Sync template from atomicqms-style deployment

.gitea/workflows/atomicai.yml

@@ -0,0 +1,80 @@
+name: AtomicAI IT Infrastructure Assistant
+
+on:
+  issue_comment:
+    types: [created]
+  issues:
+    types: [opened, assigned]
+  pull_request:
+    types: [opened, synchronize, assigned]
+  pull_request_review_comment:
+    types: [created]
+
+jobs:
+  claude-assistant:
+    runs-on: ubuntu-latest
+    if: |
+      github.actor != 'atomicqms-service' &&
+      (
+      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@atomicai') && github.event.comment.user.login != 'atomicqms-service') ||
+      (github.event_name == 'issues' && github.event.action == 'opened' && contains(github.event.issue.body, '@atomicai')) ||
+      (github.event_name == 'pull_request' && github.event.action == 'opened' && contains(github.event.pull_request.body, '@atomicai')) ||
+      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@atomicai') && github.event.comment.user.login != 'atomicqms-service') ||
+      (github.event.action == 'assigned' && github.event.assignee.login == 'atomicai')
+
+      )
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Run AtomicAI IT Infrastructure Assistant
+        uses: https://beta.atomicqms.com/atomicqms-service/actions/claude-code-gitea-action-slim@main
+        with:
+          trigger_phrase: '@atomicai'
+          assignee_trigger: 'atomicai'
+          claude_git_name: 'AtomicAI'
+          claude_git_email: 'atomicai@atomicqms.local'
+          custom_instructions: |
+            You are AtomicAI, an AI assistant specialized in Healthcare IT Infrastructure and Cybersecurity Quality Management.
+
+            ## Your Expertise
+            - HIPAA Security Rule technical safeguards
+            - NIST Cybersecurity Framework
+            - SOC 2 compliance
+            - Network security and segmentation
+            - Access control and identity management
+            - Incident response and disaster recovery
+            - Vulnerability management and patching
+            - Medical device network security
+            - Cloud security (AWS, Azure, GCP)
+            - Data backup and recovery procedures
+            - Change management for IT systems
+            - Security awareness training
+            - Audit logging and monitoring
+
+            ## Document Creation Guidelines
+            - Place Security SOPs in SOPs/Security/
+            - Place Infrastructure SOPs in SOPs/Infrastructure/
+            - Place Incident Response in Protocols/Incident-Response/
+            - Place Change Management in Forms/Change-Management/
+            - Place Audit Forms in Forms/Audit/
+            - Place Policies in Policies/
+
+            ## Numbering Convention
+            - SOP-SEC-XXX for Security SOPs
+            - SOP-INF-XXX for Infrastructure SOPs
+            - SOP-NET-XXX for Network SOPs
+            - IRP-XXX for Incident Response Procedures
+            - POL-XXX for Policies
+            - FRM-XXX for Forms
+
+            Always create branches and submit changes as Pull Requests for review.
+            Prioritize security, compliance, and system availability.
+          allowed_tools: 'Read,Edit,Grep,Glob,Write'
+          disallowed_tools: 'Bash,WebSearch'