Implement bot that performs time-series metric analysis and suggests repo management improvements

[gundermanc]

Summary

Implements an agent that runs nightly and analyzes the metrics time series and sends PRs to optimize them. For example:

Upon observing high per-maintainer issue load, the bot may send a pull request implementing an automated triage process. Maintainers can leave comments to collaborate with and leave feedback for the bot until the PR is completed. The bot learns from and remembers this user feedback, allowing it to adapt to the repo maintainers expectations.

Once the PR is completed, the bot remembers this as well as any relevant user feedback in its memory and uses this to focus subsequent efforts.

Why did you choose this approach

This repository needs improvements made to its policies and/or automation to help aid maintainers in keeping a steady throughput of work items, PRs etc. All of these goals can be easily validated via metrics.

A human can spend several days working through these metrics and produce a plan with targeted improvements to the existing automation, however, this is a static set of mitigations, which solve only the cases the human thinks of, and cannot react to new trends in the repository. An agent, however, is able to monitor metrics on some cadence, discover anomalies, recommend new policies, monitor them in the days following their check in, and then recommend follow up actions to improve their effectiveness.

Examples:

• The agent observes that PR latency is very high for pull requests due to a failing CI. It investigates, identifies the root cause as a flaky test, and sends a pull request to fix the test.
• The agent observes that the time to first response for community PRs is higher than that of 1st party PRs and recommends automated issue closing and triage scripts to help reduce maintainer load and help maintainers prioritize high impact issues.
• The agent observes that there is an inequal distribution of PR reviews across maintainers. It institutes automated reviewer selection based on a combination of domain expertise and reviewer workload.
• The agent observes a large number of related issues in a short period of time and updates the policies to temporarily leave a special comment directing the users to a de-duped tracking issue.

Demo run

In an example run, the agent noticed that the 1000 item issue count metric was unchanged across two runs, and it deduced that it is inaccurate. It sent this PR to correct the issue: https://github.com/google-gemini/gemini-cli/pull/26071/changes

Security

For security purposes, the agent runs in an isolated GitHub actions workflow stage with no direct credential or repo write access. It is solely responsible for investigating and recommending changes to the user in the form of a git patch which is uploaded, and applied in a subsequent "publish" stage, which has the write access necessary to perform repo updates. It can also push updates and comment on its own PRs but deterministic policies disallow interactions with others PRs.

Human approval is required for all repo changes.

Memory

Memory between runs is stored in transient GitHub actions artifacts in a lessons-learned.md file. In a lot of ways, this agent acts as a sort of "unrolled loop" of a persistent agent. Each session is a brand new session, but seeded with memory and data accumulated from past runs.

Future Considerations

Building a system like this that periodically introspects on and suggests improvements to key metrics opens the door to the notion of agent directly and proactively contributing to the Gemini CLI codebase. For now, we'll scope this to engineering system improvements but one can imagine growing this into a fully fledged AI contributor which makes product improvements, proactively fixes bugs based on their impact, etc.

[github-actions]

Size Change: -4 B (0%)

Total Size: 33.9 MB

Filename	Size	Change
./bundle/chunk-6CE7MC2L.js	0 B	-49.2 kB (removed)	🏆
./bundle/chunk-7MZLJYP5.js	0 B	-14.7 MB (removed)	🏆
./bundle/chunk-BB4ECRTZ.js	0 B	-3.8 kB (removed)	🏆
./bundle/chunk-QELRWQ43.js	0 B	-2.73 MB (removed)	🏆
./bundle/chunk-UG4JF3Q2.js	0 B	-673 kB (removed)	🏆
./bundle/chunk-UQSUR5NJ.js	0 B	-3.43 kB (removed)	🏆
./bundle/core-SBDYHOQV.js	0 B	-48.1 kB (removed)	🏆
./bundle/devtoolsService-QAPVRKZF.js	0 B	-27.8 kB (removed)	🏆
./bundle/gemini-YBVNLMFL.js	0 B	-574 kB (removed)	🏆
./bundle/interactiveCli-3P45P5O6.js	0 B	-1.31 MB (removed)	🏆
./bundle/liteRtServerManager-24PPPOCE.js	0 B	-2.08 kB (removed)	🏆
./bundle/oauth2-provider-FDIWOY3D.js	0 B	-9.16 kB (removed)	🏆
./bundle/chunk-25P4QJ4Q.js	2.73 MB	+2.73 MB (new file)	🆕
./bundle/chunk-33JNPVDA.js	3.8 kB	+3.8 kB (new file)	🆕
./bundle/chunk-64XRVL6R.js	49.2 kB	+49.2 kB (new file)	🆕
./bundle/chunk-7BYAXA2M.js	14.7 MB	+14.7 MB (new file)	🆕
./bundle/chunk-NQMWGCRR.js	673 kB	+673 kB (new file)	🆕
./bundle/chunk-UQ6KUT77.js	3.43 kB	+3.43 kB (new file)	🆕
./bundle/core-PIKY2YON.js	48.1 kB	+48.1 kB (new file)	🆕
./bundle/devtoolsService-GSQTY2XF.js	27.8 kB	+27.8 kB (new file)	🆕
./bundle/gemini-YUPNPPNG.js	574 kB	+574 kB (new file)	🆕
./bundle/interactiveCli-BFROMZQ5.js	1.31 MB	+1.31 MB (new file)	🆕
./bundle/liteRtServerManager-ZYMMVUZR.js	2.08 kB	+2.08 kB (new file)	🆕
./bundle/oauth2-provider-VA72EBT2.js	9.16 kB	+9.16 kB (new file)	🆕

ℹ️ View Unchanged

Filename	Size	Change
./bundle/bundled/third_party/index.js	8 MB	0 B
./bundle/chunk-34MYV7JD.js	2.45 kB	0 B
./bundle/chunk-5AUYMPVF.js	858 B	0 B
./bundle/chunk-5PS3AYFU.js	1.18 kB	0 B
./bundle/chunk-664ZODQF.js	124 kB	0 B
./bundle/chunk-DAHVX5MI.js	206 kB	0 B
./bundle/chunk-IUUIT4SU.js	56.5 kB	0 B
./bundle/chunk-MTD736U4.js	1.97 MB	0 B
./bundle/chunk-RJTRUG2J.js	39.8 kB	0 B
./bundle/cleanup-3SMQAVBW.js	0 B	-932 B (removed)	🏆
./bundle/devtools-36NN55EP.js	696 kB	0 B
./bundle/dist-T73EYRDX.js	356 B	0 B
./bundle/events-XB7DADIJ.js	418 B	0 B
./bundle/examples/hooks/scripts/on-start.js	188 B	0 B
./bundle/examples/mcp-server/example.js	1.43 kB	0 B
./bundle/gemini.js	4.97 kB	0 B
./bundle/getMachineId-bsd-TXG52NKR.js	1.55 kB	0 B
./bundle/getMachineId-darwin-7OE4DDZ6.js	1.55 kB	0 B
./bundle/getMachineId-linux-SHIFKOOX.js	1.34 kB	0 B
./bundle/getMachineId-unsupported-5U5DOEYY.js	1.06 kB	0 B
./bundle/getMachineId-win-6KLLGOI4.js	1.72 kB	0 B
./bundle/memoryDiscovery-NSOLCG4U.js	980 B	0 B
./bundle/multipart-parser-KPBZEGQU.js	11.7 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/client/main.js	222 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/_client-assets.js	229 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/index.js	13.4 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/types.js	132 B	0 B
./bundle/sandbox-macos-permissive-open.sb	890 B	0 B
./bundle/sandbox-macos-permissive-proxied.sb	1.31 kB	0 B
./bundle/sandbox-macos-restrictive-open.sb	3.36 kB	0 B
./bundle/sandbox-macos-restrictive-proxied.sb	3.56 kB	0 B
./bundle/sandbox-macos-strict-open.sb	4.82 kB	0 B
./bundle/sandbox-macos-strict-proxied.sb	5.02 kB	0 B
./bundle/src-QVCVGIUX.js	47 kB	0 B
./bundle/start-74QEIN7P.js	0 B	-622 B (removed)	🏆
./bundle/tree-sitter-7U6MW5PS.js	274 kB	0 B
./bundle/tree-sitter-bash-34ZGLXVX.js	1.84 MB	0 B
./bundle/cleanup-7EENT45L.js	932 B	+932 B (new file)	🆕
./bundle/start-7Q5H3LBJ.js	622 B	+622 B (new file)	🆕

_{compressed-size-action}

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces an autonomous agent designed to improve repository health by analyzing time-series metrics and proactively suggesting management improvements. By separating concerns into deterministic data collection and agentic reasoning, the system can identify bottlenecks—such as high PR latency or maintainer workload imbalances—and propose targeted, validated interventions. The implementation emphasizes security and human-in-the-loop oversight, ensuring that all proposed changes are technically critiqued and require manual approval before being applied to the repository.

Highlights

• Agentic Architecture: Implemented a multi-system agentic architecture consisting of a 'Pulse' for deterministic data collection and a 'Brain' for strategic reasoning, root-cause analysis, and proactive repository management.
• Time-Series Metrics: Enhanced the metrics collection pipeline to track time-series data, calculate 7-day and 30-day deltas, and maintain a rolling window of historical repository health data.
• Critique & Safety: Added a 'Critique' phase with a mandatory technical checklist to validate proposed changes for robustness, security, and anti-spam protocols before any automated PR generation.
• Structured Memory: Introduced a 'lessons-learned.md' file to serve as the bot's structured memory, featuring a Task Ledger, Hypothesis Ledger, and Decision Log for long-term strategic tracking.

Ignored Files

• Ignored by pattern: .github/workflows/** (2)
  • .github/workflows/gemini-cli-bot-brain.yml
  • .github/workflows/gemini-cli-bot-pulse.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a metrics history synchronization and rolling window update mechanism for the Gemini CLI bot. It adds a sync.ts script to download historical metrics from previous CI runs and updates metrics/index.ts to calculate 7-day and 30-day deltas for tracked metrics. My review identified several critical issues: missing imports for execFileSync in multiple files, vulnerabilities to command injection due to unsafe shell execution, and an incorrect rolling window size in the metrics update logic that contradicts the intended 5000-row retention policy.