Agent Persona Exploration - 2026-04-10

[github-actions[bot]]

Exploration of the agentic-workflows custom agent behavior across 7 representative automation scenarios drawn from 5 software worker personas. The agent was simulated using general-purpose agents loaded with gh-aw conventions (the agentic-workflows type is not directly invokable as a task agent).

Persona Overview

• Agent tested: agentic-workflows (simulated)
• Scenarios tested: 7 across 5 personas
• Average quality score: 4.74 / 5.0
• Top score: 25/25 — DB Migration Safety Review (Backend Engineer)
• Lowest score: 22/25 — PR Coverage Tracker (QA Tester)

Key Findings

1. Security posture is consistently excellent — all 7 workflows correctly applied read-only agent permissions with writes exclusively via safe-outputs. The pattern appears deeply embedded in the agent's behavior.
2. Fuzzy scheduling mastery — every scheduled workflow correctly used weekly on monday around 09:00 with auto-added workflow_dispatch, following gh-aw best practices exactly.
3. Bash allowlists preferred over wildcards — the agent consistently produced explicit bash: ["command:*"] allowlists rather than bash: true, which is the security-first pattern.
4. noop always included — every workflow included a noop safe-output path, preventing the most common workflow failure mode.
5. One structural gap found — PR-triggered workflows (FE1, QA1) did not include a concurrency block, which is a production-readiness gap for rapid-push scenarios.

Top Patterns

1. PR triggers: pull_request: types: [opened, synchronize, reopened] with paths: filters — used in 3/7 scenarios
2. Tools: GitHub MCP with minimal toolsets + explicit bash allowlists; cache-memory for state persistence
3. Security: 100% read-only permissions + safe-outputs; strict: true in 3/7 explicitly; network.allowed scoped to go, node, github, api.osv.dev as appropriate
4. Output hygiene: close-older-issues: true / hide-older-comments: true used in recurring reports to prevent accumulation
5. Progressive disclosure: <details>/<summary> blocks in all report templates for scannable issue/comment output

View Scenario Scores (all 7)

Scenario	Persona	Workflow	Trigger	Tools	Security	Clarity	Complete	Total
BE1	Backend Eng.	DB Migration Safety Review	5	5	5	5	5	25
BE2	Backend Eng.	Weekly CVE Scanner	5	5	5	5	4	24
DevOps1	DevOps Eng.	Deployment Incident Responder	5	5	5	4	5	24
QA2	QA Tester	Weekly Flaky Test Detector	5	5	5	4	5	24
PM1	Product Mgr	Weekly Feature Impact Digest	5	5	5	4	5	24
FE1	Frontend Dev	Visual Regression	5	5	5	4	4	23
QA1	QA Tester	PR Coverage Tracker	5	4	5	4	4	22

View High Quality Responses (Score ≥ 24)

BE1 — DB Migration Safety Review (25/25)
Perfect score. Standout behaviors: used submit-pull-request-review (not just add-comment) enabling branch-protection integration; dual data sources (git diff + GitHub MCP) for cross-verification; migration-framework sniffing before applying rollback checks; three-way review verdict (APPROVE / COMMENT / REQUEST_CHANGES).

DevOps1 — Deployment Incident Responder (24/25)
Pre-fetch step materialized log error signals before the agent started, reducing MCP round-trips. Correct use of workflow_run trigger scoped to named deploy workflows. Belt-and-suspenders dedup: both skip-if-match in frontmatter AND agent-side SHA-level deduplication search.

BE2 — Weekly CVE Scanner (24/25)
Dual-source enrichment (GHSA + OSV) with explicit CVSS threshold (≥9.0 = CRITICAL, 7.0–8.9 = HIGH). Per-CVE deduplication via issue search before each create-issue call — correctly identified that skip-if-match handles workflow-level gating but can't do per-finding dedup.

View Areas for Improvement

Missing concurrency blocks in PR workflows (FE1, QA1)
When multiple pushes arrive rapidly on the same PR, visual regression (FE1) and coverage (QA1) workflows can race on the same cache-memory key. The recommended fix is:

concurrency:
  group: "workflow-name-$\{\{ github.ref }}"
  cancel-in-progress: true

This is documented in create-agentic-workflow.md examples but not applied consistently.

Python/bash variable handoff in QA1
The coverage tracker prompt mixed shell variable interpolation ($OVERALL_PCT) inside Python heredocs. The pattern works but is ambiguous — the agent must correctly infer the bash→Python data boundary. A clearer pattern would write shell values to a temp file, then json.load() from Python, avoiding interpolation entirely.

GitHub MCP list_pull_requests label filtering caveat (PM1)
The weekly digest workflow assumes server-side label filtering in the MCP tool, which may not be supported. A production run may silently return all PRs and require client-side filtering. This is a gh-aw MCP documentation gap.

Recommendations

1. Add concurrency block template to .github/aw/create-agentic-workflow.md — Include a standard example for PR-triggered workflows showing group: "workflow-$\{\{ github.ref }}" / cancel-in-progress: true. This single addition would prevent a common production-readiness gap across all PR automation scenarios.

2. Document MCP tool filtering limitations in .github/aw/github-mcp-server.md — Explicitly note that list_pull_requests and similar list tools may not support server-side label/date filtering; instruct agents to always fetch and client-side filter. Prevents silent data gaps in PM and reporting workflows.

3. Add Python/bash data handoff pattern to .github/aw/github-agentic-workflows.md — Include a canonical pattern for shell→Python data passing (write to temp JSON file, json.load() in Python) to replace ad-hoc variable interpolation in multi-language analysis workflows.

References:

• Workflow run: §24225274462
• Cache report saved to: /tmp/gh-aw/cache-memory/agent-persona-explorer-2026-04-10.json

Generated by Agent Persona Explorer · ● 5.1M · ◷

[github-actions[bot]]

This discussion has been marked as outdated by Agent Persona Explorer.

A newer discussion is available at Discussion #25749.