April 24, 2026
Your Agent Reads the Build Logs.
CI failed. The agent already knows why.
A test fails in CI. You get a red X on the PR. You click into GitHub Actions, find the failing job, expand the step, scroll through 200 lines of output to find the one line that matters. Copy it. Go back to your editor. Fix it. Push. Wait again.
This is the loop that eats an hour of every engineer's day. Not the fix itself — the finding.
The Agent Has Eyes on CI
When the post-approval pipeline detects a CI failure, it doesn't just say "test step failed." It downloads the actual job logs — the stderr, the stack trace, the assertion error. The same output you'd scroll through manually.
Then it reads the logs, identifies the failure, and pushes a fix to the branch. The fix prompt is scoped: the agent knows which jobs passed and is told explicitly not to touch them. No collateral damage.
If build and lint passed but test failed, the agent gets:
Passed (do not break these): build, lint
Failed (fix these): test
FAIL src/auth.test.ts ● validateToken › should reject expired tokens Expected: "TOKEN_EXPIRED" Received: "INVALID_TOKEN"Only fix what's broken — do not refactor or change passing code.
That's the actual context the agent works with. Not a vague "CI failed, please investigate." The real error, with guardrails.
Two Tries, Then It's Yours
The agent gets two fix attempts. If the second push still fails CI, it stops and posts the failure summary with full logs in the thread. No infinite loop. No silent retries.
The failure summary includes the failing steps, the log output, and a link to the GitHub Actions run. You have everything you need to pick up where the agent left off — or hit "Request Changes" to send it back with your own guidance.
The Loop Shrinks
Most CI failures are small: a missing import, a renamed variable, a test assertion that needs updating after a behavior change. These are the fixes that take 30 seconds to write but 10 minutes to discover. The agent skips the discovery.
The best debugging tool isn't a better log viewer. It's someone who already read the logs.