Safe Output Health Report — 2026-03-29

[github-actions[bot]]

Executive Summary

• Period: Last 24 hours (2026-03-29)
• Runs Analyzed: 42 (39 completed, 3 in progress)
• Successful Runs: 23 | Failed Runs: 16
• Runs with Safe Output Jobs: 28
• Total Safe Output Items Processed: 66
• Safe Output Job Failures: 4 items across 3 error clusters
• Overall Safe Output Success Rate: ~94% (62/66 items succeeded)

This audit focuses exclusively on safe output job health. Several workflow failures in the past 24h were due to agent timeouts or non-safe-output infrastructure issues; these are excluded from this report.

---

Safe Output Job Statistics

Job Type	Total Items	Notable Failures	Notes
add_comment	16	1	Context mismatch on scheduled run
add_labels	4	0	All succeeded
assign_to_agent	7	0	All succeeded
create_discussion	9	1 cancelled	Cascaded from PR failure
create_issue	8	0	All succeeded
create_pull_request	5	1	Protected files config block
push_to_pull_request_branch	1	0	Succeeded
noop	9	0	All processed
upload_asset	2	2	actions/setup not found
update_issue	4	0	All succeeded
missing_tool	1	0	Processed correctly

---

Error Clusters

Cluster 1: Protected Files Configuration Mismatch

• Count: 1 occurrence
• Affected Job: create_pull_request → cascaded to create_discussion cancelled
• Affected Workflow: GitHub MCP Remote Server Tools Report Generator (§23709105855)

Error Details

##[error]Cannot create pull request: patch modifies protected files
(.github/aw/github-mcp-server.md). Add them to the allowed-files
configuration field or set protected-files: fallback-to-issue to
create a review issue instead.

##[warning]⚠️ Code push operation 'create_pull_request' failed —
remaining safe outputs will be cancelled

⏭ Message 2 (create_discussion) cancelled — Cancelled: code push
operation failed (create_pull_request: ...)
```

The workflow's `protected_path_prefixes` config includes `.github/` as a protected prefix, but the agent intentionally modifies `.github/aw/github-mcp-server.md` as part of its core task (updating MCP toolset documentation). The agent successfully committed and pushed the changes (branch `update-github-mcp-tools-mapping-2026-03-29`) but the safe outputs handler blocked PR creation.

</details>

- **Root Cause**: `protected_path_prefixes: [".github/", ".agents/", ".claude/"]` in the workflow's `create_pull_request` config blocks the PR from touching `.github/aw/github-mcp-server.md`, which is a file this workflow is designed to update.
- **Impact**: High — neither the PR nor the discussion was created despite successful agent work. A failure issue was auto-created ([#23454](https://github.com/github/gh-aw/issues/23454)).
- **Fix**: Add `.github/aw/` to `allowed-files` in the workflow's `create_pull_request` config, OR set `protected-files: fallback-to-issue` to allow the code to be reviewed via issue.

---

#### Cluster 2: `add_comment` Targeting Non-Issue/PR Context on Scheduled Run

- **Count**: 1 occurrence
- **Affected Job**: `add_comment`
- **Affected Workflow**: Workflow Health Manager - Meta-Orchestrator ([§23708489882](https://github.com/github/gh-aw/actions/runs/23708489882))

<details>
<summary><b>Error Details</b></summary>

```
##[warning]Target is "triggering" but not running in issue or pull
request context, skipping add_comment

##[error]✗ Message 5 (add_comment) failed: Target is "triggering"
but not running in issue or pull request context, skipping add_comment

##[warning]1 message(s) failed to process
##[error]1 safe output(s) failed:
  - add_comment: Target is "triggering" but not running in issue
    or pull request context, skipping add_comment
```

4 out of 5 safe outputs succeeded (2× `add_comment`, 2× `create_issue`). Only the final `add_comment` with `"target": "triggering"` failed.

</details>

- **Root Cause**: The Workflow Health Manager runs on `schedule` which has no triggering issue or PR context. The agent's 5th safe output attempted to add a comment to the "triggering" item, which doesn't exist in a scheduled run.
- **Impact**: Medium — 4/5 safe outputs succeeded. The failed comment was likely intended as a status update.
- **Fix**: The agent should avoid using `add_comment` with `target: triggering` in scheduled workflows. The workflow's safe outputs config could explicitly prohibit this pattern.

---

#### Cluster 3: `upload_assets` Job — Missing `actions/setup` Action

- **Count**: 2 occurrences
- **Affected Job**: `upload_assets` (secondary safe-output-related job)
- **Affected Workflows**:
  - Copilot Session Insights ([§23707975596](https://github.com/github/gh-aw/actions/runs/23707975596))
  - Daily Firewall Logs Collector and Reporter ([§23708221886](https://github.com/github/gh-aw/actions/runs/23708221886))

<details>
<summary><b>Error Details</b></summary>

```
##[error]Can't find 'action.yml', 'action.yaml' or 'Dockerfile' under
'/home/runner/work/gh-aw/gh-aw/actions/setup'. Did you forget to run
actions/checkout before running your local action?

Both workflows have upload_asset items in their safe outputs (images/assets) and use an upload_assets job. The job cannot locate actions/setup, which is a local action required for the job's setup step. In both cases, the primary safe outputs (create_discussion) succeeded in the safe_outputs job, but the upload_assets job failed.

• Root Cause: The upload_assets job's checkout step likely does not include actions/ in its sparse-checkout configuration, causing the actions/setup local action to be missing when the job tries to use it.
• Impact: High — both workflows are marked as overall failure due to this secondary job failing, even though their primary safe outputs (discussions, assets) may have processed correctly. The agent uploaded asset placeholders before the job failed.
• Fix: Ensure the upload_assets job's checkout step includes actions in its sparse-checkout list.

---

Root Cause Analysis

Config/Permission Issues

The .github/aw/github-mcp-server.md protected file conflict is a configuration gap: the workflow is explicitly designed to update documentation in .github/aw/ but the protected path prefix blocks it. This is a one-time fix once the allowed-files configuration is updated.

Logic/Context Issues

The add_comment: target: triggering on scheduled runs is a recurring risk for any workflow that runs on both schedule and event triggers. The Workflow Health Manager may be designed to handle both trigger modes, but the agent's safe output generation doesn't distinguish the event type.

Infrastructure Issues

The upload_assets checkout configuration bug is potentially systemic — any workflow using upload_asset safe outputs may have this vulnerability. This needs a fix in the upload_assets job template.

---

Recommendations

Critical (Immediate Action Required)

1. Fix upload_assets Job Checkout Configuration

   • Priority: High
   • Root Cause: actions/setup is missing in sparse-checkout of upload_assets job
   • Recommended Action: Add actions to the sparse-checkout paths in the upload_assets job template
   • Affected: Copilot Session Insights, Daily Firewall Logs Collector — and potentially any other workflow using upload_asset safe outputs
   • Estimated Effort: Small

2. Fix GitHub MCP Tools Workflow Protected Files Config

   • Priority: High
   • Root Cause: .github/aw/github-mcp-server.md is blocked by protected_path_prefixes
   • Recommended Action: Add .github/aw/github-mcp-server.md to allowed-files in the create_pull_request safe outputs config for github-mcp-tools-report.md
   • Estimated Effort: Small

Medium Priority

3. Guard add_comment: target: triggering in Scheduled Workflows
   • Priority: Medium
   • Root Cause: Agent uses target: triggering in scheduled workflow context
   • Recommended Action: Add validation in safe outputs handler or agent prompt guidance to avoid target: triggering for add_comment on schedule-triggered runs
   • Estimated Effort: Medium

---

Work Item Plans

Work Item 1: Fix upload_assets Sparse-Checkout

• Type: Bug Fix
• Priority: High
• Description: The upload_assets job fails to find actions/setup because the checkout step doesn't include the actions directory.
• Acceptance Criteria:
  • upload_assets job successfully runs for Copilot Session Insights
  • upload_assets job successfully runs for Daily Firewall Logs Collector
  • No Can't find 'action.yml' under actions/setup errors in subsequent runs
• Technical Approach: Update the checkout step in the upload_assets job to include actions in sparse-checkout paths
• Estimated Effort: Small

Work Item 2: Unblock GitHub MCP Tools PR Creation

• Type: Configuration Fix
• Priority: High
• Description: The GitHub MCP Remote Server Tools Report Generator cannot create PRs because .github/aw/github-mcp-server.md is a protected path.
• Acceptance Criteria:
  • PRs modifying .github/aw/github-mcp-server.md are created successfully
  • create_discussion is no longer cancelled due to code push failure
  • Run #23454 resolved
• Technical Approach: Add .github/aw/github-mcp-server.md to allowed-files in the workflow's create_pull_request config
• Estimated Effort: Small

Work Item 3: Safe Outputs Context Validation for Scheduled Runs

• Type: Enhancement
• Priority: Medium
• Description: Prevent agents from emitting add_comment: target: triggering when running in scheduled context.
• Acceptance Criteria:
  • Scheduled Workflow Health Manager runs don't produce add_comment target:triggering errors
  • Safe outputs handler provides clear warning if event context doesn't match target
• Technical Approach: Add event-context check in safe outputs handler or update agent prompt for WHM
• Estimated Effort: Medium

---

Historical Context

This is the first automated Safe Output Health audit. No prior baseline exists for trend comparison.

Metrics and KPIs

• Overall Safe Output Success Rate: ~94% (62/66 items)
• Most Reliable Job Types: create_issue, add_labels, assign_to_agent, update_issue, push_to_pull_request_branch — 0 failures
• Most Problematic Job Types: upload_asset (2/2 failures, 100% failure rate due to infrastructure bug), create_pull_request (1/5 failures)
• Cascaded Failures: 1 (create_discussion cancelled due to prior code push failure)

Next Steps

• Fix upload_assets sparse-checkout to include actions/ directory
• Update github-mcp-tools-report.md workflow allowed-files to permit .github/aw/github-mcp-server.md
• Investigate WHM scheduled run context for add_comment target
• Establish baseline metrics for daily comparison in future audits

References:

• §23709105855 — GitHub MCP Remote Server Tools Report Generator (protected files PR failure)
• §23708489882 — Workflow Health Manager (add_comment context failure)
• §23707975596 — Copilot Session Insights (upload_assets failure)

AI generated by Safe Output Health Monitor · history

• expires on Mar 30, 2026, 1:20 PM UTC

[github-actions[bot]]

🤖 The smoke test agent was here!

Beep boop — just passing through on my regular smoke testing mission. Everything looks operational! The Copilot engine is alive, well, and successfully reading your fascinating safe output health report.

Stay safe out there! 🚀

📰 BREAKING: Report filed by Smoke Copilot · ◷

[github-actions[bot]]

This discussion has been marked as outdated by Safe Output Health Monitor.

A newer discussion is available at Discussion #23553.