Use org membership check instead of hardcoded maintainer list

Replace the hardcoded maintainer list with a dynamic GitHub API check
for modelcontextprotocol org membership. This allows any org member
to trigger @claude without needing to update the workflow file.

Requires adding an ORG_MEMBERSHIP_TOKEN secret with read:org scope.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

Author: tadasant

.github/workflows/claude.yml

@@ -25,17 +25,18 @@ jobs:
       id-token: write
       actions: read
     steps:
-      # Only allow registry maintainers to trigger @claude
-      # This enables @claude to work on external fork PRs when triggered by maintainers
-      # To update this list, see: docs/administration/maintainer-onboarding.md
-      - name: Check if maintainer
+      # Only allow modelcontextprotocol org members to trigger @claude
+      # This enables @claude to work on external fork PRs when triggered by org members
+      # Requires ORG_MEMBERSHIP_TOKEN secret with read:org scope
+      - name: Check if org member
+        env:
+          GH_TOKEN: ${{ secrets.ORG_MEMBERSHIP_TOKEN }}
         run: |
-          MAINTAINERS="domdomegg tadasant toby rdimitrov"
           ACTOR="${{ github.triggering_actor }}"
-          if [[ " $MAINTAINERS " =~ " $ACTOR " ]]; then
-            echo "User $ACTOR is a maintainer"
+          if gh api orgs/modelcontextprotocol/members/"$ACTOR" --silent 2>/dev/null; then
+            echo "User $ACTOR is a member of modelcontextprotocol org"
           else
-            echo "::error::User $ACTOR is not a registry maintainer. Only maintainers can trigger @claude."
+            echo "::error::User $ACTOR is not a member of the modelcontextprotocol org. Only org members can trigger @claude."
             exit 1
           fi
 

docs/administration/maintainer-onboarding.md

@@ -21,9 +21,7 @@ When onboarding a new maintainer, complete the following steps:
 
 ### 4. Claude GitHub App
 
-- [ ] Add their GitHub username to the `MAINTAINERS` list in [`.github/workflows/claude.yml`](../../.github/workflows/claude.yml)
-
-This allows them to trigger the @claude bot on issues and PRs, including PRs from external forks.
+The `@claude` bot is automatically available to all modelcontextprotocol org members (no manual step required). The workflow checks org membership dynamically via the GitHub API.
 
 ### 5. Google Workspace
 
@@ -43,6 +41,7 @@ When a maintainer steps down:
 1. Remove them from the GitHub organization (or adjust permissions)
 2. Remove them from `MAINTAINERS.md`
 3. Remove them from the README.md maintainers list
-4. Remove their username from the Claude workflow in `.github/workflows/claude.yml`
-5. Disable or remove their @modelcontextprotocol.io account
-6. Remove Discord moderator role (if applicable)
+4. Disable or remove their @modelcontextprotocol.io account
+5. Remove Discord moderator role (if applicable)
+
+Note: The `@claude` bot access is automatically revoked when they are removed from the GitHub organization.