build: add PR severity classification workflow

[Roasbeef]

This PR adds a GitHub Actions workflow that uses Claude Code to automatically classify pull requests by severity based on the files they touch. When a PR is opened or updated, Claude analyzes the changed files against a predefined severity mapping and applies an appropriate label to help reviewers quickly understand the complexity and risk level of the changes.

The severity classification follows a four-tier system. Critical severity is assigned to changes touching security-sensitive code paths including lnwallet, htlcswitch, contractcourt, peer/brontide, keychain, input, channeldb, funding, lnwire, and the core server files. High severity covers important subsystems like routing, invoices, sweep, discovery, graph, watchtower, feature bits, and the RPC layer. Medium severity applies to infrastructure components such as payments, autopilot, configuration, and protocol buffer definitions. Low severity is reserved for documentation, tests, scripts, and CI/CD configuration changes.

Claude posts a detailed comment on each PR explaining its classification decision. The comment includes collapsible sections showing which files fall into each severity tier, along with an analysis explaining why the overall severity level was chosen. When new commits are pushed to the PR, Claude updates its existing comment rather than creating duplicate comments, keeping the PR thread clean.

The workflow supports manual overrides through dedicated labels. Maintainers can apply a severity-override-critical, severity-override-high, severity-override-medium, or severity-override-low label to force a specific classification. When an override label is present, Claude respects it and notes the manual override in its comment. This allows human judgment to take precedence when the automated classification doesn't capture the full context.

Additional classification rules help catch edge cases. PRs touching more than 20 files or changing more than 500 lines get bumped up one severity level to account for increased review complexity. Changes to database migration files are always treated as critical regardless of their location. PRs touching multiple distinct critical packages are flagged with additional urgency in Claude's analysis.

This workflow integrates with the existing Claude Code infrastructure added in PR 10525, using the same OAuth token and action version. Eight new labels have been created in the repository to support the classification system.

[gemini-code-assist]

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

[ziggie1984]

looks good, pending CI

[yyforyongyu]

🤖

[Roasbeef]

Addressed review feedback:

1. sweep/ moved to CRITICAL* - Agreed, fund recovery is security-critical
2. Added exclusions for line/file counting - Tests, auto-generated files (*.pb.go, *.pb.gw.go, *.sql.go, *_generated.go), and mocks are now excluded from the >20 files / >500 lines threshold

Regarding the labels question from @ziggie1984: Yes, all 8 labels have already been created in the repository (4 severity + 4 override labels).

[ziggie1984]

LGTM (pending bot comment)

[lightninglabs-deploy]

🟢 PR Severity: LOW

Automated classification | 1 file | +167/-0 lines

🟢 Low (1 file)

• .github/workflows/pr-severity.yml - CI/CD workflow configuration for automated PR severity classification

Analysis

This PR adds a GitHub Actions workflow for automated PR severity classification. Changes are limited to CI/CD configuration files (.github/*), which are classified as LOW severity per the project's classification guidelines.

Why LOW severity:

• Single file change in .github/workflows/
• No impact on runtime code, protocol implementation, or critical systems
• Changes affect only the CI/CD pipeline
• Best-effort review is sufficient for workflow configurations

Review focus areas:

• Workflow permissions and security (token usage)
• Trigger conditions and workflow logic
• Label management correctness

---

_{To override, add a severity-override-{critical,high,medium,low} label.}

[saubyk]

Concept Ack

[lightninglabs-deploy]

🟢 PR Severity: LOW

CI/CD configuration | 1 file | 170 lines changed

🟢 Low (1 file)

• .github/workflows/pr-severity.yml - GitHub Actions workflow configuration (CI/CD)

Analysis

This PR introduces a new GitHub Actions workflow for automatic PR severity classification. Since it only modifies CI/CD configuration under .github/*, it falls into the LOW severity category according to our classification rules.

Why LOW severity?

• Changes are isolated to workflow automation
• No impact on Lightning Network protocol, wallet operations, or runtime code
• Workflow changes can be reviewed and iterated quickly
• Easy to revert if issues are discovered

The change adds valuable automation for triaging PRs but carries minimal risk to the Lightning Network Daemon's core functionality.

---

_{To override, add a severity-override-{critical,high,medium,low} label.}