From d40affbdef3fb4c86cf6fbe121d43e96693ad78e Mon Sep 17 00:00:00 2001
From: Shawn Yeager <shawn@nanoclaw.shawnyeager.com>
Date: Mon, 23 Mar 2026 13:41:20 +0000
Subject: [PATCH] fix: skip bump-version and update-tokens on forks

These workflows use APP_ID/APP_PRIVATE_KEY secrets that only exist on
the upstream repo. Without a fork guard they fail on every push for
every fork. merge-forward-skills already has the correct guard.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/bump-version.yml  | 1 +
 .github/workflows/update-tokens.yml | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml
index fb77595..8191085 100644
--- a/.github/workflows/bump-version.yml
+++ b/.github/workflows/bump-version.yml
@@ -7,6 +7,7 @@ on:
 
 jobs:
   bump-version:
+    if: github.repository == 'qwibitai/nanoclaw'
     runs-on: ubuntu-latest
     steps:
       - uses: actions/create-github-app-token@v1
diff --git a/.github/workflows/update-tokens.yml b/.github/workflows/update-tokens.yml
index 753da18..9b25c55 100644
--- a/.github/workflows/update-tokens.yml
+++ b/.github/workflows/update-tokens.yml
@@ -8,6 +8,7 @@ on:
 
 jobs:
   update-tokens:
+    if: github.repository == 'qwibitai/nanoclaw'
     runs-on: ubuntu-latest
     steps:
       - uses: actions/create-github-app-token@v1