docs: describe new low severity label option

lelia · lelia · commit 7a6ac0df63ff · 2026-03-30T22:27:16.000-04:00
Signed-off-by: lelia &lt;2418071+lelia@users.noreply.github.com&gt;
diff --git a/action.yml b/action.yml
@@ -98,6 +98,7 @@ runs:
     INPUT_PR_LABEL_CRITICAL: ${{ inputs.pr_label_critical }}
     INPUT_PR_LABEL_HIGH: ${{ inputs.pr_label_high }}
     INPUT_PR_LABEL_MEDIUM: ${{ inputs.pr_label_medium }}
+    INPUT_PR_LABEL_LOW: ${{ inputs.pr_label_low }}
 
 inputs:
   workspace:
@@ -456,6 +457,10 @@ inputs:
     description: "Label name for medium severity findings"
     required: false
     default: "security: medium"
+  pr_label_low:
+    description: "Label name for low severity findings"
+    required: false
+    default: "security: low"
 
 branding:
   icon: "shield"
diff --git a/docs/github-pr-comment-guide.md b/docs/github-pr-comment-guide.md
@@ -236,6 +236,7 @@ Automatically tag PRs with severity-based labels **and matching colors**.
 - `security: critical` 🔴 - Red (`#D73A4A`)
 - `security: high` 🟠 - Orange (`#D93F0B`)
 - `security: medium` 🟡 - Yellow (`#FBCA04`)
+- `security: low` ⚪ - Light gray (`#E4E4E4`)
 
 **Smart color detection:**
 Labels are automatically created with colors matching the severity emojis. If you customize label names, the system intelligently detects severity keywords and applies appropriate colors:
@@ -246,7 +247,8 @@ pr_label_high: 'security-high'               # Gets orange color automatically
 ```
 
 **How it works:**
-- First scan checks for critical → high → medium (highest severity wins)
+- Each run keeps only the current highest-severity managed PR label: critical → high → medium → low
+- Stale managed severity labels from earlier runs are removed automatically
 - Labels are created automatically if they don't exist
 - Existing labels are not modified (preserves your customizations)
 - Requires a token with `repo` scope to create new labels; without it, label creation may fail (comments still post)
@@ -257,6 +259,7 @@ pr_labels_enabled: 'true'
 pr_label_critical: 'vulnerability: critical'
 pr_label_high: 'vulnerability: high'
 pr_label_medium: 'vulnerability: medium'
+pr_label_low: 'vulnerability: low'
 ```
 
 **Disable:**
@@ -295,6 +298,7 @@ The logo is a 32px PNG rendered at 24x24 for retina-crisp display, with a transp
 | `pr_label_critical` | `"security: critical"` | string | Label name for critical findings |
 | `pr_label_high` | `"security: high"` | string | Label name for high findings |
 | `pr_label_medium` | `"security: medium"` | string | Label name for medium findings |
+| `pr_label_low` | `"security: low"` | string | Label name for low findings |
 
 ### Configuration Methods
 
