Require Gitea workflow status loop

README.md

@@ -91,6 +91,10 @@ Authorization: token GITEA_TOKEN
 
 `REGISTRY_TOKEN` is still the intended secret name for CI package publishing inside `.gitea/workflows/build.yml`.
 
+## Gitea Workflow Loop
+
+After pushing commits that add or change a Gitea workflow, Codex agents must check the resulting workflow run before finishing. If the run is still pending or in progress, report that status and keep checking when the user expects the agent loop to continue. If the run fails, inspect the failing job/logs, fix the issue when it is in scope, commit, push, and check the next run.
+
 ## Agent Prompt For A New Repo
 
 ```text

agent-quickstart.md

@@ -53,6 +53,10 @@ Are commands unknown?
 Is this a private Gitea repo with Actions?
   yes -> if GITEA_TOKEN is set locally, use it for read-only API checks of repository and workflow-run status
   no  -> use public web/API checks when available
+
+Did you push a commit that should trigger a workflow?
+  yes -> check the workflow run; if it fails, inspect logs, fix in scope, push again, and re-check
+  no  -> finish with local verification status
 ```
 
 ## Minimal File Set

existing-project.md

@@ -146,6 +146,7 @@ Before final response:
 - run `git diff --check`,
 - run the smallest reliable verification command,
 - if using Gitea Actions, check the pushed workflow run; for private `git.wilkensxl.de` repositories, use a locally set `GITEA_TOKEN` for read-only API status checks when available,
+- if the pushed workflow fails, inspect the failing job/logs, fix in scope, push again, and re-check the next run,
 - list files changed,
 - mention any skipped checks,
 - do not create a release unless explicitly requested.

files/AGENTS.md

@@ -12,6 +12,7 @@ PROJECT_NAME: PROJECT_DESCRIPTION
 - Do not rewrite history or run destructive git commands unless explicitly requested.
 - Do not create a release unless explicitly requested.
 - If `GITEA_TOKEN` is available locally, use it only for read-only Gitea API checks such as private repository metadata, package-read visibility, and Actions run status. Never print, commit, or store the token.
+- After pushing commits that trigger a Gitea workflow, check the workflow run before finishing. If it fails, inspect the failing job/logs, fix the issue when in scope, push again, and continue the check loop.
 
 ## Commands
 

new-repository.md

@@ -155,6 +155,7 @@ Before final response:
 - run the cheapest reliable verification command,
 - check `git diff --check`,
 - if using Gitea Actions, check the pushed workflow run; for private `git.wilkensxl.de` repositories, use a locally set `GITEA_TOKEN` for read-only API status checks when available,
+- if the pushed workflow fails, inspect the failing job/logs, fix in scope, push again, and re-check the next run,
 - summarize changed files,
 - do not create a release unless explicitly requested.