prompts.txt

Creating a GitHub Actions bot named CodeWatcher, inspired by Copal, that runs static analysis tools (pylint, bandit, semgrep), comments inline suggestions on pull requests (PRs), and adopts a mentor-like or red-team assistant tone is a solid idea for improving code quality and security in a supportive way. Below is a step-by-step guide to build this bot, ensuring actionable output aligned with offensive security workflows and real-world methodologies.  CodeWatcher GitHub Actions Bot Overview CodeWatcher will: 	•	Trigger on pull request events. 	•	Run pylint (code style), bandit (security issues), and semgrep (advanced static analysis) on Python code. 	•	Parse tool outputs and post inline comments on PRs with a mentor-like or red-team tone (e.g., constructive, slightly probing, encouraging critical thinking). 	•	Use GitHub Actions to automate the workflow and the GitHub API to post comments.