DeepReport Intelligence Briefing - 2026-04-01

[github-actions[bot]]

Executive Summary

The gh-aw agent ecosystem continues to operate at a high cadence as of 2026-04-01, with 39 discussions generated in the past 7 days across audits, announcements, and general reporting. The most significant positive development since the last briefing (2026-03-26) is a 48% reduction in open issues — from 79 down to 41 — indicating that the backlog of operational noise ([aw] failed issues, Daily Status Report duplicates) has been substantially cleared.

The ecosystem is experiencing three active concerns that require attention: (1) Smoke Claude persistent safe-output failures rooted in a config filename mismatch, (2) a wave of 6 unresolved security findings from external researcher @szabta89, and (3) a 20-point drop in Copilot PR merge success rate (90% → 70%) on April 1st. On the positive side, Copilot token consumption is down 60% from the February peak, returning to early-January baseline efficiency levels.

A new structural concern has been formally documented: the codebase has 80 source files violating the documented 300-line limit (6 files exceed 1,000 lines), and the Plan Command workflow has begun auto-generating decomposition task issues to address this drift.

---

Pattern Analysis

Positive Patterns

• Issue backlog resolution: Open issue count dropped from 79 to 41 (−48%) between March 26 and April 1. Closed issues rose from 421 to 459. The operational noise from [aw] failed and Daily Status Report duplicate issues appears to have been cleared.
• Token efficiency gains: Copilot token consumption at 94.7M/day is 60% below the February 2026 peak of 237.8M. This suggests workflow optimization efforts are working.
• Documentation quality improving: Documentation Consolidation ran successfully (dev.md v4.9, 5 tone issues fixed, 21 new links added). Claude Code documentation review found Claude is a "first-class citizen" in gh-aw docs with no major gaps.
• File discipline awareness: The File Size Discipline audit (Repository Quality: File Size Discipline — 2026-04-01 #23903) identified and documented the 300-line limit violation scope, and Plan Command proactively created decomposition plans for the worst offenders.
• Workflow health: 178 lock files at schema v3, stable — no schema regressions.

Concerning Patterns

• Security findings backlog growing: 6 open gh-aw-security-finding issues, all from @szabta89, spanning March 25–31. Topics include git hook injection via cache-memory, protocol-relative URL bypass in safe-outputs, HTTP/numeric IP allowlist bypass, and MCP gateway tool allowlist gaps. None have assigned owners or triage labels beyond the security-finding label itself.
• Auto-Triage at 0% effectiveness: The Auto-Triage workflow reported 0 issues processed for 2026-04-01, with all 6 unlabeled issues blocked by the DIFC integrity filter. Community-authored issues are systematically excluded from automated triage, meaning unlabeled community issues remain unlabeled indefinitely.
• Smoke Claude safe-output failures: The Safe Output Health Report (Safe Output Health Report - 2026-04-01 #23896) confirmed a 16.7% safe-output job failure rate (2/12), both failures from Smoke Claude. Root cause: the workflow writes run-specific filenames but the push_to_pull_request_branch allowlist only accepts the static path .github/smoke-claude-push-test.md.
• add_labels.cjs pagination bug: Community issue add_labels.cjs only fetches first page of labels (pagination bug) #23914 (2026-03-31, @yskopets) reports the label helper only fetches the first page of labels. Any repo with >30 labels will silently fail to find labels beyond page 1.

Emerging Patterns

• Plan Command as decomposition driver: Plan Command generated 5 new decomposition plan issues today ([plan] Split gateway_logs.go into focused files #23904–[plan] Split constants.go into domain-grouped files #23909) targeting file size violations in pkg/cli/ and pkg/workflow/. One was already closed/implemented ([plan] Split checkout_manager.go into state management and step generation #23908 — checkout_manager.go split, matching the recent commit 0b26d14). This is a new operational pattern where Plan Command proactively identifies and queues refactoring work.
• Copilot PR success rate volatility: The daily PR success rate shifted 87% → 90% → 70% over three consecutive days. The April 1st drop is notable and may indicate a workflow change or an influx of harder PRs.

---

Trend Intelligence

Metric	2026-03-26	2026-04-01	Trend
Discussions (7d)	36	39	+8%
Audits (7d)	29	29	Stable
Open issues	79	41	✅ −48%
Closed issues	421	459	+9%
Copilot tokens/day	~est. 200M+	94.7M	✅ −60% vs peak
Safe output failure rate	N/A	16.7%	⚠️ New signal
Security findings open	N/A	6	⚠️ Growing
Auto-Triage success	N/A	0%	⚠️ Blocked
PR merge success	N/A	70%	⚠️ Down from 90%

Token efficiency has improved substantially since February. Issue volume is healthier. However, three new active concerns (safe-output failures, security findings, Auto-Triage blockage) emerged in this period.

---

Notable Findings

Exciting Discoveries

• checkout_manager.go refactor completed same-day: Plan Command created [plan] Split checkout_manager.go into state management and step generation #23908 (split checkout_manager.go) and it was closed within hours — the most recent commit (0b26d14) implements this exact split. This demonstrates the Plan Command → implementation pipeline working end-to-end in a single day.
• Claude documentation quality verified: An independent "noob test" of the gh-aw documentation (discussion 📚 Documentation Noob Test Report - 2026-04-01 #23899) found the Claude engine onboarding to be complete and functional, with explicit support in the add-wizard, engines.md documentation, and custom endpoint options.
• Copilot workload at scale: 48 Copilot PRs opened in a single day with a 70% merge rate (33 merged), and 133 workflow runs consuming 94.7M tokens across 65 unique workflows. The ecosystem is operating at meaningful production scale.

Suspicious Activity

• "copilot was here" open issue (copilot was here #18637, copilot was here #19907): Two open issues titled "copilot was here" created by github-actions in February–March remain open. These appear to be test artifacts or misconfigured workflow outputs that were never cleaned up.
• Daily Syntax Error Quality Check as top token consumer: The highest single-run token cost was the Daily Syntax Error Quality Check at 11.4M tokens and 168 turns — and it failed. A failing workflow consuming 11.4M tokens in a single run represents a potential efficiency concern worth investigating.

Anomalies

• Firewall 2.5% block rate with targeted cause: The Daily Firewall Report (Daily Firewall Report - 2026-04-01 #23872) shows 97.5% allow rate, with the 2.5% blocks concentrated in Dependabot (blocked Go proxy access) and Changeset Generator (blocked ChatGPT/GitHub domains). These are allowlist gaps, not systemic issues, but the Changeset Generator blocking ChatGPT domains is unusual.
• Agent Performance quality score declined: The Agent Performance Report (Agent Performance Report — Week of 2026-04-01 #23825) shows a quality score of 76/100, down 3 points from the prior week. Smoke Claude and Changeset Generator are cited as underperformers.

---

Predictions and Recommendations

• Smoke Claude failures will persist until the config filename issue is fixed. This is a deterministic failure with an identified root cause — it will not self-resolve.
• Security findings will accumulate without explicit triage assignment. @szabta89 has filed 6 issues in 7 days; the cadence suggests more are coming. A dedicated triage pass with owner assignment is needed.
• Plan Command refactoring pipeline will generate more decomposition issues. If this continues at today's rate (5 issues/day), the 300-line limit violation backlog could be fully planned within two weeks.
• Auto-Triage effectiveness will remain 0% as long as the integrity filter is tuned to block community issues. Consider whether the filter threshold should be relaxed for the triage-only workflow (read-only, low-risk).
• Copilot PR success rate should be monitored over the next 3 days to determine if the 70% is a one-day anomaly or a new lower baseline.

---

Actionable Agentic Tasks (Quick Wins)

Three GitHub issues have been created from this analysis:

1. [aw_smoke1] Fix Smoke Claude safe-outputs filename mismatch — root cause identified, config or one-line code change. Expected to bring safe-output failure rate from 16.7% → 0%.

2. [aw_labels2] Fix add_labels.cjs pagination bug — single-file change to add pagination loop. Fixes silent label-application failures on repos with >30 labels.

3. [aw_sec3] Triage 6 open security findings from @szabta89 — assign severity/priority labels and owners for issues Safe-outputs write-sink MCP must use a distinct, scoped bearer token not shared with the read GitHub MCP #23740, cache-memory setup must clear .git/hooks/ after cache restore, before running git checkout #23739, safe-outputs sanitizer must treat //hostname protocol-relative URLs as blocked domains #23737, AWF allowlist not enforced for plain-HTTP connections to numeric IPs; web-fetch may bypass proxy enforcement #23079, gh-aw compiler must reject env.* expressions in markdown per documented safety policy #22914, MCP gateway should enforce tool allowlist at the gateway layer, not only at the Claude client layer #22908.

---

Source Attribution

Discussions analyzed (7-day window):

• Agent Performance Report — Week of 2026-04-01
• Safe Output Health Report - 2026-04-01
• Daily Firewall Report - 2026-04-01
• UX Analysis Report — 2026-04-01
• [Auto-Triage] Auto-Triage Report — 2026-04-01
• 📊 Daily Copilot Token Consumption Report — 2026-04-01
• [copilot-agent-analysis] Daily Copilot Agent Analysis - 2026-04-01
• Developer Documentation Consolidation - 2026-04-01
• 📚 Documentation Noob Test Report - 2026-04-01
• 🔍 Claude Code User Documentation Review - 2026-04-01
• Repository Quality: File Size Discipline — 2026-04-01
• 📊 Agentic Workflow Lock File Statistics — 2026-04-01
• DeepReport Intelligence Briefing - 2026-03-27 (prior analysis baseline)

Issues analyzed: /tmp/gh-aw/weekly-issues-data/issues.json (500 issues, 7-day window)

Workflow runs: Latest 15 runs via gh-aw MCP logs tool (2026-04-01, schedule/issue_comment events)

Repo memory used: memory/deep-report branch — patterns from 2026-03-26 analysis

Analysis period: 2026-03-26 → 2026-04-01

References:

• §23856845767 — This DeepReport run

AI generated by DeepReport - Intelligence Gathering Agent · history

• expires on Apr 8, 2026, 3:45 PM UTC

[github-actions[bot]]

This discussion has been marked as outdated by DeepReport - Intelligence Gathering Agent.

A newer discussion is available at Discussion #24140.