7 @@ on:
     types: [completed]
 
 jobs:
-  codex_fix_master_failure:
+  chack_agent_fix_master_failure:
     if: >
       ${{ github.event.workflow_run.conclusion == 'failure' &&
           github.event.workflow_run.head_branch == 'master' &&
@@ -19,7 +19,8 @@ jobs:
       actions: read
     env:
       TARGET_BRANCH: master
-      FIX_BRANCH: codex/ci-master-fix-${{ github.event.workflow_run.id }}
+      FIX_BRANCH: chack-agent/ci-master-fix-${{ github.event.workflow_run.id }}
+      CHACK_LOGS_HTTP_URL: ${{ secrets.CHACK_LOGS_HTTP_URL }}
     steps:
       - name: Checkout failing commit
         uses: actions/checkout@v5
@@ -27,12 +28,12 @@ jobs:
           ref: ${{ github.event.workflow_run.head_sha }}
           fetch-depth: 0
           persist-credentials: true
-          token: ${{ secrets.CODEX_FIXER_TOKEN }}
+          token: ${{ secrets.CHACK_AGENT_FIXER_TOKEN || github.token }}
 
       - name: Configure git author
         run: |
-          git config user.name "codex-action"
-          git config user.email "codex-action@users.noreply.github.com"
+          git config user.name "chack-agent"
+          git config user.email "chack-agent@users.noreply.github.com"
 
       - name: Create fix branch
         run: git checkout -b "$FIX_BRANCH"
@@ -42,7 +43,7 @@ jobs:
           GH_TOKEN: ${{ github.token }}
           RUN_ID: ${{ github.event.workflow_run.id }}
         run: |
-          failed_logs_file="$(pwd)/codex_failed_steps_logs.txt"
+          failed_logs_file="$(pwd)/chack_failed_steps_logs.txt"
           if gh run view "$RUN_ID" --repo "${{ github.repository }}" --log-failed > "$failed_logs_file"; then
             if [ ! -s "$failed_logs_file" ]; then
               echo "No failed step logs were returned by gh run view --log-failed." > "$failed_logs_file"
@@ -70,11 +71,11 @@ jobs:
               lines.append("")
 
           summary = "\n".join(lines).strip() or "No failing job details found."
-          with open('codex_failure_summary.txt', 'w') as handle:
+          with open('chack_failure_summary.txt', 'w') as handle:
             handle.write(summary)
           PY
 
-      - name: Create Codex prompt
+      - name: Create Chack Agent prompt
         env:
           RUN_URL: ${{ github.event.workflow_run.html_url }}
           HEAD_SHA: ${{ github.event.workflow_run.head_sha }}
@@ -86,7 +87,7 @@ jobs:
             echo "The target branch for the final PR is: ${TARGET_BRANCH}"
             echo ""
             echo "Failure summary:"
-            cat codex_failure_summary.txt
+            cat chack_failure_summary.txt
             echo ""
             echo "Failed-step logs file absolute path (local runner): ${FAILED_LOGS_PATH}"
             echo "Read that file to inspect the exact failing logs."
@@ -94,71 +95,24 @@ jobs:
             echo "Please identify the cause, apply an easy, simple and minimal fix, and update files accordingly."
             echo "Run any fast checks you can locally (no network)."
             echo "Leave the repo in a state ready to commit; changes will be committed and pushed automatically."
-          } > codex_prompt.txt
-
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-
-      - name: Install chack-agent
-        run: |
-          python -m pip install --upgrade pip
-          python -m pip install -e chack-agent
+          } > chack_prompt.txt
 
       - name: Run Chack Agent
-        id: run_codex
-        env:
-          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
-          INPUT_PROVIDER: openai
-          INPUT_MODEL_PRIMARY: gpt-5.2-codex
-          INPUT_SYSTEM_PROMPT: You are an advanced research agent.
-        run: |
-          python - <<'PY' > chack_output.txt
-          import os
-          from chack_agent import (
-              Chack,
-              ChackConfig,
-              ModelConfig,
-              AgentConfig,
-              SessionConfig,
-              ToolsConfig,
-              CredentialsConfig,
-              LoggingConfig,
-          )
-
-          with open("codex_prompt.txt", "r", encoding="utf-8") as handle:
-              user_prompt = handle.read()
-
-          config = ChackConfig(
-              model=ModelConfig(
-                  primary=os.environ.get("INPUT_MODEL_PRIMARY", "gpt-5.2-codex"),
-                  provider=os.environ.get("INPUT_PROVIDER", "openai"),
-              ),
-              agent=AgentConfig(
-                  main_action="github_action",
-                  sub_action="run",
-              ),
-              session=SessionConfig(),
-              tools=ToolsConfig(exec_enabled=True),
-              credentials=CredentialsConfig(
-                  openai_api_key=os.environ.get("OPENAI_API_KEY", ""),
-              ),
-              logging=LoggingConfig(level="INFO"),
-              system_prompt=os.environ.get("INPUT_SYSTEM_PROMPT", "You are an advanced research agent."),
-              env={},
-          )
-
-          agent = Chack(config)
-          result = agent.run(session_id="github-action", text=user_prompt)
-          print(result.output)
-          PY
-
-          {
-            echo "final-message<<EOF"
-            cat chack_output.txt
-            echo "EOF"
-          } >> "$GITHUB_OUTPUT"
+        id: run_chack
+        uses: carlospolop/chack-agent@master
+        with:
+          provider: openrouter
+          model_primary: CHEAP_BUT_QUALITY
+          main_action: peass-ng
+          sub_action: CI-master Failure Chack-Agent PR
+          system_prompt: |
+            Diagnose the failing gh actions workflow, propose the minimal and effective safe fix, and implement it.
+            Run only fast, local checks (no network). Leave the repo ready to commit.
+          prompt_file: chack_prompt.txt
+          tools_config_json: "{\"exec_enabled\": true}"
+          session_config_json: "{\"long_term_memory_enabled\": false}"
+          agent_config_json: "{\"self_critique_enabled\": false, \"require_task_list_init_first\": true}"
+          openrouter_api_key: ${{ secrets.OPENROUTER_API_KEY }}
 
       - name: Commit and push fix branch if changed
         id: push_fix
@@ -169,33 +123,51 @@ jobs:
             exit 0
           fi
 
-          rm -f codex_failure_summary.txt codex_prompt.txt codex_failed_steps_logs.txt chack_output.txt
+          rm -f chack_failure_summary.txt chack_prompt.txt chack_failed_steps_logs.txt
           git add -A
-          git reset -- codex_failure_summary.txt codex_prompt.txt codex_failed_steps_logs.txt chack_output.txt
+          # Avoid workflow-file pushes with token scopes that cannot write workflows.
+          git reset -- .github/workflows || true
+          git checkout -- .github/workflows || true
+          git clean -fdx -- .github/workflows || true
+          git reset -- chack_failure_summary.txt chack_prompt.txt chack_failed_steps_logs.txt
+          if git diff --cached --name-only | grep -q '^.github/workflows/'; then
+            echo "Workflow-file changes are still staged; skipping push without workflows permission."
+            echo "pushed=false" >> "$GITHUB_OUTPUT"
+            exit 0
+          fi
+          if git diff --cached --quiet; then
+            echo "No committable changes left after filtering."
+            echo "pushed=false" >> "$GITHUB_OUTPUT"
+            exit 0
+          fi
           git commit -m "Fix CI-master failures for run #${{ github.event.workflow_run.id }}"
-          git push origin HEAD:"$FIX_BRANCH"
+          if ! git push origin HEAD:"$FIX_BRANCH"; then
+            echo "Push failed (likely token workflow permission limits); skipping PR creation."
+            echo "pushed=false" >> "$GITHUB_OUTPUT"
+            exit 0
+          fi
           echo "pushed=true" >> "$GITHUB_OUTPUT"
 
       - name: Create PR to master
         if: ${{ steps.push_fix.outputs.pushed == 'true' }}
         id: create_pr
         env:
-          GH_TOKEN: ${{ secrets.CODEX_FIXER_TOKEN }}
+          GH_TOKEN: ${{ secrets.CHACK_AGENT_FIXER_TOKEN || github.token }}
           RUN_URL: ${{ github.event.workflow_run.html_url }}
         run: |
           pr_url=$(gh pr create \
             --title "Fix CI-master_test failure (run #${{ github.event.workflow_run.id }})" \
-            --body "Automated Codex fix for failing CI-master_test run: ${RUN_URL}" \
+            --body "Automated Chack Agent fix for failing CI-master_test run: ${RUN_URL}" \
             --base "$TARGET_BRANCH" \
             --head "$FIX_BRANCH")
           echo "url=$pr_url" >> "$GITHUB_OUTPUT"
 
-      - name: Comment on created PR with Codex result
-        if: ${{ steps.push_fix.outputs.pushed == 'true' && steps.run_codex.outputs.final-message != '' }}
+      - name: Comment on created PR with Chack Agent result
+        if: ${{ steps.push_fix.outputs.pushed == 'true' && steps.run_chack.outputs.final-message != '' }}
         uses: actions/github-script@v7
         env:
           PR_URL: ${{ steps.create_pr.outputs.url }}
-          CODEX_MESSAGE: ${{ steps.run_codex.outputs.final-message }}
+          CHACK_MESSAGE: ${{ steps.run_chack.outputs.final-message }}
         with:
           github-token: ${{ github.token }}
           script: |
@@ -209,5 +181,5 @@ jobs:
               owner: context.repo.owner,
               repo: context.repo.repo,
               issue_number: Number(match[1]),
-              body: process.env.CODEX_MESSAGE,
+              body: process.env.CHACK_MESSAGE,
             });

.github/workflows/pr-failure-chack-agent-dispatch.yml

@@ -1,4 +1,4 @@
-name: PR Failure Codex Dispatch
+name: PR Failure Chack-Agent Dispatch
 
 on:
   workflow_run:
@@ -41,8 +41,8 @@ jobs:
           pr_labels=$(gh api -H "Accept: application/vnd.github+json" \
             /repos/${{ github.repository }}/issues/${PR_NUMBER} \
             --jq '.labels[].name')
-          if echo "$pr_labels" | grep -q "^codex-fix-attempted$"; then
-            echo "codex fix already attempted for PR #${PR_NUMBER}; skipping."
+          if echo "$pr_labels" | grep -q "^chack-agent-fix-attempted$"; then
+            echo "chack-agent fix already attempted for PR #${PR_NUMBER}; skipping."
             should_run=false
           else
             should_run=true
@@ -55,7 +55,7 @@ jobs:
             echo "should_run=${should_run}"
           } >> "$GITHUB_OUTPUT"
 
-  codex_on_failure:
+  chack_agent_on_failure:
     needs: resolve_pr_context
     if: ${{ needs.resolve_pr_context.outputs.author == 'carlospolop' && needs.resolve_pr_context.outputs.should_run == 'true' }}
     runs-on: ubuntu-latest
@@ -64,6 +64,8 @@ jobs:
       pull-requests: write
       issues: write
       actions: read
+    env:
+      CHACK_LOGS_HTTP_URL: ${{ secrets.CHACK_LOGS_HTTP_URL }}
     steps:
       - name: Comment on PR with failure info
         uses: actions/github-script@v7
@@ -75,7 +77,7 @@ jobs:
           github-token: ${{ github.token }}
           script: |
             const prNumber = Number(process.env.PR_NUMBER);
-            const body = `PR #${prNumber} had a failing workflow "${process.env.WORKFLOW_NAME}".\n\nRun: ${process.env.RUN_URL}\n\nLaunching Codex to attempt a fix.`;
+            const body = `PR #${prNumber} had a failing workflow "${process.env.WORKFLOW_NAME}".\n\nRun: ${process.env.RUN_URL}\n\nLaunching Chack Agent to attempt a fix.`;
             await github.rest.issues.createComment({
               owner: context.repo.owner,
               repo: context.repo.repo,
@@ -90,7 +92,7 @@ jobs:
         run: |
           gh api -X POST -H "Accept: application/vnd.github+json" \
             /repos/${{ github.repository }}/issues/${PR_NUMBER}/labels \
-            -f labels[]=codex-fix-attempted
+            -f labels[]=chack-agent-fix-attempted
 
       - name: Checkout PR head
         uses: actions/checkout@v5
@@ -99,12 +101,12 @@ jobs:
           ref: ${{ github.event.workflow_run.head_sha }}
           fetch-depth: 0
           persist-credentials: true
-          token: ${{ secrets.CODEX_FIXER_TOKEN }}
+          token: ${{ secrets.CHACK_AGENT_FIXER_TOKEN || github.token }}
 
       - name: Configure git author
         run: |
-          git config user.name "codex-action"
-          git config user.email "codex-action@users.noreply.github.com"
+          git config user.name "chack-agent"
+          git config user.email "chack-agent@users.noreply.github.com"
 
       - name: Fetch failure summary
         env:
@@ -129,11 +131,11 @@ jobs:
               lines.append("")
 
           summary = "\n".join(lines).strip() or "No failing job details found."
-          with open('codex_failure_summary.txt', 'w') as handle:
+          with open('chack_failure_summary.txt', 'w') as handle:
             handle.write(summary)
           PY
 
-      - name: Create Codex prompt
+      - name: Create Chack Agent prompt
         env:
           PR_NUMBER: ${{ needs.resolve_pr_context.outputs.number }}
           RUN_URL: ${{ github.event.workflow_run.html_url }}
@@ -145,76 +147,30 @@ jobs:
             echo "The PR branch is: ${HEAD_BRANCH}"
             echo ""
             echo "Failure summary:"
-            cat codex_failure_summary.txt
+            cat chack_failure_summary.txt
             echo ""
             echo "Please identify the cause, apply a easy, simple and minimal fix, and update files accordingly."
             echo "Run any fast checks you can locally (no network)."
             echo "Leave the repo in a state ready to commit as when you finish, it'll be automatically committed and pushed."
-          } > codex_prompt.txt
-
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-
-      - name: Install chack-agent
-        run: |
-          python -m pip install --upgrade pip
-          python -m pip install -e chack-agent
+          } > chack_prompt.txt
 
       - name: Run Chack Agent
-        id: run_codex
-        env:
-          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
-          INPUT_PROVIDER: openai
-          INPUT_MODEL_PRIMARY: gpt-5.2-codex
-          INPUT_SYSTEM_PROMPT: You are an advanced research agent.
-        run: |
-          python - <<'PY' > chack_output.txt
-          import os
-          from chack_agent import (
-              Chack,
-              ChackConfig,
-              ModelConfig,
-              AgentConfig,
-              SessionConfig,
-              ToolsConfig,
-              CredentialsConfig,
-              LoggingConfig,
-          )
-
-          with open("codex_prompt.txt", "r", encoding="utf-8") as handle:
-              user_prompt = handle.read()
-
-          config = ChackConfig(
-              model=ModelConfig(
-                  primary=os.environ.get("INPUT_MODEL_PRIMARY", "gpt-5.2-codex"),
-                  provider=os.environ.get("INPUT_PROVIDER", "openai"),
-              ),
-              agent=AgentConfig(
-                  main_action="github_action",
-                  sub_action="run",
-              ),
-              session=SessionConfig(),
-              tools=ToolsConfig(exec_enabled=True),
-              credentials=CredentialsConfig(
-                  openai_api_key=os.environ.get("OPENAI_API_KEY", ""),
-              ),
-              logging=LoggingConfig(level="INFO"),
-              system_prompt=os.environ.get("INPUT_SYSTEM_PROMPT", "You are an advanced research agent."),
-              env={},
-          )
-
-          agent = Chack(config)
-          result = agent.run(session_id="github-action", text=user_prompt)
-          print(result.output)
-          PY
-
-          {
-            echo "final-message<<EOF"
-            cat chack_output.txt
-            echo "EOF"
-          } >> "$GITHUB_OUTPUT"
+        id: run_chack
+        uses: carlospolop/chack-agent@master
+        with:
+          provider: openrouter
+          model_primary: CHEAP_BUT_QUALITY
+          main_action: peass-ng
+          sub_action: PR Failure Chack-Agent Dispatch
+          system_prompt: |
+            You are Chack Agent, an elite CI-fix engineer.
+            Diagnose the failing workflow, propose the minimal safe fix, and implement it.
+            Run only fast, local checks (no network). Leave the repo ready to commit.
+          prompt_file: chack_prompt.txt
+          tools_config_json: "{\"exec_enabled\": true}"
+          session_config_json: "{\"long_term_memory_enabled\": false}"
+          agent_config_json: "{\"self_critique_enabled\": false, \"require_task_list_init_first\": true}"
+          openrouter_api_key: ${{ secrets.OPENROUTER_API_KEY }}
 
       - name: Commit and push if changed
         env:
@@ -225,18 +181,33 @@ jobs:
             echo "No changes to commit."
             exit 0
           fi
-          rm -f codex_failure_summary.txt codex_prompt.txt chack_output.txt
+          rm -f chack_failure_summary.txt chack_prompt.txt
           git add -A
-          git reset -- codex_failure_summary.txt codex_prompt.txt chack_output.txt
+          # Avoid workflow-file pushes with token scopes that cannot write workflows.
+          git reset -- .github/workflows || true
+          git checkout -- .github/workflows || true
+          git clean -fdx -- .github/workflows || true
+          git reset -- chack_failure_summary.txt chack_prompt.txt
+          if git diff --cached --name-only | grep -q '^.github/workflows/'; then
+            echo "Workflow-file changes are still staged; skipping push without workflows permission."
+            exit 0
+          fi
+          if git diff --cached --quiet; then
+            echo "No committable changes left after filtering."
+            exit 0
+          fi
           git commit -m "Fix CI failures for PR #${PR_NUMBER}"
-          git push origin HEAD:${TARGET_BRANCH}
+          if ! git push origin HEAD:${TARGET_BRANCH}; then
+            echo "Push failed (likely token workflow permission limits); leaving run successful without push."
+            exit 0
+          fi
 
-      - name: Comment with Codex result
-        if: ${{ steps.run_codex.outputs.final-message != '' }}
+      - name: Comment with Chack Agent result
+        if: ${{ steps.run_chack.outputs.final-message != '' }}
         uses: actions/github-script@v7
         env:
           PR_NUMBER: ${{ needs.resolve_pr_context.outputs.number }}
-          CODEX_MESSAGE: ${{ steps.run_codex.outputs.final-message }}
+          CHACK_MESSAGE: ${{ steps.run_chack.outputs.final-message }}
         with:
           github-token: ${{ github.token }}
           script: |
@@ -244,5 +215,5 @@ jobs:
               owner: context.repo.owner,
               repo: context.repo.repo,
               issue_number: Number(process.env.PR_NUMBER),
-              body: process.env.CODEX_MESSAGE,
+              body: process.env.CHACK_MESSAGE,
             });