⚡ pelis-agent-factory-advisor: pre-fetch content, restrict tools, reduce prompt tokens (~21% token savings)

[Copilot]

The workflow was wasting 1–3 LLM turns on a blocked web-fetch to github.com/githubnext/agentics and running deterministic shell commands (ls, find) inside the agent loop, accumulating unnecessary context across 11 turns (~$2.02/run).

Changes

• Pre-fetch agentics content (steps:): new fetch-agentics step pulls raw.githubusercontent.com/githubnext/agentics/main/README.md into .agentics-patterns.txt before the agent starts; adds raw.githubusercontent.com to network.allowed
• Pre-compute repo structure (steps:): new collect-repo-structure step runs ls/find once into .repo-structure.txt; Phase 2.1–2.2 now reads the file instead of making the agent run bash
• Remove web-fetch tool: no longer needed once both doc sources are pre-fetched; eliminates ~700 tokens/turn of schema overhead
• Restrict bash allowlist: ["*"] → ["cat", "find", "ls", "grep"]; reduces schema size and narrows command surface
• Condense prompt: Phase 1 cache-check collapsed from ~600 bytes to 3 lines; Phase 3.1 opportunity categories trimmed from 9 to 5 relevant ones

Projected impact: ~1,399K → ~1,100K tokens/run (−21%), ~$2.02 → ~$1.60/run, 11 → ~8–9 LLM turns.

Recompiled via gh aw compile and post-processed via npx tsx scripts/ci/postprocess-smoke-workflows.ts.

[Copilot]

Pull request overview

This PR optimizes the Pelis Agent Factory Advisor agentic workflow to reduce token usage and agent turns by pre-fetching reference content and shifting deterministic repo-discovery work out of the agent loop, while also tightening the available tool surface.

Changes:

• Pre-fetches Agentics README content into .agentics-patterns.txt and adds a .repo-structure.txt snapshot for the agent to read instead of running ls/find repeatedly.
• Removes the web-fetch tool and restricts the bash tool allowlist in the workflow frontmatter.
• Condenses Phase 1/3 prompt instructions to reduce prompt size and focus opportunity categories.

Show a summary per file

File	Description
.github/workflows/pelis-agent-factory-advisor.md	Adds prefetch/structure steps, removes web-fetch, tightens tool allowlist, and updates prompt instructions to use the precomputed files.
.github/workflows/pelis-agent-factory-advisor.lock.yml	Recompiled lockfile reflecting new steps, allowed domain list, tool allowlist changes, and updated rendered prompt IDs.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 2/2 changed files
• Comments generated: 4

[Copilot]

Fetch Agentics Patterns uses a curl | head pipeline but does not enable set -o pipefail. If curl -sf fails, the pipeline exit status will likely still be 0 (from head), so the fallback || echo "(not available)" won’t run and you may end up with an empty .agentics-patterns.txt without noticing. Add set -o pipefail for this step (or otherwise check curl's exit code) so failures are handled deterministically.

Suggested change

	run: |
	run: |
	set -o pipefail

[Copilot]

Phase 1 instructs the agent to compute a SHA-256 hash of .pelis-agent-factory-docs.txt and .agentics-patterns.txt, but the workflow’s bash tool allowlist no longer includes sha256sum (or another deterministic hashing command). An LLM can’t reliably compute SHA-256 from file contents, so the cache check will be unusable in practice. Either precompute the hash in a workflow step and have the agent read it, or expand the bash allowlist minimally (e.g., sha256sum) to support this instruction.

[Copilot]

The compiled lock workflow’s daily cron time changed from 26 21 * * * to 29 10 * * *. This isn’t mentioned in the PR description and will shift when the advisor runs. If the run time matters, consider pinning an explicit cron in the source .md (instead of schedule: daily) or confirm this shift is intentional/acceptable.

[Copilot]

raw.githubusercontent.com was added to network.allowed, but after removing web-fetch and restricting bash to not include curl, the agent itself can’t fetch from that domain anyway (and the pre-fetch step runs outside the sandboxed agent container). If the goal is least-privilege network egress for the agent, consider removing raw.githubusercontent.com from network.allowed and keeping the agent fully offline with respect to Agentics content (since it’s already pre-fetched into the workspace).

Suggested change

- "raw.githubusercontent.com"

[github-actions]

✅ Coverage Check Passed

Overall Coverage

Metric	Base	PR	Delta
Lines	86.20%	86.29%	📈 +0.09%
Statements	86.07%	86.16%	📈 +0.09%
Functions	87.41%	87.41%	➡️ +0.00%
Branches	78.57%	78.62%	📈 +0.05%

📁 Per-file Coverage Changes (1 files)

File	Lines (Before → After)	Statements (Before → After)
src/docker-manager.ts	86.6% → 87.0% (+0.39%)	86.1% → 86.5% (+0.38%)

---

Coverage comparison generated by scripts/ci/compare-coverage.ts

[github-actions]

Smoke Test Results — Claude ✅ PASS

Test	Result
GitHub MCP: "chore: upgrade gh-aw to v0.67.0 and recompile all workflows"	✅
GitHub MCP: "Remove unused github network group from secret-audit to cut token usage ~66%"	✅
Playwright: github.com title contains "GitHub"	✅
File write + read /tmp/gh-aw/agent/smoke-test-claude-24036649171.txt	✅

Overall: PASS

💥 [THE END] — Illustrated by Smoke Claude

[github-actions]

🔥 Smoke Test Results — PASS

Test	Result
GitHub MCP (list PRs)	✅
GitHub.com connectivity	✅
File write/read	✅ smoke-test-copilot-24036649199.txt

PR: ⚡ pelis-agent-factory-advisor: pre-fetch content, restrict tools, reduce prompt tokens (~21% token savings)
Author: @Copilot · Assignees: @lpcox @Copilot

Overall: PASS

📰 BREAKING: Report filed by Smoke Copilot

[github-actions]

Smoke Test Result

• chore: upgrade gh-aw to v0.67.0 and recompile all workflows
• Remove unused github network group from secret-audit to cut token usage ~66%
• ⚡ pelis-agent-factory-advisor: pre-fetch content, restrict tools, reduce prompt tokens (~21% token savings)
• [Test Coverage] Improve host-iptables.ts branch coverage from 83% to 99%
• ✅ GitHub MCP merged-PR review, file write/read, bash cat, npm ci && npm run build
• ❌ safeinputs-gh query, Playwright title check (EACCES), Tavily search, discussion query/comment
• Overall status: FAIL

🔮 The oracle has spoken through Smoke Codex

[github-actions]

🏗️ Build Test Suite Results

Ecosystem	Project	Build/Install	Tests	Status
Bun	elysia	✅	1/1 passed	✅ PASS
Bun	hono	✅	1/1 passed	✅ PASS
C++	fmt	✅	N/A	✅ PASS
C++	json	✅	N/A	✅ PASS
Deno	oak	N/A	1/1 passed	✅ PASS
Deno	std	N/A	1/1 passed	✅ PASS
.NET	hello-world	✅	N/A	✅ PASS
.NET	json-parse	✅	N/A	✅ PASS
Go	color	✅	passed	✅ PASS
Go	env	✅	passed	✅ PASS
Go	uuid	✅	passed	✅ PASS
Java	gson	✅	1/1 passed	✅ PASS
Java	caffeine	✅	1/1 passed	✅ PASS
Node.js	clsx	✅	passed	✅ PASS
Node.js	execa	✅	passed	✅ PASS
Node.js	p-limit	✅	passed	✅ PASS
Rust	fd	✅	1/1 passed	✅ PASS
Rust	zoxide	✅	1/1 passed	✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

Notes

• Java: Maven required proxy settings pointing to 172.30.0.10:3128 (the Squid proxy IP) instead of the squid-proxy hostname, which isn't resolvable from inside the agent container without AWF network setup.
• All other ecosystems worked with default configurations.

Generated by Build Test Suite for issue #1701 · ● 1M · ◷

[github-actions]

Smoke Test: GitHub Actions Services Connectivity

Check	Tool	Result
Redis ping	redis-cli (via nc fallback)	❌ FAIL — host.docker.internal:6379 not reachable
PostgreSQL ready	pg_isready	❌ FAIL — host.docker.internal:5432 - no response
PostgreSQL query	psql SELECT 1	❌ FAIL — skipped (host not reachable)

All checks failed. host.docker.internal resolves to 172.17.0.1 but neither Redis (port 6379) nor PostgreSQL (port 5432) responded. The Docker daemon is also not accessible from within this agent's sandbox, preventing AWF-wrapped execution. The GitHub Actions service containers do not appear to be running for this workflow.

🔌 Service connectivity validated by Smoke Services