workflow fixes (for this repo)

[derekmisler]

Summary

Fixes the pr-describe workflow timeout (was milliseconds, should be seconds) and improves its output extraction fallback. Replaces the self-review-pr workflow's 3-line reusable-workflow delegation with fully inlined jobs so that PRs changing the review logic dogfood themselves.

Changes

pr-describe.yml

• Fix timeout value from 300000 (milliseconds — ~83 hours) to 300 (seconds — 5 minutes) to match the action.yml timeout input spec
• Add a fallback extraction path when the agent doesn't wrap output in a ```cagent-output code fence: extract from the first ## heading onward, avoiding tool-call traces leaking into the PR body

self-review-pr.yml

• Replace the 3-line uses: ./.github/workflows/review-pr.yml / secrets: inherit delegation with inlined jobs so that changes to ./review-pr are tested by the PR that introduces them
• auto-review job — runs on pull_request_target for non-draft PRs; gates on Docker org membership via CAGENT_ORG_MEMBERSHIP_TOKEN before checking out the PR head and running ./review-pr
• manual-review job — runs on /review comment; checks out the PR head and runs ./review-pr (authorization delegated to the composite action's built-in check)
• capture-feedback job — captures replies to agent review comments as artifacts for async processing; intentionally avoids secrets so it works on fork PRs
• All review jobs use continue-on-error: true to avoid failing the calling workflow
• GitHub App token generation is optional (falls back to github.token)

Test plan

• Open a draft PR, convert to ready-for-review → auto-review job triggers for org members, skips for non-members
• Comment /review on a PR → manual-review job triggers and posts a review
• Reply to an agent review comment → capture-feedback job uploads the feedback artifact
• Verify pr-describe workflow completes within 5 minutes instead of hanging for hours
• Verify PR description extraction works when agent output lacks a cagent-output code fence (falls back to heading extraction)

---

Tip

Comment /review to trigger the PR Reviewer agent for automated feedback.
Comment /describe to generate a PR description.

[docker-agent]

Review Summary

The timeout fix from 300000ms to 300s is excellent and fixes a critical bug. The workflow job inlining looks solid and achieves the dogfooding goal.

However, there's a high-severity bug in the fallback regex for markdown extraction in pr-describe.yml. The pattern requires no trailing whitespace to match, which will cause it to fail in most real-world scenarios and fall back to exposing the raw output (including tool traces), defeating the security measure.

Recommendation: Fix the regex pattern before merging.