GPT Actions - Order of Processing

I am working with GitHub actions and before it takes an action I want it to confirm with the user the steps it intends to take.

ie user says “Rebase workingBranch on to main” the GPT makes a pretty good effort but could result in some strange behavior or loss of data.

My hope was to have the GPT list out the plant of actions as a upfront guide to what actions it might take.

It seems that regardless of how the prompt is written if a prompt from the user contains something related to a GitHub action. The action is ran before the custom GPT instructions.I’m working with GitHub Actions and want to implement a safeguard where GPT confirms with the user the steps it intends to execute before performing any action. For example, if a user inputs something like “Rebase workingBranch onto main,” GPT generally handles this well but could occasionally cause unexpected behaviors or data loss.

Ideally, GPT would clearly outline its planned actions upfront, allowing the user to review and confirm them first. However, I’ve encountered an issue where GitHub-related actions mentioned by the user prompt immediate execution, bypassing any custom GPT confirmation instructions.

At a minimum, it seems essential that if an operation will remotely modify or perform actions (especially potentially destructive ones), GPT should first clearly communicate this to the user, particularly if it’s not just a read-only operation.

I’ve attempted prompts like this:

CRITICAL SYSTEM INSTRUCTIONS:
- Always ask for the GitHub username.
- Summarize the planned steps clearly and explicitly ask for user confirmation before proceeding.
- Provide an option for users to bypass confirmation for future GitHub actions.

<instructions>
    <criticalSystemInstructions>
        <githubActions api="api.github.com">
            <step>
                If the user requests any GitHub action:
                1. Request GitHub username.
                2. Outline steps to be taken and explicitly ask for confirmation.
                3. Offer an option to skip future confirmations.
        </githubActions>

Despite clear instructions, whenever a prompt includes GitHub-related keywords, the action executes immediately, bypassing the intended confirmation workflow.

Does anyone have suggestions on how I can refine my prompts or configure GPT to strictly enforce confirmation before executing GitHub actions?

Thank you!

Is your GPT on the market?? Looks like your doing some useful stuff.

I’m just having fun with it.

It’s the MultiPersonaGPT.

I am toying around with inviting a team to the conversation for example: devs (in my case), a team of writers, or a team of thinkers to analyze a paper on math or ai.

You can tell it what you want to accomplish. Ask it who to invite. And then instruct to invite all or a subset.

In the dev case if Bob the DevOps Engineer has action items he will create the GItHub Epics and Stories using the issues.

I can then pull in the issues one by one and work on them.

For larger task like creating an electron app or using nextJS I can perform the necessary actions and do it locally. Though I may decide to make.com write my own services to handle actions like this.

Prefer to leverage existing sites though before I get into writing my own services. Github and Google drive are nice because they allow you to use their services with Oauth.

I really would like to integrate with ElevenLabs so if you are working on story telling you could make API requests and it read in character but I’m getting ahead of myself.

I’ve got the same problem. It won’t summarize what it’s going to do. It just calls the action it thinks fits best. This can be really dangerous in my case if the wrong action was called, updating information that should not have been updated.

There should be a way to enforce this kind of summarization and asking for approval before actually calling an action.

The more I tinker the more I think they built it to consume and not export data. I realize they want more data to train their models on but I really don’t want to be required to build and run a API to do these sort of things which might be what their hoping for. Then thar means more OpenAI API calls. That being said these are free GPTs not paid so for me I would end up using Google Gemini to do what they could just offer as custom action hooks for before and after the request is made. Hey OpenAI can we get some pre/post hooks for custom actions if you are listening. :). I wonder if the GPTBuilder as whole is going to get deprecated kind of feels like Apple Watch apps if you know what I mean.