[audit-workflows] Daily Audit 2026-06-06: Copilot SDK-driver path broken (9/16 fails) — minimatch packaging bug + tool-perm lockout

[github-actions[bot]]

Overview

This audit covers a partial ~6h window (2026-06-06 15:11–21:29Z). The logs MCP tool timed out at its 120s ceiling and returned only the newest 100 runs, so roughly 18h of the intended 24h window (06-05 21:30 → 06-06 15:11) is unobserved this cycle. Findings below are scoped to what was retrieved.

The dominant story is a regression in the Copilot SDK-driver execution path: 9 of 16 failures (56%) trace to it — a new packaging bug (Cannot find module 'minimatch') that hard-killed 6 workflows, plus a re-escalated tool-permission lockout on 3 more. The token-budget-429 pressure that worried prior windows has eased: Daily Ambient Context Optimizer ran 21.48M effective tokens, comfortably back under the 25M cap.

Summary

Metric	Value
Completed runs	97 (81 ✅ / 16 ❌) + 3 in-progress
Success rate	83.5% (below the 90% line; depressed by the SDK-driver regression)
Tokens / effective	41.6M / 330.0M
Agent inference credits	8,648.75 AIC
Turns / action-minutes	1,001 / 908
Errors / missing-tools / missing-data / MCP failures	0 / 0 / 0 / 0
Firewall blocked	838 / 4,457 (18.8%, by-design)
Engines	copilot 76 · claude 17 · codex 4 · gemini 1 · antigravity 1 · pi 1

Critical Issues

🔴 NEW — Copilot SDK-driver crashes: Cannot find module 'minimatch' (6 workflows)

copilot_sdk_driver.cjs throws MODULE_NOT_FOUND for minimatch at startup (copilot_sdk_driver.cjs:42), so the agent never runs — 0 turns, 0 tokens, and because it is a static missing-dependency error, all 4 harness retries fail identically. This single packaging bug took down 6 distinct copilot workflows, including the previously-healthy PR Code Quality Reviewer (2 runs):

• Linter Miner · Daily Secrets Analysis Agent · PR Code Quality Reviewer (×2) · Daily Testify Uber Super Expert · PR Triage Agent

Fix: bundle/declare minimatch in the sdk-driver action's dependencies (or inline-vendor the glob it needs), and add a CI smoke test that node -e "require('.../copilot_sdk_driver.cjs')" to catch missing deps before release.

🔴 RE-ESCALATED — Copilot SDK-driver tool-permission lockout (3 prod-main schedules)

The sdk-driver denies shell(ls/cat) and read on /tmp/gh-aw/cache-memory that the workflows legitimately configure, aborting after 5 denials (turns=1). Was marked resolved 06-05; back today on Daily SPDD Spec Planner (permissionDeniedCount=10), GEO Optimizer Daily Audit, Daily Safe Output Integrator. The 23 allow-tool entries derived from GH_AW_COPILOT_SDK_SERVER_ARGS don't reconcile with the workflows' declared tools.

Combined, the two issues above mean the copilot sdk-driver path is the primary failure driver this window. The legacy copilot CLI path (e.g. PR Sous Chef) still spawns and runs fine.

🟠 PERSISTING (day 2) — Model/param config drift, 2 prod-main schedules

• Daily Caveman Optimizer [claude] → 400 'does not support the effort parameter' (run 27073730816)
• Daily Cache Strategy Analyzer [codex] → 404 'Model not found adelie-alpha-2026-02-19' (run 27070791283)

Both exhaust all retries with 0 tokens — static config errors. Unfixed for 2 consecutive days. A compile/activation-time model+param preflight would convert these into a clear early error.

Other failures (5) and notes

• NEW — Detection parse failure (Design Decision Gate, run 27065879421): the agent succeeded (turns=3) but the detection/prompt-injection-scan job reddened with ERR_PARSE: No THREAT_DETECTION_RESULT found in detection log despite continue-on-error=true. The detection model occasionally omits the required marker; the parser should treat a missing marker as inconclusive/non-red.
• RECUR — safe-output partial-failure (PR Sous Chef, run 27067988983): 34-turn agent run succeeded, but the safe_outputs job failed on a single sub_agent_error (insufficient_context on PR feat: two-phase Copilot SDK driver for threat detection job #37133). One bad item still reds the whole job.
• Test Quality Sentinel (run 27069819373): empty agent_output ({"items":[]}), turns=0, no stdio artifact — on the same branch where PR Code Quality Reviewer hit the minimatch crash, so likely the same sdk-driver-startup family.
• By-design smoke probes (2): Smoke Claude, Smoke Copilot — expected probe failures, not regressions.

📊 Trends (30 days)

Workflow Health

Today's 83.5% is the lowest since the 06-03 partial window and sits below the 90% guide line, driven almost entirely by the copilot sdk-driver regression rather than agent-quality issues (errors=0, missing-tools=0). The fleet otherwise held 85–96% across the prior two weeks; the 05-23 trough (41.6%) remains the outlier.

Token Usage

Daily tokens (41.6M) sit near the 7-day moving average and well below the 05-31 peak (68.8M). Note this is a partial window, so true 24h volume is higher. Heaviest completed consumers: Matt Pocock Skills Reviewer (22.8M eff, 773 AIC), Contribution Check (22.2M), Daily Ambient Context Optimizer (21.5M).

Recommendations

1. (HIGH, urgent) Bundle/declare minimatch in the copilot sdk-driver action and add a require() smoke test — unblocks 6 workflows.
2. (HIGH) Reconcile sdk-driver tool-permission mapping with workflow-declared tools so cache-memory shell/read access is granted — unblocks 3 prod-main schedules.
3. (HIGH) Ship the model+param preflight; audit Caveman/Cache Strategy frontmatter for the stale effort param and adelie-alpha-2026-02-19 model id (now 2 days failing).
4. (MEDIUM) Make the detection parser tolerant of a missing THREAT_DETECTION_RESULT marker under continue-on-error (don't red the run when the agent succeeded).
5. (MEDIUM) Make safe_outputs exit non-red on partial success when the agent succeeded and ≥1 item landed.

Context

• Window: 2026-06-06 15:11–21:29Z (partial — logs tool 120s timeout, newest 100 runs only)
• Repo memory updated: known-issues.json (2 new), anomalies.json (3 new + 1 de-escalated), recommendations.json (2 new), workflow-trends.json, metrics-summary.json, audit-history.jsonl. Validated at 59 KB.

References:

• §27069431407 — Linter Miner (minimatch)
• §27067363723 — Daily SPDD Spec Planner (tool-perm lockout)
• §27065879421 — Design Decision Gate (detection parse fail)

Generated by 🔍 Agentic Workflow Audit Agent · 358.5 AIC · ⌖ 31.9 AIC · ⊞ 8.2K ambient context · ◷

• expires on Jun 7, 2026, 9:49 PM UTC

[github-actions[bot]]

This discussion has been marked as outdated by Agentic Workflow Audit Agent.

A newer discussion is available at Discussion #37663.