📊 Agentic Workflow Lock File Statistics - November 30, 2025

[github-actions[bot]]

📊 Agentic Workflow Lock File Statistics - November 30, 2025

This report provides comprehensive statistical analysis of all 99 agentic workflow lock files (.lock.yml) in the githubnext/gh-aw repository, revealing usage patterns, structural characteristics, and interesting insights about how agentic workflows are configured and deployed.

Executive Summary

• Total Lock Files Analyzed: 99
• Total Size: 27.67 MB
• Average File Size: 286.20 KB
• Workflows Using Safe Outputs: 71 (71.7%)
• Most Common Trigger: workflow_dispatch (73 workflows, 73.7%)
• Most Common Safe Output: create-discussion (36 workflows)
• Analysis Date: 2025-11-30

Key Finding: The vast majority of workflows (94.9%) are substantial in size (>100KB), indicating complex, multi-step agentic processes. Nearly three-quarters of workflows support manual triggering via workflow_dispatch, showing emphasis on on-demand execution alongside scheduled automation.

Full Report Details

File Size Distribution

Size Range	Count	Percentage
< 10 KB	0	0%
10-50 KB	0	0%
50-100 KB	5	5.0%
> 100 KB	94	94.9%

Statistics:

• Smallest: arxiv.lock.yml (80.2 KB)
• Largest: poem-bot.lock.yml (491.9 KB)
• Mean: 286.20 KB
• Total: 27.67 MB

Insight: All workflows exceed 50KB, reflecting the substantial complexity and comprehensive instructions embedded in agentic workflows. The lack of small workflows suggests a baseline complexity floor for useful agentic automation.

---

Trigger Analysis

Most Popular Triggers

Trigger Type	Count	Percentage	Description
workflow_dispatch	73	73.7%	Manual trigger capability
schedule	58	58.6%	Cron-based scheduling
command	13	13.1%	gh-aw custom command trigger
reaction	10	10.1%	Triggered by emoji reactions
pull_request	7	7.1%	PR events
skip-if-match	4	4.0%	Conditional skip logic
push	4	4.0%	Code push events
workflow_run	2	2.0%	Chain from other workflows
stop-after	2	2.0%	Limited execution
issues	2	2.0%	Issue events
workflow_call	1	1.0%	Reusable workflow

Common Trigger Combinations

The most prevalent trigger patterns reveal design philosophies:

Trigger Combination	Count	Use Case
schedule + workflow_dispatch	47	Automated + manual fallback
workflow_dispatch (only)	10	Pure manual execution
command (only)	8	gh-aw CLI commands
schedule + skip-if-match + workflow_dispatch	4	Smart scheduled execution
pull_request + reaction + schedule + workflow_dispatch	4	Multi-modal PR workflows

Pattern Analysis:

• 69 workflows (69.7%) use multiple triggers (flexible activation)
• 21 workflows (21.2%) use single trigger (dedicated purpose)
• 53 workflows combine scheduled + manual triggers (the "golden pattern")

Insight: The dominance of schedule + workflow_dispatch shows teams want regular automated execution with manual override capability—a best practice for production agentic workflows.

Schedule Patterns

From 58 workflows with schedule triggers, we identified 121 total cron schedules (some workflows have multiple schedules):

Schedule (Cron)	Count	Description
0 9 * * *	12	Daily at 9 AM UTC
0 14 * * 1-5	8	Weekdays at 2 PM UTC
0 0,6,12,18 * * *	8	Four times daily (6-hour intervals)
0 9 * * 1	6	Weekly on Mondays at 9 AM
0 8 * * *	6	Daily at 8 AM UTC

Schedule Distribution:

• Daily workflows: 48 (various times throughout the day)
• Weekday-only: 34 (excludes weekends for team-focused workflows)
• Multiple times per day: 8 (high-frequency monitoring/reporting)

Insight: Morning UTC hours (8-9 AM) are most popular, suggesting workflows designed to have results ready for European/early US business hours.

---

Safe Outputs Analysis

Safe outputs enable agents to create GitHub content (discussions, issues, PRs, comments) safely.

Safe Output Types Distribution

Type	Count	Percentage	Purpose
create-discussion	36	41.4%	Create discussion threads
add-comment	21	24.1%	Comment on existing items
create-issue	16	18.4%	Create new issues
create-pull-request	14	16.1%	Create PRs

Total: 87 safe output configurations across 71 workflows (71.7% of all workflows)

Insight: create-discussion is the most popular safe output, indicating preference for persistent, threaded conversations over transient or scattered comments.

Safe Output Combinations

Most workflows use a single safe output type, but some combine multiple:

Combination	Count
create-discussion (only)	33
create-issue (only)	12
add-comment (only)	8
create-pull-request (only)	7
add-comment + create-pull-request	4
create-discussion + create-pull-request	2
add-comment + create-issue	2

Notable: craft.lock.yml uses 6 different safe output configurations, making it the most versatile workflow.

Discussion Categories

For workflows using create-discussion, the target categories are:

Category	Count	Purpose
audits	9	Analysis and audit reports
General	5	General discussions
dev	2	Development-related
artifacts	2	Artifact summaries
security	1	Security findings
research	1	Research outputs
reports	1	General reports
daily-news	1	News updates
announcements	1	Announcements

Insight: The "audits" category is the most popular destination, showing heavy usage of agentic workflows for analysis, reporting, and quality monitoring.

---

Structural Characteristics

Job Complexity

Metric	Value
Average Jobs per Workflow	7.1
Average Steps per Workflow	68.7
Maximum Steps in Single Workflow	129 (poem-bot.lock.yml)
Minimum Steps	Varies

Top 5 Most Complex Workflows (by steps):

1. poem-bot.lock.yml - 129 steps, 15 jobs
2. cloclo.lock.yml - 102 steps, 14 jobs
3. unbloat-docs.lock.yml - 96 steps, 10 jobs
4. technical-doc-writer.lock.yml - 96 steps, 10 jobs
5. q.lock.yml - 90 steps, 13 jobs

Insight: The average workflow contains ~7 jobs with ~10 steps each. The most complex workflows (100+ steps) typically involve documentation generation, code analysis, or creative content creation requiring multiple agent interactions.

Average Lock File Structure

Based on statistical analysis, a typical .lock.yml file has:

• Size: ~286 KB
• Jobs: ~7 jobs
• Steps per Job: ~10 steps
• Triggers: 2-3 triggers (usually schedule + workflow_dispatch)
• Safe Outputs: 1-2 safe output configurations
• Timeout: 10-15 minutes
• MCP Servers: GitHub MCP server (nearly universal)

---

Timeout Patterns

Timeout (minutes)	Count	Percentage
10	24	26.7%
15	22	24.4%
20	17	18.9%
30	12	13.3%
5	9	10.0%
45	4	4.4%

Average Timeout: 14 minutes

Insight: Most workflows use conservative 10-15 minute timeouts, balancing execution time against cost and responsiveness. Longer timeouts (30-45 min) are used for complex analysis or documentation workflows.

---

Tool & MCP Patterns

MCP Server Usage

Workflows Using MCP Servers: 97 out of 99 (98.0%)

MCP Server	Count	Purpose
github	97	GitHub API access (nearly universal)
playwright	5	Browser automation & web testing
deepwiki	1	Deep web research
arxiv	1	Academic paper research

Insight: The GitHub MCP server is virtually universal (98%), reflecting that agentic workflows are deeply integrated with GitHub's platform. Specialized MCP servers like Playwright, DeepWiki, and ArXiv appear in specific use cases requiring web automation or research capabilities.

Engine Distribution

Engine	Count	Workflows
claude	5	cloclo, commit-changes-analyzer, daily-multi-device-docs-tester
copilot	4	glossary-maintainer, poem-bot, smoke-copilot, smoke-copilot-no-firewall
codex	2	changeset, daily-fact
Unspecified	88	Default engine

Note: Only 11 workflows explicitly specify an engine in frontmatter. Most (88) use the system default, likely Claude-based given the gh-aw implementation.

---

Interesting Findings

1. The "Poem Bot" is the Most Complex Workflow

poem-bot.lock.yml tops all complexity metrics:

• Size: 491.9 KB (largest)
• Steps: 129 (most steps)
• Jobs: 15 (most jobs)

This creative content generation workflow demonstrates that artistic/creative tasks can be as complex as technical ones.

2. Documentation Workflows Dominate Size Rankings

Top 5 largest workflows:

1. poem-bot.lock.yml (491.9 KB)
2. cloclo.lock.yml (390.8 KB)
3. q.lock.yml (382.0 KB)
4. pr-nitpick-reviewer.lock.yml (379.8 KB)
5. copilot-session-insights.lock.yml (378.6 KB)

Many involve documentation, code review, or analysis—tasks requiring extensive context and instructions.

3. Morning UTC is Prime Time

The 0 9 * * * schedule (9 AM UTC) is used by 12 workflows—more than any other single time. This suggests optimization for results availability during European/US morning hours.

4. Weekday Workflows Outnumber 24/7 Ones

34 workflows use weekday-only schedules (* * * * 1-5), showing preference for business-hours-aligned automation over continuous monitoring.

5. Multi-Output Versatility

craft.lock.yml uses 6 safe output configurations, making it the Swiss Army knife of workflows—able to create discussions, issues, PRs, and comments depending on context.

6. "Command" Triggers Enable CLI Integration

13 workflows use the custom command trigger, enabling CLI-driven agentic automation via gh aw commands—a unique gh-aw feature for developer-friendly invocation.

7. Reaction Triggers for Interactive Workflows

10 workflows use reaction triggers, allowing users to trigger agent actions via emoji reactions—a creative, low-friction interaction pattern.

8. Minimal Engine Specification

Only 11% of workflows explicitly specify an engine. This suggests strong defaults and trust in the platform's engine selection.

9. No Workflows Under 50 KB

Every single workflow exceeds 50 KB, with 95% exceeding 100 KB. This indicates a baseline complexity threshold—agentic workflows are inherently substantial.

10. Test Workflows Are Isolated

7 workflows live in tests/ subdirectories, showing good organizational hygiene for test vs. production workflows.

---

Recommendations

Based on this analysis, here are recommendations for agentic workflow development:

1. Use the "Golden Pattern" for Triggers

Combine schedule + workflow_dispatch:

on:
  schedule:
    - cron: "0 9 * * *"
  workflow_dispatch:

This provides automated execution with manual override—the most flexible approach used by 47 workflows.

2. Target 10-15 Minute Timeouts

Most workflows succeed within 10-15 minutes. Use this as your initial timeout, adjusting upward only if needed:

timeout-minutes: 15

3. Prefer create-discussion for Persistent Output

With 36 uses, create-discussion is the most popular safe output. Discussions provide:

• Persistent, threaded conversations
• Categorization (audits, reports, etc.)
• Easy discovery and browsing

4. Include the GitHub MCP Server

98% of workflows use it. Unless you have specific reasons not to, include:

tools:
  github:
    toolsets:
      - default

5. Weekday Schedules for Team-Focused Workflows

If your workflow generates content for human review, use weekday-only schedules:

schedule:
  - cron: "0 9 * * 1-5"  # Weekdays only

6. Start Simple, Scale Complexity

Average workflows have ~7 jobs and ~70 steps. If you're exceeding 100 steps, consider whether you're trying to do too much in one workflow.

7. Use the "audits" Category for Analysis Workflows

With 9 workflows targeting it, "audits" has become the de facto standard for analysis and monitoring workflows.

---

Methodology

• Analysis Tool: Bash scripts with YAML parsing
• Lock Files Analyzed: 99
• Cache Memory: Used for script persistence and historical data at /tmp/gh-aw/cache-memory/
• Data Sources: All .lock.yml files in .github/workflows/ and subdirectories
• Extraction Method: Frontmatter comment parsing + YAML structure analysis
• Historical Tracking: Results saved to cache-memory/history/2025-11-30.json

Analysis Scripts (available in cache memory):

• analyze_lockfiles.sh - Main data extraction
• extract_frontmatter.sh - Frontmatter parsing
• trigger_combinations.sh - Trigger pattern analysis
• safe_outputs_analysis.sh - Safe outputs deep-dive
• interesting_findings.sh - Insight generation
• generate_stats.sh - Statistical summaries

---

Historical Context

This is the first comprehensive statistical analysis of gh-aw lock files. Future runs will enable trend analysis:

• Growth in workflow count
• Evolution of trigger patterns
• Changes in safe output preferences
• Average complexity trends

Baseline Established: 2025-11-30

• 99 workflows
• 27.67 MB total
• 71.7% using safe outputs

---

Conclusion

The agentic workflow ecosystem in githubnext/gh-aw is mature, sophisticated, and well-structured. With 99 workflows averaging 286 KB and 70 steps each, these are substantial automation systems. The heavy use of safe outputs (71.7%), universal GitHub MCP integration (98%), and flexible trigger patterns (69.7% multi-trigger) demonstrate thoughtful design focused on controlled, observable automation.

The dominance of the schedule + workflow_dispatch pattern and the preference for create-discussion outputs reveal a community that values both automated execution and human oversight, with persistent, categorized discussion threads as the primary output mechanism.

As agentic workflows continue to evolve, this baseline analysis provides a foundation for tracking trends and optimizing practices.

---

📊 Generated by Lockfile Statistics Analysis Agent on 2025-11-30 03:35 UTC
Analysis scripts available in /tmp/gh-aw/cache-memory/scripts/ for reuse

AI generated by Lockfile Statistics Analysis Agent

[github-actions[bot]]

This discussion was automatically closed because it was created by an agentic workflow more than 3 days ago.