#!/usr/bin/env bash
set -euo pipefail
REPO=gbharg/exult-agent
PR=67
reply() { gh api "repos/$REPO/pulls/$PR/comments/$1/replies" -f body="$2" >/dev/null; echo "replied $1"; }
resolve() { gh api graphql -f query='mutation($id:ID!){resolveReviewThread(input:{threadId:$id}){thread{isResolved}}}' -f id="$1" >/dev/null; echo "resolved $1"; }

reply 3431582067 "Addressed in a988469: read_device_sip_info now returns a REDACTED view by default (password, authorizationId, userName, domain, outboundProxy masked). Raw credentials require reveal_secrets=true plus the exact per-device approval_text returned by the redacted call."
resolve PRRT_kwDOR5bkYM6KXHkV

reply 3431582070 "Addressed in a988469: added a fail-closed verifyConversationPatientLink check before the POST. The send is refused unless the consent-checked patient_id is a participant in conversation_id, so a mismatched id can't leak PHI into the wrong thread."
resolve PRRT_kwDOR5bkYM6KXHkY

reply 3431582073 "Agreed this is a scope question. The RC write tools (and the SIP read) now carry approval-text gates + redaction, but whether to split them into a dedicated PR vs. keep them here is Gautam's call. Leaving this thread open for that decision."

echo "DONE2"