stranske · stranske · Feb 10, 2026 · Feb 10, 2026
@@ -87,6 +87,11 @@ on:
         required: false
         default: ''
         type: string
+      suppress_comments:
+        description: 'Suppress PR comment posting (suppression guard)'
+        required: false
+        default: false
+        type: boolean
     secrets:
       service_bot_pat:
         description: 'PAT for SERVICE_BOT to trigger workflows on autofix commits'
@@ -1292,7 +1297,7 @@ jobs:
           scripts-path: workflows-lib/scripts
 
       - name: Upsert consolidated PR comment
-        if: steps.guard.outputs.skip != 'true' && steps.build_comment.outputs.should-post == 'true'
+        if: steps.guard.outputs.skip != 'true' && steps.build_comment.outputs.should-post == 'true' && inputs.suppress_comments != true
         uses: actions/github-script@v8
         env:
           PR_NUMBER: ${{ inputs.pr_number }}
@@ -1336,7 +1341,7 @@ jobs:
             }
 
       - name: Upsert clean-mode file summary comment
-        if: steps.guard.outputs.skip != 'true' && steps.clean_mode.outputs.enabled == 'true' && steps.fix_results.outputs.changed == 'true'
+        if: steps.guard.outputs.skip != 'true' && steps.clean_mode.outputs.enabled == 'true' && steps.fix_results.outputs.changed == 'true' && inputs.suppress_comments != true
         uses: actions/github-script@v8
         env:
           PR_NUMBER: ${{ inputs.pr_number }}
@@ -1381,7 +1386,7 @@ jobs:
             }
 
       - name: Upsert safe sweep file summary comment
-        if: steps.guard.outputs.skip != 'true' && steps.clean_mode.outputs.enabled != 'true' && steps.fix_results.outputs.changed == 'true'
+        if: steps.guard.outputs.skip != 'true' && steps.clean_mode.outputs.enabled != 'true' && steps.fix_results.outputs.changed == 'true' && inputs.suppress_comments != true
         uses: actions/github-script@v8
         env:
           PR_NUMBER: ${{ inputs.pr_number }}

diff --git a/scripts/generate_suppression_guard_comment.py b/scripts/generate_suppression_guard_comment.py
@@ -12,8 +12,9 @@
 import yaml
 
 DEFAULT_WORKFLOWS = (
-    pathlib.Path(".github/workflows/keepalive.yml"),
+    pathlib.Path(".github/workflows/agents-keepalive-loop.yml"),
     pathlib.Path(".github/workflows/autofix.yml"),
+    pathlib.Path(".github/workflows/reusable-18-autofix.yml"),
 )
 
 SCRIPT_PATTERNS: tuple[tuple[re.Pattern[str], str], ...] = (
@@ -108,7 +109,12 @@ def _iter_posting_steps(workflow: dict[str, Any]) -> list[tuple[str, str, list[s
                 hints.append(action_hint)
             step_if = step.get("if")
             step_if_str = step_if if isinstance(step_if, str) else ""
-            guarded = "should_post_review" in job_if_str or "should_post_review" in step_if_str
+            guarded = (
+                "should_post_review" in job_if_str
+                or "should_post_review" in step_if_str
+                or "suppress_comments" in job_if_str
+                or "suppress_comments" in step_if_str
+            )
             if hints and not guarded:
                 findings.append((str(job_id), str(name), hints))
     return findings

diff --git a/tests/scripts/test_generate_suppression_guard_comment.py b/tests/scripts/test_generate_suppression_guard_comment.py
@@ -66,6 +66,30 @@ def test_build_comment_reports_unguarded_steps(tmp_path: Path) -> None:
     assert "post / Post comment" in comment
 
 
+def test_build_comment_ignores_suppress_comments_guarded_steps(
+    tmp_path: Path,
+) -> None:
+    workflow_path = tmp_path / "suppress.yml"
+    _write_yaml(
+        workflow_path,
+        """
+        name: Suppress Comments Workflow
+        jobs:
+          post:
+            runs-on: ubuntu-latest
+            steps:
+              - name: Post comment
+                if: inputs.suppress_comments != true
+                run: github.rest.issues.createComment
+        """,
+    )
+
+    comment = build_comment([workflow_path])
+
+    assert "No unguarded PR comment/review posting steps detected" in comment
+    assert "post / Post comment" not in comment
+
+
 def test_build_comment_detects_octokit_aliases(tmp_path: Path) -> None:
     workflow_path = tmp_path / "octokit.yml"
     _write_yaml(