You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This report covers security observability across all agentic workflow runs in the github/gh-aw repository for the 7-day window ending 2026-06-14. Firewall analysis reveals a 3.7% block rate across 380 monitored network requests — concentrated entirely in three smoke-test workflows: Smoke Antigravity (100% blocked), Smoke Gemini (43% blocked), and Smoke Pi (6% blocked). The blocked domains are consistent with expected smoke-test infrastructure that falls outside the allowlist (Playwright CDN endpoints, an Antigravity feature-flag service, localhost, and proxy.golang.org). No anomalous or suspicious exfiltration attempts were detected.
On the DIFC integrity-filtering front, zero events were recorded over the same 7-day window, indicating that all tool calls satisfied data-integrity and flow-control policies without any intervention. This is a positive signal — workflows are operating cleanly within trust boundaries.
The primary action item from this report is to evaluate whether the Smoke Antigravity and Smoke Gemini workflows need updated firewall allowlist entries to function correctly, or whether the blocks are intentional test-harness behaviour.
🔥 Firewall Analysis
Key Firewall Metrics
Metric
Value
Workflows analyzed (firewall-enabled)
20
Total network requests monitored
380
✅ Allowed requests
366
🚫 Blocked requests
14
Block rate
3.7%
Total unique blocked domains
6
📈 Firewall Request Trends
All 20 runs occurred on 2026-06-14 (today), so the trend view reflects a single-day snapshot. The 366 allowed requests represent legitimate LLM API calls (Copilot, Anthropic, OpenAI, Gemini), GitHub API traffic, and telemetry. The 14 blocked requests are attributable entirely to smoke-test workflows attempting to reach infrastructure not covered by the current firewall policy.
Top Blocked Domains
The blocked domains fall into three clear categories: Playwright CDN mirrors (Antigravity smoke tests), antigravity-unleash.goog (feature-flag service for Antigravity engine), localhost:8080 (Gemini local proxy), and proxy.golang.org (Go module proxy for Pi). None of these suggest malicious activity; they reflect missing allowlist entries for smoke-test infrastructure.
Most Frequently Blocked Domains
Domain
Times Blocked
Workflows Affected
Category
antigravity-unleash.goog:443
2
Smoke Antigravity
Feature-flag service
localhost:8080
2
Smoke Gemini
Local proxy
playwright-akamai.azureedge.net:443
1
Smoke Antigravity
Playwright CDN
playwright-verizon.azureedge.net:443
1
Smoke Antigravity
Playwright CDN
playwright.azureedge.net:443
1
Smoke Antigravity
Playwright CDN
proxy.golang.org:443
1
Smoke Pi
Go module proxy
(unknown — resolved at runtime)
6
Smoke Antigravity
Unresolved hosts
View Detailed Request Patterns by Workflow
Workflow
Allowed
Blocked
Block Rate
Smoke Antigravity
0
10
100%
Smoke Gemini
4
3
43%
Smoke Pi
16
1
6%
PR Sous Chef
54
0
0%
Matt Pocock Skills Reviewer
76
0
0%
Daily SPDD Spec Planner
75
0
0%
Daily Formal Spec Verifier
49
0
0%
Test Quality Sentinel
47
0
0%
Changeset Generator
15
0
0%
Design Decision Gate 🏗️
13
0
0%
View Complete Blocked Domains List
antigravity-unleash.goog:443
localhost:8080
playwright-akamai.azureedge.net:443
playwright-verizon.azureedge.net:443
playwright.azureedge.net:443
proxy.golang.org:443
(unknown) — 6 requests with unresolved destination
🔒 Firewall Security Recommendations
Smoke Antigravity allowlist audit: The workflow is 100% blocked (10/10 requests). Either add antigravity-unleash.goog:443 and the three *.azureedge.net Playwright CDN domains to the allowlist, or confirm that blocking is intentional for the test scenario.
Smoke Gemini local-proxy: localhost:8080 is blocked. If the Gemini smoke test requires a local proxy, consider whether the test design should avoid external firewall traversal for loopback traffic, or update the policy to allow loopback explicitly.
Smoke Pi Go modules: proxy.golang.org:443 is blocked. If the Pi workflow builds Go code at runtime, add this domain to the allowlist. Otherwise, pre-bundle dependencies to avoid runtime module downloads.
Unknown destinations: 6 requests have an unresolved (unknown) destination label. Investigate log collection to capture the actual hostnames for these requests — they may be obscured by DNS resolution timing.
No anomalous exfiltration detected: All allowed domains are known-good endpoints (LLM APIs, GitHub, Sentry telemetry). No action required on the allow side.
🔒 DIFC Integrity Analysis
Key DIFC Metrics
Metric
Value
Total filtered events
0
Unique tools filtered
—
Unique workflows affected
—
Most common filter reason
—
Busiest day
—
No DIFC integrity-filtered events were found in the last 7 days. All tool calls across all agentic workflow runs operated within defined data-integrity and flow-control boundaries.
📈 DIFC Events Over Time
Zero events recorded across the full 7-day window — an entirely clean signal. No spikes or anomalous filtering activity.
🔧 Top Filtered Tools
No tools were filtered during this period.
🏷️ Filter Reasons and Tags
No integrity or secrecy tag violations recorded.
📋 Per-Workflow DIFC Breakdown
No workflows generated DIFC-filtered events during this period.
📋 Per-Server DIFC Breakdown
No MCP servers generated filtered events during this period.
👤 Per-User DIFC Breakdown
No user-triggered DIFC filtering events during this period.
💡 DIFC Tuning Recommendations
Maintain current policies: Zero filtering events indicates that existing DIFC rules are neither over-blocking legitimate traffic nor failing to catch violations. The current configuration is well-calibrated.
Continue monitoring: As new workflows are added (particularly those consuming external issue/PR content), re-review DIFC rules to ensure untrusted data from GitHub events is correctly tagged and filtered before reaching write-capable tools.
Establish a baseline alert threshold: With 0 events today, consider setting an alert if daily DIFC events exceed a threshold (e.g., >10/day) to catch sudden spikes in integrity-filtered tool calls.
Generated by the Daily Security Observability workflow (consolidated from Daily Firewall Reporter + Daily DIFC Analyzer) Analysis window: Last 7 days | Repository: github/gh-aw Run: §27504764853
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Executive Summary
This report covers security observability across all agentic workflow runs in the
github/gh-awrepository for the 7-day window ending 2026-06-14. Firewall analysis reveals a 3.7% block rate across 380 monitored network requests — concentrated entirely in three smoke-test workflows: Smoke Antigravity (100% blocked), Smoke Gemini (43% blocked), and Smoke Pi (6% blocked). The blocked domains are consistent with expected smoke-test infrastructure that falls outside the allowlist (Playwright CDN endpoints, an Antigravity feature-flag service,localhost, andproxy.golang.org). No anomalous or suspicious exfiltration attempts were detected.On the DIFC integrity-filtering front, zero events were recorded over the same 7-day window, indicating that all tool calls satisfied data-integrity and flow-control policies without any intervention. This is a positive signal — workflows are operating cleanly within trust boundaries.
The primary action item from this report is to evaluate whether the Smoke Antigravity and Smoke Gemini workflows need updated firewall allowlist entries to function correctly, or whether the blocks are intentional test-harness behaviour.
🔥 Firewall Analysis
Key Firewall Metrics
📈 Firewall Request Trends
All 20 runs occurred on 2026-06-14 (today), so the trend view reflects a single-day snapshot. The 366 allowed requests represent legitimate LLM API calls (Copilot, Anthropic, OpenAI, Gemini), GitHub API traffic, and telemetry. The 14 blocked requests are attributable entirely to smoke-test workflows attempting to reach infrastructure not covered by the current firewall policy.
Top Blocked Domains
The blocked domains fall into three clear categories: Playwright CDN mirrors (Antigravity smoke tests),
antigravity-unleash.goog(feature-flag service for Antigravity engine),localhost:8080(Gemini local proxy), andproxy.golang.org(Go module proxy for Pi). None of these suggest malicious activity; they reflect missing allowlist entries for smoke-test infrastructure.Most Frequently Blocked Domains
View Detailed Request Patterns by Workflow
View Complete Blocked Domains List
antigravity-unleash.goog:443localhost:8080playwright-akamai.azureedge.net:443playwright-verizon.azureedge.net:443playwright.azureedge.net:443proxy.golang.org:443(unknown)— 6 requests with unresolved destination🔒 Firewall Security Recommendations
antigravity-unleash.goog:443and the three*.azureedge.netPlaywright CDN domains to the allowlist, or confirm that blocking is intentional for the test scenario.localhost:8080is blocked. If the Gemini smoke test requires a local proxy, consider whether the test design should avoid external firewall traversal for loopback traffic, or update the policy to allow loopback explicitly.proxy.golang.org:443is blocked. If the Pi workflow builds Go code at runtime, add this domain to the allowlist. Otherwise, pre-bundle dependencies to avoid runtime module downloads.(unknown)destination label. Investigate log collection to capture the actual hostnames for these requests — they may be obscured by DNS resolution timing.🔒 DIFC Integrity Analysis
Key DIFC Metrics
📈 DIFC Events Over Time
Zero events recorded across the full 7-day window — an entirely clean signal. No spikes or anomalous filtering activity.
🔧 Top Filtered Tools
No tools were filtered during this period.
🏷️ Filter Reasons and Tags
No integrity or secrecy tag violations recorded.
📋 Per-Workflow DIFC Breakdown
No workflows generated DIFC-filtered events during this period.
📋 Per-Server DIFC Breakdown
No MCP servers generated filtered events during this period.
👤 Per-User DIFC Breakdown
No user-triggered DIFC filtering events during this period.
💡 DIFC Tuning Recommendations
Generated by the Daily Security Observability workflow (consolidated from Daily Firewall Reporter + Daily DIFC Analyzer)
Analysis window: Last 7 days | Repository: github/gh-aw
Run: §27504764853
Beta Was this translation helpful? Give feedback.
All reactions