@fitlab-ai/agent-infra 0.3.1 → 0.4.0

package/templates/.agents/skills/close-codescan/SKILL.md

@@ -1,122 +1,123 @@
 ---
 name: close-codescan
 description: >
-  关闭 Code Scanning（CodeQL）告警并提供有据可查的理由。
-  当用户要求关闭 Code Scanning 告警时触发。参数：告警编号。
+  Dismiss a Code Scanning (CodeQL) alert with a documented justification.
+  Triggered when the user asks to dismiss a Code Scanning alert.
+  Argument: alert number.
 ---
 
-# 关闭 Code Scanning 告警
+# Dismiss Code Scanning Alert
 
-关闭指定的 Code Scanning（CodeQL）告警并记录合理的关闭理由。
+Dismiss the specified Code Scanning (CodeQL) alert and record a justified reason.
 
-## 执行流程
+## Execution Flow
 
-### 1. 获取告警信息
+### 1. Retrieve Alert Information
 
 ```bash
 gh api repos/{owner}/{repo}/code-scanning/alerts/<alert-number>
 ```
 
-验证告警处于 `open` 状态。如果已被关闭/修复，告知用户并退出。
+Verify that the alert is in the `open` state. If it is already dismissed or fixed, inform the user and exit.
 
-### 2. 展示告警详情
+### 2. Show Alert Details
 
 ```
-Code Scanning 告警 #{alert-number}
+Code Scanning alert #{alert-number}
 
-严重程度：{security_severity_level}
-规则：{rule.id} - {rule.description}
-扫描工具：{tool.name}
-位置：{location.path}:{location.start_line}
-消息：{message}
+Severity: {security_severity_level}
+Rule: {rule.id} - {rule.description}
+Scanner: {tool.name}
+Location: {location.path}:{location.start_line}
+Message: {message}
 ```
 
-### 3. 询问关闭理由
+### 3. Ask for the Dismissal Reason
 
-提示用户选择理由：
+Ask the user to choose a reason:
 
-1. **误报 (False Positive)** - CodeQL 规则误判；代码不存在此安全问题
-2. **不会修复 (Won't Fix)** - 已知问题但基于架构或业务原因不予修复
-3. **测试代码 (Used in Tests)** - 仅在测试代码中出现，不影响生产环境安全
-4. **取消** - 不关闭告警
+1. **False Positive** - the CodeQL rule misfired and the code does not contain the security issue
+2. **Won't Fix** - the issue is known but will not be fixed due to architectural or business reasons
+3. **Used in Tests** - the issue appears only in test code and does not affect production security
+4. **Cancel** - do not dismiss the alert
 
-### 4. 要求详细说明
+### 4. Require a Detailed Explanation
 
-如果用户选择关闭（非取消），要求提供详细说明：
-- 最少 20 个字符
-- 必须清楚说明为什么可以安全关闭该告警
-- 如果是误报，说明为什么代码不存在该安全问题
-- 如果是不修复，说明技术或业务原因
+If the user chooses to dismiss the alert (not cancel), require a detailed explanation:
+- at least 20 characters
+- must clearly explain why the alert can be safely dismissed
+- if it is a false positive, explain why the code does not contain the issue
+- if it is won't fix, explain the technical or business reason
 
-### 5. 最终确认
+### 5. Final Confirmation
 
 ```
-即将关闭 Code Scanning 告警 #{alert-number}：
+About to dismiss Code Scanning alert #{alert-number}:
 
-规则：{rule.id}
-位置：{location.path}:{location.start_line}
-原因：{选择的理由}
-说明：{用户的说明}
+Rule: {rule.id}
+Location: {location.path}:{location.start_line}
+Reason: {selected reason}
+Explanation: {user explanation}
 
-确认？(y/N)
+Confirm? (y/N)
 ```
 
-### 6. 执行关闭
+### 6. Execute the Dismissal
 
 ```bash
 gh api --method PATCH \
   repos/{owner}/{repo}/code-scanning/alerts/<alert-number> \
   -f state=dismissed \
   -f dismissed_reason="{api-reason}" \
-  -f dismissed_comment="{用户的说明}"
+  -f dismissed_comment="{user explanation}"
 ```
 
-**API reason 映射**（按 GitHub Code Scanning API）：
-- 误报 -> `false positive`
-- 不会修复 -> `won't fix`
-- 测试代码 -> `used in tests`
+**API reason mapping** (per the GitHub Code Scanning API):
+- False Positive -> `false positive`
+- Won't Fix -> `won't fix`
+- Used in Tests -> `used in tests`
 
-### 7. 记录到任务（如存在）
+### 7. Record in the Task (If Any)
 
-如果有关联任务（搜索 `codescan_alert_number: <alert-number>`）：
-获取当前时间：
+If a related task exists (search for `codescan_alert_number: <alert-number>`):
+Get the current time:
 
 ```bash
 date "+%Y-%m-%d %H:%M:%S"
 ```
 
-- 添加关闭记录到 task.md
-- **追加**到 `## Activity Log`（不要覆盖之前的记录）：
+- Add the dismissal record to task.md
+- **Append** to `## Activity Log` (do NOT overwrite previous entries):
   ```
   - {yyyy-MM-dd HH:mm:ss} — **Alert Closed** by {agent} — Code Scanning alert #{alert-number} dismissed: {reason}
   ```
-- 归档任务
+- Archive the task
 
-### 8. 告知用户
+### 8. Inform User
 
 ```
-Code Scanning 告警 #{alert-number} 已关闭。
+Code Scanning alert #{alert-number} dismissed.
 
-规则：{rule.id}
-位置：{location.path}:{location.start_line}
-原因：{reason}
-说明：{explanation}
+Rule: {rule.id}
+Location: {location.path}:{location.start_line}
+Reason: {reason}
+Explanation: {explanation}
 
-查看：{html_url}
+View: {html_url}
 
-注意：如有需要，可在 GitHub 上重新打开。
+Note: it can be reopened on GitHub if necessary.
 ```
 
-## 注意事项
+## Notes
 
-1. **谨慎处理高严重程度告警**：Critical/High 告警需要充分分析。建议先执行 import-codescan + analyze-task。
-2. **真实的理由**：关闭记录保存在 GitHub 中，可能会被审计。
-3. **定期复查**：已关闭的告警应定期复查。
-4. **优先修复**：关闭应作为最后手段。
+1. **Handle high-severity alerts carefully**: Critical/High alerts require thorough analysis. Prefer `import-codescan` + `analyze-task` first.
+2. **Use truthful reasons**: dismissal records are stored in GitHub and may be audited.
+3. **Review periodically**: dismissed alerts should be re-evaluated over time.
+4. **Fix first**: dismissal should be the last resort.
 
-## 错误处理
+## Error Handling
 
-- 告警未找到：提示 "Code Scanning alert #{number} not found"
-- 已关闭：提示 "Alert #{number} is already {state}"
-- 权限错误：提示 "No permission to modify alerts"
-- 用户取消：提示 "Cancellation acknowledged"
+- Alert not found: output "Code Scanning alert #{number} not found"
+- Already closed: output "Alert #{number} is already {state}"
+- Permission error: output "No permission to modify alerts"
+- User canceled: output "Cancellation acknowledged"

package/templates/.agents/skills/close-dependabot/SKILL.md

@@ -1,130 +1,131 @@
 ---
 name: close-dependabot
 description: >
-  关闭 Dependabot 安全告警并提供有据可查的理由。
-  当用户要求关闭 Dependabot 告警时触发。参数：告警编号。
+  Dismiss a Dependabot security alert with a documented justification.
+  Triggered when the user asks to dismiss a Dependabot alert.
+  Argument: alert number.
 ---
 
-# 关闭 Dependabot 告警
+# Dismiss Dependabot Alert
 
-关闭指定的 Dependabot 安全告警并记录合理的关闭理由。
+Dismiss the specified Dependabot security alert and record a justified reason.
 
-## 执行流程
+## Execution Flow
 
-### 1. 获取告警信息
+### 1. Retrieve Alert Information
 
 ```bash
 gh api repos/{owner}/{repo}/dependabot/alerts/<alert-number>
 ```
 
-验证告警处于 `open` 状态。如果已被关闭/修复，告知用户并退出。
+Verify that the alert is in the `open` state. If it is already dismissed or fixed, inform the user and exit.
 
-### 2. 展示告警详情
+### 2. Show Alert Details
 
-向用户展示关键信息：
+Show the user the key information:
 ```
-安全告警 #{alert-number}
+Security alert #{alert-number}
 
-严重程度：{severity}
-漏洞：{summary}
-包名：{package-name}（{ecosystem}）
-当前版本：{current-version}
-受影响版本范围：{vulnerable-version-range}
-修复版本：{first-patched-version}
+Severity: {severity}
+Advisory: {summary}
+Package: {package-name} ({ecosystem})
+Current version: {current-version}
+Vulnerable version range: {vulnerable-version-range}
+Patched version: {first-patched-version}
 
-GHSA：{ghsa-id}
-CVE：{cve-id}
+GHSA: {ghsa-id}
+CVE: {cve-id}
 ```
 
-### 3. 询问关闭理由
+### 3. Ask for the Dismissal Reason
 
-提示用户选择理由：
+Ask the user to choose a reason:
 
-1. **误报 (False Positive)** - 漏洞代码路径在本项目中未被使用
-2. **无法利用 (Not Exploitable)** - 漏洞存在但在当前上下文中无法被利用
-3. **已有缓解措施 (Mitigated)** - 通过其他方式缓解了风险（配置、网络隔离等）
-4. **无修复版本 (No Fix Available)** - 无修复版本且风险可接受
-5. **仅开发/测试依赖 (Dev/Test Dependency Only)** - 仅在开发/测试中使用，不在生产环境中
-6. **取消** - 不关闭告警
+1. **False Positive** - the vulnerable code path is not used in this project
+2. **Not Exploitable** - the vulnerability exists but cannot be exploited in the current context
+3. **Mitigated** - the risk is mitigated by other means (configuration, network isolation, etc.)
+4. **No Fix Available** - no patched version exists and the remaining risk is acceptable
+5. **Dev/Test Dependency Only** - used only in development or tests, not in production
+6. **Cancel** - do not dismiss the alert
 
-### 4. 要求详细说明
+### 4. Require a Detailed Explanation
 
-如果用户选择关闭（非取消），要求提供详细说明：
-- 最少 20 个字符
-- 必须清楚说明为什么可以安全关闭该告警
-- 应引用具体证据（代码搜索结果、配置等）
+If the user chooses to dismiss the alert (not cancel), require a detailed explanation:
+- at least 20 characters
+- must clearly explain why the alert can be safely dismissed
+- should cite concrete evidence (code search results, configuration, etc.)
 
-### 5. 最终确认
+### 5. Final Confirmation
 
 ```
-即将关闭安全告警 #{alert-number}：
+About to dismiss security alert #{alert-number}:
 
-告警：{summary}
-严重程度：{severity}
-原因：{选择的理由}
-说明：{用户的说明}
+Alert: {summary}
+Severity: {severity}
+Reason: {selected reason}
+Explanation: {user explanation}
 
-确认？(y/N)
+Confirm? (y/N)
 ```
 
-### 6. 执行关闭
+### 6. Execute the Dismissal
 
 ```bash
 gh api --method PATCH \
   repos/{owner}/{repo}/dependabot/alerts/<alert-number> \
   -f state=dismissed \
   -f dismissed_reason="{api-reason}" \
-  -f dismissed_comment="{用户的说明}"
+  -f dismissed_comment="{user explanation}"
 ```
 
-**API reason 映射**：
-- 误报 -> `not_used` 或 `inaccurate`
-- 无法利用 -> `tolerable_risk`
-- 已有缓解措施 -> `tolerable_risk`
-- 无修复版本 -> `tolerable_risk`
-- 开发/测试依赖 -> `not_used`
+**API reason mapping**:
+- False Positive -> `not_used` or `inaccurate`
+- Not Exploitable -> `tolerable_risk`
+- Mitigated -> `tolerable_risk`
+- No Fix Available -> `tolerable_risk`
+- Dev/Test Dependency Only -> `not_used`
 
-### 7. 记录到任务（如存在）
+### 7. Record in the Task (If Any)
 
-如果有关联任务（搜索 `security_alert_number: <alert-number>`）：
-获取当前时间：
+If a related task exists (search for `security_alert_number: <alert-number>`):
+Get the current time:
 
 ```bash
 date "+%Y-%m-%d %H:%M:%S"
 ```
 
-- 添加关闭记录到 task.md
-- **追加**到 `## Activity Log`（不要覆盖之前的记录）：
+- Add the dismissal record to task.md
+- **Append** to `## Activity Log` (do NOT overwrite previous entries):
   ```
   - {yyyy-MM-dd HH:mm:ss} — **Alert Closed** by {agent} — Dependabot alert #{alert-number} dismissed: {reason}
   ```
-- 归档任务
+- Archive the task
 
-### 8. 告知用户
+### 8. Inform User
 
 ```
-安全告警 #{alert-number} 已关闭。
+Security alert #{alert-number} dismissed.
 
-告警：{summary}
-严重程度：{severity}
-原因：{reason}
-说明：{explanation}
+Alert: {summary}
+Severity: {severity}
+Reason: {reason}
+Explanation: {explanation}
 
-查看：https://github.com/{owner}/{repo}/security/dependabot/{alert-number}
+View: https://github.com/{owner}/{repo}/security/dependabot/{alert-number}
 
-注意：如有需要，可在 GitHub 上重新打开。
+Note: it can be reopened on GitHub if necessary.
 ```
 
-## 注意事项
+## Notes
 
-1. **谨慎处理高严重程度告警**：Critical/High 告警需要在关闭前进行充分分析。建议先执行 import-dependabot + analyze-task。
-2. **真实的理由**：关闭记录保存在 GitHub 中，可能会被审计。
-3. **定期复查**：已关闭的告警应定期复查，因为代码变更可能使关闭理由失效。
-4. **优先修复**：关闭应作为最后手段。优先考虑升级、替换或缓解。
+1. **Handle high-severity alerts carefully**: Critical/High alerts require thorough analysis before dismissal. Prefer `import-dependabot` + `analyze-task` first.
+2. **Use truthful reasons**: dismissal records are stored in GitHub and may be audited.
+3. **Review periodically**: dismissed alerts should be re-evaluated because code changes may invalidate the dismissal rationale.
+4. **Fix first**: dismissal should be the last resort. Prefer upgrading, replacing, or mitigating.
 
-## 错误处理
+## Error Handling
 
-- 告警未找到：提示 "Security alert #{number} not found"
-- 已关闭：提示 "Alert #{number} is already {state}"
-- 权限错误：提示 "No permission to modify alerts"
-- 用户取消：提示 "Cancellation acknowledged"
+- Alert not found: output "Security alert #{number} not found"
+- Already closed: output "Alert #{number} is already {state}"
+- Permission error: output "No permission to modify alerts"
+- User canceled: output "Cancellation acknowledged"

package/templates/.agents/skills/commit/SKILL.md

@@ -90,7 +90,7 @@ Generate commit message in Conventional Commits format:
 
 ### Multi-Agent Co-Authorship (If Task-Related)
 
-If the commit belongs to an active task and `.agent-workspace/active/{task-id}/task.md` exists:
+If the commit belongs to an active task and `.agents/workspace/active/{task-id}/task.md` exists:
 
 1. Read the `## Activity Log` section from `task.md`.
 2. Extract all unique agent names from entries matching `by {agent}`. A loose pattern such as `by (\S+)` is acceptable.

package/templates/.agents/skills/commit/SKILL.zh-CN.md

@@ -89,7 +89,7 @@ git log --oneline -5
 
 ### 多 Agent 协作署名（仅任务相关提交）
 
-如果本次提交属于某个活动任务，且存在 `.agent-workspace/active/{task-id}/task.md`：
+如果本次提交属于某个活动任务，且存在 `.agents/workspace/active/{task-id}/task.md`：
 
 1. 读取 `task.md` 中的 `## Activity Log` 部分。
 2. 从符合 `by {agent}` 的条目中提取所有唯一 Agent 名称；可使用较宽松的匹配模式，例如 `by (\S+)`。

package/templates/.agents/skills/complete-task/SKILL.md

@@ -19,7 +19,7 @@ description: >
 
 ### 1. Verify Task Exists
 
-Check that the task exists in `.agent-workspace/active/{task-id}/`.
+Check that the task exists in `.agents/workspace/active/{task-id}/`.
 
 Note: `{task-id}` format is `TASK-{yyyyMMdd-HHmmss}`, e.g. `TASK-20260306-143022`
 
@@ -61,7 +61,7 @@ Get the current time:
 date "+%Y-%m-%d %H:%M:%S"
 ```
 
-Update `.agent-workspace/active/{task-id}/task.md`:
+Update `.agents/workspace/active/{task-id}/task.md`:
 - `status`: completed
 - `completed_at`: {current timestamp}
 - `updated_at`: {current timestamp}
@@ -76,13 +76,13 @@ Update `.agent-workspace/active/{task-id}/task.md`:
 Move the task directory from active to completed:
 
 ```bash
-mv .agent-workspace/active/{task-id} .agent-workspace/completed/{task-id}
+mv .agents/workspace/active/{task-id} .agents/workspace/completed/{task-id}
 ```
 
 ### 5. Verify Archive
 
 ```bash
-ls .agent-workspace/completed/{task-id}/task.md
+ls .agents/workspace/completed/{task-id}/task.md
 ```
 
 Confirm the task directory was successfully moved.
@@ -111,7 +111,7 @@ Task {task-id} completed and archived.
 Task info:
 - Title: {title}
 - Completed at: {timestamp}
-- Archived to: .agent-workspace/completed/{task-id}/
+- Archived to: .agents/workspace/completed/{task-id}/
 
 Deliverables:
 - {List of key outputs: files modified, tests added, etc.}
@@ -121,7 +121,7 @@ Deliverables:
 
 - [ ] Verified all workflow steps are complete
 - [ ] Updated task.md with completed status and timestamp
-- [ ] Moved task directory to `.agent-workspace/completed/`
+- [ ] Moved task directory to `.agents/workspace/completed/`
 - [ ] Verified archive succeeded
 - [ ] Informed user of completion
 
@@ -135,7 +135,7 @@ Deliverables:
 
 2. **Rollback**: If a task was archived incorrectly:
    ```bash
-   mv .agent-workspace/completed/{task-id} .agent-workspace/active/{task-id}
+   mv .agents/workspace/completed/{task-id} .agents/workspace/active/{task-id}
    ```
    Then update task.md status back to `active`.
 

package/templates/.agents/skills/complete-task/SKILL.zh-CN.md

@@ -17,7 +17,7 @@ description: >
 
 ### 1. 验证任务存在
 
-检查任务是否存在于 `.agent-workspace/active/{task-id}/`。
+检查任务是否存在于 `.agents/workspace/active/{task-id}/`。
 
 注意：`{task-id}` 格式为 `TASK-{yyyyMMdd-HHmmss}`，例如 `TASK-20260306-143022`
 
@@ -59,7 +59,7 @@ Please complete the missing steps first, or use --force to override.
 date "+%Y-%m-%d %H:%M:%S"
 ```
 
-更新 `.agent-workspace/active/{task-id}/task.md`：
+更新 `.agents/workspace/active/{task-id}/task.md`：
 - `status`：completed
 - `completed_at`：{当前时间戳}
 - `updated_at`：{当前时间戳}
@@ -74,13 +74,13 @@ date "+%Y-%m-%d %H:%M:%S"
 将任务目录从 active 移动到 completed：
 
 ```bash
-mv .agent-workspace/active/{task-id} .agent-workspace/completed/{task-id}
+mv .agents/workspace/active/{task-id} .agents/workspace/completed/{task-id}
 ```
 
 ### 5. 验证归档
 
 ```bash
-ls .agent-workspace/completed/{task-id}/task.md
+ls .agents/workspace/completed/{task-id}/task.md
 ```
 
 确认任务目录已成功移动。
@@ -109,7 +109,7 @@ ls .agent-workspace/completed/{task-id}/task.md
 任务信息：
 - 标题：{title}
 - 完成时间：{timestamp}
-- 归档路径：.agent-workspace/completed/{task-id}/
+- 归档路径：.agents/workspace/completed/{task-id}/
 
 交付物：
 - {关键产出列表：修改的文件、添加的测试等}
@@ -119,7 +119,7 @@ ls .agent-workspace/completed/{task-id}/task.md
 
 - [ ] 验证了所有工作流步骤已完成
 - [ ] 更新了 task.md 的完成状态和时间戳
-- [ ] 将任务目录移动到 `.agent-workspace/completed/`
+- [ ] 将任务目录移动到 `.agents/workspace/completed/`
 - [ ] 验证了归档成功
 - [ ] 告知了用户完成情况
 
@@ -133,7 +133,7 @@ ls .agent-workspace/completed/{task-id}/task.md
 
 2. **回滚**：如果任务被错误归档：
    ```bash
-   mv .agent-workspace/completed/{task-id} .agent-workspace/active/{task-id}
+   mv .agents/workspace/completed/{task-id} .agents/workspace/active/{task-id}
    ```
    然后将 task.md 中的状态改回 `active`。
 

package/templates/.agents/skills/create-issue/SKILL.md

@@ -20,7 +20,7 @@ description: >
 ### 1. Verify Prerequisites
 
 Check required file:
-- `.agent-workspace/active/{task-id}/task.md` - Task file
+- `.agents/workspace/active/{task-id}/task.md` - Task file
 
 Check that GitHub CLI is available and authenticated:
 
@@ -62,15 +62,18 @@ Check the project templates and ignore `config.yml`:
 rg --files .github/ISSUE_TEMPLATE -g '*.yml' -g '!config.yml'
 ```
 
-If template files exist, search the filename or top-level `name:` field using these keywords:
+If template files exist, read the top-level `name:` field from each template and build a candidate list. Use the task title and description to choose the most semantically appropriate template from that list.
 
-| task.md type | Match keywords |
-|---|---|
-| `bug`, `bugfix` | `bug` |
-| `feature` | `feature` |
-| `enhancement` | `feature`, `enhancement` |
-| `docs`, `documentation` | `documentation`, `doc` |
-| anything else | `other` |
+Example candidate list:
+- `bug_report.yml` - a bug-focused template
+- `question.yml` - a question or support template
+- `feature_request.yml` - a feature-focused template
+- `documentation.yml` - a documentation-focused template
+- `other.yml` - a general fallback template
+
+If there is no clearly matching template, choose the closest one.
+
+These filenames are illustrative only; use the actual templates present in the target project.
 
 If there is no template, no suitable match, or YAML parsing fails, go directly to the **3c fallback path**.
 
@@ -172,16 +175,55 @@ issue_number="${issue_url##*/}"
 
 If `{issue-type}` has been determined, set the Issue Type after creation on a best-effort basis:
 
+Get repository information first because the later `in:` label step can reuse it:
+
 ```bash
 repo="$(gh repo view --json nameWithOwner --jq '.nameWithOwner')"
 owner="${repo%%/*}"
+```
+
+Query the organization's available Issue Types:
+
+```bash
 gh api "orgs/$owner/issue-types" --jq '.[].name'
-gh api "repos/$repo/issues/{issue-number}" -X PATCH -f type="{issue-type}"
 ```
 
+If the query succeeds and `{issue-type}` appears in the returned list, set it:
+
+```bash
+gh api "repos/$repo/issues/{issue-number}" -X PATCH -f type="{issue-type}" --silent
+```
+
+Verify the result:
+
+```bash
+gh api "repos/$repo/issues/{issue-number}" --jq '.type.name // empty'
+```
+
+If the verification result matches `{issue-type}`, record `Issue Type: {issue-type}`; otherwise record `Issue Type: failed to set`.
+
+#### Add `in:` labels
+
+Get all repository labels with the `in:` prefix:
+
+```bash
+gh label list --search "in:" --limit 50 --json name --jq '.[].name'
+```
+
+If no `in:` labels exist, skip this step.
+
+If `in:` labels exist, use the task context (title, description, and affected file list) to judge which labels are relevant. For each relevant label, run:
+
+```bash
+gh issue edit {issue-number} --add-label "in: {module}"
+```
+
+Record all successfully added `in:` labels. If none are relevant, record `in: labels: skipped (no relevant labels)`.
+
 Tolerance requirements:
 - if `orgs/$owner/issue-types` returns `404`, the repo owner is not an organization, or Issue Types are not enabled, skip this without failing the create flow
 - if `{issue-type}` is not in the available list, skip it
+- if adding an `in:` label fails, skip it and record the failure without blocking Issue creation
 - if the milestone name is invalid or unavailable, warn and skip it instead of aborting the whole Issue creation flow
 
 ### 5. Update Task Status
@@ -192,7 +234,7 @@ Get the current time:
 date "+%Y-%m-%d %H:%M:%S"
 ```
 
-Update `.agent-workspace/active/{task-id}/task.md`:
+Update `.agents/workspace/active/{task-id}/task.md`:
 - Add or update `issue_number`: `{issue-number}`
 - `updated_at`: {current time}
 - **Append** to `## Activity Log` (do NOT overwrite previous entries):
@@ -212,7 +254,8 @@ Issue details:
 - Number: #{issue-number}
 - URL: {issue-url}
 - Labels: {applied-labels or skipped}
-- Issue Type: {issue-type or skipped}
+- in: Labels: {applied-in-labels or skipped}
+- Issue Type: {issue-type | failed to set | skipped}
 - Milestone: {milestone or skipped}
 
 Output:
@@ -231,6 +274,7 @@ Next step - sync task progress to the Issue:
 - [ ] Used template structure when available, otherwise used the fallback format
 - [ ] Built the Issue title and body from `task.md` only
 - [ ] Handled `type:` / Issue Type and `milestone` when available
+- [ ] Processed `in:` labels using LLM relevance judgment
 - [ ] Recorded `issue_number` in task.md
 - [ ] Updated `updated_at` in task.md
 - [ ] Appended an Activity Log entry to task.md
@@ -248,6 +292,7 @@ After completing the checklist, **stop immediately**. Do not sync detailed Issue
 3. **Label tolerance**: if standard labels are not initialized, skipping the label is acceptable and should not block Issue creation
 4. **Template tolerance**: if a template is missing, unmatched, or its YAML is invalid, fall back to the simple body format instead of failing the whole create flow
 5. **Issue Type / Milestone tolerance**: if Issue Types are unavailable, the target type is missing, or the milestone is unavailable, skip that part and continue creating the Issue
+6. **`in:` label tolerance**: if adding an `in:` label fails, skip it without blocking Issue creation
 
 ## Error Handling