[daily regulatory] Regulatory Report - 2026-05-30

[github-actions[bot]]

Twelve daily reports were reviewed for 2026-05-30, covering performance, team activity, code quality, security, safe-output health, secrets analysis, and API consumption. Overall data quality is good — 10 of 12 reports pass validation. One critical cross-report discrepancy was identified: merged PR counts conflict between the Team Evolution report (22 PRs/day) and the Copilot Agent Analysis (35 agent-merged PRs in 24h), which cannot both be correct as stated.

The repository shows strong health: 100% safe-output success rate, full secrets redaction coverage across 236 workflows, and an 81% agent PR merge rate (up from 73% two days prior). The primary operational risks are token-budget exhaustion (25M cap hitting 6+ workflows) and missing Copilot session transcripts (7th consecutive empty day). The API consumption spike of 05-27 (118K calls) has fully reverted to 17,750 — a healthy normalization.

📋 Full Regulatory Report

📊 Reports Reviewed

Report	Discussion	Created	Status
[daily performance]	#35999	21:10Z	✅ Valid
[daily-team-evolution]	#35988	20:36Z	⚠️ PR count discrepancy
[daily-code-metrics]	#35983	18:57Z	✅ Valid
[copilot-agent-analysis]	#35981	18:39Z	✅ Valid
[daily secrets]	#35979	18:00Z	✅ Valid
[security-observability]	#35957	16:39Z	✅ Valid
Agent Performance	#35918	13:07Z	✅ Valid
[api-consumption]	#35907	11:21Z	✅ Valid
[copilot-session-insights]	#35887	08:03Z	⚠️ Logs empty 7d
[safe-output-health]	#35865	05:40Z	✅ Valid
[lint-monster]	#35848	03:50Z	✅ Valid
[daily-compiler-quality]	#35843	03:48Z	✅ Valid

🔍 Cross-Report Consistency

Metric	Report A	Report B	Status
Workflow file count	Secrets #35979: 236	Agent Perf #35918: ~236	✅ Match
Merged PRs (24h)	Team Evolution #35988: 22	Agent Analysis #35981: 35 agent-merged	❌ Discrepancy
Safe-output failures	SO Health #35865: 0/11	API Consumption #35907: 7 run failures	✅ Compatible (different scope)
Agent PR merge rate	Agent Analysis #35981: 81%	Agent Perf #35918: top agents 73–94%	✅ Compatible

• Overall Consistency: 90% (9 of 10 metric pairs align)
• Critical Discrepancies: 1 | Warnings: 3

⚠️ Issues and Anomalies

Critical

Merged PR Count Discrepancy

• Team Evolution ([daily-team-evolution] 🌱 Daily Team Evolution Insights — 2026-05-30 #35988) reports "22 merged PRs in a day"
• Copilot Agent Analysis ([copilot-agent-analysis] Daily Copilot Agent Analysis - 2026-05-30 #35981) reports 35 agent-only merged PRs for same 24h window
• Agent-only count (35) cannot exceed total repository count (22)
• Action: Align both reports on explicit UTC window boundaries (midnight-to-midnight vs. rolling 24h)

Warnings

1. Token Budget Exhaustion — 25M effective-token cap hitting 6+ scheduled workflows ([aw-failures] Token-budget exhaustion (25M effective-tokens cap) recurring across 6+ scheduled workflows — 2026-05-29 02:00–07:32 UTC #35661); multiple smoke tests ended red. Risk: daily reports may reflect incomplete/partial runs.
2. Session Transcripts Missing (7th Day) — logs/ empty in [copilot-session-insights] for 7 consecutive days. Loop detection and prompt-quality scoring are N/A. Likely a log collection regression.
3. Firewall Domain Attribution Gap — 321 blocked requests all classified as (unknown). Security team cannot identify which services agents are trying to reach.

Data Quality Notes

• No [daily copilot token] report found for 2026-05-30 — either not generated or not yet published
• [safe-output-health] notes a 2-day audit gap (05-28 and 05-29 not analyzed)
• [copilot-session-insights] analyzes only the last 50 sessions (not full 24h)

📈 Key Metrics

Metric	Value	Trend
Agent PR merge rate	81%	↑ (73%→80%→81%)
Safe-output failure rate	0%	✅ Healthy
GitHub REST API calls	17,750	↓↓ from 118K peak 05-27
Codebase LOC	1,596,871	↑ +26.5% (30d)
Code quality score	75/100	↑ from 74
Session completion rate	26%	↑ from 14%
Function-length violations	2,476	⚠️ Accumulating

💡 Recommendations

1. Standardize time-window declarations: All reports should include explicit UTC window timestamps to enable accurate cross-report comparison.
2. Restore session transcript logging: Assign investigation of the 7-day logs/ gap before next daily run.
3. Fix firewall domain attribution: Update audit tooling to extract domain names from blocked requests.
4. Create [daily token-budget] report: Token exhaustion affecting 6+ workflows needs dedicated monitoring.
5. Define merged_prs_24h scope in metrics glossary: Distinguish agent-only vs. all-contributors counts.

📊 Regulatory Metrics

Metric	Value
Reports Reviewed	12
Reports Passed	10
Reports with Issues	2
Critical Discrepancies	1
Active Warnings	3
Overall Health Score	83%

---

Run: §26695474070 · Data: github/gh-aw discussions 2026-05-30

Generated by ⚖️ Daily Regulatory Report Generator · sonnet46 2.3M · ◷

• expires on Jun 2, 2026, 9:39 PM UTC