## Summary
- The `claude-code-action` requires write permissions on the triggering
actor by default, but the closed issue comment workflow is designed to
respond to **any** user commenting on a closed issue
- Added `allowed_non_write_users: '*'` to bypass this check — safe
because the workflow's permissions are tightly scoped (`issues: write`,
`contents: read`) and Claude is restricted to only `gh issue reopen` and
`gh issue comment`

## Test plan
- Comment on a closed issue from a non-collaborator account and verify
the workflow runs successfully instead of failing with "Actor does not
have write permissions"

#skip-bugbot

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2578"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->


<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Allow non-write users to trigger the closed-issue comment workflow by
setting allowed_non_write_users: "*". This removes the write-permission
block so any comment on a closed issue runs the workflow, while staying
safe via scoped permissions and restricted tools (only gh issue
reopen/comment).

<sup>Written for commit 211887fea46b0e48c3f4bf7eeacba6b3a3b74b53.
Summary will update on new commits.</sup>

<!-- End of auto-generated description by cubic. -->
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>