Correct stale "required status check" guidance in scope-guard comments

The scope guard is advisory, not a required status check — the merge gate is
validate + scan + a maintainer approval. The old header told operators to add
it to branch protection, which is now contra-indicated (it would block the
no-approval bump-merge path). Update both workflow comments to match.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

.claude-plugin/marketplace.json

@@ -77,7 +77,7 @@
       "source": {
         "source": "url",
         "url": "https://github.com/AikidoSec/aikido-claude-plugin.git",
-        "sha": "01e8cf542500e579cff948a0fa0365e4f819d7b4"
+        "sha": "fbe11e287175e5eda448516dd2f741a63b276514"
       },
       "homepage": "https://github.com/AikidoSec/aikido-claude-plugin"
     },
@@ -981,7 +981,7 @@
       "source": {
         "source": "url",
         "url": "https://github.com/dash0hq/dash0-agent-plugin.git",
-        "sha": "f8c31f6fcdc6588a27153ceed09e561a40da3a86"
+        "sha": "fb9a6207929e5fc45c2661e5c74a2e077b3de79d"
       },
       "homepage": "https://dash0.com/"
     },
@@ -992,7 +992,7 @@
       "source": {
         "source": "url",
         "url": "https://github.com/astronomer/agents.git",
-        "sha": "e4ebf9a7ad3f8dbf3fcfda9c245a65eb1415967b"
+        "sha": "ed2fe757381ff42337fd7bce56a50f31134d9dce"
       },
       "homepage": "https://github.com/astronomer/agents"
     },
@@ -1029,7 +1029,7 @@
         "url": "https://github.com/awslabs/agent-plugins.git",
         "path": "plugins/databases-on-aws",
         "ref": "main",
-        "sha": "66dd3cf5acdf374cc0d79af2bf51fa6fbb975c07"
+        "sha": "96a073a195491f2192c256ba66730b631ced03e1"
       },
       "homepage": "https://github.com/awslabs/agent-plugins"
     },
@@ -1087,7 +1087,7 @@
       "source": {
         "source": "url",
         "url": "https://github.com/gemini-cli-extensions/dataproc.git",
-        "sha": "c36c7f8bb53a1f8903382471366986ef226c509d"
+        "sha": "6d6ac3889bf448e33a0ad96174bc5b0849c74ebe"
       },
       "homepage": "https://github.com/gemini-cli-extensions/dataproc"
     },
@@ -2411,7 +2411,7 @@
       "source": {
         "source": "url",
         "url": "https://github.com/Digital-Process-Tools/claude-remember.git",
-        "sha": "9d7324957b4d6e92fd57d265a2685a363e93f63e"
+        "sha": "f1a00382598ef627c858d9eed6438047b072ba41"
       },
       "homepage": "https://github.com/Digital-Process-Tools/claude-remember"
     },
@@ -2683,7 +2683,7 @@
         "url": "https://github.com/getsentry/cli.git",
         "path": "plugins/sentry-cli",
         "ref": "main",
-        "sha": "6acb9aa84a8e02d2cc4b029e05266427fdb79559"
+        "sha": "20b469aa5a21acd9bad0650670a08dbe671f499b"
       },
       "homepage": "https://sentry.io"
     },
@@ -3039,7 +3039,7 @@
         "url": "https://github.com/UI5/plugins-coding-agents.git",
         "path": "plugins/ui5-modernization",
         "ref": "main",
-        "sha": "1d4dedd56afcd1c3269c4d80f09e2ddb7f1bf5be"
+        "sha": "d1e3a43fa80ef160cb42689b88d665e25a5a81a1"
       },
       "homepage": "https://github.com/UI5/plugins-coding-agents"
     },

.github/scripts/external-pr-scope.js

@@ -121,4 +121,33 @@ async function evaluate({ github, context }) {
   return analyze({ changedFiles, before, after, liveRepos: liveReposOf(liveBase) });
 }
 
-module.exports = { normalizeRepo, liveReposOf, analyze, readPlugins, evaluate, MARKETPLACE };
+// Authors that are NOT subject to the external-contributor scope rules:
+//   - the repo's own automation bot — its bump PRs legitimately MODIFY existing entries
+//     (SHA bumps), which the additions-only external-contributor rule forbids; AND
+//   - org members (write/admin).
+// Safe under pull_request_target: a fork PR cannot set its author to github-actions[bot]
+// (that login is only ever the org's own GITHUB_TOKEN workflow), and the member path is a
+// real permission lookup. Wrapped in try/catch because getCollaboratorPermissionLevel throws
+// for a non-collaborator/unknown user — without this, both callers would error the job rather
+// than fall through to scope evaluation.
+const EXEMPT_BOTS = new Set(['github-actions[bot]']);
+
+async function isExemptAuthor({ github, context }) {
+  const author = context.payload.pull_request.user.login;
+  if (EXEMPT_BOTS.has(author)) {
+    return { exempt: true, reason: `${author} is the trusted automation bot` };
+  }
+  try {
+    const { data } = await github.rest.repos.getCollaboratorPermissionLevel({
+      owner: context.repo.owner, repo: context.repo.repo, username: author,
+    });
+    if (['admin', 'write'].includes(data.permission)) {
+      return { exempt: true, reason: `${author} is ${data.permission} (member)` };
+    }
+  } catch (e) {
+    // not a collaborator / lookup failed → not exempt; fall through to scope evaluation
+  }
+  return { exempt: false };
+}
+
+module.exports = { normalizeRepo, liveReposOf, analyze, readPlugins, evaluate, isExemptAuthor, MARKETPLACE };

.github/workflows/close-external-prs.yml

@@ -23,14 +23,13 @@ jobs:
           script: |
             const author = context.payload.pull_request.user.login;
 
-            const { data } = await github.rest.repos.getCollaboratorPermissionLevel({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              username: author
-            });
+            const { evaluate, isExemptAuthor } = require(`${process.env.GITHUB_WORKSPACE}/.github/scripts/external-pr-scope.js`);
 
-            if (['admin', 'write'].includes(data.permission)) {
-              console.log(`${author} has ${data.permission} access, allowing PR`);
+            // Members (write/admin) and the repo's own automation bot (bump SHA PRs) are never
+            // auto-closed.
+            const ex = await isExemptAuthor({ github, context });
+            if (ex.exempt) {
+              console.log(`${ex.reason} — allowing PR`);
               return;
             }
 
@@ -38,9 +37,9 @@ jobs:
             // contribution — it adds marketplace.json entries whose source repo ALREADY backs
             // a live plugin here, and changes nothing else. (No maintained allowlist: the set
             // of allowed repos is derived from the live marketplace.) This grants only the
-            // right to open a reviewable PR; the External PR Scope Guard required check and a
-            // maintainer approval still gate the merge.
-            const { evaluate } = require(`${process.env.GITHUB_WORKSPACE}/.github/scripts/external-pr-scope.js`);
+            // right to open a reviewable PR; the validate + scan checks and a maintainer
+            // approval still gate the merge (the External PR Scope Guard is advisory signal,
+            // not a required check).
             const result = await evaluate({ github, context });
             if (result.ok && result.added.length > 0) {
               console.log(`In-scope external contribution (adds: ${result.added.join(', ')}) — allowing PR.`);

.github/workflows/external-pr-scope-guard.yml

@@ -1,14 +1,17 @@
 name: External PR Scope Guard
 
-# Required status check that constrains what a NON-MEMBER pull request may change.
-# Members (write/admin) are unrestricted and skip this check. For a non-member PR this
-# fails unless the PR is an in-scope external contribution per .github/scripts/external-pr-scope.js:
-# it changes ONLY .claude-plugin/marketplace.json, the delta is additions-only (no existing
-# entry modified or removed), and every ADDED entry's source.url is a repo that ALREADY backs
-# a live plugin in this marketplace (the allowed set is derived from the live marketplace —
-# there is no maintained allowlist).
+# Advisory check that surfaces what a NON-MEMBER pull request may change.
+# Members (write/admin) and the repo's own automation bot (bump SHA PRs) are unrestricted and
+# skip this check. For a non-member PR this fails unless the PR is an in-scope external
+# contribution per .github/scripts/external-pr-scope.js: it changes ONLY
+# .claude-plugin/marketplace.json, the delta is additions-only (no existing entry modified or
+# removed), and every ADDED entry's source.url is a repo that ALREADY backs a live plugin in
+# this marketplace (the allowed set is derived from the live marketplace — there is no
+# maintained allowlist).
 #
-# Add the scope-guard job as a REQUIRED status check in branch protection for it to block merge.
+# Do NOT add this job to branch protection as a required status check. The merge gate is the
+# `validate` + `scan` checks plus a maintainer approval; this guard is advisory signal for the
+# reviewer, not a hard gate. (Making it required would block the no-approval bump-merge path.)
 #
 # Security: runs on pull_request_target but checks out only the BASE repo (trusted) for the
 # shared script; the head marketplace.json is fetched as DATA via the API and parsed, never executed.
@@ -29,17 +32,16 @@ jobs:
       - uses: actions/github-script@v7
         with:
           script: |
-            const author = context.payload.pull_request.user.login;
+            const { evaluate, isExemptAuthor } = require(`${process.env.GITHUB_WORKSPACE}/.github/scripts/external-pr-scope.js`);
 
-            const { data: perm } = await github.rest.repos.getCollaboratorPermissionLevel({
-              owner: context.repo.owner, repo: context.repo.repo, username: author,
-            });
-            if (['admin', 'write'].includes(perm.permission)) {
-              console.log(`${author} is ${perm.permission} (member) — scope guard not applicable.`);
+            // Members (write/admin) and the repo's own automation bot (bump SHA PRs) are
+            // unrestricted; only genuinely external contributions are scope-checked.
+            const ex = await isExemptAuthor({ github, context });
+            if (ex.exempt) {
+              console.log(`${ex.reason} — scope guard not applicable.`);
               return;
             }
 
-            const { evaluate } = require(`${process.env.GITHUB_WORKSPACE}/.github/scripts/external-pr-scope.js`);
             const result = await evaluate({ github, context });
 
             if (!result.ok) {