feat(ci): add contributor reputation check workflow

[imran-siddique]

Summary

Add automated contributor reputation screening on PR/issue open events to detect coordinated inauthentic contribution patterns (e.g., credential-laundering campaigns, spray-and-pray governance issues).

How it works

1. Checks out AGT's contributor reputation scripts via sparse-checkout
2. Runs profile check (account age, repo patterns, spray detection)
3. Runs credential audit (checks for merged-PR-to-citation pipelines)
4. Posts a comment and adds a label on MEDIUM/HIGH risk contributions
5. Skips bot accounts (dependabot, github-actions, copilot-swe-agent)

Why this matters

Multiple AI agent framework repos have been targeted by coordinated campaigns that:

• Spray low-effort governance issues across 30+ repos in days
• Get trivial PRs merged, then cite them as credentials in other repos
• Use foundation submissions to build credibility for product placement

This workflow helps maintainers catch these patterns early.

Dependencies

• Uses scripts from microsoft/agent-governance-toolkit (stdlib-only Python, no pip install needed)
• Runs on pull_request_target and issues events only
• No secrets beyond the default GITHUB_TOKEN

Co-authored-by: Copilot 223556219+Copilot@users.noreply.github.com

[github-actions]

⚠️ This PR targets main, but PRs should target staged.

The main branch is auto-published from staged and should not receive direct PRs.
Please close this PR and re-open it against the staged branch.

You can change the base branch using the Edit button at the top of this PR,
or run: gh pr edit 1520 --base staged

[Copilot]

Pull request overview

Adds a new GitHub Actions workflow to automatically screen new PR/issue authors using the Agent Governance Toolkit (AGT) and to surface elevated-risk contributors via comments and labels.

Changes:

• Introduces .github/workflows/contributor-check.yml triggered on pull_request_target and issues opened events.
• Runs two AGT Python checks (profile + credential audit) and computes an overall risk level.
• Posts a PR/issue comment and applies a needs-review:<RISK> label for MEDIUM/HIGH outcomes.

[Copilot]

This workflow checks out and executes Python from an external repo (microsoft/agent-governance-toolkit) in a pull_request_target context with write permissions. To reduce supply-chain risk, pin the checkout to a specific immutable ref (commit SHA) and consider setting persist-credentials: false so the token isn’t written into the checked-out repo’s git config.

Suggested change

	repository: microsoft/agent-governance-toolkit
	repository: microsoft/agent-governance-toolkit
	ref: 0123456789abcdef0123456789abcdef01234567 # replace with a trusted AGT commit SHA
	persist-credentials: false

[Copilot]

The profile / credential steps convert any script failure or malformed JSON into risk=UNKNOWN, but risk_to_num maps unknown values to 0, which then makes the overall risk LOW. This means the workflow silently fails open (no label/comment) when the checks break; consider treating UNKNOWN as at least MEDIUM (or failing the job) so the workflow doesn’t miss suspicious contributions due to transient errors.

Suggested change

	case "$1" in HIGH) echo 3 ;; MEDIUM) echo 2 ;; LOW) echo 1 ;; *) echo 0 ;; esac
	}
	p=$(risk_to_num "${{ steps.profile.outputs.risk }}")
	c=$(risk_to_num "${{ steps.credential.outputs.risk }}")
	max=$p; [ "$c" -gt "$max" ] && max=$c
	case "$max" in 3) r="HIGH" ;; 2) r="MEDIUM" ;; *) r="LOW" ;; esac
	case "$1" in
	HIGH) echo 3 ;;
	MEDIUM|UNKNOWN) echo 2 ;;
	LOW) echo 1 ;;
	*) echo 2 ;;
	esac
	}
	p=$(risk_to_num "${{ steps.profile.outputs.risk }}")
	c=$(risk_to_num "${{ steps.credential.outputs.risk }}")
	max=$p; [ "$c" -gt "$max" ] && max=$c
	case "$max" in 3) r="HIGH" ;; 2) r="MEDIUM" ;; 1) r="LOW" ;; *) r="MEDIUM" ;; esac

[Copilot]

The multi-line body string is indented inside the bash script, so the generated Markdown comment will include leading spaces on most lines. In GitHub-flavored Markdown, 4+ leading spaces turns content into a code block, which will likely prevent the table/bold formatting from rendering. Consider building the body with a heredoc (no indentation) or otherwise stripping leading whitespace.

Suggested change

	body="<!-- agt-contributor-check -->
	$icon **Contributor Reputation Check: $risk risk**
	| Check | Risk |
	|-------|------|
	| Profile | $profile |
	| Credential audit | $cred |
	Maintainers: please review this contributor before merging.
	*Automated check powered by [AGT](https://github.com/microsoft/agent-governance-toolkit).*"
	body=$(cat <<EOF
	<!-- agt-contributor-check -->
	$icon **Contributor Reputation Check: $risk risk**
	| Check | Risk |
	|-------|------|
	| Profile | $profile |
	| Credential audit | $cred |
	Maintainers: please review this contributor before merging.
	*Automated check powered by [AGT](https://github.com/microsoft/agent-governance-toolkit).*
	EOF
	)

[Copilot]

username is assigned but never used in this step; removing it would reduce noise and avoid implying it influences the comment/label behavior.

Suggested change

username="${{ steps.author.outputs.username }}"

[aaronpowell]

Please don't contribute new workflows and policies without discussing with the maintainers first.