Skip to content

[integrity-audit] Integrity Filtering Audit — 2026-03-26 (github/gh-aw) #2578

Closed
Closed
[integrity-audit] Integrity Filtering Audit — 2026-03-26 (github/gh-aw)#2578
Labels
automationintegrity-audit
@github-actions

Description

@github-actions
github-actions
bot
opened on Mar 26, 2026

Audit period: 2026-03-26 ~06:00 UTC – 15:14 UTC (last 24h, ~9+ hours of coverage)
Runs analyzed: 50+ completed runs across 40 pages of workflow history in github/gh-aw
Runs with artifacts: 8 confirmed (scout, issue-triage-agent, agent-container-smoke-test, auto-triage ×2, cli-consistency-checker, smoke-cross-repo-pr, daily-token-report)

Findings Summary

Severity Count Description
🟡 Warning 5 Detection job failures: "Execute GitHub Copilot CLI" step consistently failing
🟡 Warning 1 Audit agent lacks [secret] clearance — MCP logs/artifacts inaccessible via DIFC
🟢 Info 4 Infra/post-setup failures unrelated to DIFC (Post Setup Scripts, Checkout PR branch, Run linter)
🟢 Info 2 Safe-output failures in Q and Smoke Claude (Process Safe Outputs step)
🟢 Info No critical data leaks or guard bypass events detected
🟢 Info DIFC secrecy enforcement confirmed active on all artifact/log access
🟡 Warnings

W1: Detection Job Failures — "Execute GitHub Copilot CLI" step (5 occurrences)

The detection job across multiple workflows is consistently failing at the "Execute GitHub Copilot CLI" step, followed by a consequent failure of "Parse and conclude threat detection". The actual error output is inaccessible (DIFC-filtered), but the pattern is consistent across unrelated workflows and time windows.

Note: At 11:18 UTC, Auto-Triage Issues succeeded. By 13:44 UTC it was failing. This suggests a regression or transient condition occurred between ~11:18 and ~13:03 UTC today.

Run Workflow Time (UTC) Failed Step Job
23598572272 Auto-Triage Issues 14:04 Execute GitHub Copilot CLI detection
23597595697 Auto-Triage Issues 13:44 Execute GitHub Copilot CLI detection
23597117611 CLI Consistency Checker 13:33 Execute GitHub Copilot CLI detection
23595764504 Smoke Create Cross-Repo PR 13:03 Execute GitHub Copilot CLI detection
23591537453 Daily Copilot Token Consumption Report 11:19 Execute GitHub Copilot CLI detection

Potential causes:

  • Detection agent missing required access token/credential after a rotation
  • DIFC policy change blocking detection agent's tool access
  • The Copilot CLI binary or model endpoint experiencing issues
  • Detection workflow guard_policy preventing the detection sub-agent from accessing needed data

W2: Audit Agent DIFC Clearance Gap

This audit agent ran without [secret] secrecy clearance. All attempts to download artifact content (agent, firewall-audit-logs, detection) and all job log reads were filtered by DIFC with the message:

"Resource 'resource:actions_get' has secrecy requirements that agent doesn't meet. The agent is not authorized to access [secret]-scoped data."

This means:

  • The audit cannot inspect actual rpc-messages.jsonl DIFC event counts
  • Cannot verify tool-level integrity tag correctness
  • Cannot count filtered vs. total items in any run
  • Cannot confirm guard error messages or unscoped tags

Recommendation: Future integrity audits should run with [secret] clearance, or artifacts should be exported to a dedicated, lower-secrecy audit store.

🟢 Informational

DIFC Pipeline Health

  • Confirmed active: DIFC enforcement is working — resource:actions_get and resource:get_job_logs are correctly classified as [secret]-scoped and filtered when accessed by this agent.
  • Artifact listing accessible: list_workflow_run_artifacts returns metadata without DIFC filtering (artifact IDs, sizes, names, digests), confirming metadata is treated as non-secret.
  • Run & job metadata accessible: Workflow run lists, job lists, and step-level status/conclusion are all accessible and not filtered.
  • Auto-Triage Issues succeeded at 11:18 UTC: Run 23591520024 — confirms the pipeline was healthy earlier in the period.

Infrastructure Failures (Not DIFC-related)

Run Workflow Failed Step Job Likely Cause
23595764504 Smoke Create Cross-Repo PR Post Setup Scripts agent Infra/teardown
23591527991 GitHub MCP Structural Analysis Post Setup Scripts upload_assets Infra/teardown
23591232729 Developer Documentation Consolidator Post Setup Scripts push_repo_memory Infra/teardown
23591537453 Daily Copilot Token Consumption Report Post Setup Scripts upload_assets Infra/teardown
23595618481 AI Moderator Checkout PR branch agent Git/ref issue
23596986758 CI Optimization Coach Run linter agent Lint failure
23596235415 Documentation Noob Tester Execute GitHub Copilot CLI agent CLI failure

Safe-Outputs Failures

Run Workflow Failed Step Time
23596985989 Q Process Safe Outputs 13:31 UTC
23581097990 Smoke Claude Process Safe Outputs 06:40 UTC

These are isolated failures in the safe_outputs job and may indicate an issue with the safeoutputs service or its configuration at the time of those runs.

Runs With Full Artifact Sets (Detection + Agent + Firewall-Audit-Logs)

These runs completed successfully and produced the expected DIFC artifact sets:

Run Workflow Time (UTC) Agent Size Firewall Logs
23600217702 Issue Triage Agent 14:37 405 KB 11.1 KB
23597603295 Scout 13:44 276 KB 12.6 KB
23596006861 Agent Container Smoke Test 13:09 73.9 KB 12.1 KB
23598572272 Auto-Triage Issues (failed) 14:04 79 KB 11 KB

Runs Analyzed (Selected Completed Runs)

Run Workflow Time (UTC) Detection Agent Status
23600217702 Issue Triage Agent 14:37
23598572272 Auto-Triage Issues 14:04
23597603295 Scout 13:44
23597595697 Auto-Triage Issues 13:44
23597117611 CLI Consistency Checker 13:33
23596006861 Agent Container Smoke Test 13:09
23595764504 Smoke Create Cross-Repo PR 13:03
23591537453 Daily Copilot Token Consumption Report 11:19
23591520024 Auto-Triage Issues 11:18

Recommendations

  1. Investigate detection job failures — The "Execute GitHub Copilot CLI" step is failing in the detection job across 5 different workflows between 11:19 and 14:04 UTC. Since Auto-Triage Issues succeeded at 11:18 but failed at 13:44, something regressed. Check if:

    • A Copilot CLI token or credential expired/rotated between those times
    • A model endpoint became unavailable
    • A DIFC policy change affected detection agent access
    • The actual error output in run 23598572272 detection job logs

  2. Run integrity audits with [secret] clearance — This audit could not inspect actual DIFC event data, integrity tag counts, or guard error messages. A dedicated audit agent with appropriate secrecy clearance is needed for deep DIFC auditing.

  3. Investigate recurring "Post Setup Scripts" failures — 4 different workflows failed in post-setup/teardown. This may indicate a shared infrastructure issue (disk space, runner environment, etc.).

  4. Investigate "Process Safe Outputs" failures — 2 workflows failed in safe_outputs. Check if the safeoutputs service was experiencing issues at those times.

Note

🔒 Integrity filter blocked 2 items

The following items were blocked because they don't meet the GitHub integrity level.

  • actions_get actions_get: has secrecy requirements that agent doesn't meet. The agent is not authorized to access [secret]-scoped data.
  • get_job_logs get_job_logs: has secrecy requirements that agent doesn't meet. The agent is not authorized to access [secret]-scoped data.

To allow these resources, lower min-integrity in your GitHub frontmatter:

tools:
  github:
    min-integrity: approved  # merged | approved | unapproved | none

Generated by Integrity Filtering Audit ·

  • expires on Apr 2, 2026, 3:26 PM UTC

Metadata

Metadata

Assignees

No one assigned

    Labels

    automationintegrity-audit

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions