github · pelikhan · Feb 28, 2026 · Feb 27, 2026 · Feb 27, 2026 · Feb 28, 2026
diff --git a/.changeset/patch-document-current-checkout.md b/.changeset/patch-document-current-checkout.md
diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml
diff --git a/.github/workflows/smoke-codex.md b/.github/workflows/smoke-codex.md
@@ -63,7 +63,8 @@ safe-outputs:
       run-failure: "🌑 The shadows whisper... [{workflow_name}]({run_url}) {status}. The oracle requires further meditation..."
 timeout-minutes: 15
 checkout:
-  fetch-depth: 2
+  - fetch-depth: 2
+    current: true
 ---
 
 # Smoke Test: Codex Engine Validation

diff --git a/docs/src/content/docs/reference/cross-repository.md b/docs/src/content/docs/reference/cross-repository.md
@@ -33,8 +33,7 @@ You can also use `checkout:` to check out additional repositories alongside the
 
 ```yaml wrap
 checkout:
-  - path: .
-    fetch-depth: 0
+  - fetch-depth: 0
   - repository: owner/other-repo
     path: ./libs/other
     ref: main
@@ -53,6 +52,7 @@ checkout:
 | `sparse-checkout` | string | Newline-separated patterns for sparse checkout (e.g., `.github/\nsrc/`). |
 | `submodules` | string/bool | Submodule handling: `"recursive"`, `"true"`, or `"false"`. |
 | `lfs` | boolean | Download Git LFS objects. |
+| `current` | boolean | Marks this checkout as the primary working repository. The agent uses this as the default target for all GitHub operations. Only one checkout may set `current: true`; the compiler rejects workflows where multiple checkouts enable it. |
 
 ### Checkout Merging
 
@@ -66,6 +66,18 @@ When multiple `checkout:` entries target the same repository and path, their con
 - **Submodules**: First non-empty value wins for each `(repository, path)`; once set, later values are ignored
 - **Ref/Token**: First-seen wins
 
+### Marking a Primary Repository (`current: true`)
+
+When a workflow running from a central repository targets a different repository, use `current: true` to tell the agent which repository to treat as its primary working target. The agent uses this as the default for all GitHub operations (creating issues, opening PRs, reading content) unless the prompt instructs otherwise. When omitted, the agent defaults to the repository where the workflow is running.
+
+```yaml wrap
+checkout:
+  - repository: org/target-repo
+    path: ./target
+    github-token: ${{ secrets.CROSS_REPO_PAT }}
+    current: true                                    # agent's primary target
+```
+
 ## GitHub Tools - Reading Other Repositories
 
 When using [GitHub Tools](/gh-aw/reference/github-tools/) to read information from repositories other than the one where the workflow is running, you must configure additional authorization. The default `GITHUB_TOKEN` is scoped to the current repository only and cannot access other repositories.
@@ -79,6 +91,7 @@ tools:
     github-token: ${{ secrets.CROSS_REPO_PAT }}
 ```
 
+
 See [GitHub Tools Reference](/gh-aw/reference/github-tools/#cross-repository-reading) for complete details on configuring cross-repository read access for GitHub Tools.
 
 This authentication is for **reading** information from GitHub. Authorization for **writing** to other repositories (creating issues, PRs, comments) is configured separately, see below.
@@ -133,8 +146,7 @@ on:
     types: [opened, synchronize]
 
 checkout:
-  - path: .
-    fetch-depth: 0
+  - fetch-depth: 0
   - repository: org/shared-libs
     path: ./libs/shared
     ref: main

diff --git a/pkg/cli/docker_build_integration_test.go b/pkg/cli/docker_build_integration_test.go
@@ -10,6 +10,14 @@ import (
 	"testing"
 )
 
+// isDockerAvailable checks if Docker is available on the system
+func isDockerAvailable() bool {
+	cmd := exec.Command("docker", "version")
+	cmd.Stdout = nil
+	cmd.Stderr = nil
+	return cmd.Run() == nil
+}
+
 // TestDockerfile_Exists verifies the Dockerfile exists and has expected content
 func TestDockerfile_Exists(t *testing.T) {
 	// Get the repository root

diff --git a/pkg/cli/docker_images.go b/pkg/cli/docker_images.go
@@ -226,14 +226,6 @@ func CheckAndPrepareDockerImages(ctx context.Context, useZizmor, usePoutine, use
 	return nil
 }
 
-// isDockerAvailable checks if Docker is available on the system
-func isDockerAvailable() bool {
-	cmd := exec.Command("docker", "version")
-	cmd.Stdout = nil
-	cmd.Stderr = nil
-	return cmd.Run() == nil
-}
-
 // ResetDockerPullState resets the internal pull state (for testing)
 func ResetDockerPullState() {
 	pullState.mu.Lock()

diff --git a/pkg/parser/schema_validation.go b/pkg/parser/schema_validation.go
@@ -5,11 +5,8 @@ import (
 	"maps"
 
 	"github.com/github/gh-aw/pkg/constants"
-	"github.com/github/gh-aw/pkg/logger"
 )
 
-var schemaValidationLog = logger.New("parser:schema_validation")
-
 // sharedWorkflowForbiddenFields is a map for O(1) lookup of forbidden fields in shared workflows
 var sharedWorkflowForbiddenFields = buildForbiddenFieldsMap()
 

diff --git a/pkg/parser/schemas/main_workflow_schema.json b/pkg/parser/schemas/main_workflow_schema.json
@@ -7898,6 +7898,10 @@
           "type": "string",
           "description": "GitHub token for authentication. Use ${{ secrets.MY_TOKEN }} to reference a secret. Credentials are always removed after checkout (persist-credentials: false is enforced).",
           "examples": ["${{ secrets.MY_PAT }}", "${{ secrets.GITHUB_TOKEN }}"]
+        },
+        "current": {
+          "type": "boolean",
+          "description": "Marks this checkout as the logical current repository for the workflow. When set to true, the AI agent will treat this repository as its primary working target. Only one checkout may have current set to true. Useful for central-repo workflows targeting a different repository."
         }
       }
     }