[observability] Observability Coverage Report - 2026-04-29

[github-actions[bot]]

Executive Summary

Analyzed 20 recent agentic workflow runs from the last 7 days. Among completed runs with final artifacts, AWF Firewall coverage is 100% (5/5) and MCP telemetry coverage is 100% (5/5).

No completed firewall-enabled run is missing access.log, and no completed MCP-enabled run is missing both gateway.jsonl and rpc-messages.jsonl. Two downloaded runs are still in progress and should be re-evaluated after artifacts are uploaded.

Key Alerts and Anomalies

🔴 Critical Issues:

• No critical issues detected for completed MCP-enabled or firewall-enabled runs.

⚠️ Warnings:

• Daily Observability Report for AWF Firewall and MCP Gateway §25139748302: firewall telemetry run still in progress; artifacts not final.
• GitHub API Consumption Report Agent §25139474023: firewall telemetry run still in progress; artifacts not final.

Coverage Summary

Component	Runs Analyzed	Logs Present	Coverage	Status
AWF Firewall (access.log)	5 completed / 8 total	5 completed / 6 total	100% completed	✅
MCP Gateway (gateway.jsonl or rpc-messages.jsonl)	5 completed / 6 total	5 completed / 6 total	100% completed	✅

📋 Detailed Run Analysis

Firewall-Enabled Runs

Workflow	Run ID	access.log	Entries	Allowed	Blocked	Status
Daily Semgrep Scan	§25139712382	✅	56	28	28	✅
Daily Observability Report for AWF Firewall and MCP Gateway	§25139748302	❌	0	0	0	⏳
GitHub API Consumption Report Agent	§25139474023	❌	0	0	0	⏳
Package Specification Librarian	§25139376815	✅	21	21	0	✅
Daily Project Performance Summary Generator (Using MCP Scripts)	§25139296264	✅	70	37	33	✅
Daily Skill Optimizer Improvements	§25139141911	✅	9	5	4	✅
Test Quality Sentinel	§25138992304	✅	9	9	0	✅
Design Decision Gate 🏗️	§25138992313	✅	9	9	0	✅

Missing Firewall Logs (access.log)

Workflow	Run ID	Date	Link
None	-	-	-

MCP-Enabled Runs

Workflow	Run ID	Telemetry Source	Entries	Servers	Tool Calls	Errors	Status
Daily Semgrep Scan	§25139712382	rpc-messages.jsonl	14	github, safeoutputs, semgrep	4	0	✅
Package Specification Librarian	§25139376815	rpc-messages.jsonl	8	github, safeoutputs, serena	1	0	✅
Daily Project Performance Summary Generator (Using MCP Scripts)	§25139296264	rpc-messages.jsonl	22	github, mcpscripts, safeoutputs	8	1	✅
Daily Skill Optimizer Improvements	§25139141911	rpc-messages.jsonl	6	github, safeoutputs	1	0	✅
Test Quality Sentinel	§25138992304	rpc-messages.jsonl	8	github, safeoutputs	2	0	✅
Design Decision Gate 🏗️	§25138992313	rpc-messages.jsonl	6	github, safeoutputs	1	0	✅

Missing MCP Telemetry (no gateway.jsonl or rpc-messages.jsonl)

Workflow	Run ID	Date	Link
None	-	-	-

🔍 Telemetry Quality Analysis

Firewall Log Quality

• Total access.log entries analyzed: 174
• Domains accessed: 7 unique
• Blocked requests: 65 (37%)
• Most accessed domains: api.githubcopilot.com:443, (unknown), api.anthropic.com:443, 151.101.192.223:443, 151.101.64.223:443

Gateway Log Quality

• Telemetry source: rpc-messages.jsonl canonical fallback for all runs with MCP telemetry in this sample
• Total entries analyzed: 64
• MCP servers used: github, mcpscripts, safeoutputs, semgrep, serena
• Total tool calls: 17
• Error rate: 6%
• Average paired response time: 681ms

Additional Artifacts

• Runs with aw_info.json: 8/20
• Runs with agent-stdio.log: 6/20
• Runs with agent_output.json: 6/20
• Runs with safeoutputs.jsonl: 6/20

Healthy Runs Summary

17 completed runs had all applicable observability artifacts available. Skipped/non-agent runs are counted as not applicable for firewall and MCP coverage.

Recommended Actions

1. Keep rpc-messages.jsonl collection enabled as the canonical fallback; it provided 100% MCP telemetry coverage for completed MCP-enabled runs in this sample.
2. Re-check in-progress runs after completion before treating missing access.log or MCP artifacts as incidents.
3. Consider restoring or adding gateway.jsonl alongside rpc-messages.jsonl for richer duration and status metrics without protocol-level pairing.

📊 Historical Trends

No historical baseline was available in the downloaded dataset. This report should be compared with the next daily report to track coverage drift.

References: §25139748302, §25139712382, §25139296264

Analysis window: Last 7 days | Runs analyzed: 20 | Generated: 2026-04-29

Warning

Firewall blocked 4 domains

The following domains were blocked by the firewall during workflow execution:

• ab.chatgpt.com
• api.github.com
• chatgpt.com
• github.com

💡 Tip: api.github.com is blocked because GitHub API access uses the built-in GitHub tools by default. Instead of adding api.github.com to network.allowed, use tools.github.mode: gh-proxy for direct pre-authenticated GitHub CLI access without requiring network access to api.github.com:

tools:
  github:
    mode: gh-proxy

See GitHub Tools for more information on gh-proxy mode.

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "ab.chatgpt.com"
    - "api.github.com"
    - "chatgpt.com"
    - "github.com"

See Network Configuration for more information.

Generated by Daily Observability Report for AWF Firewall and MCP Gateway · ◷

• expires on Apr 30, 2026, 11:57 PM UTC