diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml
index b5e8cfd..ae19d60 100644
--- a/.github/workflows/claude-code-review.yml
+++ b/.github/workflows/claude-code-review.yml
@@ -21,7 +21,10 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: read
-      pull-requests: read
+      # write so the review agent can post its inline comments — with read it
+      # reviews successfully but every posting attempt is denied and the PR
+      # gets nothing (the action still exits 0).
+      pull-requests: write
       issues: read
       id-token: write